New Virus/worm you ought to know about

When i came online today i got the following email from my internet server which i think you ought to know about if you haven’t had the same type of email from your internet server
“Dear customer,

Important information for all Internet users

You may have read recently that a computer virus known as MSBlast or Lovsan is affecting computers with Microsoft Windows XP and other software packages. Its effect
is to cause computers to reboot repeatedly. MSBlast is a type of virus known as a “worm” which does not appear to cause permanent damage but is a threat to be taken seriously.

We at Virgin.net are committed to providing you with the best service we can and so, although this virus does not relate to our service, we would like to offer you this advice on how to protect your computer or how to remove the virus, if you have been affected.

Which computer operating systems are affected?

Users of the following operating systems could be affected: Windows XP, Windows 2000, Windows Server 2003, Windows NT 4.0, NT 4.0 Terminal Services Edition.

What is the name of the virus?

Microsoft refers to this virus as the “W32.Blaster.Worm”, but it is also known as W32/Lovsan.worm, WORM_MSBLAST.A, Win32.Posa.Worm.

How do you know if your computer has the virus?

The most common symptom of the virus is that your computer will reboot every few minutes, without your input. You may also find that a file called msblast.exe has been created in your computer’s WINDOWS SYSTEM32 directory.

How do you avoid getting the virus?

Firstly, you should ensure that you install a Firewall application on your computer. A Firewall prevents unauthorised access to your computer and will block viruses. You should also ensure that you regularly update your Firewall application as new viruses keep appearing. Microsoft XP comes equipped with a Firewall – or you can download and install a free Firewall from http://www.zonealarm.com. Virgin.net cannot guarantee that the Microsoft Xpfirewall will prevent a virus getting through. If the firewall is not effective please contact Microsoft directly.

Users of the operating systems listed above, in the section ‘Which computer operating systems are affected?’ should enhance their software with the latest update called a “patch”. The patch that will address this issue is called MS03-026. Updating your computer with this patch will prevent infection from this type of virus.

Customers that have previously applied the security patch MS03-026 before today are protected and no further action is required.

How do you know if you have the virus?

To detect this virus, search for msblast.exe in the WINDOWS SYSTEM32 directory or download the latest anti-virus software signature from your anti-virus vendor and scan your machine.

A number of software vendors are working together to overcome this virus. Additional information on this virus is available from any of the following links:

Network Associates:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100547

Trend Micro:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A

Symantec:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

Computer Associates:
http://www3.ca.com/virusinfo/virus.aspx?ID=36265

Microsoft’s Virus Information Alliance: http://www.microsoft.com/technet/security/virus/via.asp

If you have the Virus how do you remove it?

1. In order to remove this virus please follow these instructions:

Do a search for msblast.exe (usually found in system32 folder)
Delete it.
Click Start and select Run
Type msconfig & click OK
Select the start-up tab
Disable msblast
Reboot machine and enable your Firewall or anti-virus software.

Alternatively

Security specialists Symantec have released a tool which will remove the current infection from your computer. To download this tool, go to http://www.symantec.com and go to the security response section. Then click the W32.Blaster.Worm link in the latest virus threats section. This page offers more information regarding the worm, and a downloadable tool to remove it.

2. Once you have removed the virus, immediately select one of the links below to install the security patch needed to ensure no repeat infection occurs.

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

If you are away from your machine or are unable to get on-line, then the above links will provide patches which are small enough to download from another PC on to a floppy disc, to install on your PC at a later date.

For further information

Should you require additional assistance please call our Free phone Service Announcement Line on 0800 052 4329 for the latest update on this issue.

Yours sincerely,

Customer Service Manager
Virgin.net”

So if i were you i would update my virus software (as I am doing now lol) and see if you got it

hopeing no-one has this virus
Hellaid