Backdoor:Win32/Godo.A DescriptionType: Adware
Backdoor:Win32/Godo.A is a backdoor Trojan that enables cybercriminals to obtain unauthorized remote access and control over the affected PC. Backdoor:Win32/Godo.A aims at connecting to the server by using the Google Docs server as a proxy to conceal the Trojan's network activity by using an SSL-encrypted connection. While being activated on the targeted computer system, Backdoor:Win32/Godo.A adds malevolent files. Backdoor:Win32/Godo.A is found as an executable file using a Microsoft Word icon. This social engineering technique seduces computer users into loading Backdoor:Win32/Godo.A by making them believe the file is a document. When the file is opened, instead of opening a document the PC user will execute Backdoor:Win32/Godo.A. Backdoor:Win32/Godo.A installs a copy of itself as 'scvhost.exe' in the [startup folder] to make sure its copy is run whenever Windows is started. Backdoor:Win32/Godo.A contacts a remote server to upload information about the affected computer. Backdoor:Win32/Godo.A transfers the collected information about the corrupted PC to the external server.
File System Details
|#||File Name||Detection Count|
|1||[startup folder]\scvhost.exe||N/A +|
This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.