| Port No | 3138 |
| Service Name | W32.Mydoom.A@mm |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | W32.Mydoom.A@mm (also known as W32.Novarg.A) is a mass-mailing worm that arrives as an attachment with the file extension .bat, .cmd, .exe, .pif, .scr, or .zip. |
| Reference Link | Port Number: 3138 Service Name:W32.Mydoom.A@mm Port:TCP |
| Attack | According to Symantec Resolution: Removal using the Removal Tool Symantec Security Response has developed a removal tool to clean the infections of W32.Mydoom.A@mm. This is the preferred method in most cases. Manual Removal Perform a manual removal if you cannot obtain the tool. The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. 1.Disable System Restore (Windows Me/XP). 2.Update the virus definitions. 3.Restart the computer in Safe mode or VGA mode. 4.Run a full system scan and delete all the files detected as W32.Mydoom.A@mm. 5.Delete the values that were added to the registry. 6.Reregister the webcheck.dll file. (This will remove the registry modifications responsible for loading Shimgapi.dll.) |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.