Go homepage(回首页)
Upload pictures (上传图片)
Write articles (发文字帖)

The author:(作者)归海一刀
published in(发表于) 2014/5/3 9:47:51
National Centre for computer virus detecting malicious Trojan Variant

National Centre for computer virus detecting malicious Trojans new variants of malicious Trojan horse variants | | Trojan_Agent.FTK_ news

Xinhuanet, Tianjin, May 2 (reporter)-national computer virus emergency response center by monitoring the Internet found that has recently suffered from a malicious Trojan variant of Trojan_Agent.FTK.


The variant runs, will copy itself to the infected operating system the specified folder, rename the executable file. Meanwhile, the variants released malicious dynamic link DLL component, the component's exported functions have the shut down the system capabilities of the security services.


In addition, specify the active variant forced infected operating systems to access a malicious Web site. Final variant can obtain information on this computer infected operating systems (such as computer name, operating system version, processor type, memory size, and so on), then sent to a malicious attacker on a specific Web server, resulting in infected operating systems to accept a remote malicious code instructions.


For computers that have been infected with the malicious Trojan horse variants users, national computer virus emergency response Center recommends the immediate upgrade of antivirus software, a comprehensive antivirus. Users who were not infected with antivirus software recommended open systems "System Monitor" function, from the registry, system processes, memory, network, and other aspects of various operations to active defense, to monitor unknown virus intrusions in the first, achieve the full objective of protecting the security of computer systems.

May 02, 2014, 11:03 The website
(
国家计算机病毒中心发现恶意木马新变种|恶意木马程序变种|Trojan_Agent.FTK_新闻资讯

  新华网天津5月2日电(记者张建新袁帅)国家计算机病毒应急处理中心通过对互联网的监测发现,近期出现一种恶意木马程序变种Trojan_Agent.FTK。


  该变种运行后,会自身复制到受感染操作系统指定文件夹下,重命名为可执行文件。与此同时,该变种会释放恶意动态链接DLL组件,该组件的导出函数具有关闭系统的安全服务的功能。


  另外,该变种会迫使受感染操作系统主动访问指定的恶意Web网址。最终变种可以获取受感染操作系统的本机信息(诸如:计算机名、操作系统版本、处理器类型、内存大小等),随即发送到恶意攻击者指定的Web服务器上,致使受感染操作系统接受远程恶意代码指令。


  针对已感染该恶意木马程序变种的计算机用户,国家计算机病毒应急处理中心建议立即升级系统中的防病毒软件,进行全面杀毒。对未感染的用户建议打开系统中防病毒软件的“系统监控”功能,从注册表、系统进程、内存、网络等多方面对各种操作进行主动防御,以第一时间监控未知病毒的入侵活动,达到全方位保护计算机系统安全的目的。


2014年05月02日11:03
新华网
)

If you have any requirements, please contact webmaster。(如果有什么要求,请联系站长)




QQ:154298438
QQ:417480759