ok someone is fucking with my computer along with like 4 other of my friends and we get these errors :angry: does anyone have anything to stop this or mask my ip or something

http://www.boomspeed.com/higgs/win32.jpg


http://www.boomspeed.com/higgs/system.jpg

This has nothing to do with hardware, so.... <moved>


do you have the following? Up-to-date, regularly used virus scanner
strong firewall
all windows updates and fixes from http://windowsupdate.microsoft.com

i just downloaded zone alarms and it just blocked an IP address trying to get in so i think i stopped it

http://www.klboard.ath.cx/index.php?showtopic=61060

Alert&#33; Code Blue (http://www.f-secure.com/v-descs/codeblue.shtml)

That damn I.E. DW15.exe file is a bitch&#33; Wish I could get rid of it, I know where the damn thing is but, not sure if it would hurt to get rid of it....

Anyone know about this (DW15.exe) error reporting bitch?

wow u too damn this is going everywhere&#33;&#33;

I also had this problem. I couldnt figure out any solution so I just re-installed windows...problem solved. Just re-install the windows directory and you will still have all of your programs and such.

Hope this helps,
Steve

search a lil more (http://www.klboard.ath.cx/index.php?showtopic=61117)

i no, u dont have time 4 it, but u got a worm

there r 3 topics on this mf allready, so im not gonna xplain it here.........

goodluck

its a virus that came out this morning...11/08/03...microsoft is warning every1 to make sure u have the patch installed...nortons has released virus definitions

heres the website link to nortons write up on it..read it and weep

http://securityresponse.symantec.com/avcen...aster.worm.html (http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html)

yep its that damm MSBlat virus which everyone has pissed me off tryed everythign to get rid of it :angry: :angry: :angry:

wow, this thing got everyone... :o I haven&#39;t downloading anything in ages because I have my Anti-virus uninstalled at the moment... maybe a good thing or I would be in line with everyone else I fear

As Ive said on another psot its got nothign to do with what your downloading the bastard is hackin gppl he got me within 5 seconds 3 times&#33;&#33;&#33; it also blokcs u from downling the patch for security with windows update I had to ghoist a image from another mchine

Important Note: W32.Blaster.Worm exploits the DCOM RPC vulnerability. This is described in Microsoft Security Bulletin MS03-026, and a patch is available there. You must download and install the patch. In many cases, you will need to do this before you can continue with the removal instructions. If you are not able to remove the infection or prevent re-infection using the following instructions, first download and install the patch.


Disable System Restore (Windows Me/XP).
Update the virus definitions.
Do one of the following:
Windows 95/98/Me: Restart the computer in Safe mode.
Windows NT/2000/XP: End the Trojan process.
Run a full system scan and delete all the files detected as W32.Blaster.Worm.
Reverse the changes that the Trojan made to the registry.

make sure u go into the registry - HKEY_LOCAL_MACHINE&#092;Software&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Run
and delete this value:
"windows auto update"="msblast.exe"


this is wot the virus intentions were:

When W32.Blaster.Worm is executed, it does the following:


Creates a Mutex named "BILLY." If the mutex exists, the worm will exit.


Adds the value:

"windows auto update"="msblast.exe"

to the registry key:

HKEY_LOCAL_MACHINE&#092;SOFTWARE&#092;Microsoft&#092;Windows&#092;CurrentVersion&#092;Run

so that the worm runs when you start Windows.


Calculates the IP address, based on the following algorithm, 40% of the time:

Host IP: A.B.C.D

sets D equal to 0.

if C > 20, will subtract a random value less than 20.

Once calculated, the worm will start attempting to exploit the computer based on A.B.C.0, and then count up.

NOTE: This means the Local Subnet will become saturated with port 135 requests prior to exiting the local subnet.


Calculates the IP address, based on many random numbers, 60% of the time:

A.B.C.D

set D equal to 0.

sets A, B, and C to random values between 0 and 255.


Sends data on TCP port 135 that may exploit the DCOM RPC vulnerability to allow the following actions to occur on the vulnerable computer:

Create a hidden Cmd.exe remote shell that will listen on TCP port 4444.

NOTE: Due to the random nature of how the worm constructs the exploit data, it may cause computers to crash if it sends incorrect data.


Listens on UDP port 69. When the worm receives a request, it will return the Msblast.exe binary.


Sends the commands to the remote computer to reconnect to the infected host and to download and run Msblast.exe.


If the current month is after August, or if the current date is after the 15th, the worm will perform a Denial of Service attack on "windowsupdate.com."

With the current logic, the worm will activate the DoS attack on the 16th of this month, and continue until the end of the year.

The worm contains the following text, which is never displayed:

I just want to say LOVE YOU SAN&#33;&#33;
billy gates why do you make this possible ? Stop making money and fix your software&#33;&#33;