Dealing with a Computer Worm: What To Do and What Protectors to Use

  • Thread starter plus
  • Start date
  • Tags
    Computer
In summary: Apologies for the lack of information, I am new to this. This download was mentioned in one of the other responses, but I couldn't remember where. It is probably something to do with security or virus protection.In summary, this worm shuts down your computer when you try to connect to the internet. It is very clever, and viruses that try to protect against it will not work. You need to get the patch or whatever through another computer.
  • #1
plus
178
1
Just had this worm:

http://news.bbc.co.uk/1/hi/technology/3147147.stm

It was quite annoying and turned the computer off after about 2minutes browsing the web, although used this thing to get rid of it.

http://vil.nai.com/vil/stinger/

What virus protectors do you reccomend, and would they have protected against this worm?
 
Last edited by a moderator:
Computer science news on Phys.org
  • #2
if this is the same worm I'm thinking of, it shuts you down when you connect to the internet... therefor, for any anti-virus to work, it would have to download the virus definition to stop it, but you can't connect.

so you'd have to get the patch or whatever through another computer.

very clever virus/worm.
 
  • #4
Originally posted by jb
if this is the same worm I'm thinking of, it shuts you down when you connect to the internet... therefor, for any anti-virus to work, it would have to download the virus definition to stop it, but you can't connect.

so you'd have to get the patch or whatever through another computer.

very clever virus/worm.


It took on average about 2 minutes to shut the computer down, so I had to look on websites, and follow leads, and then write down the web page addresses. Thankfully, when downloading 'stinger', the computer didnt start shutting down - must be something programmed.
 
  • #5


Originally posted by plus
What virus protectors do you reccomend, and would they have protected against this worm?
This worm did its thing by exploiting a security flaw in Windows itself. Microsoft released a fix for the problem a month ago, so anyone who updated their version of Windows in the past month was protected. A self proclaimed computer nerd, not even I did the update.

As soon as I read about it a couple of days ago, I updated all of my computers (home and work).
 
  • #6
I read on symantec's website that when the worm strikes it creates a process called msblast.exe. I don't see that process being created on my machine but I have been experiencing a problem. Did anybody else look in Task Manager to see if msblast.exe was being created?

Based on what I read here I will download the repair tool anyway.
 
  • #7
Worm? What worm?...Now would someone explain to me why I need to upgrade from Win98? :smile:

Sorry, I couldn't resist! I know of several people who have been infected with this nasty little bug. I am feeling safer now that there is a bigger and more challenging target then poor old Win98!
 
  • #8
Well I'm with you Integral. Admittedly I did actually upgrade to XP. But I actually use the windows update on a VERY regular basis, and so had upgraded the patch to fix this problem the day after it was discovered. As a result I was blissfully unaware of the worm until friends all began complaining.
 
  • #9
Well symantec's deworming tool says I do NOT have blaster worm. Too bad for me since I have the same symptoms but I don't think microsoft is going to do an update to fix my problem.
 
  • #10
Poor silly windows users. You need to switch to linux! :wink: Anyway, i just learned about this worm today and i think a friend of mine has it. I was over at this house and he kept having to reboot his PC because RPC kept being "unexpectantly terminated". Probably from the worm attempting to exploit remote procedure call. Not that any of you probably care though .
Did anybody else look in Task Manager to see if msblast.exe was being created?
Programs can easily be hid from the task manager if they are being run as services, and probably many other ways.
so anyone who updated their version of Windows in the past month was protected.
Windows update prodcedure is very bad. Even though you "downloaded" the update you may not have really downloaded it. Let me explain, before windows patches your PC it scans your registry. Every time you install an update a key is added to your registry. So from scanning the registry MS can determine which updates you need. Sometimes the reg key is added but the patch is either not downloaded or was never installed. As a result of this there have been many reports of people that "updated" their PC but still became infected! You might want to manually download and install the patch just incase (although, I'm not sure if windows will let you concidering the reg key is there) *shrug*.
-HBar
 
Last edited:
  • #11
I tried to download the windows updates to get the protection from the blaster worm and it told me to download "windows update V4 control". No information about what that is or why I need it. I searched the microsoft website and did a google search but got essentially nothing that describes this download. Just a lot of hits telling me to stop thinking and just say yes. It reminds of the Borg. It's not so bad restarting the computer everytime the problem hits. :wink:
 
  • #12
I got it too on XP...but not on winMe...hehehe...bleah...so...bye bye MAGGOT...
 
  • #13
personally, I am stuck here on Win98, which isn't too bad. But I do have a problim. Everytime I go to windows to update, it takes me to the same dang page that says i don't have windows! I am starting to agree more with Hbar. Switch to linux or apple. Id go to apple in a heartbeat if they would make their computers compatible with PC's. Or atleast the programs. Well, if anyone could help with my problem, if possible, please. Unfortunately, i have the feeling that this is something that youd have to be sitting at my council to fix.

-----------------------
an odd paradox it is,
you can't live without death...
can you?
 
  • #14
I've had that darn worm on my pc, been thru it all, and removed it with the fixblast.exe program on the symantec site, and now when I run the fixer, it says no infections found... Thats great, but my task manager still won't open (problem occurred first time as I discovered the worm ) It pops up, and closes after 1 sec or so... can't see or do anything in there... Do any of you know how to fix it?

Best regards

Thomas Hansen
 
  • #15
I've had that darn worm on my pc, been thru it all, and removed it with the fixblast.exe program on the symantec site, and now when I run the fixer, it says no infections found... Thats great, but my task manager still won't open (problem occurred first time as I discovered the worm ) It pops up, and closes after 1 sec or so... can't see or do anything in there... Do any of you know how to fix it?

You might have to disable the system restore feature , as this can save files otherwise deleted. On XP you can do this by right clicking on my computer, then going down to properties and then disabling the system restore on all drives.
 
