Event ID - 2002

Port No2002
Service NameBackdoor.Senna
RFC Doc0
ProtocolTCP
DescriptionThis backdoor is a Remote Access Tool (RAT), a server and client tandem, that allows a remote malicious user to virtually issue certain commands on the affected system, thus compromising system security.

By default, it uses port 2000 to allow the said remoter user to issue any of the following commands:

Browse system's drives, folders, and files
Swap mouse buttons
Manipulate open windows
Get system information
Shut down system
Edit system registry
Terminate processes
View and delete items on clipboard
Reference LinkBackdoor.Senna
AttackSolution:

This procedure terminates the running malware process. You will need the name(s) of the file(s) detected earlier.

If the process you are looking for is not in the list displayed by Task Manager, proceed to the succeeding solution set.

Open Windows Task Manager.
• On Windows 95, 98, and ME, press
CTRL+ALT+DELETE
• On Windows NT, 2000, XP, and Server 2003, press
CTRL+SHIFT+ESC, then click the Processes tab.
In the list of running programs*, locate the malware file(s) detected earlier.
Select one of the detected files, then press either the End Task or the End Process button, depending on the version of Windows on your computer.
Do the same for all detected malware files in the list of running processes.
To check if the malware process has been terminated, close Task Manager, and then open it again.
Close Task Manager.

*NOTE: On computers running Windows 95, 98, and ME, Windows Task Manager may not show certain processes. You can use a third party process viewer such as Process Explorer to terminate the malware process. On computers running all Windows platforms, if the process you are looking for is not in the list displayed by Task Manager or Process Explorer, continue with the next solution procedure, noting additional instructions. If the malware process is in the list displayed by either Task Manager or Process Explorer, but you are unable to terminate it, restart your computer in safe mode.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.