Cart
Win32.Worm.Welchia.F( W32/Nachi )
SYMPTOMS: The following file: (%SYSDIR% is the Windows System directory)%SYSDIR%\Drivers\SVCHOST.EXE High activity on ports 135 (RPC), 80 (HTTP) and 445 (SMB over TCP). TECHNICAL DESCRIPTION: This is a recompiled bugfix version of Win32.Welchia.B, with no interesting new features.A description of Win32.Welchia.B is available at http://www.bitdefender.com/bd/site/virusinfo.php?menu_id=1&v_id=192 Removal instructions: Let BitDefender delete all files found infected with this worm.ANALYZED BY: Mihai Chiriac Bit Defender Virus Researcher. |