| Port No | 31337 |
| Service Name | Back Orifice |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Back Orifice, a Windows Remote Administration Tool, was released in 1998. This tool allows a user to control a remote computer across a Transmission Control Protocol/Internet Protocol (TCP/IP) connection using a simple console or Graphical User Interface (GUI) application. The controls includes the following: File system,Process,Network and multimedia controls. The BACK ORIFICE 2000 was released. Aside from the remote control capabilities of Back Orifice malware types, the creators added the following notable features to this backdoor: Windows NT support ,Open plug-in architecture to allow 3rd party add-ons ,Strong cryptography to ensure secure network administration (XOR/3DES) ,Open source, available under the GNU Public License ,TCP/IP or UDP port usage,This backdoor malware is version 1.0 of Backdoor Orifice 2000, including other modified versions of this hacking tool. It runs on Windows 95, 98, ME, NT, 2000 and XP. |
| Reference Link | Back Orifice Trojan |
| Attack | SOLUTION : AUTOMATIC REMOVAL INSTRUCTIONS To automatically remove this malware from your system, please use Trend Micro Damage Cleanup Engine and Template. MANUAL REMOVAL INSTRUCTIONS Identifying the Malware Program Before proceeding to remove this malware, first identify the malware program. Scan your system with Trend Micro antivirus and NOTE all files detected as BKDR_BO2K.10. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users can use HouseCall, Trend Micro's free online virus scanner. Terminating the Malware Program This procedure terminates the running malware process from memory. You will need the names of the file or files detected earlier. 1.Open Windows Task Manager. On Windows 9x/ME systems, press CTRL+ALT+DELETE On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC, and click the Processes tab. 2.In the list of running programs*, locate the malware file or files detected earlier. 3.Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your system. 4.Do the same for all detected malware files in the list of running processes. 5.To check if the malware process has been terminated, close Task Manager, and then open it again. 6.Close Task Manager. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.