| Port No | 41666 |
| Service Name | Remote Boot |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Remote Boot Tool 1.0 is a simple trojan just to shutdown windows various ways. The client has cute little graphics. |
| Reference Link | Remote Boot |
| Attack | It Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ Key: MGSRV32 Features: Reboot, log off, shutdown, force shutdown, power off and restart windows Remove server r Fix: Remove the MGSRV32 key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Which can be done with regedit or any other registry editing program. Reboot the computer or close MGSRV32.EXE. Delete the trojan file MGSRV32.EXE in the windows directory |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.