Remove W32.Welchia.Worm. Description and removal instructions

Title: W32.Welchia.Worm
Type: Worms	Severity scale: (60 / 100)

W32.Welchia.Worm is a worm that exploits multiple vulnerabilities:
The DCOM RPC vulnerability using TCP port 135. Specifically targets Windows XP machines.
The WebDav vulnerability using TCP port 80. Specifically targets machines running Microsoft IIS 5.0 (most likely be found on Windows 2000 systems).
W32.Welchia.Worm attempts to download the DCOM RPC patch from Microsoft's Windows Update Web site, install it, and then reboot the computer. Then it checks for active machines to infect by sending an ICMP echo request, or PING, which will result in increased ICMP traffic. Also attempts to remove W32.Blaster.Worm.

FORUM:
Discuss W32.Welchia.Worm in
spyware removal forum

W32.Welchia.Worm properties:
• Allows remote user connection
• Hides from the user
• Stays resident in background

Automatic W32.Welchia.Worm removal:

remover for W32.Welchia.Worm

Other programs to remove W32.Welchia.Worm:

• Malwarebytes Anti Malware - Review - Download
• Malwarebytes Anti Malware - Review - Download
• Windows Defender - Review - Download

Information added: 19/03/04
Information updated: 24/04/08

Additional resources related to W32.Welchia.Worm:

Attention: If you know or you have a website or page about W32.Welchia.Worm removal, feel free to add a link to this list: add url

more resources

Post Comment:

Attention: Use this form only if you have additional information about W32.Welchia.Worm parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.