2007年2月19日

Computer Virus 'Panda Burn Joss Sticks'


The computer virus ‘Panda burn joss sticks’ spread in China

Presently, the Virus 'Panda burn joss sticks' were very popular in the internet and more than 2 million of computer have been infected in China. ‘Panda burn joss sticks’(a distortion virus of Viking.qo) is a type of worm virus programmed by Delphi; it can affect the register list and stop the working of the virus defense software. Recently, many Chinese internet users have been attacked by the virus, even the bank system have been involved in this virus wave (so it take a big damage to the Chinese Network, and this virus have been vote to the most ruinous virus this year in China ). This Virus will delete the <.gho> file, which makes the customer can not run the ghost to resume the system. This Virus also infect the system files such as <.exe> <.com> <.pif> <.src> <.html> <.asp> ,and add the virus to web (when it infect the .exe file, the icon of the program will turn to picture of ‘Panda burn Joss sticks’, so the virus is being called ‘Panda Burn Joss Sticks’In China, and you know the panda is a symbol of China). So if the customer open the web, The IE will connect to the appointed virus web to download the virus itself, and create the autorun.inf and setup.exe in hard disk. And certainly, it can be spread via the Flash dick and the moving disk, and also can spread in the local network. And can run itself in the Windows system. Now the suspects have been arrest. Because the main suspect is come from Wuhan City, Hubei Province. So the Virus has a English name called ‘WH.boy’.Following is some information of the Virus:
Chinese Name: 熊猫烧香
English Name: Whboy
Virus size: variational
Damage degree: ★★★
Involved system :
Win 9x/ME/NT/2000/XP/2003
How to protect your computer :
1. local network customer should avoid to establish the sharing file in the Local network, if you have already establish the sharing file, you should stop to use.
2. if not necessary, you should stop the windows 2000/XP’s IPC$ sharing. And set a secure password for the admin ID.
3. update the system frequently and do not open the web-site which you are not sure about. Especially for the Bug of Microsoft’s MS06-014.
4. update the Virus defense software and the virus database.
5. Download the latest QQ massager. Now we have find lots of baleful web site has utilized the Bug of the QQ to spread the virus.
6. If you use the flash disk or Moving disk, you should check the disk by virus defense software first and then use them.
Now the 'Whboy' have been spread out of China such as Japan, Koran etc.., And many of varietal virus born these days.

没有评论: