W32/W32.Blaster.Worm Alert

Site Search:

08/12/03:W32.Blaster.Worm Alert

(W32.Blaster.Worm) RPC/DCOM worm

Recent attacks by a new Worm have been affecting windows Operating Systems. This worm affects Windows 2000, 2003, Windows XP and NT 4.0, it's also known as: W32/Lovsan.worm [McAfee], Win32.Poza [CA], Lovsan [F-Secure], WORM_MSBLAST.A [Trend], W32/Blaster-A [Sophos], W32/Blaster [Panda]

Common ways to know if you have been infected:

If your computer is asking you to restart and then gives you 60 seconds to save your work and reboot you are probably infected. You should get an error stating that there has been a problem with DCOM RPC.

Downloading fixes from Microsoft

It is advised that all Windows XP, 2000, 2003, NT users download the following patch, or if you have been infected you first need to download the following Patch from Microsoft:

Windows NT 4.0: Windows NT 4.0 Patch
Windows 2000: Windows 2000 Patch
Windows XP: Windows XP Patch
Windows 2003: Windows 2003 Server Patch

Removal tool

After You have downloaded and installed the patch you need to run a REMOVAL tool. You can download the following one from Symantec: http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

After you clean the virus off of your computer, we recommend that you download Sophos Antivirus free of charge at http://www.bol.ucla.edu/software/

If you have any questions, please contact us at (310)825-7452, option 1, or at consult@ucla.edu.

	09/01/2008: Fake Account Verification Message from "WEBMAIL SUPPORT"
	08/28/2008: BOL Help Desk Closed for Labor Day
	08/25/2008: Bluesocket Device Maintenance on 8/27/08
	08/21/2008: Bluesocket Device Maintenance on 8/25/08
	08/07/2008: UCLA Logon Holders Targeted
	News archive

BOL News

BOL Webmail

08/12/03:W32.Blaster.Worm Alert