Active Scan. Scan your PC free
Download Cloud Antivirus Gratis

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0


Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Blaster.C
Technical name:W32/Blaster.C.worm
Threat level:Low
Alias:W32/Lovsan.worm.B,, Worm_TEEKIDS.C, Lovsan.B, W32.Blaster.C.Worm, W32.Poza.B, WORM_MSBLAST.C
Effects:  It launches denial of service attacks against the website. It restarts the affected computer.

Affected platforms:

Windows XP/2000/NT

Detection updated on:Aug. 11, 2009
Proactive protection:
Yes, using TruPrevent Technologies
Repair utility:Panda QuickRemover

Brief Description 


Blaster.C is a worm that affects Windows 2003/XP/2000/NT computers only. Blaster.C exploits the Buffer Overrun in RPC Interface vulnerability to spread to as many computers as possible.

Blaster.C launches denial of service (DoS) attacks against the website. Whenever the system date is between the days 15 and 31 of every month, or every day during the months September through December of every year, 2003, Blaster.C sends a 40 byte packet every 20 milliseconds, using the TCP port 80.

Blaster.C spreads by attacking IP addresses generated at random and exploits the vulnerability mentioned above to download a copy of itself to the compromised computer. In order to do this, Blaster.C incorporates its own TFTP (Trivial File Transfer Protocol) server.

If you have a Windows 2003/XP/2000/NT computer, it is highly recommendable to download the security patch from the Microsoft website. Access the web page for downloading the patch.

Visible Symptoms 


Some clear indications that Blaster.C has reached the computer are the following:

  • The network traffic increases on the TCP 135 and 4444 and UDP 69 ports.
  • The attacked computer blocks and restarts, due to programming errors in the code of the worm.