Larian Studios Forums General Chat Chat (Anything) Alert : Blaster ! (Worm / Virus)

Here too.
I got a lot of calls from freinds, colleagues, ppl I know, ... about it.

And yes. It does hide. You have to turn everything else off and also check restore files and things like that.

I agree.
And that might be why I didn't got it. I recieve security updates from microsoft regularly. Same for my antivirus and firewall.

ok, something weird happened: i was online, and all of a sudden the screen turned white but i still had my cursor, the something said i had been infected?? so i rebooted, and went to get that removal tool that viper posted, and i was reading about the worm and it said it doesn't affect windows ME which is what i'm running. anybody know if this is the same worm or something else?? i'm scanning with norton right now.

[color:"orange"] edit: [/color] norton scan came up clean... <img src="/ubbthreads/images/graemlins/confused.gif" alt="" /> what's going on? <img src="/ubbthreads/images/graemlins/cry.gif" alt="" />

Full scan? (i.e. - not just the removal tool?)

Have you tried running AdAware or SpyBot (both free downloads, and will check for malware, spyware and other nasties that aren't technically viruses)? Might also be something in the web page you were on at the time... ?

Just some ideas until the experts show up! <img src="/ubbthreads/images/graemlins/smile.gif" alt="" />

yes, a full norton scan, i haven't done anything with the removal tool but download it. i'll try adaware, i have that.

the page i was looking at was some article on msn.

[color:"orange"] edit:[/color] adaware came up fine.

If your definitions on both AdAware and Norton are current, I'm as baffled as you are! May have been a prank by some hacker (MSN site, after all), but I'm sure our forum tech-types will have some other good ideas.

Any residual problems with your system, or was it working ok after the re-boot?

Hi faile, if your Norton is atualized you can use it for scan, but i think this is nothing to warn about, depending of what you did at this time of course.

Download a new virus program (freebie) and run it, it may have just been a script kiddie doing remote admin (like someone else said its MSN)or it could be a legit virii and "tweaked" norton not to recognize it.
www.vcatch.com version 5.0 should do. Try this.
If you still notice problems, use some intrusion detection software:
http://www.fidelissec.com/mudpit.html (never heard of this one just came across it recently though)
www.snort.org (decent though this mudpit thing above is supposed to be better)
http://www.javaspot.net/cids/
If its someone remote admining your comp then you have numerous options to "rectify" their bad behaviour.

Dunyain

Edit: You should try the removal tool also, don't know if you have, you just stated you've downloaded it and thats it. I was under the impression that this new "worm" went into *higher* (couldn't think of the correct word) level microsoft programs

2nd EDIT: Do you have any experience with PCAnywhere or any other remote admin program?? That's kinda what it sounds like, when you connect from a remote location, some programs do that (aforementioned one specifically) so that you know that there is a remote admin. did your Background CHANGE?? If so, it sounds like someone was/is trying to remote admin your computer.

everything seems to be running okay now, i ran the removal tool for the blaster worm and it didn't find anything, either. but while i was reading, it said the worm can cause crashes while attempting to enter the system. maybe that is what happened. i will try one of those links, thanks, dunyain.

Read the second edit on that post above too. Hopefully it was just that worm trying to access your computer and faile-ing (sorry that was corny). Hope your computer runs smoothly and nothings wrong with it. Glad to have offered alittle advice, no thanks needed.

no experience with pc anywhere. background didn't change, the screen just turned blank and white.

\
hee hee!! <img src="/ubbthreads/images/graemlins/delight.gif" alt="" /> <img src="/ubbthreads/images/graemlins/delight.gif" alt="" />

Hmm, makes me think of a remote admin tool, with the way your screen went (that and an infection notice coming up). Maybe try one or two more freebie virus checkers as someone could have trojan'd you with that tool. If nothing comes up check your quarentine logs in Norton, noticed it will sometimes sequester a virus automatically then *hide* it, very frustrating though only has happened once, thought I was seeing things. If you still find nothing, then your probably good and it *could* have just been the worm trying to infect your comp and you have no worries. Though if it happens again (hopefully not) then post here and I can point you to some more intrusion detection, packet sniffers, etc etc that will at least source what's happening by logging it.

dunyain

PS. don't worry bout the pcanywhere, was just using it for a reference/example to see if it was like that.

ok, i will try more virus checks. thanks!

<img src="/ubbthreads/images/graemlins/wave.gif" alt="" /> closest I could find to a hat tip

Haven't I posted that seems to be already a second worm "going on" ? Could it be this one ? (It's in one of my above postings.)

you did??

Here darlin

oh yeah... <img src="/ubbthreads/images/graemlins/ouch.gif" alt="" /> <img src="/ubbthreads/images/graemlins/rolleyes.gif" alt="" />

actually ther's 3 viruses going round! <img src="/ubbthreads/images/graemlins/ouch.gif" alt="" />

look here:........ virus info

Hmmm people are having their fun with this one while they can it looks like.