W32/Blaster.A

Download VIRUSfighter NOW
W32/Blaster.A Destructivity: Spreading: Overall risk:
  
• Detected by virus detection files published: 8/12/2003 • Type: Worm
• Virus characteristics first published: 8/12/2003 • Spreading mechanism: Network
• Virus characteristics latest update: 9/20/2005 • Overall risk: Medium
• Alias: MSBlast.A • Payload: Performs a denial of service attack
• Infection type: Microsoft Windows 95/98/98 SE/ME/NT 4/2000/XP/2003/Vista  

Virus type Spreading
mechanism 		Destructivity
and payload 		Additional
descriptions 		Detection
and removal
Frequently Asked Questions about Blaster
Question
How can I check if my computer is infected with the Blaster worm?

Answer
a) If you do not have an antivirus program, you should install the latest version of Norman Virus Control
b) Make sure that your antivirus program is completely updated. In Norman Virus Control, click the N-icon, choose About. The signature date for binary viruses should be 2003/08/12 or newer.
c) Run a full virus scan by clicking the N-icon, and choose Scan harddisks.
Alternatively to the items above you may download and run this tool.

Question
How do I remove the Blaster worm from my system?

Answer
Download and run Norman's free fix by clicking this link. Note! This fix will remove the worm from your system. It will however not prevent your system from being reinfected. Install an updated antivirus program and the Microsoft DCOM RPC patch to prevent reinfection.

Question
I have successfully cleaned the virus from my system, and I am running an up-to-date antivirus program. However, when connecting to the Internet, my PC will shut down after a few minutes. I get the message This system is shutting down. Please save all work in progress and log off. Why does this happen?

Answer
Blaster uses the DCOM RPC vulnerability to infect systems. Your antivirus system will prevent the worm from infecting your system, but it will not prevent it from trying to infect it. When the worm tries to infect your system it will often cause your system to shut down with the above-mentioned message. To prevent this from happening you must install the Microsoft DCOM RPC patch.

Question
My system is shutting down whenever I connect to the Internet due to the Blaster worm trying to infect it. I am unable to download the DCOM RPC patch from Microsoft before my system shuts down. How can I prevent my system form shutting down?

Answer
If you are running Windows XP you can issue the command Shutdown -a. Click Start|Run and enter the command. You can also delay the shutdown by turning the clock one hour back. You have to turn the clock back when the shutdown message appears. This is especially useful on the NT/2000 platforms where the shutdown command is not available.

Question
What is the DCOM RPC vulnerability?

Please visit Microsoft's web site for an in-depth description here.
# - A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z
To protect and serve, VirusFighter