| Port No | 21957 |
| Service Name | BackDoor-AHS |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This backdoor malware has a client component, a server component, a server editor component, a port scanner component, a Microsoft Messenger (MSN) password stealing component, and another server component with MSN informer programs that allow a remote hacker access to the infected system. This backdoor malware can compromise the network security of the infected system. |
| Reference Link | BackDoor-AHS |
| Attack | Solution: You need to terminate the malware process from memory before the malware file can be deleted. Open Windows Task Manager. On Windows 9x/ME systems, press CTRL+ALT+DELETE On Windows NT/2000/XP systems, press CTRL+SHIFT+ESC In the list of running programs, locate these program(s): WINREG.EXE WINREGSE.EXE MSHTML.EXE NOTE: On systems running Windows 9x/ME, certain processes are not visible in the Task Manager. Use either a third party process viewer to view and terminate the malware process, or restart your system using an antivirus Emergency Rescue Disc (ERD). Select the program, then click the End Task or the End Process button, depending on the version of your Windows. Note that for Windows NT/2000/XP, the list of running processes is located under the Processes tab. To verify if the malware process has been terminated, press F5 to refresh Task Manager then review the process list. Close Task Manager. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.