W32.Welchia.Worm

Atjeu · #1 10-07-2003, 11:54 AM

Due to an increase in submissions, Symantec Security Response has upgraded W32.Welchia.Worm to Category 4, as of 6:00 PM Monday, August 18, 2003.

W32.Welchia.Worm is a worm that exploits multiple vulnerabilities, including:

The DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. The worm specifically targets Windows XP machines using this exploit.
The WebDav vulnerability (described in Microsoft Security Bulletin MS03-007) using TCP port 80. The worm specifically targets machines running Microsoft IIS 5.0 using this exploit. As coded in this worm, this exploit will impact Windows 2000 systems and may impact Windows NT/XP systems.

W32.Welchia.Worm does the following:

Attempts to download the DCOM RPC patch from Microsoft's Windows Update Web site, install it, and then reboot the computer.
Checks for active machines to infect by sending an ICMP echo request, or PING, which will result in increased ICMP traffic.
Attempts to remove W32.Blaster.Worm

MarklyPetrello · #2 03-20-2010, 10:51 AM

ace ventura pet detective arabic subtitles
full moon time
nascar 06 ps2
how to delete Backdoor.Win32.IRC.Bot.C
Troj/FakeAV-AGU malware removal
how to eradicate Riskware.RiskTool.Win32.Reboot!IK
how to turn off Virus.Win32.Agent.aj!IK
irs income tax rebate
how to erase TrojanDropper.Agent.aiwd
kid rock rock n roll jesus lyrics
how to detect Trojan-Downloader.Win32.FraudLoad.glm
rue 21 salary
vanilla cake frosting
avastin glioblastoma multiforme
masala guru wallpapers
how to eradicate Win-Trojan/Agent.39936.PB
how to cure Exploit.JS.RealPlr.C
autorun inf windows xp
how to disinfect Trojan.Injector
how to eliminate Adware/Agent.qos

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode