CriticalDance Forum

Virus alert
Page 2 of 2

Author:  Stuart Sweeney [ Tue Aug 12, 2003 5:04 am ]
Post subject:  Re: Virus alert

There's a new kid on the Virus block - w.32 Blaster, which was discovered on 11th August.

Here is the background information:

and here is the removal tool infprmation:

I had this today and don't know how I picked it up. The symptom is a message box :


System Shutdown

blah blah Initiated by NT Authority\System


Windows must restart because the RPC service terminated unexpectedly


This happens between a few seconds and 5 minutes of connecting to the Internet. There is also an MS patch to close off the attack route. In my tired and emotional state I did not run the MS patch initially and I think I was reinfected.

Anyway it seems to be OK now. The UK Dell phone line had a recorded message on this theme this morning so I suspect I was not alone.

Make sure you're up to date with your virus software - yesterday morning's release is out of date!

<small>[ 12 August 2003, 10:31 AM: Message edited by: Stuart Sweeney ]</small>

Author:  citibob [ Wed Aug 13, 2003 3:57 am ]
Post subject:  Re: Virus alert

A Cable Modem/DSL Router (with built-in firewall) can prevent this virus. I suggest you get one, even if you have only 1 computer attached to your cable modem or DSL router.

Author:  * jerome * [ Wed Aug 13, 2003 12:58 pm ]
Post subject:  Re: Virus alert

Je viens de détruire manuellement ce virus. (j'aurais dû mettre le patch Windows il y a quelques semaines. Cela aurait évité de l'attraper.)

1) j'ai éxécuté le "Manual Removal Instructions" en 4 étapes :

2) puis, j'ai installé le Patch de Microsoft : (utile pour réparer la faille de Windows)

<small>[ 13 August 2003, 03:09 PM: Message edited by: * jerome * ]</small>

Author:  * jerome * [ Wed Aug 13, 2003 1:29 pm ]
Post subject:  Re: Virus alert

Juste avant la réparation (j’ai fait une petite manipulation):

Avant qu'il me redémarre systématiquement mon ordinateur toutes les minutes, je suis allé dans les « services » de XP (panneau de configuration/outils d'administration) puis en sélectionnant le service "RPC". En modifiant, l'option « redémarrer » à la première défaillance, j’ai sélectionné l’option « ne rien faire ». J'ai empêché qu'il redémarre automatiquement mon ordinateur une nouvelle fois. J'ai pu alors détruire le virus en lisant les informations des sites ci-dessus et remettre le service « RPC » comme il était.

<small>[ 13 August 2003, 03:30 PM: Message edited by: * jerome * ]</small>

Author:  salzberg [ Sat Aug 23, 2003 6:51 am ]
Post subject:  Re: Virus alert

Windows users, here's a way to protect yourself:

1. Run Internet Explorer.

2. Click on "Tools" and then on "Windows Update".

3. When you get the "Welcome to Windows Update" screen, click on "Scan for updates".

4. Install any "critical" or "security" updates it recommends.


Author:  Matthew [ Sun Aug 24, 2003 7:37 am ]
Post subject:  Re: Virus alert

Thanks Salzberg. You know what bothers me the most about viruses. To design a computer virus must take a considerable amount of creative energy and talent, and i think it is such a shame that it is wasted on deliberately hurting people. How in the world do these peole justify themselves. What a lack of character.

Author:  salzberg [ Sun Aug 24, 2003 12:07 pm ]
Post subject:  Re: Virus alert

Matthew, while I'm certainly no psychologist, I'm certainly Jung at heart and so I'm not at all a-Freud to offer my opinions....

I suspect that these folks feel powerless and underappreciated. This is their way of being in control.

Author:  salzberg [ Sun Aug 24, 2003 12:10 pm ]
Post subject:  Re: Virus alert

There's one other thing you can do to protect yourself and limit the spread of viruses.

Many viruses (although not the worms we've heard of so much over the past few weeks) replicate themselves by emailing themselves to everyone in the user's Microsoft Outlook addressbook. The easy and obvious way to prevent this is...don't use Outlook or Outlook Express.

Author:  Azlan [ Sun Aug 24, 2003 3:34 pm ]
Post subject:  Re: Virus alert

Also, I can assure you that the viruses are not originating from the mail server. If you receive an infected file purportedly from someone at, it is probably being sent instead from an infected Outlook or Outlook Express addressbook residing on a third party's PC.

It works like this: has an address book that contains the following addresses: and The virus looks up the addresses and sends an email to "signed" by or vice-versa. In the latter case, may get a response from the telling her she sent a virus even though she didn't even turn on her PC.

For example, a virus purportedly sent out by me turned out to have come from "NOKU ( [])" instead, which is not even in the same country as the server.

The server is protected from infiltration. Unfortunately, there are many others that are not.

<small>[ 24 August 2003, 05:42 PM: Message edited by: Azlan ]</small>

Author:  Azlan [ Sun Aug 24, 2003 5:12 pm ]
Post subject:  Re: Virus alert

After some investigation, it looks the bulk of the viruses are coming from mail server (IP = We are sending a message to the postmaster there. In the meantime, the mail server will not accept any messages from or the IP

Page 2 of 2 All times are UTC - 7 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group