Kaspersky alert you should note this week: "constructor function Trojan" virus. This virus uses UPACK packers technology to protect themselves. Once the user of this virus infection, the virus infected computer system in the background to run IE (browser) process, IE (browser) program will monitor the remote server command embedded in the virus itself but also the infected computer users Desktop process. At the same time, "constructor function Trojan" virus to a specific virus, the server will automatically download the files to a large number of virus infected computer, these files are automatically downloaded most of Daohao trojan virus, spyware and so on, to believe that the virus infected users will be immeasurable economic loss of information.
We recommend that you update the virus database for killing as quickly as possible to avoid unnecessary losses.
1, a good security practice, do not open suspicious mail and suspicious websites;
2, do not chat freely to receive and send documents over the web link to fight development;
3. Use of removable media is best to use when using the right mouse button to open, if necessary, first scan;
4, there are many loopholes in the spread of the virus using the system, so playing the whole patch to the system is also very important;
5, as soon as possible to install Kaspersky Internet Security suite, and open the full protection of real-time monitoring function;
6, based machine administrator password to set a more complex password, to prevent virus spread through the password-guessing, the best combination of digits and letters is the password;
7, do not download software from unreliable sources, because the software is likely a virus.
2010年8月10日星期二
Beware of e-mail behind the "killer"
Virus Name: Trojan-Downloader.Win32.Agent.wps (downloader variant SPW), the virus type: Trojan, hazard rating: ★ ★ ★ ★ ★, affected platforms: WIN9X/ME/NT/2000/XP/2003
This document uses upack packers, once infected, it will create a disk in the system random number and letter combinations for the name of the hidden folder, and try to connect to the network, once connected, it will quickly connect to the server through port 80 specified Download a large number of Daohao Trojan to this folder, and try to run them, to steal the user's game account and password information. Kaspersky has entirely killing the virus.
Experts suggest:
1. Not to open suspicious mail and suspicious websites.
2. Do not talk at random to receive the file transfer tools and website links.
3. Use of removable media is best to use when using the right mouse button to open, if necessary, must first be scanned.
4. Now there are many loopholes in the spread of the virus using the system, so playing the whole patch to the system is also critical.
5. Install anti-virus software, a professional upgrade to the latest version, and open real-time monitoring.
6. Based machine administrator account to set up a more complex password.
This document uses upack packers, once infected, it will create a disk in the system random number and letter combinations for the name of the hidden folder, and try to connect to the network, once connected, it will quickly connect to the server through port 80 specified Download a large number of Daohao Trojan to this folder, and try to run them, to steal the user's game account and password information. Kaspersky has entirely killing the virus.
Experts suggest:
1. Not to open suspicious mail and suspicious websites.
2. Do not talk at random to receive the file transfer tools and website links.
3. Use of removable media is best to use when using the right mouse button to open, if necessary, must first be scanned.
4. Now there are many loopholes in the spread of the virus using the system, so playing the whole patch to the system is also critical.
5. Install anti-virus software, a professional upgrade to the latest version, and open real-time monitoring.
6. Based machine administrator account to set up a more complex password.
Attention! "IMG-WMF exploits device"
Note: "IMG-WMF exploits device" virus. Once a computer is "IMG-WMF exploits device" virus infection, the virus will be the end of computer antivirus software, while it will also set up video hijack key, so that future users can install and run antivirus software properly. Followed by "IMG-WMF exploits device" virus to the specified server to download a Notepad file, this file contains a large number of Trojan download, virus process will read the address and automatically download the virus file to the system running, stealing take the user's account information.
For your computer security, friendship to remind you:
1, for the spread of the virus to exploit system vulnerabilities to the system to play the whole patch is very important;
2, Kaspersky Internet Security suite installed as soon as possible, and open the full protection of real-time monitoring function;
3, based machine administrator password set the password more complex, the best combination of digits and letters is the password;
4, do not download software from unreliable sources, because the software is likely a virus.
For your computer security, friendship to remind you:
1, for the spread of the virus to exploit system vulnerabilities to the system to play the whole patch is very important;
2, Kaspersky Internet Security suite installed as soon as possible, and open the full protection of real-time monitoring function;
3, based machine administrator password set the password more complex, the best combination of digits and letters is the password;
4, do not download software from unreliable sources, because the software is likely a virus.
"U disk worm downloader" frequent attacks on the user variant
Xinhua Beijing on Nov. 28 Reuters called "U disk worm downloader variant EYK (Worm.Win32.Autorun.eyk)" The virus is particularly noteworthy this week it through U disk storage devices such as mobile communication, will download a large number of Trojan viruses, to the user great security risk. Therefore, anti-virus, anti-trojan Rising broadcast week (2008.12.01-12.07) to its attention this week as the virus alert level for the ★ ★ ★.
"U disk worm downloader variant EYK" is a worm. The virus will run in the directory system generates its own named svchost. exe and the release of the file name winlogon. exe file, and then start the process of both programs, the virus process using the two-guard functions, if one process is over, then another process will execute the shutdown command, to avoid killing. Viruses from time to time in letter written to the file inside svchost. exe and autorun. inf, to double-click the drive letter to run a virus and the use of mobile hard disk for virus transmission purposes; modify the registry key in order to achieve the purpose at startup, and finally a large number of Trojan will download to the user computer to perform, to the enormous computer users security risks.
In this regard, experts recommend that users: 1, install card access security assistant 6.0 bug fixes, to prevent infection of such viruses; 2, to develop good surfing habits, do not open a bad site, not free to download and install a suspicious plug; 3 , install antivirus software upgrade to the latest version of 2008, regular anti-virus and open real-time monitoring function, prevent the virus from infected computers; 4, time to set a system restore point and back up important files, and to online banking, online games, QQ and other important software to "safe account" in order to prevent the virus to steal game account, password and other personal information.
"U disk worm downloader variant EYK" is a worm. The virus will run in the directory system generates its own named svchost. exe and the release of the file name winlogon. exe file, and then start the process of both programs, the virus process using the two-guard functions, if one process is over, then another process will execute the shutdown command, to avoid killing. Viruses from time to time in letter written to the file inside svchost. exe and autorun. inf, to double-click the drive letter to run a virus and the use of mobile hard disk for virus transmission purposes; modify the registry key in order to achieve the purpose at startup, and finally a large number of Trojan will download to the user computer to perform, to the enormous computer users security risks.
In this regard, experts recommend that users: 1, install card access security assistant 6.0 bug fixes, to prevent infection of such viruses; 2, to develop good surfing habits, do not open a bad site, not free to download and install a suspicious plug; 3 , install antivirus software upgrade to the latest version of 2008, regular anti-virus and open real-time monitoring function, prevent the virus from infected computers; 4, time to set a system restore point and back up important files, and to online banking, online games, QQ and other important software to "safe account" in order to prevent the virus to steal game account, password and other personal information.
订阅:
博文 (Atom)