Blaster Worm Resources

Aliases: Lovsan, MSBlast, Poza, and Blaster. Exploit: A critical flaw in Microsoft software affecting Microsoft IIS, Windows 2000, Windows NT, and Windows XP.
Details of Vulnerability/Patch Details

Use McAfee AVERT Stinger for quick detection and removal.

Blaster foiled: Microsoft Sidesteps DoS

Blaster.A Description - The original Blaster worm. File dropped: MSBLAST.EXE
Blaster.B Description - This is not the variant for which Parson's was arrested. File dropped: PENIS32.EXE
Blaster.C Description - The variant for which Parson's was arrested. File dropped: TEEKIDS.EXE
Blaster.D Description - This is the so-called "good" Blaster that allegedly tried to patch infectable systems. In fact, it did nearly as much damage as the original Blaster. Aliases: Welchi, Welchia, Nachi. Files dropped: SVCHOST.EXE, DLLHOST.EXE. Note: These are also the names of perfectly legitimate and necessary system files. Infected files would be found in the Windows\Systems\WINS directory. Valid files are found in Windows\System32\ and Windows\System32\dllcache directories.
Blaster.E Description - Dropped file: MSPATCH.EXE
Blaster.F Description - Dropped file: MSLAUGH.EXE
Blaster.G Description - Dropped file: ENBIEI.EXE

Blaster.B/C author arrested - The variant Parson is accused of creating is referred to as Blaster.B by most vendors, Blaster.C by Trend Micro.