| Port No | 9000 |
| Service Name | Netministrator |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | NetMinistrator 1.0 is a demo version. The real version costs about $35 dollars. The registered version allows the server to be ran invisibly. Probably no one actually would purchase this because any trojan such as Deep Throat has the same features. The demo version has a little tray icon so, you should know if you are infected |
| Reference Link | |
| Attack | It Autoloads: Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ Key: Netministrator
Features: Capture screen Change wallpaper Chat with server Close or hide running programs Closer server Download file Eject Cd-Rom Execute file (invisibly or normally) FTP server Get server info Hang up modem Key logger Lock clipboard Lock mouse Open URL Play wav file Record sound Send text to clipboard Set server options Show message Show/Hide desktop icons Show/Hide mouse cursor Show/Hide start button Show/Hide task bar Shutdown, restart or logoff windows Start screen saver Swap mouse buttons Update server Fix: Remove the Netministrator key in the registry located at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Which can be done with regedit or any other registry editing program. Reboot the computer or close the file listed in the registry. Delete the trojan file listed in the registry |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.