- Lester Chan's Website - https://lesterchan.net -

W32.Blaster.Worm

Lots of people have been infected by the W32.Blaster.Worm. It is a worm that will exploit the DCOM RPC vulnerability using TCP port 135. It will attempt to download and run a file, msblast.exe.

» Infection Length: 6,176 bytes
» Systems Affected: Microsoft IIS, Windows 2000, Windows NT, Windows XP
» Systems Not Affected: Linux, Macintosh, OS/2, UNIX

Basically, what the virus does is it will auto restart your Windows after a certain time.

Fixes:

» Symantec Security Response – W32.Blaster.Worm Information (Removal) [1]
» Microsoft Security Bulletin (Patch) [2]

It is recommended that all users get this fixed as soon as possible.

*Update* I have mirrored the Microsoft patch on this server. If it is illegal inform me and I will remove it immediately.

» WinXP English Patch
» Win2K English Patch

*Disclaimer* Download at your own risk, I will not hold any responsibility if there is anything wrong with your computer after installing it.