|
|
W32.Blaster Worm Information
| Name: |
W32.Blaster |
| Category: |
Worm |
| Advice: |
Remove |
| Risk: |
Severe Risk
Severe threats typically are remotely exploitable vulnerabilities, which can lead to system compromise. Successful exploitation does not normally require any interaction and exploits are in the wild. There exists a high possibility of potential system damage or security flaw. Attacker has complete control over your computer or install new software on your machine. |
| Description:
|
W32.Blaster.F.Worm spreads using RPC bug and it uses tftp.exe in the process just like Blaster does. It does not crash system however so it is harder to notice except by increased bandwidth consumption. It is easily removed by ending the task via Task Manager and deleting registry entry named www.hidro.4t.com under HKLMSoftwareMicrosoftWindowsCurrentVersionRun key.
|
| Signatures:
|
process: enbiei.exe: MD5 Hash: ...
process: enbiei.exe: MD5 Hash: 1ee9d2e39e06495aa8b.. |
| Type: |
Worm - A worm is program that propagates by attacking other computers and copying itself to them. Worms may replace files, but do not insert themselves into files (as viruses do). |
Top Worm Visited Pages:
Wukill.mstray - Alias: Win32/HLLW.Wukill - 294 visits
Rbot - Alias: Backdoor.Rbot.Gen - 276 visits
SDBot - Alias: Wootbot.gen, Wootbot, Donk, spybot, Agobot - 229 visits
Trojan.Downloader.winstall - 182 visits
Worm.Brit.e - Alias: VBS/Chick.e@M virus - 89 visits
Worm.P2P.SpyBot.gen - 56 visits
Gaobot - 44 visits
Win32/Darby.O - 42 visits
Worm.Trilissa.e - 42 visits
JS.Lame - Alias: HTML.Lame - 40 visits
Random Worm Pages:
IRC.Worm.Snob - Alias: W32/Lepha.worm
Esbot.C - Alias: Worm:Win32/Esbot.C
IRC.Worm.Golember.d
Worm.Netres.b
Worm.Dumb
Worm.Silver - Alias: SilverRat.A, W32/Silver@MM
Gigi Worm - Alias: W32/CIH.1003.A, W95/CIH, Win95.CIH
IRC.Worm.MrWormy.1198
VBS.Sunfl
VBS.Netlog.a
|
|
