| Port No | 54321 |
| Service Name | Back Orifice 2000 |
| RFC Doc | 0 |
| Protocol | UDP |
| Description | Back Orifice, a Windows Remote Administration Tool, was released in 1998. This tool allows a user to control a remote computer across a Transmission Control Protocol/Internet Protocol (TCP/IP) connection using a simple console or Graphical User Interface (GUI) application. The controls includes the following: File system ,Process ,Network and multimedia controls,This backdoor malware is version 1.0 of Backdoor Orifice 2000, including other modified versions of this hacking tool. |
| Reference Link | Back Orifice 2000 Trojan |
| Attack | SOLUTION : AUTOMATIC REMOVAL INSTRUCTIONS To automatically remove this malware from your system, please use Trend Micro Damage Cleanup Engine and Template. MANUAL REMOVAL INSTRUCTIONS Identifying the Malware Program Before proceeding to remove this malware, first identify the malware program. Scan your system with Trend Micro antivirus and NOTE all files detected as BKDR_BO2K.10. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users can use HouseCall, Trend Micro's free online virus scanner. Terminating the Malware Program This procedure terminates the running malware process from memory. You will need the names of the file or files detected earlier. 1.Open Windows Task Manager. On Windows 9x/ME systems, press CTRL+ALT+DELETE On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC, and click the Processes tab. 2.In the list of running programs*, locate the malware file or files detected earlier. 3.Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your system. 4.Do the same for all detected malware files in the list of running processes. 5.To check if the malware process has been terminated, close Task Manager, and then open it again. 6.Close Task Manager. NOTE : On systems running Windows 9x/ME, Task Manager is not able to show certain processes. You may use a third party process viewer to terminate the malware process. Otherwise, continue with the next procedure, noting additional instructions. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.