Port No | 2556 |
Service Name | W32.Beagle.T@mm |
RFC Doc | 0 |
Protocol | TCP |
Description | W32.Beagle.T@mm is a variant of W32.Beagle.R@mm. This worm attempts to send an HTML email to the addresses found in the files on an infected computer. The email does not contain an attachment of the worm. Instead, the HTML email uses the Microsoft Internet Explorer Object Tag Vulnerability that allows for the automatic download and execution of a file hosted on a remote Web site. This file is a copy of the worm, but may change in the future. The worm also opens a backdoor, starts a Web server on port 81 to serve the worm, and attempts to spread through file-sharing networks by copying itself to folders with "shar" in their names. The worm is also a file infector that appends itself to the .exe files found on the computer. |
Reference Link | Port Number:2556 Service Name:W32.Beagle.T@mm Port:TCP |
Attack | According to Symantec Removal Instructions: The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. 1.Disable System Restore (Windows Me/XP). 2.Restart the computer in Safe mode or VGA mode. 3.Reverse the changes made to the registry. 4.Update the virus definitions. 5.Run a full system scan and repair all the files detected as W32.Beagle.T@mm. 6.Obtain the Microsoft HotFix to correct the Microsoft Internet Explorer Object Tag vulnerability. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.