Aliases: Backdoor.Trojan, Backdoor-G, Backdoor.SubSeven.1_7, Backdoor.G
Type: Remote access trojan
Backdoor.SubSeven has been distributed as an email attachment and in newsgroups. It uses various names. The infected system acts as a server for the client controlled by the virus author. The trojan may create any of the following files on the system:
WINDOWS\The trojan also modifies the RunServices key in the registry, WIN.INI or SYSTEM.INI to launch the application when the system reboots. The application is not visible in Task Manager.
Backdoor.SubSeven attempts to establish a TCP/IP connection. If successful, the controlling client gains remote access and is able to perform a variety of tasks.