Need help? Ask the community or hire an expert.
Go to Avira Answers
Alias:Backdoor.VNC-based, BackDoor-ARG
Size:212.992 Bytes 
Damage:BDS/Arg gives a third party unauthorized access to an infecetd computer. 
VDF Version: 

Technical DetailsThe Trojan secures VNC applications, after it names itself EXPLORER.EXE. It performs the installation of the file INST.EXE, which is used by the VNC application. The Trojan listens on TCP Port 5800 waiting for further commands.
It creates the following hidden files, in %Font% directory:

VNCHooks.dll (32,768 Bytes)
explorer.exe (212,992 Bytes)

The Trojan will be installed by a so-called Dropper. It makes the following Registry entry:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ "Explorer" = %Fonts folder%\explorer.exe

When active, the Trojan connects itself to the following IRC Servers:

It can send an email, to inform the attacker about the System infection.
Description inserted by Crony Walker on Tuesday, June 15, 2004

Back . . . .