"Linda I" <jazzysez.RemoveThis@yahoo.com> wrote:
> I had and fixed the blaster.exe worm that was causing my pc to
> constantly reboot. Since then I have downloaded and installed symantec
> trialware firewall and antivirus. I updated the virus manually and ran
> it. It did not find anything. But now when I return to my computer
> after being away for an hour or whatever, it is attempting to send
> out hundeds of email with a .ru extension. ...
"it is attempting" obviously, at one level, means "your computer", but how do
you know "it" is attempting to send all this Email?
> ... I haven't seen anything
> about this and ran several mass email fixes that all say I don't have
> that particular worm. Norton shows nothing. Do you think this is still
> related to blaster? I never had a virus before and now this back to
> back. Thanks for any suggestions,
This is ceratinly _not_ related to Blaster, at least in the strict sense that
there is absolutely no formal relationship between Blaster and any mass-
mailing malware or "spam-ware". However, the fact that your machine was in
the Internet vulnerable to the DCOM RPC hole (and probably much else as well)
suggests that your machine would be a juicy target for all manner of scumware
and the folk who trade in or off such. Most likely your machine was
compromised -- either through the DCOM RPC vulnerability, one of many, many
others common in popular MS OSes, or through weak administrative passwords --
by someone intent on installing an open relay or some form of spam-ware around
the same time as you were noticing Blaster symptoms.
What you need to do now is locate the program(s) that are doing the mailing,
stop them and preferably send samples to the AV companies so they can add
detection of this to help protect others in future.
--
Nick FitzGerald
>> Stay informed about: Had blaster virus, now mass email attempts from my comp 
FAQ
Profile
Private Messages
Log in
