Larian Banner: Baldur's Gate Patch 9
Previous Thread
Next Thread
Print Thread
Page 4 of 10 1 2 3 4 5 6 9 10
Joined: Apr 2003
veteran
Offline
veteran
Joined: Apr 2003
yep thay are......but i beat em! HA! <img src="/ubbthreads/images/graemlins/evilgrin1.gif" alt="" />

found 2 viruses the first being in mscache.dll known as trojan horse downloader skoob.B virus and the second being in my windows temp folder called Dload.exe

second one is healable first one is NOT! <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" /> be wary!


[color:"#33cc3"]Jurak'sRunDownShack!
Third Member of Off-Topic Posters
Defender of the [color:"green"]PIF.
[/color] Das Grosse Grüne Ogre!!! [/color]
Joined: Mar 2003
A
veteran
OP Offline
veteran
A
Joined: Mar 2003
I haven't ever had a virus. But in my inbox of my favourite e-mail program Pegasus Mail a *lot*. <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />

That's why I always keep tellin' people they should use *that* ! <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />


When you find a big kettle of crazy, it's best not to stir it.
--Dilbert cartoon

"Interplay.some zombiefied unlife thing going on there" - skavenhorde at RPGWatch
Joined: Mar 2003
veteran
Offline
veteran
Joined: Mar 2003
Quote
yep thay are......but i beat em! HA! <img src="/ubbthreads/images/graemlins/evilgrin1.gif" alt="" />

found 2 viruses the first being in mscache.dll known as trojan horse downloader skoob.B virus and the second being in my windows temp folder called Dload.exe

second one is healable first one is NOT! <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" /> be wary!


Sorry bro. <img src="/ubbthreads/images/graemlins/disagree.gif" alt="" />

You will just have to remove the trojan horse and recheck your puter.
Some of those are very nasty.

Like Alrik I have everything checked before I open or recieve something.
And inbetween automatic updates of my antivirus, firewall, and so I regularly check for updates myself.
Also windows. Becouse they regularly have security updates.



~Setharmon~ >>[halfelven]<<
Joined: Apr 2003
veteran
Offline
veteran
Joined: Apr 2003
James Brown.......i feel good! <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />

done, fini, finito, kaput, gonzo, Pffffft!!, <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />

might i add....... ALL CleaR!! <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />

Last edited by Jurak; 14/08/03 02:30 AM.

[color:"#33cc3"]Jurak'sRunDownShack!
Third Member of Off-Topic Posters
Defender of the [color:"green"]PIF.
[/color] Das Grosse Grüne Ogre!!! [/color]
Joined: Mar 2003
old hand
Offline
old hand
Joined: Mar 2003
The saga continues: I can't believe that this very big company I'm working for didn't do anything when they knew this worm was coming; but they didn't. I know the lost person hours they've had yesterday and today must have cost a fortune already.

The RPC worm and msblast came together(I think they're one and the same?) - I was told there was over 14 variations of msblast alone. The sad thing is that they (Sys Admin) came and "cleaned" my computers and then "pushed" a patch over the intranet. I worked really well for at least a couple of minutes <img src="/ubbthreads/images/graemlins/suspicion.gif" alt="" /> then I was "infected" again. The name changed from msblast.exe to MSBLAST.exe. Also another symptom I had was my explorer.exe was running at 98% which of course made my computer run like a dog.

Whoever said this worm didn't cause problems for the user wasn't sitting at my desk today. <img src="/ubbthreads/images/graemlins/disagree.gif" alt="" />



~DragonQueen~
Joined: Apr 2003
veteran
Offline
veteran
Joined: Apr 2003
oh yes it was a friggen nusiance to me as well......
trying to restart before cleansing was a b i t ch h! <img src="/ubbthreads/images/graemlins/disagree.gif" alt="" />
every taskbar program i had going caused an error up to the point that it wouldn't even close and i had to ........... <img src="/ubbthreads/images/graemlins/disagree.gif" alt="" /> push the dreaded "reset" kill switch.......then startup was another ball game..... i'll tell ya i had my plate full for a few hrs today! but i've nipped it in the bud and got my AVG updated, that was another strange thing....for 2 days i couldn't get the patch,
was the virus stopping me?? dunno but it seems so!




[color:"#33cc3"]Jurak'sRunDownShack!
Third Member of Off-Topic Posters
Defender of the [color:"green"]PIF.
[/color] Das Grosse Grüne Ogre!!! [/color]
Joined: Aug 2003
Location: north ontario
apprentice
Offline
apprentice
Joined: Aug 2003
Location: north ontario
@Jurak
If you don't mind me asking, what did you do to work around this?

On a side note: It has been noticed that ISP's have block inbound and outbound traffic on Port 135. Will that help solve anything, I seriously doubt it. The internet will be super slow on saturday. The possiblity still remains that people will get infected. Why do people just disable something as a fix, it really doesn't solve very much (Look at the microsoft passport security flaw, it was just disabled, if you don't know about it, you could reset a users password without going through the "secret question" or putting in personal info)

dunyain

Joined: Apr 2003
veteran
Offline
veteran
Joined: Apr 2003
well i finally got to my AVG site and succeeded in finishing the >bin file for the A-V installed and did a scan....it found three offending culprits and were swiftly deposited into the virus vault! <img src="/ubbthreads/images/graemlins/suspicion.gif" alt="" />
Just finished another scan this morn..... and 100% virus-free

My AV software has already worked better than Norton's CRAP! and found viruses
that nort could not, so i switched to AVG.. simple! <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />


[color:"#33cc3"]Jurak'sRunDownShack!
Third Member of Off-Topic Posters
Defender of the [color:"green"]PIF.
[/color] Das Grosse Grüne Ogre!!! [/color]
Joined: Mar 2003
A
veteran
OP Offline
veteran
A
Joined: Mar 2003
I usually use F-Prot for DOS - and it detects more than AVG Free Edition (yes, I have both).

