Discussion in 'malware problems & news' started by FanJ, Aug 19, 2003.

Thread Status:
Not open for further replies.
  1. FanJ

    FanJ Guest


    Aliases :
    W32/Lovsan.worm.d, Exploit-DcomRpc trojan, WORM_MSBLAST.E

    Type :
    Win32 worm

    W32/Blaster-D spreads in the same way as W32/Blaster-A. However, the Blaster-D variant is packed differently, uses the filename (and process name) mspatch.exe instead of msblast.exe, and adds the registry entry

    HKLM\Software\Microsoft\Windows\CurrentVersion\Runon\Nonton Antivirus

    Microsoft issued a patch for the vulnerability exploited by this worm on July 16, 2003. The patch is available from

    Read more:

    Note by me:
    That MS-site was last revised at August 18, 2003
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.