Hi there folks,

I cant acsess my hotmail account ATM and im seding this poast from a virus secure computer.
Any one who might be looking 4 me on Saturn or Pluto, my Necron computer got hit by ye'old MSBLAST pritey hard and i might be offline for a while untill i get it sorted

Oh and any one in Tangent on Saturn, please tell ppl (and Vlad or ReDim) on faction chat that im doing my best to get back on-line.

If you dont already know about this virus, here some info;

If your virus scanner hasent quarentied it or killed it then your in deep trouble coz it means you probably already have it infecting your computer.
If your experiencing slow down on your internet connection and Neocron then you have the virus.
If you dont have a virus scanner that has caught it then you will deffinaitly have it by now, this is because it dosent need you to down-load any thing to infect your computer, it uses a loop in Microsoft internet progams to download its self into you computer.

as far as im aware the virus its self turns your computer into a Spam server of some kind that allows people to connect to your computer and use it as they wish , it also spams Microsoft with various stuff to prevent you from updating windows and killing the virus, theres also the posibility that it may resist some virus programs when it senses installation.

When i have more info on this ~BEAST~ of a virus il tell you, but for now its probably best to just disconnect from the internet if your not protected and go buy some PHAT anti-virus software!

good luck all, dont end up like i did...........

BoneyBob
Tangent Tech Faction Assistant

BB

http://housecall.trendmicro.com/

Free Online Virus Scan.

Removed my mblast virus with it, and others. Free + online based
so there's no need for a full blown sluggish virus scanner that
slows your whole system down from scanning every file and it's
childs when opened.

*sigh*
well as this is all im fucking doing at work this week, ill give you the template with a few links on how to fix it...


You have the MSBlast/Lovsan worm infecting your system. Unfortunately we do not support virus's and there are not covered under your warranty.
You can find out if you are infected with the virus by pressing Control, Alt and Delete at the same time then select Task Manager then select process, this will show a list of all process and programmes running in the back ground of Windows. Look down the list for MSBlast.exe if you have this you are infected. If you are receiving error messages regarding DCOM RPC errors you are also infected, the message may appear as so:
"The system is shutting down. Please save all work in progress and log off. This shutdown was initiated by NT Authority/shutdown. Windows must now re-start because the Remote Procedure Call (RPC) service terminated unexpectedly"
MSBlast does not spread via email. Instead, it scans the Internet on port 135 looking for vulnerable computers. When it finds one, it attempts to exploit the DCOM RPC buffer overflow, create a remote root shell on TCP port 4444, then use FTP to download a file called msblast.exe onto the infected computer.
We recommend you do a full Windows update, this can be done by clicking on your start bar and then selecting Windows Update (you will need to be connected to the internet) You will also need to do a full antivirus update and remove the virus from your system.

We have included links to Microsoft's website to download the patch to assist fixing the problem and a link to some anti virus website with information on the virus itself.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

http://www.sarc.com/avcenter/venc/data/w32.blaster.worm.html

http://www.sophos.co.uk/virusinfo/articles/blaster.html

http://us.mcafee.com/virusInfo/default.asp?id=lovsan

http://insight.zdnet.co.uk/internet/security/0,39020457,39115633,00.htm


Regards
Fenix Technical Support O_o

Ok, Ok,.......

So i know that with all this "my chars stuck in sync - oh iv lost my items" that our little virus friend has probably been forgoten already (BLAST).

And i know im extremly thick, but would i be correct in saying MS_BLAST dosent effect Windows 98 or 95?!? o_O

BB

I hate people that start new threads for the same thing about 100 other threads are like.

Be a man, download the damn patch from Microosft. And everytime NT Authority wants to shutdown your computer, go to a command prompt and type shutdown -a

Originally posted by Lord Cypher
I hate people that start new threads for the same thing about 100 other threads are like.

Be a man, download the damn patch from Microosft. And everytime NT Authority wants to shutdown your computer, go to a command prompt and type shutdown -a

or close MSBLASTER.EXE in task manager > Processes

<- makes utility to close processes, delete worm(s), cleans registry startups.

my whole family has this worm, this would be easier than to goto
each of their houses :rolleyes:

haha task manager wont even stay open as soon as i hit ctrl alt del it opens and closes right away....bugger of a worm i tell ya, but Im not getting that "windows will restart in 60 seconds message" so i dunno whats up

TOOL to remove MBlast Worm by Symantec Security Response team:

http://securityresponse.symantec.com/avcenter/FixBlast.exe

Found 3 on my system o_O


i recommend everyone downloads this just incase.

There's also:

http://download.nai.com/products/mcafee-avert/stinger.exe

another scanner with multiple definitions + mblast remover, found
a W32/Klez virus on my system O_o

I recommend everyone download both, worth it.

Originally posted by extract
haha task manager wont even stay open as soon as i hit ctrl alt del it opens and closes right away....bugger of a worm i tell ya, but Im not getting that "windows will restart in 60 seconds message" so i dunno whats up

You've got a different virus, not the blaster one.

I've done ctrl-alt-del to the blaster virus a few times with no problems, but I have come across a different virus that would close down the processes window as soon as you opened it. It was a real git to get rid of too I seem to remember.

And no, Win 95/98/ME are not affected by the blaster virus.

