October 20 virus and Trojan Broadcast

According to rising global anti-virus monitoring network, there is a virus worth noting today, which is the "Agent Trojan variant AZU (Trojan. Proxy. Win32.Agent. azu)" virus. This virus infected

The computer acts as a proxy server and is used by malicious users.

Popular Viruses today:

"Agent Trojan variant AZU (Trojan. Proxy. Win32.Agent. azu)" virus: vigilance★★★, Trojan virus, spread through the network, USB flash drive. Dependent system: WINNT/2000/XP/2003.

After the virus runs, it copies itself to the C: \ Windows directory and sets itself as hidden, but the virus file name is randomly generated. It can easily modify the system so that users cannot view hidden files to protect themselves. The virus creates an automatic run file under the root directory of each disk. After double-clicking the disk, the virus runs automatically. Viruses can modify computer systems so that they can run as the system starts. After the virus runs, it is remotely connected by malicious users and infected computers are used as proxy servers for others' use.

Kingsoft drug overlord daily virus warning

"Network theft 18432" (Win32.Troj. onlineGames. bj.18432) This is a trojan program that steals "QQ", "QQGAME", and "westward journey 3" from customers' computers. it runs as windows starts. After the virus runs, the virus file is released to the system folder. the virus will close the "Kaspersky" Warning window and "rising registry monitoring" window. it lurks in the computer system and injects it into the process. It reads the account and password information in the memory and sends it to the receiving address specified by the trojan grower, loss of personal network property.

"DoDo malicious download server" (Win32.Troj. Dodolook. az.170041) is a malicious trojan program. After the virus runs, it is bound to the system driver, which is difficult to clear. After the virus runs successfully in the system, it downloads and installs multiple malicious programs and Trojans. Viruses also enable the browser to automatically advertise and steal users' system resources by viruses on users' machines.

I. "Network theft 18432" (Win32.Troj. OnlineGames. bj.18432) Threat Level:★

1. Virus File generation

% SystemRoot % \ DbgHlp32.exe

% SystemRoot % \ system32 \ DbgHlp32.dll

2. After the virus runs successfully, the virus source file is automatically deleted.

3. After the virus runs successfully, a random DLL virus file will be generated in the system and the virus will be operated through the DLL file.

4. The virus will try to close the monitoring windows of "Kabbah" and "Rising.

5. Specify the Receiving address for sending:

H ** p: // jz. so *** h5.com/ddhh/lin.asp? Ks = sb2 & id = & p = & q = & lck = & srv = & js1 = & id1 = & dj1 = & pc = ComputerName"

Ii. "DoDo malicious download tool" (Win32.Troj. Dodolook. az.170041) Threat Level:★★

1. After the virus runs, the following virus files will be generated:

% System32dir % \ mprmsgse. axz

% System32dir % \ mscpx32r. det

% System32dir % \ drivers \ acpidisk. sys

2. The virus runs as the system starts and is injected into the system process. When the user ends the process, system problems may occur, such as automatic restart and desktop disappearance.

3. The virus will be downloaded from the following URL:

Http: // 202. *****. ***. 104 to download other malicious programs.