Ezilon.com - Target Your Audience, be Seen in Your Region
HomeTWF Feedback and General DiscussionOff-Topic Chat

Ws Blaster Worm

You are viewing this site as a guest. Join our community to get your questions answered and share knowledge. Active members may advertise and ask for a website critique.

Wapture posted this at 01:17—29th April 2004.

They have: 34 posts

Joined: Feb 2004

Wahoo,

My system was running really really slowly lately, and was receiving "reboot" messages very oftenly.

I looked through my email messages and saw I had a message from msn administration saying I had sent an email out to over 70 people with the title IMPORTANT, which had a virus attached.

When someone opens the email it will infect there computer and email people from there computer.

Luckily msn caught onto the file and stopped it reaching everyone.

I went to Mcafee is it? And used the stinger scan and remove - free program.

It found and deleted 5 virus', all WS Blast worm, but different versions.

I had picked it up off a website that I visited..

The website appeared on my website in the "last referrers" list, so I visited it to see what it was..

Just as a warning, I got the virus from a site with a name like assex, or casex.com something similaur to that, about a 5 character domain.

Popups appear, and when you close them - bam, its got ya.

Just a warning everyone...

Also, to protect yourselves from it, enable a firewall on your internet connection. Thats what it advises you to do..

mjs416 posted this at 02:07—29th April 2004.

mjs416's picture

They have: 127 posts

Joined: Dec 2003

Is this the original blaster virus that was giving people problems a few months back? If so, the blaster didnt even require you to do anything at all. The worm takes advantage of a security hole in Windows and executes the hackers scripts without you even knowing.

Its odd you got a version of it by merely closing a pop up....:\

__________________________________
SkrekLAN Technologies
www.skreklan.com

Wapture posted this at 10:38—29th April 2004.

They have: 34 posts

Joined: Feb 2004

As I said, I had 5 different viruses, which was all cleared up by stinger.

Pretty bad stuff, the actual blaster virus was called something else aswell, and the symptoms was exactly as said, such as system shutdown and reboot, slow typing, hardly and copy and paste control, and unlimited amount of emails being sent from your email account.

Suzanne posted this at 15:34—29th April 2004.

Suzanne's picture

She has: 5,512 posts

Joined: Feb 2000

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Just so you know, what you're suggesting doesn't follow. Blaster isn't a mass-mailing worm, and yes you say that's how you knew you had it. Then you say you got it from popups on a website -- unless one of those popups was a "do you want to install this worm" popup that you just agreed to (which is possible), then it wasn't the popups themselves, it was you agreeing to download and install the worm without being aware of it.

Quote:
The worm targets only Windows 2000 and Windows XP machines. While Windows NT and Windows 2003 Server machines are vulnerable to the aforementioned exploit (if not properly patched), the worm is not coded to replicate to those systems. This worm attempts to download the msblast.exe file to the %WinDir%\system32 directory and then execute it. W32.Blaster.Worm does not have a mass-mailing functionality.


love me, love my brain :: iStockphoto portfolio

tomaine2002 posted this at 22:13—8th May 2004.

They have: 83 posts

Joined: Apr 2004

A similar thing happened to me. I found about 4 blaster worms when i scanned today and deleted them all, but I didn't hear anything about any mailings my comp made.