First, to make sure you computer don’t get restarted automatically, go to Run, then type ” shutdown -a” without the quotes. This will prevent it from restarting automatically.
A few of my friends had already been infected by this virus. It is a very wide spread virus. The patch had already been released weeks ago. If you got infected, you deserved it. For god’s sake, be a responsible user and keep your Windows up to date.
How to Tell If Your Computer Is Infected
If your computer is infected with W32.Sasser.worm, you may see a dialog box with text that refers to LSASS.exe. Some customers whose computers have been infected may not notice the presence of the worm at all, while others who are not infected may experience problems because the worm is attempting to attack their computer. Typical symptoms may include systems rebooting every few minutes without user input.
Hard on the heels of the Blaster worm outbreak , yet another version of the resilient and ever-popular SoBig virus began spreading rapidly on the Internet Tuesday morning. Known as SoBig.F, the new variant behaves much like its older siblings, infecting Windows machines via e-mail and sending out dozens of copies of itself.
The variant began spreading early Tuesday Eastern time, and by 9 a.m. Tuesday, MessageLabs Inc. had stopped more than 10,000 copies. The virus size is approximately 73 KB, and the attachment that actually contains the malicious code can carry any one of a number of names, according to iDefense Inc., a security company based in Reston, Va. Among the file names seen so far are:
Surf several sites regarding this worm. Shall be sharing some helpful tips with you all.
1. Go to Start, Run and type in shutdown -a. This will cancel the shutdown attempt
2. Patch Your System with the appropriate MS03-026 Patch
3. After Installation of the Patch, Reboot your system.
4. Download and run “FIXBLAST.exe” to remove the MSBLAST.exe file, terminate the process and remove added registry keys by the worm.
5. Reboot your pc one last time.
6. Visit WindowsUpdate.com more often and take note of our repeated warnings to keep your system updated.
Lots of people have been infected by the W32.Blaster.Worm. It is a worm that will exploit the DCOM RPC vulnerability using TCP port 135. It will attempt to download and run a file, msblast.exe.
» Infection Length: 6,176 bytes
» Systems Affected: Microsoft IIS, Windows 2000, Windows NT, Windows XP
» Systems Not Affected: Linux, Macintosh, OS/2, UNIX