W32/Blaster-B

Aliases	W32/Lovsan.worm W32.Blaster.Worm WORM_MSBLAST.A Win32.Poza Worm/Lovsan.A
Category	Viruses and Spyware
Type	Worm
What to do	Please contact support for assistance with removal.
Prevalence	low high

Summary

Summary
Action
More Information


Included in our products from	October 2003 (3.74)
Protection available since	28 September 2003 09:47:14 (GMT)
Detected by	All Sophos products

Action

Summary
Action
More Information

Please see W32/Blaster-A for recovery instructions.

More Information

Summary
Action
More Information

W32/Blaster-B is functionally equivalent to W32/Blaster-A, except that this variant uses the filename teekids.exe and the registry entry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\Microsoft Inet Xp..

The worm contains an internal message which does not get displayed. The message is different from the one contained in W32/Blaster-A and says the following:
Microsoft can suck my left testi! Bill Gates can suck my right testi! And All Antivirus Makers Can Suck My Big Fat Cock

Microsoft issued a patch for the vulnerability exploited by this worm on July 16, 2003. The patch is available from www.microsoft.com/technet/security/bulletin/MS03-026.asp.

On 29 August 2003 the FBI arrested 18-year-old Jeffrey Lee Parson of Hopkins, Minnesota in connection with the W32/Blaster-B worm.

Get reports about the latest virus and spyware threats delivered to your computer

In this section

W32/Blaster-B

Summary

Action

More Information