-Krll

virus smirus I dont care really...that RPC thing about 3 weeks ago already screwed me....i was getting that "....will close in 60 secs" thing like every 5 mins....making it IMPOSSIBLE to back up important files to my ext drive...so I lost everything I cared about anyways...it can stay for all i care that and Im never off NC long enuf to fix shit anyways...and from what I can tell its not affecting me anyways my internet still runs great got a down speed of 2.8Mb and up of 300k on a cable connect so fuhggit

Originally posted by extract
virus smirus I dont care really...that RPC thing about 3 weeks ago already screwed me....i was getting that "....will close in 60 secs" thing like every 5 mins....making it IMPOSSIBLE to back up important files to my ext drive...so I lost everything I cared about anyways...it can stay for all i care that and Im never off NC long enuf to fix shit anyways...and from what I can tell its not affecting me anyways my internet still runs great got a down speed of 2.8Mb and up of 300k on a cable connect so fuhggit

blaster worm only came out on sunday O_o

I think some of you could use a hug :)

Originally posted by MortuusLupus
I think some of you could use a hug :)

ill rather have a cookie.... but still....


SNUGGLES !!!



O_o

Originally posted by Krll
And no, Win 95/98/ME are not affected by the blaster virus.

-Krll

WOOHOO! SAVED! I knew not updateding to XP would help me! :)

Stacey

Originally posted by neophotographer
WOOHOO! SAVED! I knew not updateding to XP would help me! :)

Stacey

It's not like the blaster worm did any harm. Never got on my xp
system because unlike most of you Idiots, i don't open
potential files that may be worms. (cough Kazaa, AOL).

Even if i got the worm, I know how they work to manually remove
them if i had to.

Originally posted by FBI
It's not like the blaster worm did any harm. Never got on my xp
system because unlike most of you Idiots, i don't open
potential files that may be worms. (cough Kazaa, AOL).

Even if i got the worm, I know how they work to manually remove
them if i had to.

http://users.pandora.be/eynar/pics/Care.jpg

^____________________________^;[;];[;]

Originally posted by *ph33r*
http://users.pandora.be/eynar/pics/Care.jpg

^____________________________^;[;];[;]

one sec... haaa err.. no wait. wait.. HAAAAhA errrr.. one more try.

HAHHAHAHaHaHHA

so funny, it's hard to even laugh.

http://users.pandora.be/eynar/pics/try.jpg

Got any more of those? They are hilarious.

Okay another thing. i don't have the process running and i last updated my computer when there was the deal with MJS talking about spyware. I assume I don't have it but i am using this online virus scanner provided earlier. What can i do to prevent it?

Originally posted by Futureman
Got any more of those? They are hilarious.

Okay another thing. i don't have the process running and i last updated my computer when there was the deal with MJS talking about spyware. I assume I don't have it but i am using this online virus scanner provided earlier. What can i do to prevent it?

don't download files from kazaa. always make sure any files that you download are from LEGITIMATE SOURCES. That's how you can definitly prevent all viruses.

Stacey, The Neocron Photographer, PGN High Council

Originally posted by FBI
It's not like the blaster worm did any harm. Never got on my xp
system because unlike most of you Idiots, i don't open
potential files that may be worms. (cough Kazaa, AOL).

Even if i got the worm, I know how they work to manually remove
them if i had to.

This virus was not spread by downloading it on kazaa or by any other means, you also didn't have to go to a website, all you had to have was an active connection to the internet. There was a flaw in NT/XP/2000/server 2003 that the virus would just be automatically uploaded to your computer without you knowing it.

And of course, this all could have been prevented if people would just go to http://windowsupdate.microsoft.com/ and patch their systems at least once a week. This wasn't something that the virus writers figured out before there was a patch ready. Microsoft had a patch for this over a month ago and it was avalible on the microsoft update site.

So FFS people it doesn't kill you to take some time out of playing neocron or whatever to patch your systems up, because if you guys would have, this thread wouldn't have probably been created.

I went to windows update about a week and a half ago, think i made it in time?

Originally posted by Futureman
I went to windows update about a week and a half ago, think i made it in time?

Maybe, maybe not. Apprantly it turns out there is a bug with windows update that if a patch failed it would report that you were up to date and wouldn't let you download the patch.

Btw..


It's not like the blaster worm did any harm. Never got on my xp


This version didn't. There are already new lethal variants out that do all manner of things to your machine.

Put it another way... It would be very easy to modify the program to look for say certain program reg keys (like NC) then have itself log onto IRC and spam them to a channel.

Originally posted by Futureman
I went to windows update about a week and a half ago, think i made it in time?

the patch was released 5 weeks ago to cover the hole in XP, Im not sure if there was an update for 2k and/or when it was



btw... para... you just got owned :p all you need is an active connection to the net, nothing to download, it gets your IP by scanning random addresses from another PC, then puts itself on your drive, from there it scans for random IP's finds an active one and goes over to there, and so on and so on :)

Originally posted by extract
virus smirus I dont care really...*snip* so fuhggit

So why did you bother posting then? :wtf:


Originally posted by \\Fényx//
SNUGGLES !!!

O_o

Doctor Snuggles?


Originally posted by neophotographer
WOOHOO! SAVED! I knew not updateding to XP would help me! :)

Aside from this one problem (which I avoided by keeping patched up), I think XP is great. :)


Originally posted by FBI
It's not like the blaster worm did any harm. Never got on my xp
system because unlike most of you Idiots, i don't open
potential files that may be worms. (cough Kazaa, AOL).

What the others said. Please check the details before calling people idiots. The people who avoided this virus did so by keeping patched up and/or having a firewall in this case.

-Krll

It's not like the blaster worm did any harm

According to reports on BugTraq there is good speculation that it caused the black out.

http://www.securityfocus.com/archive/1/333505