Event ID - 3119

Port No3119
Service NameDRA
RFC Doc0
ProtocolTCP
DescriptionThis is a hacker tool that compromises network security. It sends the IP address and the cached passwords of the infected machine.
Reference LinkDRA
AttackSolution:
Click Start>Run, type REGEDIT then hit the Enter key.
Double click the following:

HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>
CurrentVersion>Run
In the right panel, check for
MSDra32=%windows%\MSDRA32.EXE.
If found, right-click the value and then delete it.
Click Start>Run, type SYSTEM.INI then hit the Enter key.
Search and delete for the following entry in the [boot] section:
shell=explorer %windows%\MSDRA32.exe
Reboot the computer.
Scan your system with Trend Micro antivirus and delete all files detected as BKDR_DRA.A. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.