Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.JORIK.AX (System Repair)

 

 

 

Name:

Trojan.Jorik.ax

Added:

August 29, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Trojan.Jorik.ax is executed, it performs the following activities:

After execution, it drops the following files:

%Appdata%\[RandomName].exe
%Appdata%\[RandomName].exe

And disguises itself as the system diagnosis application, "System Repair":

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

It creates/modifies the following registry entries:
Random Name = "%Appdata%\[Randam Name].exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

Upon execution, the malware hides the contents of the Desktop as well as the Root Drive of the system.

It also removes all the shortcuts from Start->Programs.

This malware prompts the user for personnel details in order to buy the product.

As soon as user provide his personnel details and clicks on "Secure Purchase" button, the page vanishes and all the supplied information get passed to the malware author.

Malware authors can use this information for his own purpose.

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4