Another damn virus
Moderators: jelco, bert_the_turtle, Chris, Icepick, Rkiver
-
- level5
- Posts: 1310
- Joined: Sat Dec 22, 2001 3:46 pm
- Location: Melbourne, Australia
Anyone else hit by Blaster? We've got a lan of over 1000 comps here so it went through like wildfire. It's crippled our network and overloaded our proxy so we only just got back net
Nasty piece of work
Nasty piece of work
I swear Officer, I didn't know she was 4!
My Profile, my mates site, Bloody Mongrel. Great stuff.
Click here to help me get some free magnets Pleeeease?
My Profile, my mates site, Bloody Mongrel. Great stuff.
Click here to help me get some free magnets Pleeeease?
-
- level0
- Posts: 9
- Joined: Thu Jul 31, 2003 10:38 pm
- Location: UK
- Contact:
copied from www.neowin.net
for the full article scroll down the page at the above address.
Removing the W32.Blaster.Worm
Posted by Neobond on 12 Aug 2003 - 13:57 CET | 55 Comments
Thanks xStainDx for the following information posted in our Back Page News section of the forum.
Patch Your System with the appropriate MS03-026 Patch
After Installation of the Patch, Reboot your system.
Download and run "FIXBLAST".exe to remove the MSBLAST.exe file, terminate the process and remove added registry keys by the worm.
Reboot your pc one last time.
Visit WindowsUpdate.com more often and take note of our repeated warnings to keep your system updated.
Result:
Your System will no longer shutdown after 60secs, please follow the steps above to remove the worm off your computer and return your system to UPDATED safe status.
UPDATE: If your having problems installing the patch within the 60 sec, when you see the window pop up telling you 60 sec, Go to Start, Run and type in shutdown -a. This will cancel the shutdown attempt. Thanks Sub for this tip!
Download: Windows XP Patch | Windows 2000 Patch
Download: FixBlast - W32.Blaster.Worm Removal Tool
View: Symantec Security Response - W32.Blaster.Worm Removal Tool
for the full article scroll down the page at the above address.
Removing the W32.Blaster.Worm
Posted by Neobond on 12 Aug 2003 - 13:57 CET | 55 Comments
Thanks xStainDx for the following information posted in our Back Page News section of the forum.
Patch Your System with the appropriate MS03-026 Patch
After Installation of the Patch, Reboot your system.
Download and run "FIXBLAST".exe to remove the MSBLAST.exe file, terminate the process and remove added registry keys by the worm.
Reboot your pc one last time.
Visit WindowsUpdate.com more often and take note of our repeated warnings to keep your system updated.
Result:
Your System will no longer shutdown after 60secs, please follow the steps above to remove the worm off your computer and return your system to UPDATED safe status.
UPDATE: If your having problems installing the patch within the 60 sec, when you see the window pop up telling you 60 sec, Go to Start, Run and type in shutdown -a. This will cancel the shutdown attempt. Thanks Sub for this tip!
Download: Windows XP Patch | Windows 2000 Patch
Download: FixBlast - W32.Blaster.Worm Removal Tool
View: Symantec Security Response - W32.Blaster.Worm Removal Tool
I am bilingually illiterate, I cannot read or write in two languages.
-
- level4
- Posts: 594
- Joined: Mon Mar 18, 2002 5:37 pm
- Location: London, England
Yeah, I was affected by Blaster since yesterday but everything's fixed now. Also a couple of people on the IRC chan were affected - I sent them the FixBlast.exe file.
This Blaster seems to be spreading through the Internet quite fast...it's front page news on MSN.
Boy, would I like to get my hands on the guy who created it...
This Blaster seems to be spreading through the Internet quite fast...it's front page news on MSN.
Boy, would I like to get my hands on the guy who created it...
Let's kick this bitch into overdrive.
-
- level5
- Posts: 1310
- Joined: Sat Dec 22, 2001 3:46 pm
- Location: Melbourne, Australia
Yeah same. I was fixed and patched 5 minutes after I got back from a lecture to find I had the virus (it only got into the uni while I was at the lecture). Now I'm on to fixing other people's computers. And, being a college, I've had to do it in about 5 languages so far
The thing's even taken out all the computer labs (all win2k), everything. Practically no one on campus was patched because we pay for bandwidth.
The thing's even taken out all the computer labs (all win2k), everything. Practically no one on campus was patched because we pay for bandwidth.
I swear Officer, I didn't know she was 4!
My Profile, my mates site, Bloody Mongrel. Great stuff.
