Port No | 0 |
Service Name | W32.Gunsan |
RFC Doc | 0 |
Protocol | TCP |
Description | This destructive, mass-mailing worm propagates via email using its built-in SMTP (Standard Mail Transfer Protocol) engine. It is deletes several antivirus and monitoring programs |
Reference Link | W32.Gunsan |
Attack | Solution: Removing autostart entries from registry prevents the malware from executing during startup. This is also an effective malware process termination procedure. Open Registry Editor. Click Start>Run, type REGEDIT then hit the enter key. In the left panel, double click the following: HKEY_LOCAL_MACHINE>Software>Microsoft> Windows>CurrentVersion>RunServices In the right panel, locate and delete the entry: Explorer = %system%\explorer16.exe *where %System% is the Windows system directory, which is usually C:\Windows\System or C:\WINNT\System32. Restart your computer. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.