2006-12-22 03:19:50 · 6 answers · asked by funguy6785 1 in Computers & Internet ➔ Security
The Welchia (MSBLAST.D or Nachi) worm infects machines via network connections. It can attack entire networks of computers or one single computer connected to the Internet. Similar to the original MSBlast worm it exploits a known windows vulnerability that is easily patched, however few systems seem to have this patch installed. It attacks Windows 2000 and Windows XP machines and exploits the DCOM RPC Vulnerablity. It uses TFTP (Trivial File Transfer Protocol) to download its files into a system. It also exploits one more vulnerability known as the WebDAV exploit to travel from system to system.
Ironically, this worm attempts to patch the RPC DCOM Buffer Overflow. It first checks for the running Windows version and then downloads a patch from Microsoft. In essence this worm patches your computer against the MSBlast.A worm. When the current system year is 2004, the worm removes itself from the system.
http://www.pchell.com/virus/welchia.shtml
2006-12-22 03:23:33 · answer #1 · answered by Anonymous · 1⤊ 0⤋
Hi there,
Here's some detailed information on the Welchia Worm infection:
http://virusinfo.prevx.com/viruscenter.asp?returnpage=default&GRP=4868100012
The best and easiest way to remove this is by installing the Free Trial of Prevx1. This will scan your PC and remove this and any other infections free of charge.
2006-12-22 11:29:53 · answer #2 · answered by Secure Expert 5 · 0⤊ 0⤋
You have to download "Avg 7.5 version" from grisoft.com. Then download the latest updates upto december 20. If you don't have enough money to spend on a legal copy try with free edtion and type following license number in the free edition.
" License users: 100
License number:70-THXMV1-PL-C21-SCNCK-AXD-361Q"
2006-12-22 11:27:09 · answer #3 · answered by Isuru Madushanka 2 · 0⤊ 0⤋
I can give a few links that offer free virus and spyware removers...! Norton, AVG , Avast are free antivirus software. Ad-aware, Ewido are free spyware removers. You can download free softwares at
http://fixit.in/antivirus.html and http://fixit.in/spywareremover.html
2006-12-25 10:44:53 · answer #4 · answered by blsruthi 3 · 0⤊ 0⤋
For information about it, go here: http://www.wsu.edu/itsec/alert/20030822/w32Welchia.pdf
On how to delete it, go here:http://www.symantec.com/security_response/writeup.jsp?docid=2003-081819-3333-99
2006-12-22 11:24:40 · answer #5 · answered by ChipChamp 4 · 0⤊ 0⤋
IF YOU WAN'T TO REMOVE THIS RISKS JUST DOWNLOAD SYMANTEC ANTIVIRUS/IT IS GOOD
GOOD LUCK
2006-12-22 11:25:50 · answer #6 · answered by Sanas 2 · 0⤊ 0⤋