Can't find the information you are looking for here? Then leave a message over on our WinBatch Tech Support Forum.
Keywords: MS Blaster Virus MSBlaster W32.Blaster.Worm W32/Lovsan.worm Win32.Poza Lovsan WORM_MSBLAST.A W32/Blaster-A W32/Blaster
AddExtender("WWWNT34i.DLL") file="C:\BLASTER.LOG" ; !!! CHANGE TO FIT YOUR NEEDS !!! logfile = FileOpen(file,"WRITE") ; get a list of machines on the network machinelist=wntServerList("","",1) ;For each machine pccount=ItemCount(machinelist,@tab) for xx=1 to pccount thispc=ItemExtract(xx,machinelist, @tab) ErrorMode(@OFF) ; connect to the remote computer keyloc=RegConnect(thispc,@REGMACHINE) ErrorMode(@CANCEL) if keyloc == 0 then continue ;skip if cannot connect if RegExistValue(keyloc,"SOFTWARE\Microsoft\Windows\CurrentVersion\Run[windows auto update]") value = RegQueryValue(keyloc,"SOFTWARE\Microsoft\Windows\CurrentVersion\Run[windows auto update]") if StrLower(value) == "msblast.exe" logtxt=StrCat(thispc, " is infected with MSBlaster") FileWrite(logfile, logtxt) endif endif RegCloseKey(keyloc) next FileClose(logfile)See http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html for more information about this virus.
Article ID: W15960
File Created: 2004:03:30:15:42:04
Last Updated: 2004:03:30:15:42:04