Worm spread with QQ chat tools

Beijing Information Security Evaluation Center, Jinshan Poison PA jointly released the June 8, 2007 popular virus.
　　
Today remind users to pay special attention to the following viruses: "QQ Tail" variant DS (WORM.QQTAILEKS.DS) and "QQ Thieves" variant WT (WIN32.PSWTROJ.QQPASS.WT).
　　
"QQ Tail" variant DS (WORM.QQTAILEKS.DS) is a worm that sends virus information through QQ.
　　
"Agent AG" (Win32.Troj.AGbot) is a Trojan virus that uses IRC servers for malicious attacks.
　　
First, "QQ Tail" variant DS (WORM.QQTAILEKS.DS) threat level:
　　
Virus characteristics: The virus is another recent use of QQ chat tools to spread the worm, it will automatically find QQ friends Chat window, and send with deceptive virus information, inducing information recipients click on the malicious link, the virus spread. Not only disturbs the user to use QQ Chat tool normally, but also may cause the virus to spread the phenomenon. Recommended users in the use of online chat tools, such as the strange story of unknown origin, please be vigilant, do not casually trusted or click on any link.
　　
Seizure symptom: After the virus runs, it will release different name virus files for different versions of Windows system, modify the registry, and realize it starts automatically with the boot. Connect to H**p://www.sql2000server.**/v-files/update_sendtext1.txt, download the text content, and send it through QQ.
　　
Second, "Agent AG" (Win32.Troj.AGbot) Threat level:
　　
Virus characteristics: The virus is a similar backdoor hacker program malicious Trojan virus, it will use IRC server, open the virus port, so that the virus author can completely take over all the functions of the computer, and carry out a number of hazardous operations, such as viewing user chat records, execute arbitrary system commands, download other virus files. Poses a serious threat to the user's computer system and personal Network property.
　　
Attack symptom: After this virus runs, will release Easypwnt.exe virus file, modify registry, realize with boot automatically. Connect an IRC server to the virus author.
　　
Jinshan Anti-Virus Engineer recommends:
　　
1. Please do not easily run from the Internet after downloading without anti-virus software processing files, it is strongly recommended that you use the latest virus library of the poison PA to scan, and then decide whether to run.
　　
2. With the development of computer technology, more and more viruses will accompany, in order to protect your system and personal information security, please constantly update the virus of the poison to prevent the virus intrusion.
　　
Jinshan Poison PA anti-Virus emergency center in time to update the virus, upgrade poison PA to June 8, 2007 Virus Library can kill above virus; if not installed Jinshan poison PA, can login http:// Www.duba.net free Download the latest version of Jinshan poison PA 2007 or use Jinshan poison bully online antivirus to prevent virus invasion, call Jinshan Poison PA Anti-Virus emergency phone: 010-82331816 Anti-Virus experts will help you.