Event ID - 11011

Port No11011
Service NameBackdoor.Amanda
RFC Doc0
ProtocolTCP
DescriptionThis backdoor hacking tool enables a hacker or remote user access to an infected system. It works on the Client-Server principle. The Server side listens to a port where the Client side connects to. When a connection is established, the Client sends commands to the Server so that these are executed. This program has been created in Visual Basic 6.0 and thus requires a MSWINSCK.OCX file and a MSVBM60.DLL runtime library installed in the infected system to execute properly.
Reference Link Backdoor.Amanda Trojan
AttackSOLUTION :
Trend Micro Solution
Users of Trend Micro PC-cillin Internet Security and Network VirusWall can detect this exploit at the network layer with Network Virus Pattern (NVP) 10159, or later.
1.Run regedit and delete the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunWinstart=%path%\%filename
2.Scan your system with Trend antivirus and delete all files detected as BKDR_AMANDA.A. To do this, Trend customers must download the latest pattern file and scan their system. Other email users may use Trend HouseCall, a free online virus scanner.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.