I currently work in the I/T department at Cranbrook, and have been getting calls from our users about the MSBlaster worm (also called the LovSan worm or virus). I have some information here on it and wanted to share it with my fellow CD users. I recommend visiting Microsoft's website for the appropriate Windows patch, and updating your virus definition files from your anti-virus manufacturer's website or update utility. Here is some other information:

http://support.microsoft.com/?kbid=823980

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html

http://zdnet.com.com/2100-1105_2-5062524.html?tag=fdfeed

Thanks for this.

It's been all over the news where I live. I updated my PC ASAP (I still wish I had Unix or a clone of that).

Quick question-
it seems like the patches that Microsoft released only cover windows 2000, ME, XP, their new servers and a couple other new OS's. I run Windows 98, and I keep up with the updates and patches, but there is no Win98 patch specifically for this. Is that because Microsoft figures that people upgrade their systems often enough that a Win98 patch is un-needed, or is it because Win98 doesn't contain this flaw? If you know and could tell me it would be a great help. Thanks.

This thing is really annoying. NT AUTHORITY/SYSTEM made my computer restart once about 1 month ago and just last night it came back. I think my computer restarted atleast 6 times in less than 30 minutes. I had my brother download the update and put it on a cd and everything is working fine now.

:)

More Links

http://www.techspot.com/vb/showthread.php?threadid=6651

http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-026.asp

it seems like the patches that Microsoft released only cover windows 2000, ME, XP, their new servers and a couple other new OS's. I run Windows 98, and I keep up with the updates and patches, but there is no Win98 patch specifically for this. Is that because Microsoft figures that people upgrade their systems often enough that a Win98 patch is un-needed, or is it because Win98 doesn't contain this flaw? If you know and could tell me it would be a great help. Thanks
I think it is that the bug and worm doesn't attack the Windows 98 operating system. I checked there website and it says it only affects four operating sytems.

Originally posted by mgreenley
If you know and could tell me it would be a great help. Thanks.

From the symantec link provided by the original thread starter:


Systems Affected: Windows 2000, Windows XP
Systems Not Affected: Linux, Macintosh, OS/2, UNIX, Windows 95, Windows 98, Windows Me

My computer freezes up and resets quite a lot after I upgraded to XP Pro a couple weeks ago...

When I am using a lot of applications (and especially if i am burning a cd, even if that's the only thing open), sometimes my computer freezes up and goes to a blue screen!

It says "kernal_data_inpage_error" at top. Then it begins a memory dump...

Dunno what's wrong. Happens at least 1ce a day.

Originally posted by monsieurcoffee
My computer freezes up and resets quite a lot after I upgraded to XP Pro a couple weeks ago...

When I am using a lot of applications (and especially if i am burning a cd, even if that's the only thing open), sometimes my computer freezes up and goes to a blue screen!

It says "kernal_data_inpage_error" at top. Then it begins a memory dump...

Dunno what's wrong. Happens at least 1ce a day.
That won't be the virus, if you read the symetec (sp?) notice, I'll tell you what happens.

Originally posted by monsieurcoffee
My computer freezes up and resets quite a lot after I upgraded to XP Pro a couple weeks ago...

When I am using a lot of applications (and especially if i am burning a cd, even if that's the only thing open), sometimes my computer freezes up and goes to a blue screen!

It says "kernal_data_inpage_error" at top. Then it begins a memory dump...

Dunno what's wrong. Happens at least 1ce a day.

Well, a quick google search turned up this: http://www.thatcomputerguy.us/forum/read.php?TID=115&page=1.

Also, I had a lot of random lockups with XP and my CD burner before I installed the newest VIA 4-in-1 drivers. If you don't have a VIA chipset, just ignore that last sentence.

This thing is really annoying. NT AUTHORITY/SYSTEM made my computer restart once about 1 month ago and just last night it came back. I think my computer restarted atleast 6 times in less than 30 minutes. I had my brother download the update and put it on a cd and everything is working fine now.

Last nite i took down my zonealarm firewall to put up my webcam, and instantly i was getting netsend messages and the same shutdown command as you got.
Whenever im bored, i remaotly shut down other ppl's computers, so i know all the commands. To remove the shutdown command, open a command prompt, and type in "shutdown /a"


I then put my firewall up

Kevin

Just a peice of advice (I don't know if this was said already but), if your computer does have the virus and you search for MSBLAST to delete the files, make sure that you search in hidden files and folders too because there could be files that won't come up otherwise and the virus will keep showing up if you don't delete them. Unfortunatly, I speak from experience and may I say, the worm virus sucks!!

One more, just for fun:

http://microsoft.com/technet/treeview/default.asp?url=/technet/security/virus/alerts/msblaster.asp

Hello all, first timer here. I am having that problem with the NT AUTHORITY shutdown thing. Two nights ago, it started happening, and everytime I connected to my DSL, minutes later the message would popup "NTAUTHORITY is shutting down your comp. Please save all work." A timer is there, and all you can do is stare in horror as the timer slowly ticks down. It happened about 6-7 times in less than an hour. Most annoying indeed. Checked out the TechSpot link above, and it solved my problem! It's a security hole in Windows that has to be patched. Just follow the links and all will be gravy. Now I just have to run my antivirus, Ad-Aware, and Spybot....

i had it, Just fixed it

Nailed me, fixed it though.

I guess that is one good thing about still using Windows 98 SE. (I want linux)

Thanks a million rbayer and Adam Y. !

...All the sudden I love my antique win98... I think I'll sign off and go root around in its 2 gig hard drive...

windows people.....
:rolleyes:

Originally posted by ...............
windows people.....
:rolleyes:

You know it's bad when the worm can't even affect Macs ;) j/k :p

Why arent there more Mac Viruses?

