Port No | 48 |
Service Name | DRAT |
RFC Doc | 0 |
Protocol | TCP |
Description | TROJ_DRAT.B configures this nondestructive server program of a backdoor malware. This server program copies itself into the target computer and modifies the registry so that its copy executes upon Windows startup. |
Reference Link | DRAT Trojan |
Attack |
SOLUTION : 1.Scan your system with Trend Micro antivirus and take note of the complete path and filename of the files detected as BKDR_DRAT.130.A. 2.Click Start>Run, type Regedit then hit the Enter key. 3.In the left panel, double click the following: HKEY_LOCAL_MACHINE>Software>Microsoft >Windows>CurrentVersion>RunServices 4.Using your notes in step one, in the right panel, look for and then delete the registry entry that points to the complete path and filename of the file detected as BKDR_DRAT.130.A: “Backdoor program” “Backdoor path” 5.Close Regedit. 6.Restart your system. 7.Scan your system with Trend Micro antivirus and delete all files detected as BKDR_DRAT.130.A. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.