Trojan: Backdoor.SubSeven |
Name: Backdoor.SubSeven
Aliases: Backdoor.Trojan, Backdoor-G, Backdoor.SubSeven.1_7, Backdoor.G
Type: Remote access trojan
Description:
Backdoor.SubSeven has been distributed as an email attachment and in newsgroups. It uses various names. The infected system acts as a server for the client controlled by the virus author. The trojan may create any of the following files on the system:
WINDOWS\The trojan also modifies the RunServices key in the registry, WIN.INI or SYSTEM.INI to launch the application when the system reboots. The application is not visible in Task Manager.WINDOWS\SYSTEM\
- DATA2.EXE
- KERNEL16.DLL
- NODLL.EXE
- RUNDLL16.COM
- SERVER.EXE
- SYSTEMTRAYICON!.EXE
- TINURAK.EXE
- WINDOW.EXE
- LMDRKI_33.DLL
- WATCHING.DLL
Backdoor.SubSeven attempts to establish a TCP/IP connection. If successful, the controlling client gains remote access and is able to perform a variety of tasks.
| Virus Databases | Virus Links | ||
| Virus Research | Submitting a Virus |
Test Drives |
Year 2000 |
Site Map |
Customer Service |
Press Room |
Awards/ Reviews |
Global Resellers |
 |
Command Software Systems, Inc. 1061 East Indiantown Road · Suite 500 Jupiter · FL 33477 Phone: (561) 575-3200 |