| Port No | 4700 |
| Service Name | THIEF |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This is the server component of the version 1.35a of the backdoor program, Theef. If installed on a system, it enables a hacker running the client component control overe its infected system. |
| Reference Link | THIEF |
| Attack | Solution: Click Start>Run, type Regedit then hit the Enter key. In the left panel of the Registry Editor, double click the registry key: HKEY_LOCAL_MACHINE In the right panel, look for and then delete the value: Window = “c:\windows\system\Window.exe” In the left panel, double click the registry keys: HKEY_LOCAL_MACHINE>Software>Microsoft>Windows >CurrentVersion>Run On the right panel, look for and then delete the value: Window = “c:\windows\system\Window.exe” Close the Registry Editor window. Restart your computer. Scan your system with Trend antivirus and delete all files detected as TROJ_THF135A.SRV. To do this Trend customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.