I have been struggling much of the day, following the discovery that my computer suddenly (as of last night) reported a svchost.exe error, with this vexing problem. It results in the computer being taken over by persons unknown and used to distribute materials throughout the net anonomously. It also affects certain function of your computer, and is a very frustrating problem. Virus checkers don't catch it, neither does a complete system scan.

Apparently this problem has been exploding in the last few days. MS, becoming aware of their WIN2K being hijacked, released this patch to deny entry to the worm:

http://microsoft.com/downloads/details.aspx?FamilyId=C8B8A846-F541-4C15-8C9F-220354449117&displaylang=en

Download it and run it. After the subsequent reboot, all is well again.

none of my computers wanted to reboot altho it said it installed.

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A

follow the instructions to rid the registry of it 1st, before applying the patch

Heh I got the same error today while working on the computer at my school. It must mean it has a trojan horse program on it. I'm glad I have norton antivirus 2003 on my home computer in case I brought anything bad home from cd's I burned at school.

Hey, I have Norton Systemworks 2003 with AV running with the newest virus defs and this damn thing still got through.

I've tried the Symantec Remover to no avail.

I'm running SP 2 on Win2K and the Hot Fix is apparently only supported on SP3 and SP4 so I have been trying to download SP3 for the last 5 hours and have 4 hours to go.

Damn 56k. Damn MicroFlotsam for leaving all the back doors. Damn Damn Damn

The Blaster Worm takes advantage of a "hole" in Windows that Microsoft already made a fix for. If you run Windows update on a regular basis or have a firewall you'll be OK.

Go to www.sarc.com for a fix for the Blaster Worm. Updating your anivirus will NOT fix the problem once you're infected.

After spending the day looking through the registry, following advice from various website, including Symantec's, I ended up here: http://www.experts-exchange.com/Operating_Systems/Win2000/Q_20621670.html

That's the one that directed me to the MS patch. I have a P4 2.266 GHz, and do use LW 7.5. Just so you know. My WIN2k Pro is an old one, but upgraded to the latest service packs. However, from what I can tell, different systems or system configs respond slightly different. Someone is exploiting a weakness in the Windows systems and that allows them to use our computers to transfer info to other parts of the world. Someone was saying that he managed to lock onto some of it and was listening to music downloads, someone else saw porn being shuffled through. To make a long story short, I guess I was lucky. After running a Norton system scan without success, the patch fixed me right up. Seems logical. MS are the ones to know their system best, and they found a way to plug the leak. People who check for viruses will come out soon enough with a download that recognizes it and possible variants and block or quarantines them.

thank you for posting all this info here!! I have been trying to figure out what was wrong with my pc all day today! Was driving me totally nutz.:(

What kind of person would have written such a terrible virus like this Blast Microsoft Worm?

Who knows, BT? The same kinds of people who delight in writing any kind of viruses. They see it as a challenge and as a personal empowerment to be able to shake up the establishment (that's us). They're obviously bright and talented, but unfortunately are on the lunatic fringe and use their creativity destructively rather than for the common good. I'm sure that any of them could have excellent and rewarding careers working for legitimate businesses or even create their own companies. Of course, then they would become what they despise, right? And that wouldn't fly with them.

RP, I felt that especially in our graphics community we have lots of WIN2k users, and since it hit me, I thought that it might have hit a lot of you as well. Even when I got to the gym, people were buzzing about this thing, and since I had found a place to get a solution, at least one that worked for me, other might benefit as well. It also helped to explain a little of this stuff to them.


BeamTracer, I was thinking after my previous reply. Not just misguided antisocial or anarchistic individuals might do this, but there is still an "us and them" situation in this world. Lots of people hate the Western World and especially the US and allies, and may do this even under foreign government sponsorship. IMO, in a way, this too is a form of terrorism, and this constant probing of our cyber defenses is as serious a threat to our security (economic and political) as any other more mundane military incursion.

Originally posted by pixeltek
BeamTracer, I was thinking after my previous reply. Not just misguided antisocial or anarchistic individuals might do this, but there is still an "us and them" situation in this world. Lots of people hate the Western World and especially the US and allies, and may do this even under foreign government sponsorship. IMO, in a way, this too is a form of terrorism, and this constant probing of our cyber defenses is as serious a threat to our security (economic and political) as any other more mundane military incursion.

Yeah, I bet Saddam Hussein sponsored this virus! :eek: Dirty bastard!

It seems many US people tend to have this terrorist angst. Some decades ago it was the communists putting flouride in the drinking water...

But in this case the theory doesn't make sense. Everyone running Win2K would be a target, and this is not only run in "the US and allies".

Maybe the virus was written by people who hate Microsoft. It's uncanny that whenever I hear about a virus it seems to be attacking some kind of Microsoft product. Would you call that a war?

Beam,

You didn't really write the Blaster virus...did you? :D
Of course we all know how much you love Microsoft. ;)

Cheers,
JS