| Port No | 2002 |
| Service Name | Backdoor.Senna |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This backdoor is a Remote Access Tool (RAT), a server and client tandem, that allows a remote malicious user to virtually issue certain commands on the affected system, thus compromising system security.
By default, it uses port 2000 to allow the said remoter user to issue any of the following commands: Browse system's drives, folders, and files Swap mouse buttons Manipulate open windows Get system information Shut down system Edit system registry Terminate processes View and delete items on clipboard |
| Reference Link | Backdoor.Senna |
| Attack | Solution: This procedure terminates the running malware process. You will need the name(s) of the file(s) detected earlier. If the process you are looking for is not in the list displayed by Task Manager, proceed to the succeeding solution set. Open Windows Task Manager. • On Windows 95, 98, and ME, press CTRL+ALT+DELETE • On Windows NT, 2000, XP, and Server 2003, press CTRL+SHIFT+ESC, then click the Processes tab. In the list of running programs*, locate the malware file(s) detected earlier. Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your computer. Do the same for all detected malware files in the list of running processes. To check if the malware process has been terminated, close Task Manager, and then open it again. Close Task Manager. *NOTE: On computers running Windows 95, 98, and ME, Windows Task Manager may not show certain processes. You can use a third party process viewer such as Process Explorer to terminate the malware process. On computers running all Windows platforms, if the process you are looking for is not in the list displayed by Task Manager or Process Explorer, continue with the next solution procedure, noting additional instructions. If the malware process is in the list displayed by either Task Manager or Process Explorer, but you are unable to terminate it, restart your computer in safe mode. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.