How to prevent yourself from the Blaster Worm and how to remove it!

[ali1]

Note:The Blaster Worm is one of the most dangerous viruses of this year.The variants of this virus are still being written and are still being spread across the internet.I've written a free ebook on the Blaster Worm that tells everything one needs to know about the Blaster Worm and how to remove it and protect himself from it.The following article is just one chapter from that ebook.You can download the whole ebook for free at:
http://www.virustimes.cjb.net/msblast/download.html

How to prevent yourself from the Blaster Worm and how to remove it!

Today we're gonna learn how to prevent ourselves from the Blaster Worm and also how to remove it if we are already infected with it.Its gonna be easy,trust me!

The Fantastic 4!

OK,we are not exactly talking about the Comic Characters The Fantastic 4.However,the following 4 steps will,prove fantastic in helping you get rid of the Blaster Worm.

Step 1:Enabling a firewall:

Enabling a firewall will prove beneficial to you in any case.If you aren't already infected then it will help keep the virus away from your computer.And if you already are(poor you!),then it will help limit the effect of the virus.Though you can buy Firewall software easily,however,the latest version of Windows have a built in firewall installed.I will tell you how you can enable the firewall if you're using Windows XP,Windows 2000 and Windows NT 4.0 because these 3 are the most widely used operating system these days.


If your computer is restarting repeatedly,then disconnect from the internet before enabling the firewall.Follow the instructions provided for your operating system and then reconnect to the internet.

For Windows XP uers:

1-Open Control Panel.You can do so by clicking on Start-->Settings-- Control Panel. or Start--->Control Panel.
2-Click the Network and Internet Connections category. (If the Network and Internet Connectionsis not visible, click Switch to Category View under Control Panel on the left side of the Control Panel window.)
3-Click on Network Connections.
4-Right Click the Internet Connection you use to connect to the internet and click on Properties.
5- On the Advanced tab, under Internet Connection Firewall, select Protect my computer or network, and then click OK. The Windows XP firewall is now enabled.

For Windows NT 4.0 and Windows 2000 users:

You will need to install a 3rd party firewall.That means,that you do not have a built in firewall feature in your version of Windows.Therefore you will need to buy a firewall.There are lots of Firewalls available for free or trial versions.Check out the following links for more information:

Zone Labs:
http://www.zonelabs.com/

Checkpoint
http://www.checkpoint.com/

Trustix
http://www.trustix.com/


Doorstop
http://www.opendoor.com/doorstop/


Sun Microsystems
http://www.sun.com/security/

Remember what I told you about Windows Update and the DCOM RPC bug back in Tutorial 2(download my ebook for that tutorial)?Well,now is the time to download the patch that fixes this bug so that you can be safe from the blaster.Just connect to the internet,and go to the Windows Update site.Hmmm,I guess you can go to Windows Update Website by visiting http://www.windowsupdate.microsoft.com or by clicking on Start and then clicking on the link that says "Windows Update" next to a tiny globe picture.Once you get to the website,choose your version of windows,and,follow these steps:

1-Click "Scan for Updates" next to the green arrow near the center of your screen.Don't worry if it takes a bit long for the scan to complete.
2-After the scan completes, under Pick updates to install on the left side of your screen, click Critical Updates and Service Packs.This would show up a list of updates. The update we need to install here is identified by the number 824146.
3-Click Review and install updates near the center of your screen to begin downloading and installing the updates.

That's it!

Step 3-Using an Anti Virus Software

So now we've come to the obvious and the typical step when it comes to protecting a computer from viruses.Using an Anti Virus Software!Well,this step isn't just obvious and typical,its also critical in protecting your computer from the mean Blaster Worm.Anyway,you might already be having an AntiVirus software installed,but make sure,that its always up to date.Because there are several variants of our old little friend Blaster and its best to have the best antivirus software.Once again,make sure that your anti virus software is as up to date as possible.If you don't already have an anti virus software installed,you can easily buy one or use the trial version of one from one of the following websites:

Norton Anti Virus:
http://www.symantec.com/

Pc Cillin
http://www.trendmicro.com/

Mc Afee
http://www.mcafee.com/


Sophos AntiVirus

http://www.sophos.com/

Step 4-Blasting off the Blaster!