Click here to help me get some free magnets Pleeeease?
My Profile, my mates site, Bloody Mongrel. Great stuff.
Click here to help me get some free magnets Pleeeease?
Well, I tried to install the update, but unfortunately it doesn't seem to run so well on Mac OS X... Man, I guess I'm screwed if I ever get hit by Blaster... Oh, wait :biggrin:
00010001000100000000101100010111000 10110000100010001100001011111000101 10000100100000111100010000000011010 0001011000111100001000100001011
-
- level5
- Posts: 11553
- Joined: Wed Jul 10, 2002 7:44 pm
- Location: Nashville, TN
- Contact:
It hasn't affected me yet, but I did just update Norton so I guess that got it. I do think it would be ammusing for someone to get a Mac or Linux virus out. As most of the Mac guys I know (myself included) don't even think about viruses, it'd be interesting to see what they all do when a real one gets them. :)
Usually you need vulnerabilities for viruses
I'm behind a hardware router with a firewall, I run a personal firewall (BSD) as well, I don't walk around giving my root password to just any app (let alone walk around as root)... I'd like to think I'm reasonably secure. And all this is just default OS X behavior.
But then, as Mac OS X is based on BSD, I guarantee that if there is a Mac virus that can cause any real damage the Macs will be the least of our worries
I'm behind a hardware router with a firewall, I run a personal firewall (BSD) as well, I don't walk around giving my root password to just any app (let alone walk around as root)... I'd like to think I'm reasonably secure. And all this is just default OS X behavior.
But then, as Mac OS X is based on BSD, I guarantee that if there is a Mac virus that can cause any real damage the Macs will be the least of our worries
00010001000100000000101100010111000 10110000100010001100001011111000101 10000100100000111100010000000011010 0001011000111100001000100001011
-
- level5
- Posts: 11553
- Joined: Wed Jul 10, 2002 7:44 pm
- Location: Nashville, TN
- Contact:
- NeoThermic
- Introversion Staff
- Posts: 6256
- Joined: Sat Mar 02, 2002 10:55 am
- Location: ::1
- Contact:
So are we saying that a Firewall can protect a computer from this nasty virus?
And are we talking any firewall, i.e. will ZoneAlarm do?
If not, can you turn off RPC until you have patched?
And last but not least, how do I check if I have the patch from M$?
Sorry for asking questions, but I certinaly dont want to be infected the minuite I turn my computer on to the net...
NeoThermic
And are we talking any firewall, i.e. will ZoneAlarm do?
If not, can you turn off RPC until you have patched?
And last but not least, how do I check if I have the patch from M$?
Sorry for asking questions, but I certinaly dont want to be infected the minuite I turn my computer on to the net...
NeoThermic
Quote: from Stewsburntmonkey on 11:10 pm on Aug. 12, 2003[br]I am fairly certain OSX has opened up some security holes in BSD that could be exploited, its just no one really cares enough to find them. :)
Oh, I dunno about that. One could argue that a lot of Windows holes have been found with about the same level of apathy...
00010001000100000000101100010111000 10110000100010001100001011111000101 10000100100000111100010000000011010 0001011000111100001000100001011
-
- level1
- Posts: 47
- Joined: Mon Mar 24, 2003 5:04 am
- tabasco boy
- level5
- Posts: 1180
- Joined: Sun Mar 10, 2002 4:25 pm
- Location: Lovely Planet Earth
- Contact:
don't be sorry mate not everyone got infected (me included) thanks for billy boy for sending me a free w2k sp4 cd a while back..
and do you know why MS come out with patches so often?
Probably similar reasons as to why Linux-contributors release patches so often.
and do you know why MS come out with patches so often?
Probably similar reasons as to why Linux-contributors release patches so often.
Eating without Tabasco® Sauce is like a computer without a OS.
Quote: from NeoThermic on 4:18 am on Aug. 13, 2003[br]So are we saying that a Firewall can protect a computer from this nasty virus?
And are we talking any firewall, i.e. will ZoneAlarm do?
A hardware firewall can do some good, but I have seen two comps already that got infected through zonealarm, one of which had the pro version and the other I dont know. The second was infected on a dialup connection.
I personaly wouldn't trust a hardware firewall either, unless its set up to block the right ports which I dont think it is by default.
The best thing to do is gt the symantech fixtool on write protected floppy, and get the patch installed ASAP. That way your safe, and if you happen to encounter the virus elsewhere you can deal with it without waiting for tech support to get round to it sometime next tuesday.
Who is online
Users browsing this forum: No registered users and 21 guests