Discussion in 'malware problems & news' started by FanJ, Aug 19, 2003.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest


    Aliases :
    W32/Lovsan.worm.d, Exploit-DcomRpc trojan, WORM_MSBLAST.E

    Type :
    Win32 worm

    W32/Blaster-D spreads in the same way as W32/Blaster-A. However, the Blaster-D variant is packed differently, uses the filename (and process name) mspatch.exe instead of msblast.exe, and adds the registry entry

    HKLM\Software\Microsoft\Windows\CurrentVersion\Runon\Nonton Antivirus

    Microsoft issued a patch for the vulnerability exploited by this worm on July 16, 2003. The patch is available from

    Read more:

    Note by me:
    That MS-site was last revised at August 18, 2003
Thread Status:
Not open for further replies.