Event ID - 7020

Port No7020
Service Namedpserve
RFC Doc0
ProtocolTCP
DescriptionDP Serve
Reference LinkMore Information
AttackName:Basic Hell 1.0

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Backdoor Basic hell 1.0 is a Trojan that opens up a backdoor program that, once installed on a system, permits unauthorized users to remotely run applications, extract passwords, and reboot the system. Basic Hell runs from the server file C:\WINDOWS\SYSTEM\BHS.EXE over port 60666 via TCP.

There are several Backdoor detection programs on the market that are said to be able to scan for and detect a Backdoor Basic hell 1.0 server on your system. Some of the better known AntiVirus vendors have included detection strings in their virus definitions.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.