cris
06-01-2001, 13:05
Sagem S6 calculator (loger) its a backdoor!!
Everybody who started the s6_calc.exe with the
backdoor/trojan: it will install a BACKDOOR_GQ server
into the C:\ directory. It's relatively easy to remove:
use regedit to remove the entry "sucareg.exe" or something
similar from the registry path
HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run
Then delete the files sucareg.exe and TMP32$1.exe from c:\ )
Best regards,
Cris
Everybody who started the s6_calc.exe with the
backdoor/trojan: it will install a BACKDOOR_GQ server
into the C:\ directory. It's relatively easy to remove:
use regedit to remove the entry "sucareg.exe" or something
similar from the registry path
HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/CurrentVersion/Run
Then delete the files sucareg.exe and TMP32$1.exe from c:\ )
Best regards,
Cris