Event ID - 12623

Port No12623
Service NameBackdoor-BR.svr
RFC Doc0
ProtocolUDP
DescriptionThis server part of a remote administration Trojan enables a remote hacker access to an infected computer via ICQ.
Reference LinkBackdoor-BR.svr
AttackSolutions:

Click Start>Run, type REGEDIT then hit the Enter key.
Double click the following:
HKEY_LOCAL_MACHINE>Software>Microsoft >Windows>CurrentVersion>Run
Look for the below value, note the complete path and filename of the Trojan, then delete this value:
BUTTMAN =
Reboot your computer.
Delete the Trojan you noted as listed in the registry value deleted in step 2.
Delete the dropped files FNGKHLIB.DLL and ICQMAPI.DLL in the C:\Windows directory.
Scan your system with Trend Micro antivirus and delete all the files detected as TROJ_BUTTMAN. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro’s freeonline virus scanner.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.