W32/Blaster-F

Category: Viruses and Spyware Protection available since:01 Sep 2003 00:00:00 (GMT)
Type: Win32 worm Last Updated:01 Sep 2003 00:00:00 (GMT)
Prevalence: No Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Blaster-F is functionally equivalent to W32/Blaster-A, except for the following changes:

  • The worm filename used is enbiei.exe
  • The registry entry used has been changed to
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\www.hidro.4t.com
  • The target for the distributed denial-of-service attack has been changed to tuiasi.ro
  • The internal message has been changed to the following text in Romanian:
    "Nu datzi la fuckultatea de Hidrotehnica!!! Pierdetzi timp ul degeaba...Birsan te cheama pensia!!!Ma pis pe diploma!!!!!!"

    In English this translates to:
    "Don't go to the Hydrotechnics faculty!!! You are wasting your time... Birsan, your pension awaits!!! I urinate on the diploma!!!!!!"

In September 2003, a 24-year-old Romanian was charged in connection with the W32/Blaster-F worm.

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy