| Port No | 3067 |
| Service Name | W32.Korgo.D |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | W32.Korgo.D is a minor variant of W32.Korgo.C. This worm propagates by exploiting the LSASS vulnerability on TCP port 445 (as described in Microsoft Security Bulletin MS04-011) and opens a backdoor on TCP ports 113 and 3067. |
| Reference Link | Port Number:3067 Service Name:W32.Korgo.D Port:TCP |
| Attack | According to Symantec Resolution: The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. 1.Disable System Restore (Windows Me/XP). 2.Update the virus definitions. 3.Restart the computer in Safe mode or VGA mode. 4.Run a full system scan and delete all the files detected as W32.Korgo.D. 5.Reverse the changes made to the registry. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.