Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

W32.Francette.Worm

Nov 19, 2003 8:39AM PST

Discovered on: November 17, 2003
Last Updated on: November 19, 2003 03:39:10 PM

W32.Francette.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. The existence of the file syshost.exe is an indication of a possible infection.

This worm is written in Borland Delphi and is packed with ASPack.


Also Known As: Worm.Win32.Francette.a [Kaspersky], W32/Tumbi.worm [McAfee]

Type: Worm

http://www.symantec.com/avcenter/venc/data/w32.francette.worm.html

Discussion is locked