Troj/Daemoni-T

Category: Viruses and Spyware Protection available since:06 Jan 2006 00:00:00 (GMT)
Type: Trojan Last Updated:06 Jan 2006 00:00:00 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Daemoni-T is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.

Troj/Daemoni-T includes functionality to access the internet and communicate with a remote server via HTTP.

When first run Troj/Daemoni-T copies itself to <System>\msvcr32.exe.

The following registry entry is created to run msvcr32.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
objupdate
<System>\msvcr32.exe

The following registry entry is set, affecting internet security:

HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\List\<Windows>\
System32
msvcr32.exe
<System>\msvcr32.exe:*:Enabled:<System>\msvcr32.exe

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy