Re: Purging Blaster.worm

[Schneider Sebastian <ses () straightliners de>]

If the internet connection can not be shut down in the meantime, you can
configure your DCOM model to reject connections from other hosts using
the dcomcnfg.exe tool. just right-click on your computer and select default
setting.

Sebastian 

On Wednesday 13 August 2003 23:41, Schneider Sebastian wrote:
> The tool is working out fine as far as I can say. Tested it in different
> environments (W2K, W2K SP3, XP, XP SP1).
> Sometimes it might be helpful to kill the msblast.exe process (XP) and
> rebooting the system after removing the windows auto update = msblast.exe
> key.
>
> Removing the worm manually (registry, files) works out as well.
>
>
> Please notice, that MS's hotfix requires at least SP2 for W2K.
>
> On Wednesday 13 August 2003 22:24, Andreas Rothlauf wrote:
> > Hi,
> >
> > JG>  Has anyone successfully purged the MSBlaster worm. There is a tool
> > out JG> there that can do it but is it reliable?
> >
> > Symantec has made a tool available:
> > http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.
> > ht ml
> >
> > A friend told me that it works.
> >
> > greetZ //AndY
> >
> >
> >
> > -------------------------------------------------------------------------
> > --
> > -------------------------------------------------------------------------
> > -- -

-- 
straightLiners IT Consulting & Services
Sebastian Schneider
Metzer Str. 12
13595 Berlin
Germany

Phone: +49-30-3510-6168
Fax: +49-30-3510-6169

---------------------------------------------------------------------------
----------------------------------------------------------------------------