| Port No | 47891 |
| Service Name | Backdoor.Antilam |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | This backdoor program consists of a client and a server component. Once the server component is installed on the target system, it opens a port and awaits commands from its client counterpart. Apart from compromising network security, this malware is a keylogger program and has file manipulation capabilities. |
| Reference Link | Backdoor.Antilam |
| Attack | Solutions: Removing Autostart Entries from the Registry Open Registry Editor. Click Start>Run , type REGEDIT then hit the ENTER key. In the left panel, double click the following: HKEY_CURRENT_USER>Software>Microsoft> Windows>CurrentVersion>Run In the right panel, locate and delete the registry entry: MS Scandisk = %Windows%\scandisk.exe" *where %Windows% is the Windows directory, which is usually C:\Windows or C:\WINNT. In the left panel, double-click the following: HKEY_LOCAL_MACHINE>Software>Microsoft>Windows> CurrentVersion>Run In the right panel, locate and delete the registry entry: MS Scandisk = %Windows%\scandisk.exe" In the left panel, double-click the following: HKEY_USERS>.DEFAULT>Software>Microsoft> Windows>CurrentVersion>Run In the right panel, locate and delete the registry entry: MS Scandisk = %Windows%\scandisk.exe" Close Registry Editor Terminating the Malware Program On Windows 9x/ME systems Restart your computer. On Windows NT/2000/XP systems Open Windows Task Manager. Press CTRL+SHIFT+ESC. Select the Processes tab. In the list of running programs, locate the program: SCANDISK.EXE Select the program, then click the End Process button. To verify if the malware process has been terminated, close Task Manager then open it again. Close Task Manager. eleting Malware File Open Windows Explorer. Right-click start and select Explore. Navigate to your Windows directory. In the right panel, locate and delete the file: SCANDISK.EXE Scan your system with Trend Micro antivirus and delete all files detected as BKDR_ANTILAM.13. To do this Trend Micro customers must download the latest pattern file and scan their system. Other email users may use HouseCall, Trend Micro's free online virus scanner. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.