Trojan Horse Downloader new variant appears secret intercept system Information

7th, the National Computer Virus Emergency treatment center released information said, through the Internet monitoring found that the recent emergence of "Trojan Download" (trojan_downloader) new varieties, to remind users beware.
After the variant is run, it replicates itself to the file directory specified in the infected operating system and renames it and saves it. Subsequently, the variant will retrieve the relevant registry entries in the background of the infected operating system, in the case of computer users without knowledge, secretly intercepts various resource information of operating system, for example: firewall, browser IE default home page, anti-virus software, system version, network card Physical address (MAC address), IP address and system software, etc.
The variants then transmit the intercepted system information to the designated server on the Internet using encryption. Once a malicious attacker has mastered these system information, it will use it to exploit the operating system remotely.
In addition, the variant will force the infected operating system to actively connect to the Internet designated Web server, download other trojans, viruses and other malicious programs.
Experts suggest that users infected with this variant should immediately upgrade the anti-virus software in the system and perform a full antivirus. uninfected users should open the system of anti-virus software "system monitoring" function, from the registry, system processes, memory, network and other aspects of the active defense of various operations, so that the first time to monitor the invasion of unknown viruses.