| Port No | 61466 |
| Service Name | TeLeCoMMaNDo |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | TeLeCoMMaNDo 1.5.40 is a old trojan. It is not very common and hard to find. The client has a neat looking world with a big N that rotates when you are connected. That is probably the best thing about TeLeCoMMaNDo |
| Reference Link | TeLeCoMMaNDo |
| Attack | It Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Key: SystemApp Features: Execute program hidden, maximized, minimized or visible File manager Get computer name Get date and time Get user name Hide/show desktop Hide/show start button Hide/show task bar Lock/unlock desktop Log off user, reboot or shutdown windows Send message Shutdown, remove, password protect server Star on/off View/kill 32 bit processes Fix: Remove the SystemApp key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Which can be done with regedit or any other registry editing program. Reboot the computer or close ODBC.EXE. Delete the trojan file ODBC.EXE in the windows system director |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.