Troj/Joofi-A

Category: Viruses and Spyware Protection available since:10 Nov 2009 18:17:04 (GMT)
Type: Trojan Last Updated:10 Nov 2009 18:17:04 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Joofi-A is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.

Troj/Joofi-A includes functionality to access the internet and communicate with a remote server via HTTP and SMTP.

When first run Troj/Joofi-A copies itself to:

<System>\<eight random characters>.exe

The following registry entry is created to run Troj/Joofi-A on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
<five random characters>
<System>\<eight random characters>.exe

Troj/Joofi-A is registered as a new system driver service and a startup type of automatic, so that it is started automatically during system startup.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy