Troj/Bdoor-AMH is a Trojan for the Windows platform.
Troj/Bdoor-AMH copies itself to either the (Windows\naver2.exe) folder or C:\naver2.exe.
Troj/Bdoor-AMH edits the registry value:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run naver2.exe
Troj/Bdoor-AMH connects to a remote host to receive information. After receiving instructions from the remote host, it will then send the data back to the remote host using SMTP.
More information can be found at this Sophos page.
Source : esecurityplanet.com
Selasa, 01 Juli 2008
Langganan:
Posting Komentar
(
Atom
)
Tidak ada komentar :
Posting Komentar