| Port No | 445 |
| Service Name | W32.Zotob.E |
| RFC Doc | 0 |
| Protocol | TCP |
| Description | W32.Zotob.E is a worm that opens a back door and exploits the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (described in Microsoft Security Bulletin MS05-039) on TCP port 445. |
| Reference Link | Port Number:445 Service Name:W32.Zotob.E Port:TCP |
| Attack | According to Symantec Removal Tool: Symantec Security Response has developed a removal tool to clean the infections of W32.Zotob.E. Use this removal tool first, as it is the easiest way to remove this threat. Manual Removal: The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines. 1.Disable System Restore (Windows Me/XP). 2.Update the virus definitions. 3.Run a full system scan and delete all the files detected. 4.Delete any values added to the registry. |
Catch threats immediately
We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.