How do I know I've got rid of the Blaster Virus?

  Gaz W 22:04 17 Sep 03
Locked

I was stupid enough to allow my Windows 2000 Server get the Blaster virus. I think it might have happened because I have MSN Messenger installed (stupidly - I'm going to uninstall it) and was talking to someone who I think might have it. Is that possible.

After disconnecting from both the local area network (unplugged Ethernet cable from server) and the internet (switched off cable modem) I ran a complete scan with AVG, and it doesn't report anything, but IE was running slowly, etc. I then downloaded CWShredder (Cool Web Shredder?) which I found on the spywareinfo.com forums, and Stinger (McAfee) that I found on these forums. CWShredder got rid of a few things, including 11 registry entries that it "killed". I ran it again to be sure and it seems to have worked. Stinger is still scanning the hard drive now.

What should my next action be?

Should I restart the server and then see if it's still OK, or should I download updates from the Microsoft website first? The worrying thing is, I really don't want my newly built XP PC to have got it, because I only installed XP yesterday and have been trying all last night and today to get it to go on the network, probably not realising I had a virus, although I think I only got it a few hours ago.

Any advice much appeciated,

Gaz

  Gaz 25 22:08 17 Sep 03

click here

Regards,
Gareth

  Jester2K II 22:09 17 Sep 03

1) Blaster and variants spread directly not via e-mail or MSN Messenger. It'll infect your PC within 30 seconds of connecting to the net.

2) You need to get the MS patch for the vulnerability it exploits - click here and click here

Patch all systems you have...

  VoG II 22:09 17 Sep 03

As I understand it, it doesn't matter what order you do things in but you definitely need to install the MS patch. Otherwise you'll just get infected again.

Jester2K II is the de facto expert on this.

  VoG II 22:10 17 Sep 03

As I was saying ...

  Gaz W 22:13 17 Sep 03

So I could have it now?

Better download the patch quick!

  Jester2K II 22:15 17 Sep 03

If you are not patched it'll be there soon.......

Even with a firewall in placed it'll not come in (hopefully) but it'll come knocking....

  Jester2K II 22:16 17 Sep 03

BTW Ad-Aware click here and Spybot click here better spyware scanners....

  holly polly 22:18 17 Sep 03

best way i can think is to goto symantecs site download the removal tool and run it ,if the blast virus isn't present on your comp it will tell you ,you will have to turn off system restore also the link is here
click here
this is the link that will tell you everything about the blaster worm
click here
this is the download site for the removel tool -have fun hol pol...

  Jester2K II 22:21 17 Sep 03

If Stinger is up to date then it'll find and remove it.

holly polly makes a good point though. You'll need to flush the System Restore after (if the virus was found) by switching it off, rebooting and then switching it on again...

  Gaz W 01:11 18 Sep 03

Sorry I took so long but this PC is AGONISINGLY SLOW to start with without having the added strain of installing numerous updates & service packs. I now have all the critical updates and there are some more still to come, so I'm being careful.

The worrying thing is, I have a firewall and it still got in! Hopefully it won't this time because it's the latest one from today and this will give me time to download the updates.

And of course I have the patch.

About the system restore - I take it that's C:\Winnt\Repair or wherever it is. Do I just delete all the files in there?

I have already rebooted 2 or 3 times since the virus. What I'll do now is try EVERY scanner there is for this virus and make sure it's completely gone, then clear out System Restore.

This thread is now locked and can not be replied to.

What is Amazon Go and will it come to the UK? The store without checkouts or queues

1995-2015: How technology has changed the world in 20 years

Why ecommerce hasn't taken off on social media

New MacBook Pro 2016 review | MacBook Pro with Touch Bar review: Apple's expensive and powerful…