Sorry your browser is not supported!

anyone who is using windows XP (pro/home etc) should go download the "MSblast.exe" worm patch...

On saturday I logged on to my FTP site(to update my crappy site), and thats when I think I got the stupid worm(so be careful looking when you're at my site), I'm not really sure where I got it from though...

I'm presuming alot of XP users would have experienced or at least heard about the msblast worm...it's been going for a while

anyway what happened to me was I realized I got it, had to reconnect like 5 times(I got dial up) cause the comp kept restarting every 1-10 mins due to the effects of the worm, I was lucky one of my mates who had the url to download the patch was online at the time and he saved my screwed up comp from the worm...(yay), anyway, it was very annoying having the comp restart every few minutes.

anyone who has it, should

stop it from the task manager




sorry I can't remember the Url for the patch, (so speak out if you know), but I do seem to remember it on the microsoft site.

worms and virii are usually thought of as an email attachment etc..

not all worms and virii work this way, some can directly attack your pc through certain ports from other pcs so its nothing you did in particular.

this worm is extra nasty as its trying to bombard microsofts update server, So as you try to get the patch your infected zombie machines is trying to deny the services of the internet to that machine by bombarding it with nonsense requests.

I prolly got like 600+ different worms/viruses since I got no antivirus protection( I had norton but I killed it cause it wouldn't let me send stuff over msn)

what msn version are you using? im on 6 now and its all groovy with dcc.

me, lol, at school, not meant to be here, wink wink, hope teacher isn't behind me...lol, pretty close sometimes...

my msn is

kean_ooi@hotmail.com

ussually online on the holi's or weekends cause my parents don't like me being on the comp much...

and I'm using the default msn that came with XP, so I should updated it but I haven't got around to it...

<do you guys see a <edit> tag somewhere, or aren't the meant to be one
I just edited this post and no tags came up, not sure if there's meant to be one...

My neice (sp) acquired a brand new Packard Bell laptop computer from PC World yesterday and asked me to set it up, I duly obliged.

I went through the registration process on the pre-installed XP and got to the bit where I had to connect to the internet, again I duly obliged.

With a few seconds: RPC (remote procedure call) has terminated unexpectedly. Please sall all your work yada yada yada... 1 minute later the thing restard.

I tried again, and again, and again.

This is a brand new laptop, it has not had any software or emails, strait out of the box and i'm filling in the Packard Bell registration process that your asked to do before even entering Windows for the first time.

I eventually skipped the registration and started tinkering trying to fathom out what was wrong with the niggling feeling of 'virus - cant be this is brand new' and 'hacker? remote procedure call? ... maybe, it only happens on the internet'....

Running the theory that some script kiddy was getting his jollies hacking into an unprotected system I tried running Windows Update to get the security fixes. Only to see this brand new machine had 38.1mb of missing patches. I would later descover that msblast masquerades as Windows Update, never-the-less I was still disturbed to find a brand new machine with the basic CD install and not a single security update since release...

I decided to install the Norton firewall provided with the computer in the vein belief that if it was a script kiddy it might help. Unknown to me at the time this foils the msblast virus, I could suddenly connect to the internet!

So to test out this new found net freedom I figured I would setup the provided Norton virus checker and download the latest virus definitions. Again, Packard Bell had completely neglected to get the latest virus definitions. We're not just talking a few months of factory to shop to consumer time here, we're talking 'never'.

It was a suiteably (and some what considerably) lengthy test at the end of which Norton anti-virus detected a virus called msblast...

'Hang on' I thought, 'I havent even put a CD in yet'.

Brand new, out of the box, Packard Bell are shipping systems with msblast.

I'm going to telephone them later, and i'm going to give them hell... In the meentime at least if your internet connection is unstable particularly with RPC errors here's a few things you can do to check if you have the virus.

Search your C:\Windows\System32 directory for the file msblast.exe. It is better if you don't have it .

Search your registry (click Start then Run and type Regedit) then open the 'folder' HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run. If you see a reference to Windows Update or msblast then your in for some virus removing fun

There are two files you need to clear the virus, one from Microsoft and the other from Norton. For me the removal caused no additional damage to the system. Annoyingly I dont have the links to hand to give to you.

It seems to me that win32.blaster.worm is tied to the Windows Update. On the day it was meant to 'hit' the hardest it was programmed to stop access to the Win Upate server, i am thinking that as it is a warning virus rather than distructive the group that made it did it to show a bug in the update system that would allow a worm to enter while updating...

Or they just had the wrong URL for windows update site

http://www.eweek.com/article2/0,3959,1223331,00.asp

My girlfriend got this worm and all i did was install norton 2003 virus protector(nothing) and firewall 2003...which for sum reason worked...i of course use Windows 2000 on my new PC and i cant get the damn thing on the internet...so i have no problems...lol

It did have one benifit, the windows update servers where the fastest they have ever been.

@ PneumaticDryll

The computer may not have come with the worm already on it. The nasty thing about this one is the only stupid thing you have to do to get it is to connect a win2000/xp machine to the net without a firewall.

It does show a bit of a flaw in the windows registration system and the companies like packard bell that are proberly still not even installing xp with sp1 should change their methods and patch every system before it leaves.

See
http://www.zdnet.com.au/itmanager/technology/story/0,2000029587,20277172,00.htm

hmm
so what is this blaster virus
i dont think ive been infected and i havnt seen the news
my winodws update keeps wanting to update but it never actually seems to. At the moment its just downloaded it and says new updates are ready to install.
tomorrow it will download it again
have i got the virus

don't forget to get the fix too oafter the patch to make sure there's no parts of it around