  • #16
There are 2 current worms going around. MSblaster and Nachia worm. The free removal tool from mcaffe (STINGER) removes both but as of 8/19 the symantec tool did not detect the Nachia worm on my computer (probably been updated by now).

Both worms send out so much data that it was impossible to download any updates from microsoft over a 56K modem. I am trying to get the downloads on another computer and put them on CD to move to my machine.
 
  • #17
One of my friends computer just got the blaster worm and I heard my school had 1500 infected computers, yikes! Luckily I installed the patch right away.
 
  • #18
My strategy is to keep an image file of a perfectly tweaked OS, complete with all updates and programs, stored not only on a separate hard drive which is physically isolated from my main unit (but slides into a bay in only seconds for immediate bootability), but to be double sure on CD-R’s as well. Any files that I want to keep are frequently backed up too.
In the event that the next bug should land on my hard drive it would be no more than a minor inconvenience to restore my drive and be running again. On my fastest computer, 5.5GB worth of OS, programs, and files, takes about 17 minutes to restore.
I know it isn’t always that simple for corporations to do, but on a personal system I think this is an excellent way to be prepared and never fear these things again.
 
  • #20
Greg,
No I don’t. I have used Ghost (forget which version) before but didn’t like it much. I thought that Nero ImageDrive was going to save me some money (because I already owned a copy of it) but it complained about NTFS partitioning so I had to look elsewhere (I’ve never used it on FAT partitions, it might work quite nice with those for all I know). Eventually, I stumbled on a good buy ($45 US) on Drive Image version 7 and really fell in love with it. It is extremely intuitive to use (unlike the version of Norton Ghost I had used) and has a great interface. You will have a bootable CD to load the program prior to directing it to your saved image file (be it on a hard drive or CD). What I don’t appreciate is that it forces you to install MS’s .NET, but everything else about it is superb.

Here is a review of it;
http://www.pcworld.com/reviews/article/0,aid,111800,00.asp
 
Last edited by a moderator:
  • #21
Originally posted by BoulderHead
My strategy is to keep an image file of a perfectly tweaked OS, complete with all updates and programs, stored not only on a separate hard drive which is physically isolated from my main unit (but slides into a bay in only seconds for immediate bootability), but to be double sure on CD-R’s as well. Any files that I want to keep are frequently backed up too.

awesome. I didn't know you could save an OS so conveniently. Does this work on a PC? Can you point me to the details?
 
  • #22
Originally posted by mmwave
awesome.
My thoughts exactly.
I didn't know you could save an OS so conveniently. Does this work on a PC?
Yes, my systems are all PC, and I can assure you it is so much easier than reinstalling an OS then one at a time installing your programs again (for me, that has gone the way of the dinosaur).
Can you point me to the details?
You can go here to read up on the brand I'm using;

http://www.powerquest.com/driveimage/didetails.cfm

You can also check ebay to see what kind of deals are available.
 
Last edited by a moderator:
  • #23
I have used Ghost (forget which version) before but didn’t like it much.
I agree past versions of Ghost were a huge pain to setup, with all that DOS junk. But I just got my hands on Ghost 2003 and it's so easy now. Simple wizards. I just made an image last night. Yay!
 
  • #24
Can you boot from a CD or must you use a floppy?
 
  • #25
I work for Symantec (Norton) and I have to agree that the 2003 Ghost is the most user friendly! I did not like any of the other versions...

That Worm is quite the bugger and now there are two others out that are horrible...I recommend to all my customers that they purchase some kind of firewall...I truly helps against the internet threats!
 

FAQ: Dealing with a Computer Worm: What To Do and What Protectors to Use

What is a computer worm?

A computer worm is a type of malicious software that is designed to spread from one computer to another by exploiting vulnerabilities in a network or system. It can replicate itself and spread without any human interaction, making it a dangerous threat to cybersecurity.

How does a computer worm infect a computer?

A computer worm typically infects a computer through a security vulnerability in the operating system or network. It can also be spread through email attachments, malicious websites, or by connecting to an infected device through a network or USB drive.

What are the signs that my computer is infected with a worm?

Some common signs of a computer worm infection include a slow or unresponsive computer, unusual pop-up messages, changes in browser settings, and unexpected crashes. You may also notice new files or programs on your computer that you did not install.

How can I protect my computer from worms?

To protect your computer from worms, it is important to have up-to-date antivirus software installed. You should also regularly update your operating system and other software to patch any security vulnerabilities. Be cautious when opening email attachments or clicking on links from unknown sources, and avoid downloading files from suspicious websites.

What should I do if my computer is infected with a worm?

If you suspect that your computer has been infected with a worm, immediately disconnect it from the internet and other devices on the network. Then run a full scan with your antivirus software to detect and remove the worm. If the infection is severe, you may need to seek professional help or reinstall your operating system.

Similar threads

Iran's Nuclear Weapons Program Crippled by Computer Worm
Replies
8
Views
4K
What is Xp internet security 2011 and how do I remove it from my computer?
Replies
17
Views
5K
Is Alan Turing given too much credit when it comes to computers?
Replies
29
Views
4K
Troubleshooting ASP.NET Machine Account and Sasser Worm
Replies
2
Views
3K
Calculators Experiencing Vista Anti-virus: What to Do?
Replies
4
Views
7K
Hackers get Mac running Windows
Replies
8
Views
3K
Online videos may be conduits for viruses
Replies
2
Views
5K
Computer New computer build: Getting out of the Dark Ages
Replies
23
Views
4K
I could really use some help picking my optional module [GameDev]
Replies
2
Views
2K
Synthetic Biology, What Might It Do?
Replies
1
Views
2K

Hot Threads

Recent Insights

Back
Top