| Port No | 15000 |
| Service Name | NetDemon |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | The NetDemon backdoor is one of many backdoor programs that attackers can use to access your computer without your knowledge or consent. Once a system is infected, the backdoor places a server on TCP port 15000 (or an arbitrary port configured by the attacker), which allows a remote client to connect to your computer |
| Reference Link | More Information |
| Attack | Name:NetDemon The NetDemon backdoor is one of many backdoor programs that attackers can use to access your computer without your knowledge or consent. Once a system is infected, the backdoor places a server on TCP port 15000 (or an arbitrary port configured by the attacker), which allows a remote client to connect to your computer. How To Remove: To remove a default installation of NetDemon from your computer: CAUTION: Use Registry Editor at your own risk. Any change made with Registry Editor may cause severe and irreparable damage and may require you to reinstall your operating system. Internet Security Systems cannot guarantee that problems caused by the use of Registry Editor can be solved. 1. Using Regedit, find the HKLM\Software\Microsoft\Windows\CurrentVersion\Run registry key. 2. Find and delete the WinMap registry key, which should have a value of C:\Windows\System\winmap.exe. 3. Restart your computer. 4. Delete the file C:\Windows\System\winmap.exe. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.