|
-
August 12th, 2003, 05:03 AM
#11
Senior Member
i cant run my virus scanner or windows updates
-
August 12th, 2003, 05:11 AM
#12
Hope you have a backup of important files. The best solution is to cut your losses and start over, if you can. That's the only way to know for sure that you have gotten rid of it. Sounds nasty. Someone here may have better advice, but I'm just telling you what I'd do.  :
Opinions are like  holes - everybody\'s got\'em.
Smile 
-
August 12th, 2003, 09:53 AM
#13
Blaster just upgraded to a Cat-4.. 08:50 UTC
Only panic if you don't have access to a clean, patched, firewalled system..
Follow removal instructions from Symantec
This page includes links to download a removal tool, and the Patch..
NOTE: Follow the Bloody Instructions especially the step about disabling the system Restore.. If you don't do this it will come back.. and follow the instructions
Read instructions on how to remove the W32/Blaster-A worm and ensure your system is not vulnerable to reinfection.
If you don't like Symantec (Norton) you could try Sophos for instructions ..
Or try the info from McAfee (Lovesan=MSBlaster) ..Also info from F-Prot ..And Bitdefender ..And Authentium (aka Command.com AV) .. Oh and Panda .. Oh and TrendMicro .. And Leprechaun .. M$'s RAV .. I hope you don't need help from Kaspersky ..
I think you get the hint.. Clean/Patched/Firewalled(port135, 4444 and all other un-need ports Blocked) Machine.. to get the info, tools and patches.. and follow the instructions..
Cheers
BTW: Dosen't anyone do some sort of a search b4 posting?.. the number of treads on different forums on this site, regarding this bug.. while some it is understandable they didnt know what was happening.. ..
Opps i think I have given out my secret for all the Heads Up warnings.. This Listing is just those who listed the Lovesan/MSBlaster worm in their warnings.. Noobs.. bookmark them....
BTW: Dosent anyone do some sort of a search b4 posting?.. the number of treads on different forums on this site, regarding this bug.. while some it is understandable they didnt know what was happening.. ..
"Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr
-
August 12th, 2003, 06:29 PM
#14
I still think its unnecessary to do a complete reinstall of your system,
which may be a very costly or difficult thing to do for the common lay
person.
I would follow the steps that Symantec gives from the following link:
Symantec
What they dont say on the manual removal is that the file has the attribute of read online. You need to right click on c:\windows\system32\msblast.exe or c:\winnt\system32\msblast.exe and uncheck the read only check mark. Then after the process is terminated you can delete the file.
I do agree that if you had this security hole for as long as its out, there is a risk that there may be other hacks on your computer.
I wrote a tutorial on how to determine if you have some of these hacks. It wont cover everything but does cover a great deal.
The tutorial can be found at: Windows Forensics: Have I been hacked?
Hope this helps.
-
August 13th, 2003, 01:20 AM
#15
Senior Member
thanks guys 
i got rid of the worm around 3 am this morning. if i knew how give out anti points i would
-
August 13th, 2003, 01:26 AM
#16
http://securityresponse.symantec.com...oval.tool.html there you can download the removal tool and dont forget to update windows i read in a site that microsoft already has a Patch
http://www.globetechnology.com/servl...ry/Technology/
-
August 13th, 2003, 01:40 AM
#17
>>i got rid of the worm around 3 am this morning.
Im glad you got rid of the darn thing. Lucky im running Win 98 and does not seem to be afected.
I would just like to say I was just down stairs fixing my friends XP computer, he had the blaster worm, and was getting the RPC shutdown. I fixed it by downloading a patch http://support.microsoft.com/?kbid=823980#WinXP
But now as I read this I see I was suposed to also delete mblaster.exe, I will inform my friend.
-
August 13th, 2003, 01:44 AM
#18
Senior Member
Originally posted here by Simo
thanks guys
i got rid of the worm around 3 am this morning. if i knew how give out anti points i would
good job all of those that helped
-
August 13th, 2003, 03:43 AM
#19
Junior Member
msblast???
I have gotten that shut down message ONCE.... and that was a few weeks ago, while playing counter-strike. and never again *knock on wood*. But once a day I do get a pop up about updating my windows, but when i click "more" its just some advertisement....and its an update message from comcast *my internet provider* so was what I got an actual error my comp had...or you think its the virus. And I dont have msblast.exe anywhere in my comp.
-
August 13th, 2003, 03:54 AM
#20
One thing you have to keep in mind with Win XP is before you remove anything to turn off XP's system restore function. If you do not do that and are infected XP will put back the infection. LOL another customer want to have by M$ Dah guess they did not think that out fully like many things.
Peace
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg 
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
