Event ID - 7007

Port No7007
Service NameSILENTSPY
RFC Doc0
ProtocolTCP
DescriptionThis backdoor connects to the system via TCP port 4225
Its client component is capable of carrying out any of the following malicious commands:

Retrieve system information
Log keystrokes
Manipulate browser, Favorites settings, window title

and Internet Explorer startup page
View, set, clear and lock/unlock the clipboard
Obtain and set resolution
Get drive information
Close, hide, show, refresh and enable/disable Processes
Logout, reboot or shut down the machine
Run, delete, and empty folders
Get file sizes and download/upload files
Play WAV files
Capture screenshots
Type/ print text strings
Close, update, remove and reset the server component
Use chat program
Transfer files using its default port 2332
It runs on Windows 95, 98, ME, NT, 2000 and XP.
Reference LinkSILENTSPY
AttackSolution:
This procedure terminates the running malware process from memory. You will need the name(s) of the file(s) detected earlier.

Open Windows Task Manager.
On Windows 95/98/ME systems, press
CTRL+ALT+DELETE
On Windows NT/2000/XP systems, press
CTRL+SHIFT+ESC, and click the Processes tab.
In the list of running programs, locate the malware file or files detected earlier.
Select the malware process, then press either the End Task or the End Process button, depending on the version of Windows on your system.
To check if the malware process has been terminated, close Task Manager, and then open it again.
Close Task Manager.
*NOTE: On systems running Windows 9x/ME, Task Manager may not show certain processes. You may use a third party process viewer to terminate the malware process. Otherwise, continue with the next procedure, noting additional instructions.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.