• Register Today It's free! This box and some ads will disappear once registered!

Web worm attacks Windows, spreads fast


Campo

Elitus Explorus
Joined
September 7, 2001
Messages
715
Reaction score
2
City, State
White City, KS
Year, Model & Trim Level
99 XLT 4x4


Join the Elite Explorers for $20 per year. Gets rid of the ads! New $5 per month "try out" option.

Explorer Forum has probably saved you that much already, and will continue to save you money as you learn how to diagnose fix problems yourself and learn which modifications work without having to experiment on your own. Elite Explorer members see no advertisements, no banner ads, no double underlined links, can add their own profile photo, upload photo attachments in all forums, and Media Gallery, create and save more private Conversations, and more. Join Today. Your support is greatly appreciated.




cochino12

Active Member
Joined
August 28, 2002
Messages
174
Reaction score
0
City, State
denver, co
Year, Model & Trim Level
2001 sport
what exactly is happening?
 




IAmTodd

4x Explorer Veteran
Joined
April 8, 2002
Messages
8,886
Reaction score
5
City, State
Johnstown, PA
Year, Model & Trim Level
2001 Jeep Cherokee
God is windows update slooooow! What exactly does this virus do?
 




Brans Freestyle

Active Member
Joined
September 5, 2002
Messages
467
Reaction score
0
City, State
Northridge, CA
Year, Model & Trim Level
'01 Ranger 4x4
The virus messes a lot of things up. I work at a computer store and we've been getting calls all day about this thing. It goes in thru like port 185 or something, and then makes windows shut down. What ive been seeing is people will start their computers up, and then like 2 min later message says blah blah somethings wrong, windows will shut down and then your computer restarts.

my friend although got the same thing and now he cant even boot into windows, so this one can mess you up.
 




IAmTodd

4x Explorer Veteran
Joined
April 8, 2002
Messages
8,886
Reaction score
5
City, State
Johnstown, PA
Year, Model & Trim Level
2001 Jeep Cherokee
Good then, the only port i have open is for my website, and its not 185 :D The advantages of having DSL:p
 




Brans Freestyle

Active Member
Joined
September 5, 2002
Messages
467
Reaction score
0
City, State
Northridge, CA
Year, Model & Trim Level
'01 Ranger 4x4
I just checked and found out that it is 135 not 185. And if you have a router you should be fine, and windows update will fix it if you don't have it. A way to check if you have it is to search for the file msblast. If you have it, just rename is to msblast.exe or anything like that and you should be fine.
 




dejello

perpetually unconcious
Joined
July 4, 2002
Messages
1,351
Reaction score
0
City, State
College Station, TX
If I'm thinking about the same thing

The techs up at work found it and from what I remember, it opens like 20 ports for listening (random sets or something) and also has something for what seems like a denial of service attack for windowsupdate.com...
 




SoBeLover

Explorer Babe Moderator
Moderator
Joined
June 17, 2003
Messages
3,034
Reaction score
4
City, State
Middletown, Connecticut
Year, Model & Trim Level
None
I have a firewall up...will that help? :)
 




dejello

perpetually unconcious
Joined
July 4, 2002
Messages
1,351
Reaction score
0
City, State
College Station, TX
Couldn't hurt.. Actually I've got one up and running through a router too and haven't had any problems..
 




Campo

Elitus Explorus
Joined
September 7, 2001
Messages
715
Reaction score
2
City, State
White City, KS
Year, Model & Trim Level
99 XLT 4x4
Sorry it's taken me so long to reply..

But It does use port 135 (windows sharing)

It does start a DDOS (distributied denial of service) against WindowsUpdate randomly between the 16th and 31st of Jan thru Aug and anyday in Sep thru Dec.

It stops a required service called RPC(remote procedure call) and it will cause an XP system to reboot in 60sec. and since the service it dead it won't come back up.. on a 2000 system, since it is not required (just needed) the system will not reboot, but will start acting like a 486 and no network...

and it does alot of various nasty stuff..

just check out the specs on it at
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A&VSect=T
 




Top