| Port No | 65432 |
| Service Name | The Traitor |
| RFC Doc | 0 |
| Protocol | UDP |
| Description | This backdoor malware opens a port 21 on its affected system where it allows a remote user access to and control over the system. |
| Reference Link | TRAITOR |
| Attack | Solution Identifying the Malware Program Before proceeding to remove this malware, first identify the malware program. Scan your system with Trend Micro antivirus and NOTE all files detected as BKDR_TRAITOR.A. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other Internet users can use HouseCall, Trend Micro's free online virus scanner. Terminating the Malware Program Since the backdoor runs almost invisible from the user, special tools are needed in order to be able to kill the running backdoor process. One such tool is Process Explorer, which you may download and execute. On the Process Explorer window, locate the process that matches the file names of those detected earlier as BKDR_TRAITOR.A. Right-click on this process and choose “kill process” then choose “yes.” Removing Autostart Entries from the Registry Removing autostart entries from registry prevents the malware from executing during startup. You will need the name of the file detected earlier. Open Registry Editor. To do this, click Start>Run, type REGEDIT, then press Enter. In the left panel, double-click the following: HKEY_LOCAL_MACHINE>Software>Microsoft>Windows> CurrentVersion>RunServices In the right panel, locate and delete the entry or entries whose data value (in the rightmost column) is the malware file detected earlier as BKDR_TRAITOR.A. In the right panel, locate and delete the entry or entries whose data value (the rightmost column) is the malware file(s) detected earlier. Close Registry Editor. NOTE: If you were not able to terminate the malware process from memory as described in the previous procedure, restart your system . To do this, Trend customers must download the latest pattern file and scan their system. Other email users may use Trend HouseCall, a free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.