D Vibe
Registered User
Joined: 04 May 2003
Location: Sweden
|
 Posted: Wed Aug 13 2003 18:33
MSBlaster |
 |
Anyone more than me that have had problems with this new Virus/worm for Windows?
You can easily see if your windoze-machine are infected or not. First of all, see if it's active in your system by pressing ctrl-alt-delete. Then go to Processes, click on Name, to get it sorted by alphabetic order, then go and look for a process called "Msblast.exe" ... If it's there it's active. Then try to remove the process.
After that (even if it's not active), you'll make a search in windows, and search for the same file, namely "msblast.exe" .. if it's there, delete it, and restart your computer.
Then download and install the security patch from microsofts homepage (link below)...
Read more about it
Download the patch that fixes the hole in Windows |
https://www.dvibe.se |
|
 Back to top |
|
 |
|
|
Inge
Man-At-Arms
Joined: 04 May 2003
Location: Nieuw Lekkerland @ Holland
|
Posted: Wed Aug 13 2003 19:01
|
|
I had it to, and had to install the patch, disable the program in the background, remove the register key and remove the two msblaster.exe files on my computer. No firewall and no NAT (or was is NAD?) makes my system rather vulnerable 
At my work, it was mass hysteria. I do technical support by phone for computers as a holiday job, and I got about 20 calls today for people who were either infected or terrible afraid to get infected. A friend of mine, who does network management for small companies, has been working like 12 hours a day this week.
I like the ddos towards MS though 
Inge |
Care for a game of Monopoly? |
|
| Back to top |
|
|
D Vibe
Registered User
Joined: 04 May 2003
Location: Sweden
|
Posted: Wed Aug 13 2003 19:03
|
|
I just read that there's two new variants of the virus, probably the same virus with the same name, called:
penis32.exe and teekids.exe .. so remove those too if you find them! |
https://www.dvibe.se |
|
| Back to top |
|
|
Inge
Man-At-Arms
Joined: 04 May 2003
Location: Nieuw Lekkerland @ Holland
|
Posted: Wed Aug 13 2003 19:19
|
|
Do they also use the same leak in port 135? Or would another additional patch be needed to prevent my win2k to get infected?
Inge |
Care for a game of Monopoly? |
|
| Back to top |
|
|
Sunbuster
Registered User
Joined: 05 May 2003
Location: Finland
|
Posted: Wed Aug 13 2003 21:50
|
|
w00t! no firewall at Inge's house? get one ASAP! especially since you've got ADSL now 
I haven't got the virus even though my comps been on 24/7 lately, guess I ow my clean system to my firewall plus F-secure. Installed the windows patch today though... |
|
|
| Back to top |
|
|
Inge
Man-At-Arms
Joined: 04 May 2003
Location: Nieuw Lekkerland @ Holland
|
Posted: Wed Aug 13 2003 22:16
|
|
| Sunbuster wrote: |
w00t! no firewall at Inge's house? get one ASAP! especially since you've got ADSL now
I haven't got the virus even though my comps been on 24/7 lately, guess I ow my clean system to my firewall plus F-secure. Installed the windows patch today though...
|
Hehe...I check my msconfig rather frequently, but I know it would be good to install one. Especially for a sort-of tech-person, I should know better
But let's all blame MS for doing this! Are there any viruses for MacosX or linux-based OS's for instance?
Inge |
Care for a game of Monopoly? |
|
| Back to top |
|
|
Sunbuster
Registered User
Joined: 05 May 2003
Location: Finland
|
Posted: Thu Aug 14 2003 00:08
|
|
probably, but they keep a low profile. And I bet for every Linux virus, there's 500 MS viruses. Guess the Hax0rs just like fucking around with Microsoft
A firewall is pretty essential when you've got a DSL connection, or any connection for that matter that is on the instance you start your computer. There aren't just viruses that cause grief, there's a big chance hackers start using your computer as a gateway to other places if it doesn't have any kind of protection. I'd install one right away, there are plenty of free options so spending money isn't necessary  |
|
|
| Back to top |
|
|
Yannick
MadTracker Author
Joined: 16 Apr 2003
Location: Belgium
|
Posted: Thu Aug 14 2003 07:27
|
|
| Inge wrote: |
|
I like the ddos towards MS though
|
The bastards deserved it!
If you are fed up of these unsafe m$ softwares like Outlook or Internet Explorer, just use something else! There is now some very serious competition again: http://www.mozilla.org Check FireBird and ThunderBird. The first is a browser, the second an e-mail client. FireBird is really nice! ThunderBird is nice too, but still earlier in the development.
99.99% of the current viruses spread is "thanks" to m$ softwares like Outlook (mainly) and IE. And also because of Windows (less critical, especially if you are behind a NAT/Firewall).
So if you stop using them, you can feel totally safe.
Let's start the revolution! 
