Troj/PcClien-ID

Category: Viruses and Spyware Protection available since:11 Sep 2006 00:00:00 (GMT)
Type: Trojan Last Updated:11 Sep 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/PcClien-ID is a backdoor Trojan which allows a remote intruder to gain access and control over the computer. Troj/PcClien-ID is a backdoor Trojan which allows a remote intruder to gain access and control over the computer.

When first run Troj/PcClien-ID copies itself to <Temp>\@BEde.exe and creates the following files:

<current folder>\<original filename>.doc
<Windows>\offitems.log
<System>\drivers\updjsjas.sys
<System>\updjsjas.dll
<System>\updjsjas.drv
<System>\updjsjas.log

The file updjsjas.sys is detected as Troj/Agent-BSL. The document file is clean, and is opened by the Trojan when the Trojan is first executed.

The file updjsjas.dll is registered as a service named "SENS". Registry entries are created or modified under:

HKLM\SYSTEM\CurrentControlSet\Services\SENS\

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy