Event ID - 1152

Port No1152
Service NameBackdoor.Dynod
RFC Doc0
ProtocolTCP
DescriptionThis backdoor program is disguised as a serial generator for FRUITYLOOPSPRO. Upon execution, it copies itself in the Windows System directory. This dropped file is a server program that allows a remote user running the client program to access the infected computer.
Reference LinkBackdoor.Dynod
AttackSolution:

Scan your system with Trend antivirus and delete all files detected as BKDR_ORION. To do this Trend customers must download the latest pattern file and scan their system. Other email users may use Trend HouseCall, a free online virus scanner..
Extract SYSTRAY.EXE from original Windows setup files.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.