Hey,finally we have come to the removing stage of the worm.Cool,huh?Well,congratulations on reading so far!Now you're almost done.In a few seconds,you'll remove the Blaster Worm and get rid of it forever.

Are you infected?

Do you think that you are infected with the Blaster Worm?Well,if you have any of the following symptoms,then most likely you are infected and you should carry out the steps to get rid of the Blaster:

Symptos:

Well,some people who are infected by the virus do not notice the presence of the virus at all,while others who are not infected experience problems with their systems because the virus is attempting to infect their computer.The typical symptoms include Windows XP and Windows Server 2003 systems restarting after every few mintues automatically,or Windows NT 4.0 and Windows 2000 systems becoming unresponsive.

If there is even the slightest possibility that you are infected,I mean,your computer's infected,(ahem),then download the free removal tool found at:
http://securityresponse.symantec.com...oval.tool.html
If you prefer an anti virus vendor other than Symantec,then visit its website and search for Blaster Worm.Hopefully,You'll find a removal tool there as well.

With that,we come to the end of today's Tutorial.Boy..does that feel good getting rid of that crappy Blaster Worm?Today's tutorial has been pretty long.I hope it wasn't boring..My last message for today is,that you should visit the page:
What You Should Know About the Blaster Worm and Its Variants.
http://www.microsoft.com/security/incident/blast.asp
Its the best resource available for information about the Blaster Worm.Infact,I got most of the information for today's tutorial from that page.You simply must check out this page.Well,That's all for today.Have fun!


Don't forget to post your feedback.Also,don't forget to download the whole ebook.Its free:
http://www.virustimes.cjb.net/msblast/download.html

Thanks.
Ali.

[GrApHiCTrOn]

you forgot tomention to disable system restore, My computer> right click Properties> sistem restore >disable

and also you could type dcomcnfg in the run. . . box and disable dcom

[ali1]

Yeah but there isn't any need to do all that if one follows the steps given in this tutorial.I mean,they wouldn't catch the virus if they follow these steps so there isn't need to disable system restore since its a pretty useful feature.

[GbinaryR]

I think i have seen it somewhere else this tutorial. Anyway good work.

[ali1]

I used the page from Microsoft that I mentioned in the tutorial to help me write it.Or you might have downloaded my ebook.

[GrApHiCTrOn]

Originally posted here by ali1
Yeah but there isn't any need to do all that if one follows the steps given in this tutorial.

i consider that all the security measurements even if they are not really needed should be taken just to be more safe

[SonofGalen]

So basically...use a firewall, anti-virus software, and don't be stupid? Wow. Ground-breaking.

Harsh, yes. But this tutorial would have been much more useful awhile back when MS Blaster was brand new, and no one knew how to deal with it. Most AV software wasn't ready then.

Oh, the one sure fire way to be safe from MS Blaster....don't use Windows.

Oh, and is it just me, or does it seem like this tutorial was taken partly from the last one? Especially the lists/links....

[SonofGalen]

http://www.cisilion.com/news-cisco-blaster.htm

That link supplies almost exactly the same information, more detailed and with more work-arounds, as well as specifics information on how the Blaster affects Cisco networks.

The information they supply is also a lot more indepth then "Enable MS Firewall" or "Download a 3rd party one!"

They also have a lot of links that give a lot more information. I highly recommend this website to anyone who wants to do more research on the MS Blaster Virus.

[Tiger Shark]

Galen: Why would anyone.... in their right mind.... place a windows machine on the public network without a firewall blocking port 135?

Blaster was hardly difficult to stop so to blame windows is a little lame.... You shouldn't have port 135 open on a *nix, etc. etc. etc box either!!!!!

In our other conversation - I wasn't flaming or looking for one either..... It was just a thought about the fact that in an Open Source system the potential for a compromise that is "so subtle" and therefore may never be found _seems_ to be that much higher than in a Closed Source system.......

It was nothing more or less than that...... I don't have a gene in me that desires flame wars... I was young once but I grew out of that...... I do state my point, and yes, I can be a crabby old bastard at times..... But when I do it's _painfully_ obvious.... Trust me......

[SonofGalen]

Mostly that was purely a cheap shot at Windows...

BUT Windows is the only operating system that is vulnerable to Blaster for one very important reason. It relies on WinSocks. For more information about this, see the tutorial I am writing about the inner workings of MS Blaster. It should be posted later today.