Yannick |
|
|
| Back to top |
|
|
CHICAGO¤lollie
Registered User
Joined: 05 May 2003
|
Posted: Thu Aug 14 2003 12:08
|
|
Well, seeing that MS Windows worms are on the agenda, and although I very much doubt that this is because of a worm...
Ok, well, basically, every time I log onto the internet, Windows gets it into its head that I'm closing a system procedure and does a System Shutdown. Thing is, the dratted thing can't do a system shutdown because (although very typical of Microsoft) the count down freezes. I shouldn't be worried by this, as nothing drastic ends up happening, but because of this "System Shutdown", some links are inaccessable.
For example, I click a link, Windows just goes "Meh" and says it'll get back to me, but it never does and leaves me there having to type the link, or even guess (which NEVER works)!
So, is this something to be concerned about, annoyed about, throwing the computer out the window about, worth sewing microsoft over, etc, etc--? |
|
|
| Back to top |
|
|
mikx
Registered User
Joined: 05 May 2003
Location: Melbourne
|
Posted: Thu Aug 14 2003 15:07
|
|
| Quote: |
|
So, is this something to be concerned about, annoyed about, throwing the computer out the window about, worth sewing microsoft over, etc, etc--?
|
.. yep! i'd say its DEFINATELY something to be annoyed about... .. (wouldn't throw the PC though)
mikx |
|
|
| Back to top |
|
|
Inge
Man-At-Arms
Joined: 04 May 2003
Location: Nieuw Lekkerland @ Holland
|
Posted: Thu Aug 14 2003 18:32
|
|
| CHICAGO¤lollie wrote: |
Well, seeing that MS Windows worms are on the agenda, and although I very much doubt that this is because of a worm...
Ok, well, basically, every time I log onto the internet, Windows gets it into its head that I'm closing a system procedure and does a System Shutdown. Thing is, the dratted thing can't do a system shutdown because (although very typical of Microsoft) the count down freezes. I shouldn't be worried by this, as nothing drastic ends up happening, but because of this "System Shutdown", some links are inaccessable.
For example, I click a link, Windows just goes "Meh" and says it'll get back to me, but it never does and leaves me there having to type the link, or even guess (which NEVER works)!
So, is this something to be concerned about, annoyed about, throwing the computer out the window about, worth sewing microsoft over, etc, etc--?
|
Yes. You got the virus msblaster. Good luck.
Inge |
Care for a game of Monopoly? |
|
| Back to top |
|
|
BeatMax
Registered User
Joined: 04 May 2003
Location: Germany
|
Posted: Thu Aug 14 2003 23:57
|
|
Hi!
A friend of mine gave me a good tip. To stop the worm from shutting down your PC execute SHUTDOWN -A . Do this directly after your system has booted up!
Then apply the patch and run the symantec removal tool.
Hope that works for you too.
Good Luck!
BMX |
-----------------------------------------------
B E A T M A X
Madtracker-Tutorial - Personal Releases
https://linktr.ee/beatmax_prediction
https://soundcloud.com/beatmax_prediction
----------------------------------------------- |
|
| Back to top |
|
|
CHICAGO¤lollie
Registered User
Joined: 05 May 2003
|
Posted: Fri Aug 15 2003 10:31
|
|
| BeatMax wrote: |
|
...To stop the worm from shutting down your PC execute SHUTDOWN -A . Do this directly after your system has booted up!...
|
"Shutdown -A"? Er, is this another one of those "Where's the Any key?" things? 
Well, I've checked the windows processors tab. No sign of msblast.exe, penis32.exe, or teekids.exe. There was one called winlogon.exe, but I don't think that would be it.
The only other thing I think that's happened is that my little brother has been fooling around with the computer (yet again  ) and he's managed to get into the processes tab and closed down svchost.exe - NETWORK SERVICE.
Oh well, guess it's back to the computer shop. |
|
|
| Back to top |
|
|
D Vibe
Registered User
Joined: 04 May 2003
Location: Sweden
|
Posted: Fri Aug 15 2003 10:44
|
|
Thing is that I had exactly the same problem, for one day, but I couldn't figure out what was wrong, until my brother mentioned this virus to me. That day I didn't have any problem with it, so it wasn't active in the processes. But when I made a search for it, it sure popped up. So do a simple search (with windows file searcher) and look for those files mentioned above. |
https://www.dvibe.se |
|
| Back to top |
|
|
Martin
Registered User
Joined: 05 May 2003
Location: Norway
|
Posted: Sat Aug 16 2003 23:35
free firewall - ZoneAlarm |
|
You can get a free firewall at:
http://www.zonelabs.com/store/content/home.jsp
As far as I know (by reading PC magazines, and by word of mouth) this keeps your data pretty safe - at least you`ll make your computer less attractive for hackers.
Zonealarm is easy to understand and install/use.
Martin |
|
|
| Back to top |
|
|
|
|
|
|
Home/News
About
Download
Plugins
Tutorials
Register
Registered Users
Community
Music
Compo
Links
Forum
MSBlaster
Log in
Profile
FAQ
