MS Blast worm

[hoppinghippos]

I think I kena, stupid @#$%#!$% computer keeps restarting by itself every now and then, found the MSBLAST.exe thing in my windows registry, have deleted it, and check don't restore system under my computer, still kena restarting prob. then deleted more dodgy sounding items in my registry like 817-donno what no. liao.exe. Is there anything else I can do to solve it? I downloaded fixblast.exe but not detected leh.

[Vinoth]

1. Update all the latest security patch from mircosoft.

2. scan full system for virus. See if any virus there.

3. If virus found, pls visit symantec or trend micro to know more about the virus n how to remove them.

Note : if using windows ME or XP, pls disable the system restore before running virus fix program.

Tip : Enable automatic update of windows. In future you wont face much problems.

[hoppinghippos]

ahhhh..... I found it was welchia virus plus another trojan virus.. #$!%!@#$%! but they are removed!! thanx vinoth!

[hammer99]

Hi,

Did u update your virus definition file frequently ??

Thanks

[Vinoth]

Always update latest security path from microsoft. Also download latest virus pattern files. Do a regular scanning for viruses(say atleast twice a week). This will avoid most of the problems.

[[d]3v|L]

that time i also like that.. play game halfway everytime restart. then problem solve when change motherboard $200+

[Vinoth]

If no viruses and if its restarting frequently, it could be mainboard problem as mentioned by [d]3v|L or could be power supply problem also.

[NgaoCi]

ahhhh..... I found it was welchia virus plus another trojan virus.. #$!%!@#$%! but they are removed!! thanx vinoth!

Dude,

Not only update yr anti virus regularly..get yrself euipped with a Trojan horse sweeper...drop me a pm if u need to know the name of the software.

[KingFish]

Hope I have not misintepreted your post but if you're using Win2K or XP, have you tried reconfiguring your Remote Procedure Call (RPC) from 'Restart the Computer' to 'Restart the Service'?

Its in the Services Menu in your Administrative Tools, accessible through your Start Menu.

[AlfaRomeo]

As for my advice, get something like Mcafee Virus-scan which can be set to be permanently monitoring your system for unusual activity or virus signatures/activity. it can also be set up auto-update the defination files on a daily or weekly basis. It takes care of your email scanning too. highyl recommended for any PC that is connected to the internet as a minimum and first line defence. Get a personal firewall too like black-ice.

[hoppinghippos]

yeah I realised there's a microsoft patch to counter RPC flaw which allows virus attacks or something too. And the reason why I didn't update my virus definitions till much later is cuz my live update doesn't work (norton antivirus), and that's cuz I'm using dolly version!

Is black ice the ultimate cover your ###### software against worms and trojans? I checked it out before but didn't try cuz need to pay to get a proper effective version. Is XP's internet firewall sufficient? Is zonealarm also good?

[AlfaRomeo]

Hiya, zonealarm is sufficient on a basic level as you can control which application has access to the internet and stuff. Blackice is the ultimate but u need to know what you are doing to make full use of it. Zone-Alarm is more for end-users and it does it thing more or less automatically. :-)

[AlfaRomeo]

Come to think of it , you know what the best and ultimate way of protecting yourself againts trojans/security flaws/Viruses etc etc?

get a MAC! ;-) have been using a Mac for the past 2 years and am now on 10.3 and absolutely loving it. does not crash ever! no viruses! :-)

[KingFish]

Black Ice is more suited for enterprise use. Its fairly well regarded but its only effective if you know how to configure it.

Remember, the strongest defence is its weakest link .

I'm not a big Microsoft fan, so you can assume my stand on XP's FW. No comments on ZoneAlarm as I've never used it.

AlfaRomeo, there are working copies of hacks and viruses targeted at Macs. That is not really the problem, its there are hardly any hardening you can do...

[AlfaRomeo]

Rumor, the working copies of viruses and hacks for the Mac platform is for the older 9.xx but there are no known viruses or hacks for the 10.xx OS version as its based on Unix and highly customized for the mac. Hardening can be done but you need to know unix and get into terminalmode to harden it.

That said, there is no need to go to that extent as there is a built in firewall which is a full fledge firewall and not a half past 6 implementation like in XP. its highly configurable and you can harden it that way if need be. i usually turn off all services and only turn on the critical services that i know i need and use :-)

[KingFish]

Well well ... thanks for the information AlfaRomeo. I must be really outdated in my information about Macs. Trust me, I love old Jobs and what he has done for Macs.

But I would not be too fast to assume that the use of Macs would be free from viruses and attacks. One can not rely on FW or even IDS for the matter.

The greater risk lies with the user and its security awareness.

[AlfaRomeo]

Agreed, like what you said. The strength of a defense is as strong as its weakest link which is usually users who uses the most obvious passwords etc etc. Can you belief that i have users who use their cellphone number as a password or even names of their kids/wife/husband. Just need a little bit of social engineering and everything will be undone. Sad but true. :-)

[FuEl]

Get a good virus scan...It will help you identify the virus. Sometimes if I have to manually remove it I just go to trendmicro website and follow the instructions. Real easy.

[KingFish]

That makes our line of profession similar

Anyway, we're a little off topic now ... better go back to helping hippo ...

Now hippo, have you determined if the RPC is set to restart computer if it fails?

[hoppinghippos]

rumour, after installing the RPC patch and virus updates and wiping out 2 virus, my pc is fine now! *touch wood* thanx! but scarily, while searching thru an underground website, apparently there aren't any progs that are immune to attacks, there are links on how to evade blackice, zonelarm, norton, etc! quite worrying!

[CKS]

ever if u've antivirus/anti spyware/anti adware/firewall

it still possible to get your PC infected,, IE / outlook express and few other common internet application would be vulnerable to to certain bug that would plant and execute malicious software (malware) on your machine just by surfing a specially crafted site....

normally .. regularly updating your software would be enough..but then weeks later..someone would disclose another bug on IE (they just hate microsoft..dont ask me why) .. consider switching to other web browser..heh

[hoppinghippos]

Hi guys sorry to bother you again, but sian still got prob!! I"ve installed lots of stuff and I"m 95% sure its not due to virus, but my pc still restarts occasionally when I first start it up, I wonder if its a hardware or windows prob? anyone have any ideas?

[terryansimon]

probably an incompatible hardware. (=

[hoppinghippos]

I just upgraded my motherboard and cpu and ram leh, using 865 neo 2 board and pentium 4 2.4 'C' chip with 2X 256mb ram. plus inno3d gfx5600 vid card. surely the shop fella at SLS wouldn't have given me incompatible hardware?

[terryansimon]

oops I mean software. shit. bad mistake =\