For example, my copy of AVG Free Edition didn't detect the virus called "Klez" and variants.

I can only advise to use at least two scanners at the same time - what the one doesn't see, might be detected by the other one.


When you find a big kettle of crazy, it's best not to stir it.
--Dilbert cartoon

"Interplay.some zombiefied unlife thing going on there" - skavenhorde at RPGWatch
Joined: May 2003
Location: Seattle
veteran
Offline
veteran
Joined: May 2003
Location: Seattle
wait. isn't blaster the thing that will crash like all windows on Saturday?



Joined: Mar 2003
Location: Canada
veteran
Offline
veteran
Joined: Mar 2003
Location: Canada
Yes Lews, it continually shut down your computer.
Where you been? <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />

Joined: Apr 2003
veteran
Offline
veteran
Joined: Apr 2003
he's been shutdown <img src="/ubbthreads/images/graemlins/ouch.gif" alt="" /> <img src="/ubbthreads/images/graemlins/biggrin.gif" alt="" />

serious tho.....ya got a point there Alrik.... <img src="/ubbthreads/images/graemlins/think.gif" alt="" />
although my AV couldn't detect the worm,
until i finished getting the new update!
F-Prot eh? had that a long while ago.....yes for my DOS too!
maybe i should think about gettin it back!! <img src="/ubbthreads/images/graemlins/think.gif" alt="" />


[color:"#33cc3"]Jurak'sRunDownShack!
Third Member of Off-Topic Posters
Defender of the [color:"green"]PIF.
[/color] Das Grosse Grüne Ogre!!! [/color]
Joined: May 2003
Location: Seattle
veteran
Offline
veteran
Joined: May 2003
Location: Seattle
it did? <img src="/ubbthreads/images/graemlins/confused.gif" alt="" />
hmm, I remember that I couldn't get on Lar yesturday, and had a minor problem, after Saturday all will be well, I hope.



Joined: Apr 2003
veteran
Offline
veteran
Joined: Apr 2003
one more day to go!! <img src="/ubbthreads/images/graemlins/eek.gif" alt="" />

MSBlast info


[color:"#33cc3"]Jurak'sRunDownShack!
Third Member of Off-Topic Posters
Defender of the [color:"green"]PIF.
[/color] Das Grosse Grüne Ogre!!! [/color]
Joined: Mar 2003
old hand
Offline
old hand
Joined: Mar 2003
I have a very important question for the system smart folks out here. My laptop computer at work is definitely infected. It has a patch on it (of some sort) that keeps fighting off new attacks - it actually get the things like the little window that says "Your computer is shutting down in .50 ...". It no longer shuts down though.

Our computers at home are NOT infected and have all the right patches and we're behind a firewall.

Question is - if I bring that laptop home from work - would it be safe to do work on it behind my firewall or should I disconnect all of my computers if I want to work with this computer. I connect to work via VPN.

I'm going to ask my "desktop support" guys the same question, but I'm not sure I completely trust the answer. <img src="/ubbthreads/images/graemlins/puppyeyes.gif" alt="" />



~DragonQueen~
Joined: Mar 2003
Location: Canada
veteran
Offline
veteran
Joined: Mar 2003
Location: Canada
I am not at all technically inclinded...but have you run the tool to remove it? The patch will let it not get in again...but you need the tool to remove it.

Joined: Mar 2003
Location: Belgium
veteran
Offline
veteran
Joined: Mar 2003
Location: Belgium
Yes you're probably right Carrie. The patch prevents from entering, but if it is already on, you have to remove it. The tool is good for that. also make sure you're antivirus is updated too. If you run the tool, disable the backup system otherwise the virus get backed up too and if you put it back--> the virus is back. I hope this makes any sence to you.


Joliekiller, paladin on a crusade against (almost) all evil.
Joined: Mar 2003
Location: Canada
veteran
Offline
veteran
Joined: Mar 2003
Location: Canada
It makes perfect sence to me! I had to do it!

Ya, DQueene, if you are running Xp...turn off the system restore...then run it all again. I did it all twice to make sure i got everything.
And, it has to be in safe mode to do all this.

Joined: Mar 2003
Location: Belgium
veteran
Offline
veteran
Joined: Mar 2003
Location: Belgium
Not nessassary Carrie. I ran it with out safe mode <img src="/ubbthreads/images/graemlins/winkwink.gif" alt="" />. But then again, i wasnt infected in the first place <img src="/ubbthreads/images/graemlins/think.gif" alt="" />. So it might be better to run in safe mode as Carrie suggested.


Joliekiller, paladin on a crusade against (almost) all evil.
Joined: Mar 2003
old hand
Offline
old hand
Joined: Mar 2003
My problem is that since it is a work computer I'm not sure what the "clean up" tool might do to the computer itself. It could undo some thing they've done with the patch. Grrr - they don't give you enough info on what they're doing to allow you to make a decision. <img src="/ubbthreads/images/graemlins/suspicion.gif" alt="" />

I'm going to get something like zone alarm and put this one outside my firewall - hopefully that'll keep everything else safe.

Thanks guys! I might just run the cleanup tool anyway. <img src="/ubbthreads/images/graemlins/winkwink.gif" alt="" />


~DragonQueen~
Page 4 of 10 1 2 3 4 5 6 9 10

Moderated by  ForkTong, Larian_QA, Lynn, Macbeth 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.5