July September 25 virus warning

Jiang min reminds you today that in today's virus, Trojan/PSW. OnLineGames. fqt "Online Game thieves" variants fqt and Trojan/Small. dat "Small dots" variants dat are worth noting.

Virus name: Trojan/PSW. OnLineGames. fqt

Chinese name: "Online Game thief" variant fqt

Virus length: 28672 bytes

Virus Type: Trojan

Hazard level:★★

Affected Platforms: Win 9X/ME/NT/2000/XP/2003

Trojan/PSW. OnLineGames. fqt the "Online Game thief" variant fqt is one of the newest members of the "Online Game thief" Trojan family and is written in VC ++ 6.0. The fqt variant of "Online Game thieves" is a very powerful online game account theft Trojan, it also steals online game "sword and sword ol", "Great Tang haoxia", "qqhuaxia", "QQ Three Kingdoms", "Machine war", "westward journey III", "Legend of the World", "hot blood ", "QQ Fantasy", "hot blood Legend", "Ask", "westward journey", "Magic domain", "World of Warcraft", "Wu Lin Chuan", "perfect international", "Fengyun", "tianlong Babu" game account, game password, warehouse password, role level, computer name, and other information of "Fantasy westward journey, the stolen gamer information is sent to the remote server site specified by the hacker in the infected computer background, causing losses to the players. In addition, the fqt variant of "online game thieves" can also modify the Registry to enable automatic startup of Trojans.

Virus name: Trojan/Small. dat

Chinese name: "small dot" variant dat

Virus length: 7680 bytes

Virus Type: Trojan

Hazard level:★

Affected Platforms: Win 9X/ME/NT/2000/XP/2003

Trojan/Small. dat the "Small dot" variant dat is one of the latest members of the "Small dot" Trojan family. It is written in C and shelled. After running the dat variant, the system copies itself to the specified directory on the infected computer. Modify the Registry to enable automatic startup of Trojans. Forcibly tamper with the default homepage settings of IE browser, regularly connect to the specified site, and a prompt box for installing plug-ins will pop up to interfere with users' normal operations. Modify the hosts file of the infected computer to prevent users from accessing some common security websites and reduce the security level on the infected computer.

For the above viruses, Jiangmin anti-virus Center recommends that the majority of computer users:

1. Please immediately upgrade Jiangmin anti-virus software to enable a new generation of intelligent classification high-speed Anti-Virus engine and various monitoring functions to prevent the current prevalence of viruses, Trojans, harmful programs or code from attacking users' computers.

2. Users of jiangminkv network version should upgrade the control center in a timely manner, and suggest relevant management personnel to scan and kill viruses throughout the network as appropriate to ensure the security of enterprise information.

3. "Jiangmin mi Bao" can effectively protect the passwords of accounts such as online banking, payment platforms, online securities transactions, and online games, and fully protect users' private information.

4. the "System Monitoring" function of Jiangmin anti-virus software actively defends against various operations from the Registry, system processes, memory, and network. It can immediately monitor unknown virus intrusions, fully protects users' computer systems.

5. Enable the "Security Assistant/rogue software cleanup" function of the anti-virus software of Jiangmin. This function can completely and cleanly uninstall harmful code and completely stop the harassment of harmful code.

6. When an unknown plug-in prompts whether to install the plug-in, first determine its source.