-
- Home |
- Products |
- Buy & Renew |
- Information Center |
- Downloads |
- Support |
- Partners |
- Contact Us |
-
Intraday malicious virus program: Trojan.Win32.QQPass.ags
Behavior:
This is a malicious Trojan virus program.
After being executed, the virus program shall release stealer application with the name of “TTPAdvCtrl.dll” which pretends to be music player software and hides under the installation directory. The virus program shall create Puppet process to modify windows system update service into application TTPAdvCtrl.dll to accomplish auto-run of virus program. Finally, the virus program shall scan QQ (Chinese popular instant message), damage QQ protection file to create Message Hook application; delete auto-login files of QQ and end its process to make users re-login again; meanwhile, while users input QQ account and password, the virus program shall hijack input information and send it to hackers’ server. So this malicious virus program threatens users’ computer security seriously.
Statistics:
RISING Cloud Security reported:
June 07, 2012, Rising Cloud Security detected that there were 212,369 computers got attacks from malicious URL injection and, RISING has intercepted 107,361 malicious URLs successfully. Meanwhile, 39,748 suspicious URLs were submitted from Rising Cloud Security members.
Top5 Infected Website:
1, bs.csu.edu.cn**
Injected malicious URL: **dn/jw/index_jw.htm
2, www.szvtc.cn**
Injected malicious URL: *images/index.htm
3, zs.hzau.edu.cn**
Injected malicious URL: zs.hzau.edu.cn**
4, www.hahayouxi.com**
Injected malicious URL: **ma/x6.htm
5, www.jxjjyjs.com.cn**
Injected malicious URL: ** tl/oop.html
Notice: the symbol ‘*’ means a stochastic letter or number.
Solutions:
1. Install Rising Internet Security, or Rising Antivirus plus Rising Firewall, and get update in time.
2. Install Rising PC Doctor, and choose “Leaks” function to check the leaks or vulnerabilities exist on your computer operating system, patch your computer system in a timely manner because many viruses spread by taking advantage of Windows operating system vulnerabilities.
3. Do not browse suspicious websites, and do not run suspicious plugins; turn off or delete unnecessary system services.
4. Do not receive the suspicious file from QQ, MSN, Email, etc.
5. Open RISING Active Defense and Auto-Protect function while accessing to Internet.
*You can buy RISING Security products here or free download to try.
*If you have any questions about RISING products, please visit Rising support centre for help.
Daily Virus Report (May 21, 2013)- Trojan.Win32.Fednu.uoa ()
Daily Virus Report (May 20, 2013)- Trojan.Win32.Fednu.uns ()
Daily Virus Report (May 19, 2013)- Trojan.PSW.Win32.AliPay.pl ()
Daily Virus Report (May 16, 2013)- Trojan.Win32.Fednu.unr ()
Daily Virus Report (May 15, 2013)- Trojan.Win32.Fednu.unq ()
Daily Virus Report (May 14, 2013)- Trojan.Win32.Fednu.unp ()
