Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

W32/Nachi.worm.b

Feb 11, 2004 7:37AM PST

Virus Information
Discovery Date: 02/11/2004
Origin: Unknown
Length: 12,800 bytes
Type: Virus
SubType: Internet Worm

This threat is proactively detected as Exploit-DcomRpc.gen with the 4.2.60 scan engine, or higher, and the 4290 DAT files, or higher, when scanning compressed executables, default option.

AVERT is currently analyzing this threat. Details will be posted as they become available.

This virus exploits the MS03-026 / MS03-049 vulnerability. In addition to exploiting this RPC DCOM vulnerability, the virus also attempts to exploit an NTDLL.DLL vulnerability (MS03-007 ) via WebDav.

http://vil.nai.com/vil/content/v_101013.htm

Discussion is locked

- Collapse -
W32.Welchia.B.Worm
Feb 11, 2004 12:04PM PST
- Collapse -
(NT) Thanks Marianna, Yep, Welchia & Nachi...Same Beast !
Feb 11, 2004 12:06PM PST

.