Blaster virus symptoms ???

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Hi all.

Anyone heard tell of any symptoms of this virus ?

Just had a friend on the phone telling me of unusual behaviour (of her PC !!! ) Disconnecting from the net after a minute, consistently. That doesn't sound like an ISP prob, given the sudden emergence of Blaster

Luckily, I brought down the patch last night, and have emailed it too her. Then, guess what - I remembered I'm on w2k, so that was the version I downloaded, but she'x XP - would that be an issue ?

sorry for the garbled confusion, but I'm trying to act fast, here, as she needs back online soon as !


Cheers again, all !

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Ok, just to keep you all posted - it is DEFF the Blaster virus, as prior to being disconnected, she receives an error along the lines of

Remote Procedure Call experienced unexpected error, and will now terminate.

Bingo, does just what it says on the tin then, eh ? :snipersm:

OK, that Blaster's got my name on it now

 

More info - yup thats an issue ! Get the right patch for your OS, folks ... (to be continued)

 

Thought I'd say hi Jakamoko.I hope I'm not interrupting your discussion.

Something you can help me with while I'm here.

I'm on Win XP Pro.How do I find that hidden folder you told me about?

I went to the system folder and double-clicked but nothing happens.

I want to make sure I'm ok.I've had slight problems with browsing but that's probably just my S£$!T ISP.

I also got an error message as I logged off me comp the other day but it don't happen no more.I've installed my new mouse recently so maybe it was that.

It was a memory error.

 

Hi Flex, - up till now, it was only a discussion with myself, anyway

If XP works the same as w2k, then from an Explorer window, click Tools, Folder Options, View, then click Show Hidden Files and Folders. Then, in your C:\, you should see the file

 

...here's a pain in the *$$, tho' -

Me pal has been hit, but is being disconnected after 1-2 min. The download on dial-up is 5ish min. Given that the whole world is now downloading this patch from M$ tonite, bandwidth is slashed, so is now taking 20-40 min !

So what are you meant to do ??? Its a Blaster right enough

 

I wonder if I can be of any assistance?

I have the XP patch here if you want it e-mailed drop me a PM now! I can also point you towards an anti-virus util that should kill the worm once we have blaster under control

 

I checked and there were loads of folders called NTUNINSTALL and when I went over them with the cursor it showed the Q(numbers) however on the 823980 one it didn't have Q before it, it had KB.

Is that OK???

 

Exactlt the same as mine Flex. The number in the folders gives you the Knowledge Base article that refers to the specific fix within that patch, just in case you ever get asked!!!

 

Luton,

Thanks for that - got the XP download finally - took 35-40 min for 1.2ish Mb ! Don't you hate when the entire rest of the world tries to do something at the same time !!!

Will get back about the Blaster util - is it just the patch, or a clean-up tool ?
Haven't heard from my friend if she's managed it yet, if not, I'd be grateful for a link ...

Thanks again :P

 

It's a stand alone virus toold called Stinger from McAfee (Network Associates). I have not used for Blaster but have for something else, it searches for a specific small number of viri (is that a word?) including Blaster. It is about a 700Kb downlaod and can be run straight after downloading. Instructions and download link is http://vil.nai.com/vil/stinger/

I Can mail this as well if you need it but only have it at work so it would have to wait 'til tomorrow.

HTH

 

I got it running now, Luton. Will send it to me pal, and report back...

Thanks again

 

What You Should Know About the Blaster Worm.

For information on this wrom visit here

 

More info here http://www.symantec.com/avcenter/venc/data/w32.blaster.c.worm.html

I've had it too, was a pain in the ass because it was rebooting my PC within 2 mins of being online. Downloaded the patch and all seems ok since yesterday anyway.

 

Just to let you know I got an email from a happy friend late last night.

Patch fixed it a treat, but I wouldn't like to think what the download times would be from M$ today - I've had three other folk describing the symptoms since this morning.

Boy, it feels good when you got the fix, and the victims cant download it !!!

£££££££

By the way, anyone know what it does with an always-on broadbean connection ?

 

Braodbean connection?

Sorry Jak I have not come across that technology yet? Is it a stalk topology?



I'll get me coat.......................

 

From what I gather nobody knows, I've read reports of bradband users having the virus problems and some that have not?? I guess more info will filter through soon.

 

It's a beast right enough, then I am practically set up to make a fortune from this (even Missus J says I should ...), but would that be ethical ?

I mean, the user, if hit, can't get the patch, cos they're booted off . So it's simply a service we provide, right :?:

Luton,

Yeah, mate - didn't you know we grow our ow n computers here in Scotland ? And they run on the grain by-products from the whisky industry too, so everyone's happy

 

Jako

If you or anyone else getts the shutdown message simply click START > RUN and the type Shutdown /a, This will abort the shutdown process

By the way this only works in Win XP as far as i know

 

The other thing that prevents the shutdowns is to alter the recovery properties of the RPC service in Administrative tools > Services to something other that "restart the computer". This should work on either 2k or XP.

I have provided patches, instructions and qnti-virus tools to 5 people at work. I also noticed that we at work have had a lot of activity from Monday night onwards that has been blocked by our firewall so we are safe so far.