Gray pigeon trojan virus reproduction network remote control user computer

Jiang min reminds you today that in today's virus, Trojan/Agent. mjc "proxy Trojan" variants mjc and Backdoor/Huigezi. rng "gray pigeon" variants rng are worth noting.

Virus name: Trojan/Agent. mjc

Chinese name: "proxy trojan" variant mjc

Virus length: 1180 bytes

Virus Type: Trojan

Hazard level:★

Affected Platforms: Win 9X/ME/NT/2000/XP/2003

Trojan/Agent. mjc the "proxy Trojan" variant mjc is one of the latest members of the "proxy Trojan" Trojan family. Virus bodies are stored as text files. After the "proxy trojan" variant mjc runs, it connects to the server specified by the hacker in the background of the infected computer, downloads malicious programs, and runs them locally automatically. The file image hijacking technology is used to prevent the operation of a large number of anti-virus software, security software and system management software, and reduce the security settings on infected computers.

Virus name: Backdoor/Huigezi. rng

Chinese name: "grey pigeon" variant rng

Virus length: 305664 bytes

Virus Type: Backdoor

Hazard level:★

Affected Platforms: Win 9X/ME/NT/2000/XP/2003

The rng variant of Backdoor/Huigezi. rng "grey pigeon" is one of the latest members of the "grey pigeon" Backdoor family. It is written in Delphi and shelled. After the rng variant of "gray pigeon" runs, it copies itself to the specified directory and sets the file attribute to "read-only, hidden, and archived" to hide itself. In the background, call the "Internet Explorer" process and inject malicious code into the process to call and execute it. The system service with the self-registration name "internetl" enables the rng of the "gray grid" variant to run automatically upon startup. Connect to the specified site of the hacker to obtain the real address of the infected computer. Avoids the monitoring of Some firewalls and reduces the Security Settings on infected computers. Once the user's computer contains the rng variant of the "gray pigeon", it will become a cyber zombie. Hackers can remotely control the infected computer, including stealing user confidential information and malicious operations on files or programs, this seriously threatens the security of users' computer information.