high
Summary
Summary
Action- More Information
| Detected by | All Sophos products |
|---|---|
Free virus scan
- Free virus, spyware, and adware scan
- Test your existing anti-virus protection
- Find threats your anti-virus missed
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
The package contains two or three programs. One of the files should be installed on a "server" machine. Once the server program is installed the client can take control over the infected computer. The client is a powerful "remote administration" tool. It has remote controlling abilities such as the ability to edit the server Windows registry file, flip the screen, change the desktop colours, restart Windows, play sounds, send messages, switch off the display, disable keyboard keys, hide the mouse cursor or the task-bar.
The client can also steal passwords and read keyboard keys pressed on the server since the last boot. The third program in the package is a utility that can be used to configure the server program. It is possible to patch the server with any executable so it looks as if a user received a valid file instead of the trojan. The server configuration program also configures the way the server is "installed". To install itself the server can use the Windows registry file.
It can also change the C:\WINDOWS\WIN.INI or C:\WINDOWS\SYSTEM.INI files so that the server runs on starting Windows.
|
