| Port No | 12623 |
| Service Name | Backdoor-BR.svr |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This server part of a remote administration Trojan enables a remote hacker access to an infected computer via ICQ. |
| Reference Link | Backdoor-BR.svr |
| Attack | Solutions: Click Start>Run, type REGEDIT then hit the Enter key. Double click the following: HKEY_LOCAL_MACHINE>Software>Microsoft >Windows>CurrentVersion>Run Look for the below value, note the complete path and filename of the Trojan, then delete this value: BUTTMAN = Reboot your computer. Delete the Trojan you noted as listed in the registry value deleted in step 2. Delete the dropped files FNGKHLIB.DLL and ICQMAPI.DLL in the C:\Windows directory. Scan your system with Trend Micro antivirus and delete all the files detected as TROJ_BUTTMAN. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro’s freeonline virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.