Port No | 31320 |
Service Name | Little Witch |
RFC Doc | 0 |
Protocol | UDP |
Description | This backdoor malware is called Little Witch version 5.0. It allows a remote hacker access to an infected computer |
Reference Link | Little Witch |
Attack | Solution Scan your system with Trend AntiVirus and note the filenames of the files detected as BKDR_WITCH.50.A. Click Start>Run, type REGEDIT then hit the Enter key. Double click the following: HKEY_CURRENT_USER>.DEFAULT>Software>Microsoft >Windows>CurrentVersion>Run Look for the entry that points to the files detected as TROJ_WITCH.50.A (refer to your notes in step 1) and delete the entry. Double click the following: HKEY_LOCAL_MACHINE>Software>Microsoft >Windows>CurrentVersion>Run Look for the entry that points to the files detected as BKDR_WITCH.50.A (refer to your notes in step 1) and delete the entry. Double click the following: HKEY_LOCAL_MACHINE>Software>Microsoft >Windows>CurrentVersion>RunServices Look for the entry that points to the files detected as BKDR_WITCH.50.A (refer to your notes in step 1) and delete the entry. Double click the following: HKEY_USERS>.DEFAULT>Software>Microsoft>Windows>CurrentVersion>Run Look for the entry that points to the files detected as BKDR_WITCH.50.A (refer to your notes in step 1) and delete the entry |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.