Troj/Bdoor-JM is a Trojan for the Windows platform.
Troj/Bdoor-JM includes functionality to access the internet and communicate with a remote server via HTTP.
Troj/Bdoor-JM is offers remote backdoor access to the infected computer with the following services:
delete files from infected computer
reboot computer
run files on infected computer
terminate running processes on infected computer
transfer files to and from infected computer
When Troj/Bdoor-JM is installed the following files are created:
<Windows system folder>\delself.bat (harmless can be safely removed)
<Windows system folder>\mpai32.dll (harmless can be safely removed)
<Windows system folder>\mstdc.exe (detected as Troj/Bdoor-JM)
The following registry entries may be created to run mstdc.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
DrCache
<Windows system folder>\MSTDC.EXE
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
DrCache
<Windows system folder>\MSTDC.EXE