|
W32/Lovsan.worm.a is a Medium-On-Watch Internet Worm. Also known as "Blaster" or "MSBlaster", Lovsan has quickly infected computers throughout the Internet. The worm takes advantage of a flaw in Windows NT, 2000 and XP operating systems to drop a malicious program on your computer.
Unlike typical computer viruses, which usually arrive as email attachments, Internet worms attack open communication ports on vulnerable systems, often without the operator's knowledge. By taking advantage of a vulnerability in Windows, the worm is able to spread without requiring any action on the part of the user.
|
|
| How do you know if you've been infected? |
|
|
Generally, the Lovsan worm causes your system to repeatedly re-boot itself every few minutes. Windows NT 4.0 and Windows 2000 systems may become unresponsive. Also, the file msblast.exe appears in the WINDOWS SYSTEM32 directory.
|
|
| How do you clean your system if it’s already infected? |
|
| Download McAfee Stinger. A stand-alone utility used to detect and remove specific viruses, it is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system.
|
|
| How do you prevent future attacks? |
- Update Windows. Download and install the latest operating system patches from Microsoft Corporation.
- Update your anti-virus software. Always ensure your virus definition DAT files are current. If you do not own anti-virus software, order McAfee VirusScan here.
- If you do not have firewall protection, purchase and install McAfee Personal Firewall Plus. This secure barrier fortifies your Internet defenses against malicious cyber code and hackers, helping block Internet worms like Lovsan before they invade your system.
|
| Looking for more information about the worm? |
|
|
For a more detailed description of Lovesan and its characteristics, visit the Virus Profile page.
For a detailed graph of the worm’s progress check out the graphs at Hackerwatch.org, a community and collection point for Internet users to share information relating to hacker activity.
|
|
| New Users: Get Protected Now |
|
|
|
 |
| Existing Users: Make Sure Your Protection Is Up to Date |
|
|
|
|
|
