Besoin d’aide ? Fais appel à la communauté ou embauche un spécialiste.
Aller à Avira Answers
Alias:Backdoor.Tsunami.c, IRC-Pitchfork, Backdoor.Dvldr
Size:29.336 Bytes 
Damage:Connection through TCP Port 6667 
VDF Version: 

SymptomsPlease get info from General Description if you consider necessary.

Technical DetailsIt is an IRC Trojan. When activated, it creates the following files:

undll32.exe (29,336 Bytes)
%Systemdirectory%cygwin1.dll (944,968 Bytes)

and makes the following Registry Entry, to be automatically activated on Systemstart:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows CurrentVersionRun"TaskMan" = %Fonts%

* the variable %Font% is a standard Windows fonts file.

The Trojan contacts IRC ports and listens for further commands. It creates the hidden file rundll32.exe in fonts directory and opens TCP Port 6667. The Trojan contacts the IRC Servers:

Description insérée par Crony Walker le mardi 15 juin 2004

Retour . . . .