Event ID - 16515

Port No16515
Service NameKiLo
RFC Doc0
ProtocolTCP
DescriptionBackdoor.Kilo is a backdoor Trojan that uses an IRC channel to contact a hacker. By default, Backdoor.Kilo opens ports 6,711 and 6,718 on the infected computer. Backdoor.Kilo is written in the Delphi programming language and is packed with UPX.
Reference LinkMore Information
AttackName:KiLo

These instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
Update the virus definitions. Run a full system scan and delete all the files detected as Backdoor.Kilo. Delete %System%\Boot.dat if it exists. Delete the value:
Boot Manager %System%\Njgal.exe

from the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

Removal:
1. Click Start, and then click Run. (The Run dialog box appears.)
Type regedit

2. Then click OK. (The Registry Editor opens.)

3. Navigate to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

4. In the right pane, delete the value:
Boot Manager %System%\Njgal.exe

5. Exit the Registry Editor.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.