Besoin d’aide ? Fais appel à la communauté ou embauche un spécialiste.
Aller à Avira Answers
Alias:Backdoor.VNC-based, BackDoor-ARG.dr, Backdoor.Dvldr
Size:212.992 Bytes 
Damage:Is a Trojan, which enables unauthorized access to systems. 
VDF Version:6.xx.xx 

Technical DetailsThe Trojan secures VNC applications, after it names itself EXPLORER.EXE. It performs the installation of the file INST.EXE, which is used by the VNC application. The Trojan listens on TCP Port 5800 waiting for further commands.
It creates the following hidden files, in %Font% directory:

VNCHooks.dll (32,768 Bytes)
explorer.exe (212,992 Bytes)

The Trojan will be installed by a so-called Dropper. It makes the following Registry entry:

HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows CurrentVersionRun "Explorer" = %Fonts folder%explorer.exe

Thus, the Trojan will be run at every system start.
Description insérée par Crony Walker le mardi 15 juin 2004

Retour . . . .