Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||W32/Nachi.Worm.b, W32.Welchia.B.Worm, WORM_NACHI.B|
It uninstalls the worms Mydoom.A and Mydoom.B. It exploits the vulnerabilities RPC DCOM, WebDAV and Workstation Service, in order to spread across the Internet.
|Detection updated on:||Sept. 8, 2005|
|Yes, using TruPrevent Technologies
|Repair utility:||Panda QuickRemover|
Nachi.B is a worm that uninstalls the worms Mydoom.A and Mydoom.B, by ending their processes and deleting the files associated to them.
Nachi.B exploits the vulnerabilities RPC DCOM, WebDAV and Workstation Service, which only affects Windows 2003/XP/2000/NT computers.
Nachi.B spreads by attacking remote computers in which it attempts to exploit the vulnerabilities mentioned above in order to download and run a copy of itself to the compromised computer, using its own web server.
If you have a Windows 2003/XP/2000/NT computer, it is highly recommendable to download the security patches from the Microsoft website for the following vulnerabilities: RPC DCOM, WebDAV and Workstation Service.
Nachi.B is difficult to recognize, as it does not display any messages or warnings that indicate it has reached the computer.