Troj/Bdoor-LV is a backdoor Trojan for the Windows platform.
Troj/Bdoor-LV includes functionality to access the internet and communicate with a remote server via HTTP.
When first run Troj/Bdoor-LV copies itself to <Windows>\timed.exe and creates the following files:
<CurrentFolder>\dcat.log
<Windows>\wints.ini
These files may be safely deleted.
The following registry entry is created to run timed.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Timer
<Windows>\timed.exe /i
Troj/Bdoor-LV includes functionality to:
- download files from the internet and run them
- make changes to the registry