Event ID - 15695

Port No15695
Service NameKRYPGHOS.13
RFC Doc0
ProtocolTCP
DescriptionThis backdoor malware is version 1.3 of the Remote Access Tool (RAT) known as Kryptonic Ghost. It has a server component, which infects target machines, and a client component, which controls the server.

Apart from compromising network security, this backdoor malware can be used to steal and delete files from compromised machines.
Reference LinkKRYPGHOS.13
AttackSolutions:

This procedure applies for systems running Windows NT/2000/XP. For systems running Windows 9x and ME, proceed with the next procedure (Removing the Autostart Entry from the Registry).
Press CTRL+SHIFT+ESC, then select the Processes tab.
In the list of running programs, locate the programs:
RDM712.EXE
MSERD1.EXE
MSGP.EXE

One at a time, select each program, then press the End Process button.
To verify if the malware processes have been terminated, close Task Manager then open it again.
Close Task Manager.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.