Troj/Jubik-A

Category: Viruses and Spyware Protection available since:18 Mar 2006 00:00:00 (GMT)
Type: Trojan Last Updated:18 Mar 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/Jubik-A is a Trojan for the Windows platform.

Troj/Jubik-A includes functionality to download files from the internet. Troj/Jubik-A may inject code into other Windows processes in an attempt to avoid detection. Troj/Jubik-A is a Trojan for the Windows platform.

Troj/Jubik-A includes functionality to download files from the internet. Troj/Jubik-A may inject code into other Windows processes in an attempt to avoid detection.

When first run Troj/Jubik-A copies itself to <System>\jb???.exe, where ??? are 3 random letters.

The following registry entry is created to run jb???.exe on startup:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
jb???.exe
<System>\jb???.exe

Troj/Jubik-A modifies the following registry entry:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer \BrowseNewProcess
BrowseNewProcess
yes

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy