| Port No | 3700 |
| Service Name | TROJ_POD.S |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Upon execution, this server side backdoor hacking tool makes itself active in memory, bypasses network security and gives system administrator privileges to remote users running the client program. |
| Reference Link | TROJ_POD.S |
| Attack | Details: To remove this backdoor program from memory, press the CTRL-ALT-DEL buttons simultaneously. Click ole16 in the task manager>END TASK. Click END TASK again on the window that displays. Scan the system with Trend Micro antivirus and delete all files detected as BKDR_POD.S. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner. Solutions: This backdoor program runs only when the following files are present on the target system: COMDLG32.OCX and CSWSK32.OCX. Upon execution, this backdoor program creates the BKDR_POD.C file in the system memory of the target system's Hard Disk Drive, C:\. This file gives system administrator privileges to the users on the client side. The server side hacking tool, thereafter, waits for commands coming from the client side. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.