Experts recommend Blaster fix

Think you have the Blaster worm? This article walks you through the removal steps.

A surge in Blaster worm infections prompted the Computer Emergency Response Team and other experts to recommend...

the following remediation steps for infected machines:


--Physically disconnect from the network.

--If you can't stop your system from rebooting, use the shutdown timer: click Start, Run and Shutdown-a.

--Kill the "msblast.exe" process in the Task Manager by pressing "CTRL-ALT-DELETE," click "Task Manager" button, select the "Processes" tab, highlight "msblast.exe," and click the "End Process" button (CERT notes that this will bring up a Warning dialog box which a user needs to answer "Yes").

--Delete "HKey_Local_Machinesoftwaremicrosoftwindowscurrentversionrunwindowsautoupdate."

--Search the machine for any files named msblast.exe, p-e-n-i-s32.exe (without hyphens), teekids.exe and root32.exe." For each match, right-click and select delete.

--Disable DCOM on all affected machines, but not until all effects have been fully tested. ( http://microsoft.com/technet/security/bulletin/MS03-026.asp).

--Reboot the machine and reconnect to the network.

--Install the patch from Windows Update or MS03-026 ( http://microsoft.com/technet/security/bulletin/MS03-026.asp).

FOR MORE INFORMATION:

SearchSecurity.com news exclusive: "Computers not out of Blaster woods"

SearchSecurity.com news exclusive: "Blaster variants shouldn't be major headache"

Featured Topic on Blaster-A

Microsoft security bulletin MS03-026

Dig Deeper on Malware, Viruses, Trojans and Spyware

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close