Aliases
BackDoor-ATR.svr
Type
Trojan
Description
Troj/Bckdr-ATR is a password stealing backdoor Trojan for the Windows platform. The Trojan allows a malicious user remote access to an infected computer.
In order to run automatically when Windows starts up Troj/Bckdr-ATR copies itself to the file grob.exe in the Windows folder and creates the following registry entries pointing to this file:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\grob
HKU\Software\Microsoft\Windows\CurrentVersion\Run\grob
HKLM\SOFTWARE\Mirabilis\ICQ\Agent\Apps\ICQdat\Path
The Trojan also adds run entries to the win.ini and system.ini files.
Troj/Bckdr-ATR registers a successful infection by accessing a remote web site. The Trojan also attempts to steal passwords and send them to the attacker.
Read more: http://www.sophos.com/virusinfo/analyses/trojbckdratr.html

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic