Discovered: August 5, 2003
Updated: February 13, 2007 12:04:44 PM
Also Known As: Backdoor.Winshell.50 [KAV], BackDoor-TC [McAfee]
Type: Trojan Horse
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows XP
Backdoor.WinShell.50 is a server program that allows unauthorized access to an infected computer. The Backdoor will listen on port 8719.
This piece of malware, along with
Trojan.Stealther.B, has recently been found on systems that the
Microsoft DCOM RPC vulnerability has exploited.
Symantec Security Response has developed a removal
tool to clean infections of Backdoor.Winshell.50 and
Trojan.Stealther.B.
NOTE: Virus definitions dated August 6, 2003 may detect this as Backdoor.Winshell.
Protection
-
Initial Rapid Release version August 7, 2003
-
Latest Rapid Release version July 19, 2008 revision 019
-
Initial Daily Certified version August 7, 2003 revision 003
-
Latest Daily Certified version July 19, 2008 revision 018
-
Initial Weekly Certified release date August 13, 2003
Click for a more detailed description of Rapid Release and Daily Certified virus definitions.
Threat Assessment
Wild
-
Wild Level: Low
-
Number of Infections: 0 - 49
-
Number of Sites: 0 - 2
-
Geographical Distribution: Low
-
Threat Containment: Easy
-
Removal: Moderate
Damage
Distribution
Writeup By: Douglas Knowles
