Forum Coordinators: RedPhantom
Poser - OFFICIAL F.A.Q (Last Updated: 2024 Dec 23 7:38 pm)
Weird. I got a 60-sec shutdown message a week ago. First for a long time. I d/ld and ran the patch today, ran the worm killer, which said I didn't have the worm. and chaecked at ShieldsUp. Apparently I'm in total stealth mode and protected. No open posts, nuttin'. So why'd I get a shutdown a week ago? Oh well, I'll run the blastfix thingy again just to make sure. mac PS This meassage belongs in this forum and then some! I'd never have known about it if praxis hadn't posted here. A big 'Thank you!', praxis.
FishNose - Guilty as charged.;) No, it doesn't matter where you go. In fact, when my second restart hit, I was still connected but not actually on the net, IE was closed. Maclean - Read the link I posted in the Hardware/Technical forum thread. This guy got hit a week ago, too, so I guess it started then, it's only that it's kicked into high gear now, probably because more and more people got infected and kept infecting more... 2, then 4, then 16, etc, you know? As far as detecting the worm, I don't think it had been identified until yesterday. I checked Norton updates yesterday and I was fully updated, a scan showed no sign of anything. But then there was a new update this morning, and with that installed, another new scan spotted the little bugger. So everyone, check your virus scanner updates today, even if you did it yesterday.
AOL uses proxies to cache visited websites and then calls up the proxy to serve you the files faster. You don't have a direct connection to the web most of the time, the proxy has a connection and you're connected to it, as are thousands of other users. This causes endless grief to AOL users that want to use chat services, as the proxy often kicks in and kicks them off. so that can explain why a great deal of AOL people didn't get hit.
I had my system restart several times when I was downloading from DAZ. I have run the Symantec wormkiller twice and come up clean twice. I have also installed the patch. The sad part was I had spent about six hours the previous day backing up and verifying my system onto tape. I suppose the tape is clean but the operating system on tape lacks the patch. If I do restore it for some reason, I need to run the patch again. I could backup again (another day shot) but I still am uneasy about the worm being on my system.
I am glad I use my old Win/ Me for Internet connection only for first time!! best solution to protect your work use 2 compu one not Online.. no more viruses or worms that never sleep and waiting for damage your poser stuff you spare for years..lol I heard in the radio that 200.000 computers was plat today thanks to this worm... what a drama
Catherine, I usually surf only from my 2nd computer - an old 166Mhz with win 98. It's a junkheap, but the reason I keep it is for net use only. Problem is, lately I've used my main one a lot because it's so much hassle to keep transferring files. I guess I'll go back to the junkheap again. In fact, I'm on it now. It's the best virus protection ever. mac
I went to the avg website and found that ther are actually three worms. The big one is LoveSan not MSBlaster. The site tells where these worms reside - You mighr check it out. A google using "AVG +virus" should produce a link to AVG 6 and 7. If you don't have an AV program there is or was a free version of AVG6 on the site.
Hi All, I was hit by this virus also. It is called W32 Blaster worm or Lovsan worm and infects your system threw your internet connection at port 135 on window based systems such as ME, NT, Win 2000 and XP. It is a global virus that was launched yesterday and has effected thousands and has invaded many ISPs. You will get these error window messages: "Generic Host Process for WIn32 Services has encountered a problem and needs to close". "This shutdown was iniatiated by the NT AUTHORITY/SYSTEM windows must restart now because the Remote Procedure Call(rpc) serivice terminated unexpectingly". This virus causes your machine to crash and reboot over and over until the virus is removed and you have downloaded and installed the latest security patch from Mircosoft. Here are some links which may help: You can download the latest security patch here: http://www.microsoft.com/security/incident/blast.asp This site has a very good removal tool for this blaster worm virus: http://securityresponse.symantec.co...aster.worm.html http://us.mcafee.com/virusInfo/default.asp?id=lovsan If you use any removal tools please remeber that the System restore option must be turned off in WinXP before you run the removal tool. If not the virus will no be removed and will continue each time you boot up. Also, getting the patch is very recommended Zone Alarm does effectively block port 135 (if you keep it enabled). If you would like to test that port, to be sure, go to GRC.com and run the ShieldsUp program. Hope this helps and best of luck! Miche
Attached Link: http://securityresponse.symantec.com/avcenter/venc/data/w32.femot.worm.removal.tool.html
Try this url Cath :) [Symantec](http://securityresponse.symantec.com/avcenter/venc/data/w32.femot.worm.removal.tool.html)Strength Is Life, Weakness Is Death
" security holes are built in so the government can check up on what your doing, it's part of the homeland security act." Mesh magic, that is ten tons of pure bull droppings! The real reason is plain sloppy code writing not any sort of conspiricy on part of any government.
