You were still right about the Symantec link; if your fav AV producer hasn't updated their sig file yet, then email the poop out of them! (sir harrison... dat's funny..!) ;-) Jim Harrison MCP(NT4, W2K), A+, Network+, PCG http://www.microsoft.com/isaserver http://isaserver.org/Jim_Harrison http://isatools.org Read the help, books and articles! ----- Original Message ----- From: "Mark Strangways" <strangconst@xxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, August 11, 2003 18:52 Subject: [isalist] Re: w32.blaster.worm http://www.ISAserver.org So I stand corrected :-( Seems to be alot of that lately , hehehe :) Good work Jim, or should I say SIR Harrison. Mark S ----- Original Message ----- From: "Jim Harrison" <jim@xxxxxxxxxxxx> To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> Sent: Monday, August 11, 2003 9:48 PM Subject: [isalist] Re: w32.blaster.worm > http://www.ISAserver.org > > > This also deletes the files and registry hacks it dumps into your system. > > Jim Harrison > MCP(NT4, W2K), A+, Network+, PCG > http://www.microsoft.com/isaserver > http://isaserver.org/Jim_Harrison > http://isatools.org > > Read the help, books and articles! > ----- Original Message ----- > From: "Mark Strangways" <strangconst@xxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Monday, August 11, 2003 18:38 > Subject: [isalist] Re: w32.blaster.worm > > > http://www.ISAserver.org > > > Change the .vb_ to vbs and run it with the command prompt. > This will detect the virus only, See the link Jim sent to Symantec for > removal instructions. > > Mark > ----- Original Message ----- > From: "Armando Treviño López" <armando.trevino@xxxxxxxxxxx> > To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx> > Sent: Monday, August 11, 2003 9:32 PM > Subject: [isalist] Re: w32.blaster.worm > > > > http://www.ISAserver.org > > > > > > hello. > > How do i execute that file to find and remove the worm? > > Do i have to rename the extension .vb_ to exe or something? > > thanks > > > > -----Original Message----- > > From: Jim Harrison [mailto:jim@xxxxxxxxxxxx] > > Sent: Monday, August 11, 2003 8:16 PM > > To: [ISAserver.org Discussion List] > > Subject: [isalist] Re: w32.blaster.worm > > > > > > http://www.ISAserver.org > > > > > > > > This is a multi-part message in MIME format. > > > > ------------------------------------------------------ > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > > ------------------------------------------------------ > > Other Internet Software Marketing Sites: > > Leading Network Software Directory: http://www.serverfiles.com > > No.1 Exchange Server Resource Site: http://www.msexchange.org > > Windows Security Resource Site: http://www.windowsecurity.com/ > > Network Security Library: http://www.secinf.net/ > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > > ------------------------------------------------------ > > You are currently subscribed to this ISAserver.org Discussion List as: > strangconst@xxxxxxxxxx > > To unsubscribe send a blank email to $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: > jim@xxxxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > Leading Network Software Directory: http://www.serverfiles.com > No.1 Exchange Server Resource Site: http://www.msexchange.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this ISAserver.org Discussion List as: strangconst@xxxxxxxxxx > To unsubscribe send a blank email to $subst('Email.Unsub') ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: jim@xxxxxxxxxxxx To unsubscribe send a blank email to $subst('Email.Unsub')