Port No | 8889 |
Service Name | W32.Axatak |
RFC Doc | 0 |
Protocol | TCP |
Description | W32.Axatak is a password stealer that stores the stolen passwords in the file Axatak.is and then sends the file to the virus creator. The virus also allows unauthorized access to an infected computer on ports 8888 and 8889. |
Reference Link | Port Number: 8889 Service Name:W32.Axatak Port:TCP |
Attack | According to Symantec Resolution: NOTE: These instructions are for all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. 1. Update the virus definitions, run a full system scan, and delete all files that are detected as W32.Axatak. 2. Delete the value axataK %system%\ from the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.