| Port No | 3150 |
| Service Name | Backdoor.DeepThroat |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This is the installer component of the BKDR_DEEPTHR.20 backdoor program. It listens at ports TCP: 6670, 3150, and 2140 and UDP: 3150, 2140 for connections. This backdoor compromise network security because it allows hackers to control the host computer. The server is none destructive when executed (delete users files, misconfigure system settings, etc). The server creates an auto run registry key in the system to auto execute itself every system startup. |
| Reference Link | Backdoor.DeepThroat |
| Attack | Solution: Click Start>Run, type Regedit then hit the Enter key. In the left panel, double click the following: HKEY_LOCAL_MACHINE>Sofware>Microsoft >Windows>CurrentVersion>Run In the right panel, look for and then delete this Registry entry: ”SystemTray=%WinDir%\SYSTRAY.EXE” Reboot your system. Scan your system with Trend Micro antivirus and delete all files detected as BKDR_DEEPTHR.20. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.