On the morning of June 23, August 14, rising global anti-virus monitoring network first captured two vicious viruses spreading by exploiting high-risk system vulnerabilities in China-"worm. mocbot. a) "and" magic wave Variant B (worm. mocbot. b) virus. According to statistics from the rising customer service center, thousands of users in China have been attacked by this virus.
Rising Antivirus experts said the virus will use Microsoft MS06-040 high-risk vulnerabilities to spread. When a user's computer suffers a virus attack, symptoms such as system service crash and inability to access the Internet may occur. Because the virus is only a few days away from Microsoft's release of patches, many users have not yet had time to update the system.
As a result, rising has issued a yellow (level 3) security alert, and rising anti-virus experts predict that more computers will be attacked by the virus, the "magic wave" virus may even erupt on a large scale like the "Shock Wave" or "Shock Wave" virus.
According to the analysis, the magic wave virus will automatically search for computers with system vulnerabilities on the network, and direct these computers to download and execute virus files. These users' computers may be infected as long as they do not install patches and access the internet. Computers infected with the virus automatically connect to specific channels of a specific IRC server and receive remote control commands from hackers. Users' bank card accounts, passwords, and other private information may be stolen by hackers. Because the IRC server connected by the virus is in the Chinese mirror, the virus is likely to be compiled by Chinese people.
Rising three steps manual clearing method: http://it.rising.com.cn/Channels/Info/Virus/2006-08-15/1155614555d37125.shtml
Kingsoft magic wave virus killing tool: http://db.kingsoft.com/download/3/247.shtml
Jiang min magic wave virus killing tool: http://www.jiangmin.com/download/mocbotkiller.exe
Microsoft MS06-040Server service vulnerabilities may allow remote code patching:
Http://www.microsoft.com/china/technet/security/bulletin/MS06-040.mspx