| Port No | 1041 |
| Service Name | REMOTENC |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This non-memory resident backdoor client program enables a remote attacker to access a target system. However, in order for this backdoor to fully carry out its malicious intents, a server component must be installed in the target system. It runs only in DOS mode and works in Windows 95, 98, NT, ME, XP and 2000 |
| Reference Link | REMOTENC |
| Attack | Solutions: Scan your system with Trend Micro antivirus and delete all files detected as BKDR_REMOTENC.A. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro’s free online virus scanner Details: This backdoor client program is a remote access tool which allows an attacker to execute commands in the compromised system. However, it cannot fully carry out the intended backdoor routines if a corresponding server component is not installed in the target system. The following elements are also required: The attacker must know the service name of the command to launch. The attacker must also have a username and password in order to access the remote system. The malware body contains these strings: RemoteNC Beta 3, Written by Assassin 2001 http://www.ne It runs in DOS mode. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.