I HATE THEM SO MUCH!

Urgh

Last nite I reloaded windows xp on my comp. After a reload I always go get all the windows update and install all my software (zone alarm and symantec 2003). First thing that happens when my comp gets into windows...msblaster!!
God this fridays gonna be great!

I think that the one good thing of being on dial-up is that its really hard to get either hacked or virused. Then again, i nvr seem to get them. As to the thing that shut down the system, a computer cafe i go to had the same thing, booting up the firewall worked, i just really want to know what caused it. Is it just me or is hacking on the rise? and not the good kind either!

I think that hacking is on the rise. My only explanation is that all the guru's are out of work because of their websites dot.bombing.

Kevin

Originally posted by Tytus Gerrish
Why arrant there more Mac Viruses?

I HATE THEM SO MUCH!

Thats the beauty of Macs. No Viruses, worms, or major security problems.

Another reason to stay away from Windows

Mac OS X in fact have less than 40 known viruses. Almost all of them are macros and all extinct

Well there is more or less one reason that macs don't viruses.

Macs don't have any barging basement computers (Sub $500). Most computer viruses are made in China/Asia. These people don't have the money to buy macs. So they buy low cost PC with Winders and/or Linux x86. They write programs that usually eventually spread around to the entire world.

Another reason that they aren't many viruses or security problems on the Mac is because people always look for security flaws and report it to Apple. Over the years there have been many security updates for OS X that correct minor flaws.

Why do you hate macs? Or better yet have you even tried Mac OS X, or do you have some deep hatred for something you don't know.

Both systems have its up and downs.

I think the reason for less Mac viruses is more because of the smaller number of Mac users. If you're writing a virus or worm, you probably want it to spread to the most computers possible, and Macs can't acheive that. The installed user base is a lot smaller. Would you target the 90%+ of users that use Windows, or the more niche Mac OS? I don't think it really has anything (or at least not much) to do with system prices or even security fixes. It's a simple game of numbers.

Thanks a million rbayer and Adam Y. !
Yeah it is very interesting how all the bugs and exploits are coming out for only the newer operating systems. My brother almost downloaded a virus from a email attachment :ahh: until he realized it sounded to odd for it to be legit.

Originally posted by Tytus Gerrish
Why arent there more Mac Viruses?

I HATE THEM SO MUCH!

I say its the mac people doing this... maybe its because we have all the good games

maybe its because we have all the good games
And that is the primary reason that I have not made the switch to Mac. If the game selection was the same, and if they had Counter-Strike for the Mac, then I'd run to my local CompUSA and pick up one of those pretty PowerBook G4s.

Already got an iPod (Windows version), what's the next step?

I caught the worm pretty early. The topic to fix it was still on Slashdot's main page. That thing took my computer out for two days, luckily my cousin plays Dark Ages of Camelot and a bunch of them had it and he told me what it is.

Another reason for me to get a mac. I've been trying but since I'll need a windows laptop for college i guess it is a no go yet.

Originally posted by Tytus Gerrish
Why arent there more Mac Viruses?

I HATE THEM SO MUCH!

It's cause mac's don't need 'em. They'll rebbot, and perform like crap all by themselves.:p





:D You all know Im joking.:D

haha. not as often as my PC does.


anyway, yeah. mac os x is based on FreeBSD, which is secure in itsself.

plus, apple doesn't implement idiotic things like remote procedure calls =P

Most major universities (especially with large networks) received patch CDs from Microsoft.

Ball State was overlooked. I was infected instantaneously.

I have spent the past three days doing nothing but taking this off people's computers. Ridiculous. I must have disinfected at least 25 so far.

Haha, lucky me - I had planned a reformat of my computer for the upcoming school year...

Rather than dealing with the virus, I spent 16 hours:
backing up data from E: to C:
reformatting E: using gvt standard write
backing up data from C: to E:
spending 3 hours taking down settings
reformatting C:
reinstalling win xp pro
install sp 1 & dl all critical updates
install 15gb of software
copy back C: data on E: to C:

yeah... that was a nicely planned reformat so things went smoothly and everything felt the same the next day :)

Originally posted by monsieurcoffee
Haha, lucky me - I had planned a reformat of my computer for the upcoming school year...

Rather than dealing with the virus, I spent 16 hours:
backing up data from E: to C:
reformatting E: using gvt standard write
backing up data from C: to E:
spending 3 hours taking down settings
reformatting C:
reinstalling win xp pro
install sp 1 & dl all critical updates
install 15gb of software
copy back C: data on E: to C:

yeah... that was a nicely planned reformat so things went smoothly and everything felt the same the next day :)
Gotta love all the work to reformat ;)

I took me a total of about 2 days (reformatting took 2 hrs., the rest was from procrastinating).

If I ever get infected w/ a virus, I'd just re-format (unless the virus does that for me). But luckly I won't get this one (so many patches).

Amanda: Doesn't your school have any firewall of some sort, or can they block the ports that MSBlast attacks? I know that this is what my ISP did (dreadedly it slowed my connection 1/2 the time).

Originally posted by Raven_Writer
Amanda: Doesn't your school have any firewall of some sort, or can they block the ports that MSBlast attacks? I know that this is what my ISP did (dreadedly it slowed my connection 1/2 the time).

Oh yes... BSU does have a firewall, an OUTSIDE firewall. The student network is all interconnected.

So basically... One kid moved in, didn't disinfect his computer, plugged into the network, and bam - everyone in every residence hall was destined to have this thing as soon as they plugged in.

Ah, the miracles of BSU ethernet... :mad: