Event ID - 2149

Port No2149
Service NameBackdoor.DeepThroat
RFC Doc0
ProtocolTCP
DescriptionThis is the installer component of the BKDR_DEEPTHR.20 backdoor program. It listens at ports TCP: 6670, 3150, and 2140 and UDP: 3150, 2140 for connections. This backdoor compromise network security because it allows hackers to control the host computer. The server is none destructive when executed (delete users files, misconfigure system settings, etc). The server creates an auto run registry key in the system to auto execute itself every system startup.
Reference LinkBackdoor.DeepThroat
AttackSolution:

Click Start>Run, type Regedit then hit the Enter key.
In the left panel, double click the following:
HKEY_LOCAL_MACHINE>Sofware>Microsoft
>Windows>CurrentVersion>Run
In the right panel, look for and then delete this Registry entry:
”SystemTray=%WinDir%\SYSTRAY.EXE”
Reboot your system.
Scan your system with Trend Micro antivirus and delete all files detected as BKDR_DEEPTHR.20. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.