Troj/Bdoor-AML ; Aliases: Trojan.PSW.Jeem
Date: 13 November 2002
At the time of writing Sophos has received just one report of
this Trojan from the wild.
Troj/Bdoor-AML is a backdoor Trojan which allows unauthorised remote access to the computer over a network.
The Trojan copies itself to the Windows system folder as MSREXE.EXE and adds an entry to the registry at
to run itself on system restart.
The Trojan creates the registry entry
and also creates several registry entries at
Troj/Bdoor-AML attempts to use the affected computer as a proxy SMTP email server.
Troj/Bdoor-AML may be dropped by Troj/Dloader-BO.
More information about Troj/Bdoor-AML can be found at
|« Previous Thread | Next Thread »|
|Thread Tools||Search this Thread|