Discovered: August 5, 2003
Updated: February 13, 2007 12:04:44 PM
Also Known As: Backdoor.Winshell.50 [KAV], BackDoor-TC [McAfee]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Backdoor.WinShell.50 is a server program that allows unauthorized access to an infected computer. The Backdoor will listen on port 8719.
This piece of malware, along with
Trojan.Stealther.B, has recently been found on systems that the
Microsoft DCOM RPC vulnerability has exploited.
Symantec Security Response has developed a removal
tool to clean infections of Backdoor.Winshell.50 and
Trojan.Stealther.B.
NOTE: Virus definitions dated August 6, 2003 may detect this as Backdoor.Winshell.
Protection
-
Initial Rapid Release version August 7, 2003
-
Latest Rapid Release version August 20, 2008 revision 017
-
Initial Daily Certified version August 7, 2003 revision 003
-
Latest Daily Certified version January 20, 2009 revision 048
-
Initial Weekly Certified release date August 13, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Douglas Knowles
Technorati
Digg
Delicious
Reddit
StumbleUpon
Yahoo Buzz
Twitter
Facebook
Newsvine
