The virus uses the IE browser and QuickTime vulnerability to launch attacks.

W32.Qakbot attacks computers by exploiting the vulnerabilities of Internet Explorer and QuickTime software.

Virus name: W32.Qakbot

Virus Type: Worm

Affected Operating Systems: Windows 95/98/2000/Me/XP/Vista/NT, Windows Server 2003

Virus analysis:

Symantec's security response center has detected malicious scripts on some Chinese domain names. This malicious script uses the vulnerabilities of Internet Explorer and QuickTime software to attack computers. Download the password-protected malicious code compressed package to the infected computer-W32.Qakbot to hide it. When W32.Qakbot is executed, the registry key is first added to enable auto-start upon startup. This registry key is disguised as a key value commonly used by legal software, making it hard for users to perceive. W32.qakbotnet then injects itself into the iexplore.exe process and attempts to steal information such as the IP address, Outlook account, user key information, accessed URL, FTP Server account, and password of the user's computer, try to connect to the network to update the virus program to the latest version at any time. W32.Qakbot also runs a backdoor program in the infected computer to receive remote control commands, download and execute other virus programs. W32.Qakbot scans computers on the network and copies itself to their shared directories for propagation purposes.

Norton Security Expert suggestions:

1. the "browser active protection" function and "Intrusion Protection Technology" of the Norton Security software can monitor Internet threats that attempt to exploit the browser or other newest security vulnerabilities found in operating systems and applications, to prevent viruses, worms, and hackers from exploiting these vulnerabilities into your computer.

2. Configure the "smart two-way firewall" function of the Norton Security software to prevent unknown applications from accessing the network, so that the stolen user information cannot be transmitted and virus programs cannot be updated.

3. Install patches for applications and operating systems in a timely manner and update them to the latest version.

4. users who do not have security software can download the Norton 3603.0 version), Norton Cyber Security Special Police 2009, or Norton Anti-Virus 2009 trial version to scan and kill the virus.

5. Existing users who use the Norton 2006 and later products can upgrade the product to Norton 2009 for free.

1. Apple will provide web page volume control for Safari
2. Mozilla Firefox 3.0.9 browser released
3. Open-source plug-ins released by Google bring 3D content into browsers