Hahah! I did a search and found msblast.exe in my system folder! And deleted the evil
thing! But it didn't do anything, wasn't it supposed to wipe your hard drive or somthing?
It's a timebomb, the virus sets up a file named msblast.exe and puts a registry key in
/SOFTWARE/MICROSOFT/WINDOWS/UPDATE I believe that starts it up every time your computer is booted. First in 2000/XP hit Cntrl+Alt+Del then task manager. Go to processes and kill the msblast process. Next edit your registry key (the one above) and remove the reference to Msblast. Then go to your windows directory/System32 and blast it back to hell.
98/ME users, while booting your computer hit F8 to select your boot options, boot into command line only go into your windows directory, use the command "cd <dir>" where dir is your windoes directory. Type regedit, and get ready to remove that same class as above. Then Blast the virus to hell.
What this virus does is gets onto your computer, waits for an internet connection and then copies and sends itself over any open port it can. Then at a random time between 15th - 31st of any month, it will destroy windows, how lovely.
Strange... I never seem to get infected by these viruses/worms. There was that Love Bug worm, the Code Red virus, and god knows what else, and my computer has never been infected by a single virus despite the fact I hang out online all the time and regurlarly transfer files. It's... wierd.
Maybe it's coz I'm using Win 98 SE, the only real safe O/S out there.
Disclaimer: Any sarcasm in my posts will not be mentioned as that would ruin the purpose. It is assumed that the reader is intelligent enough to tell the difference between what is sarcasm and what is not.
"It's a timebomb, the virus sets up a file named msblast.exe and puts a registry key in
/SOFTWARE/MICROSOFT/WINDOWS/UPDATE I believe that starts it up every time your computer is booted."
yep
"First in 2000/XP hit Cntrl+Alt+Del then task manager. Go to processes and kill the msblast process. Next edit your registry key (the one above) and remove the reference to Msblast. Then go to your windows directory/System32 and blast it back to hell."
yep
"98/ME users, while booting your computer hit F8 to select your boot options, boot into command line only go into your windows directory, use the command "cd <dir>" where dir is your windoes directory. Type regedit, and get ready to remove that same class as above. Then Blast the virus to hell."
it wont get into 98/ME if you don't put it there on purpose, because theres no known exploit in the RPC service on those systems
"What this virus does is gets onto your computer, waits for an internet connection and then copies and sends itself over any open port it can."
what a load of crap..
1. it doesn't wait for an internet connection
2. why copy itself???
3. can you explain why (and how) a program would send itself on any port it can?
4. all it does is scan for vulnerable RPC services and when it finds one, it exploits the security hole to make the service execute a piece of code that creates the registry key and the msblast.exe file
"Then at a random time between 15th - 31st of any month, it will destroy windows, how lovely."
just amazingly lovely, isn't it
"If Darl McBride was in charge, he'd probably make marriage unconstitutional too, since clearly it de-emphasizes the commercial nature of normal human interaction, and probably is a major impediment to the commercial growth of prostitution."
-- Linus Torvalds, December 5th 2003.
(Darl McBride is CEO of The SCO Group)
this place sucks but don't tell anyone, it's our little secret, ok?
I tested it, and it infected my whole network, I checked my ports and it had taken over about 250 of them (I love linux for this reason), it's a self replicator, unless it's a smart virus...hmm wonder if it's adaptive..
Sorry, now that I look at it again, it actually had gotten into my windows port scanning software. Wait no, what the hell? I've got some other type of virus on here, and Norton can't figure out what it is. And now 57 of my ports are opened by this unknown thing...shit.
what exactly do you mean by "taking over" your ports???
and no viruses are really adaptive, mostly its programmers reverse-engineering that causes the lovely "mutations"
"If Darl McBride was in charge, he'd probably make marriage unconstitutional too, since clearly it de-emphasizes the commercial nature of normal human interaction, and probably is a major impediment to the commercial growth of prostitution."
-- Linus Torvalds, December 5th 2003.
(Darl McBride is CEO of The SCO Group)
this place sucks but don't tell anyone, it's our little secret, ok?
"If Darl McBride was in charge, he'd probably make marriage unconstitutional too, since clearly it de-emphasizes the commercial nature of normal human interaction, and probably is a major impediment to the commercial growth of prostitution."
-- Linus Torvalds, December 5th 2003.
(Darl McBride is CEO of The SCO Group)
this place sucks but don't tell anyone, it's our little secret, ok?
umm, I'd rather not say what my windows port scanner is, but the linux one is a custom job by my friend Mikey who taught me linux and networking to begin with. Oh, and I think the Virus is named PortDeath, but I can't verify it (Cause my hard drive binary is all 0's now:/)
"I'd rather not say what my windows port scanner is"
i think you're getting a lil paranoid now
anyways i use SuperScan, which is a little slow, but it does the trick
and i'm planning to make my own super-fast-but-not-too-reliable-if-you-have-a-sucky-ip-stack soon
"If Darl McBride was in charge, he'd probably make marriage unconstitutional too, since clearly it de-emphasizes the commercial nature of normal human interaction, and probably is a major impediment to the commercial growth of prostitution."
-- Linus Torvalds, December 5th 2003.
(Darl McBride is CEO of The SCO Group)
this place sucks but don't tell anyone, it's our little secret, ok?
Hmm, the only virus I've ever gotten is the CIH virus, which I got from a klik game a couple of years ago. It cost me my main project at the time (Sleep Dreams).
I got the patch as soon as I heard the news on the BBC. My computer seems to be fine.
Advertisement
Edited by the Author.
