No announcement yet.

just encountered msblast.exe (worm)

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • just encountered msblast.exe (worm)

    not picked up by version of AVG prior to most recent update....

    spent most of today reinstalling windows to get the darn puter actually moving (instead of crashing), then followed these instructions

    although I then updated AVG, and ran it to find the virus location.

    after I'd done all of that, I found it was best to re-run AVG to clean out the system restores, and then re-booted because IE was playing up.

    now got a clean system again :D , but have lost all the cookies somehow :rolleyes:

    ah well.... here's hoping you've all updated your AVG / anti-virus programs! :thumb:

  • #2
    Better yet, get the patch to close the vulnerability;Microsoft Security Bulletin MS03-026

    This vulnerability will likely be exploited again. Best to close the hole, then AVG won't have to be put into use at all for this type of system introduction of malware.

    This exploit is found in the following unpatched OS's;
    Windows NT 4.0
    Windows XP - Home & Pro
    Windows 2000
    Windows Server 2003
    The reason a diamond shines so brightly is because it has many facets which reflect light.

    Comment


    • #3
      My day.
      2PM Got up and saw a big netsend message on my screen. After closing it I got my first reboot.
      Shortly after that, I came back online and found out that amd_man is having same issues.
      4Pm Decided to reinstall windows.
      4.30PM Saw that all my farm systems had the damn thing.
      Decided to put W2K on some instead of XP.
      Around 7 or so amd_man gave me the link on how to get rid of the virus.
      Its like 5am now and I just finished reinstalling all the software.
      BTW backing up my XP SP1 on a cd was a good idea. But for W2K I had to download about 30MB of updates followed by another 30MB for XP that SP1 didnt cover.
      ALL ON DIALUP. Took a while but I got it.
      Sure was fun day! Thankfully I had some beer in the fridge to keep me company!!!! :cheers:

      Lucky Win98 runnin *******s got lucky!!!!!!!!!!

      Comment


      • #4
        oops, yes, forgot to mention that one MrC - I did the patch as well - thing is, after the big move across the world, I only just got back online after 8 weeks, so despite being a regular patch updater, I slipped this one time.... that'll teach me....

        Comment


        • #5
          Oh, this one is a ***** :mad:!

          After I first got it, I tracked it down through Task Manager and the Run part of the Registry... thought I'd killed it but it's obviously sneakier than that... so I ended up re-installing XP (box needed it anyways).

          Needless to say, first thing I have done now is patched it :).

          Comment


          • #6
            ZDNet

            Maybe running ME wasn't such a bad idea after all. :?:

            Comment


            • #7
              Ahhh, the benefits of a decent hardware firewall. :)

              Comment


              • #8
                Ah yesterday was bloody hell. :( I found nearly everyone i talk to oon IMS was also having this dproblem, so of course ya know what i was sitting here doing :( Shows damn M$ needs to watch out mroe "carefully" for the vulnerabilities like this. :rolleyes2

                <center>:cheers:</center>

                Comment


                • #9
                  One warning about the MS patch it still leaves you vulnerable to a DOS attack so its really only half of a patch. they can't take control of your machine just crash it..

                  Last night one of my friends' machine crashed while we were playing a nice friendly game of UT2k3. his machine was patched but still crashed during the game with some message about RPC or DCOM..

                  Comment


                  • #10
                    DigitalDD
                    since you experienced it your self, i can't say anything but after applying those patches DoS attacks can just cause your net connection to crash while keeping your PC safe and running. thus i would recommend that you consider re-checking the updates and if possible install a firewall.
                    Latest Microsoft Security Updates.
                    Last Updated:
                    10th MARCH


                    If you are a security freak: Use Microsoft Baseline Security Analyzer (NT/2000/XP/2003)
                    ======================
                    icq : 203189004
                    jabber : [email protected]
                    =======================
                    Linux user since: April 24, 2003 312478
                    yabaa dabaa doo...
                    Customized for 1024x768

                    Comment


                    • #11
                      wow, looks like I got lucky... been offline for the last 4(?) days, so I got to miss all the 'fun'...

                      Comment


                      • #12
                        Originally posted by Beefy
                        Ahhh, the benefits of a decent hardware firewall. :)
                        :o yes, "normally" have one of those as well via a router, but as MrSunshine's pc got smashed up in the move I didnt think (doh) to install the router as well and just plugged straight in....

                        Comment


                        • #13
                          Originally posted by amd_man2003
                          Shows damn M$ needs to watch out mroe "carefully" for the vulnerabilities like this. :rolleyes2

                          <center>:cheers:</center>
                          they have, the patch has been out since 16th of july.

                          Comment


                          • #14
                            indeed - I've been offline since June12th and look what happens on my first day back.... ah, well, lesson to us all to regularly check the patches and updates, eh??!

                            Comment


                            • #15
                              so DCOM is also part of this worm eh? I got that on my work pc trying to get through my firewall but I squashed it lol....knowing the people that work in this university though I'll be any amount of money they accepted it.

                              Comment

                              Working...
                              X