Why shouldn't speech be free? Very little of it is worth anything.
The words 'Microsoft' and 'Security' can not be used in the same sentence unless 'error', 'hole' or 'problem' is also included. MS has always created sloppy, bug ridden, security impared code. Everytime I see on the news or read about, yet ANOTHER bug or security problem with something from MS I just sneer in the direction of MS headquarters an go on my virus free way unburdned by multipule firewalls and virus checkers and don't even pay attention to security alerts and virus updates. BTW, I'm on a Mac :-)
Why shouldn't speech be free? Very little of it is worth anything.
I'm not sure if anyone is still having the problem but I thought I would share my expeirence with the virus. I'm not 100% positive where I got the actual virus from -- seeing as how I usually don't open shady emails, and can't recall opening a strange email but I can recall getting one that I threw away. It was from the "System Admin" and subject was "Delay in E-Mail" or something of that nature. I waited a day to trash it because I thought it was junk, not virus. And to my knowledge had no attachments. But, again, I'm not sure this was the source of the problem. Anyway, I shrugged off the first of the RPS errors feeling it was just computer problems. But after reading this post in the 5 minute interval I had before my computer shut down, it seemed as if I had the problem. I ran symantec (took a long time, had to search through a lot of files) and symantec caught nothing yet I still had the virus. I went to the Microsoft page noted in the first of posts and downloaded the patch. Then I went and checked my task manager, and sure enough "msblast.exe" was residing. I ended the process, deleted it from my C:/Windows/System folder. I also changed the values or whatever that was noted for me to do. I'll post the link I followed in a couple secs. So far, it seems ok. knock on wood :) Hope you get your systems cleaned.
“Our real discoveries come from chaos, from going to the place that looks wrong and stupid and foolish.” – Palahniuk
Attached Link: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A
i got that virus yesterday and i fix it very fast and easy... i used an aplication very light in weight but worked for me and i'm virus-free now, look the attached URL and good luck to everyone Paoli Cheers!hrm...for those that are wondering where it is from. Xp calls home...alot, this is where the virus sneaks in at according to symantec and microsoft. (considering every xp update contains the words "might take over your system" this does not suprise me and I'm surprised it took this long to happen) It activates when you get online. Broadband users who don't disconnect have the greatest threat. The biggest problem is that the virus is flawed(go fig) and sends screwed data causing your system to reboot or turn off. So when you hear of systems going down, large or small, this is what happened. As far as I know they are looking but they don't know where the remote cmd.exe's are opening and who or if can even use them if 1000's are opening at once(they probably crashed their own computer) I got protected and shut down the ports, I have to run the symantec tool tonight to get rid of everything else. I was bummed last night I had time to play and it all got taken by this stupid virus.
This site uses cookies to deliver the best experience. Our own cookies make user accounts and other features possible. Third-party cookies are used to display relevant ads and to analyze how Renderosity is used. By using our site, you acknowledge that you have read and understood our Terms of Service, including our Cookie Policy and our Privacy Policy.
found out how it got on mine.. I have to lower my firewall to get into my FTP (bloody Zonealarm!) .. it got me then....