Troj/Delf-AJE

Category: Viruses and Spyware Protection available since:20 Feb 2006 00:00:00 (GMT)
Type: Trojan Last Updated:20 Feb 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Delf-AJE is a Trojan for the Windows platform.

Troj/Delf-AJE includes functionality to:

- access the internet and communicate with a remote server via HTTP
- send notification messages to remote locations

When first run Troj/Delf-AJE attempts to download and run http://conteudo.741.com/time.scr.

Troj/Delf-AJE creates the following registry entries to automatically run itself at system startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ccwPin
C:\WINDOWS\System32\openS.exe 0

Troj/Delf-AJE also attempts to modify or delete the following registry entries:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ccApp
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CMGuardian
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CMGrdian
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AVG7_CC
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AVG7_EMC

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy