airwave
2003-08-14, 02:18 AM
【原文】
Removal tool to clean the W32.Blaster.Worm infections.
It will terminate the viral process, delete the worm files, dropped files, and delete the registry values that were added.
W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. This worm attempts to download and run the Msblast.exe file.
Block access to TCP port 4444 at the firewall level, and then block the following ports, if they do not use the applications listed:
TCP Port 135, "DCOM RPC"
UDP Port 69, "TFTP"
The worm also attempts to perform a Denial of Service (DoS) on Windows Update. This is an attempt to prevent you from applying a patch on your computer against the DCOM RPC vulnerability.
http://securityresponse.symantec.com/avcenter/FixBlast.exe
Removal tool to clean the W32.Blaster.Worm infections.
It will terminate the viral process, delete the worm files, dropped files, and delete the registry values that were added.
W32.Blaster.Worm is a worm that exploits the DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. This worm attempts to download and run the Msblast.exe file.
Block access to TCP port 4444 at the firewall level, and then block the following ports, if they do not use the applications listed:
TCP Port 135, "DCOM RPC"
UDP Port 69, "TFTP"
The worm also attempts to perform a Denial of Service (DoS) on Windows Update. This is an attempt to prevent you from applying a patch on your computer against the DCOM RPC vulnerability.
http://securityresponse.symantec.com/avcenter/FixBlast.exe