| Port No | 1991 |
| Service Name | Pitfall |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Pitfall telnet is a Spanish trojan. As the version suggest, this trojan is controlled by telnet. Because the newer versions have clients this version probably is not used by anyone. |
| Reference Link | href="http://www.dark-e.com/archive/trojans/pitfall/na/index.shtml"target="_blank">Pitfall |
| Attack | It Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices Key: Win32Load
Features: Chat with server Delete file Flood (open notepad 20 times) Get info Key logger Open/Close CD-Rom Run file Send message View network connections Fix: Remove the Win32Load key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run and HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices. Which can be done with regedit or any other registry editing program. Reboot the computer or close Ms.Win32.exe. Delete the trojan file Ms.Win32.exe in the windows directory. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.