Event ID - 22223

Port No22223
Service NameBKDR_RUX
RFC Doc0
ProtocolTCP
DescriptionThis remote-access and password-stealing backdoor malware is written in Visual Basic 5.0. It executes only when MSWINSCK.OCX is installed on the infected system. Otherwise an error message is displayed and its execution is stopped. This backdoor program allows a hacker to have access to the vital information on the infected computer. Thus, it compromises network security.
Reference LinkBKDR_RUX
AttackSolutions:

Click Start>Run, type Sysedit then hit the Enter key. Locate the run entry in the WIN.INI and manually remove the following reference to the backdoor program:
run=C:\WINDOWS\SYSTEM\FlyingMarqu.scr
Delete the below string that follows the "run=": C:\WINDOWS\SYSTEM\FlyingMarqu.scr
Save and exit the file.
Restart your System
Scan your system with Trend Micro antivirus and delete all files detected as BKDR_RUX.30. To do this, Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall,

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.