| Port No | 16515 |
| Service Name | KiLo |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | Backdoor.Kilo is a backdoor Trojan that uses an IRC channel to contact a hacker. By default, Backdoor.Kilo opens ports 6,711 and 6,718 on the infected computer. Backdoor.Kilo is written in the Delphi programming language and is packed with UPX. |
| Reference Link | More Information |
| Attack | Name:KiLo These instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. Update the virus definitions. Run a full system scan and delete all the files detected as Backdoor.Kilo. Delete %System%\Boot.dat if it exists. Delete the value: Boot Manager %System%\Njgal.exe from the registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Removal: 1. Click Start, and then click Run. (The Run dialog box appears.) Type regedit 2. Then click OK. (The Registry Editor opens.) 3. Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run 4. In the right pane, delete the value: Boot Manager %System%\Njgal.exe 5. Exit the Registry Editor. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.