Warning: W32/Blaster.E/Worm - Medium Risk....

  Gaz 25 14:50 29 Aug 2003

The new Blaster Variant, discovered today uses the same exploits as the fist Blaster virus, it exploits the DCOM RPC service on port 135.

The virus then attempts to launch a DoS attack on kimble.org, however as the webiste cannot be resolved, the virus attacks, this is the computers localhost address, there fore the virus attacks your computer.

This can cause frequent system crashes and slows down system performance when no firewall is used.

The virus spreads in the same way to Blaster-A.

More information, statistics, virus activities and removal is all explained here: click here


(c - 2003, Flamewall Security Labs)

  rawprawn 14:51 29 Aug 2003

Thanks for the information.

  Gaz 25 15:02 29 Aug 2003

You are welcome.

  Gaz 25 15:57 29 Aug 2003

If you think you are infected, close the process:

Press Ctrl + Alt and press: Del on your keyboard simultaneously.

Then look for mslaugh.exe

Click end task, and confirm.

Close using the X task manager.

Then run click here

Or you can use my removal instructions from: click here

They are at the very bottom of the page.

  Djohn 15:58 29 Aug 2003

Thank-you for the warning Gareth. j.

  Gaz 25 16:06 29 Aug 2003


Anyway, I thought I better alert you all incase it turns out another 'serious' threat.

At the moment Mark Richards at Flamewall said that the virus has been received 8,488 times in the last few hours.

Also on an controlled but unpatched system it taken less that 1Min to become infected by at least ONE blaster variant.

  Gaz 25 16:15 29 Aug 2003


Remember my post about its snoop test?

Overreactive I know but still here is what Mark had to say:

'The anonymizer company have products to sell, however they try to scare you into buying the privacy software by showing you old Java and MHTML scripts that microsoft have patched up now.

The others are CLSID loaders, which open up My computer and files, but they CANNOT BE SEEN by anyone else.

Further down the Snoop test line, is test 4, MSN hack test.

This used the old old virus: Cool now -A and -B to break into messenger, your Antivirus should have detected this, if not, you can disable JavaScript, but you will lose functions.

The website is mainly Java Exploits, they are just a sinister way of fooling you into privacy software which no one needs.

Put it this way, yes the website is using scripts that COULD be dangerous, but on examination, only some coding s included of the coolnow virus, not the mass mailing part. So it cannot do anything.,

Futhermore the website can connect to you and use a trojan in a hidden window, but Anonymizer is a registered company and would not in the right mind do that, I think the news story you gave me was the users on the anonymizer service, not the company.

I hope you are not too worried about this site mate, use on of our Antiviruses, not AVG if you feel insecure.

And in future stop trying to test your computers security, it is unimportant of you show up as stealth when a port scan is carried out, and you have AV.

Forget and relax, and stay away from scare tactic websites.

Mark Richards,
Flamewall security virus lab.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Nokia 6 (2018) review

iPad 9.7in (2018) review

Comment retrouver son code Wifi ?