Troj/BDSinit-C

Category: Viruses and Spyware Protection available since:31 Oct 2003 00:00:00 (GMT)
Type: Trojan Last Updated:31 Oct 2003 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

Troj/BDSinit-C is a backdoor Trojan which allows unauthorised access and control of the computer from a remote network location.

In order to run automatically when Windows starts up the Trojan copies itself to the file svcpack.exe in the Windows system32 folder and sets the following registry entries:

HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\SVC Service
= C:\windows\system32\svcpack.exe

HKLM\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit
= C:\windows\system32\userinit.exe, C:\windows\system32\svcpack.exe

Troj/BDSinit-C also adds the following registry entry:

HKLM\Software\Microsoft\DirectPlugin\EngineName
= "<Windows System>\DirectPlugin.installed"

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy