Sometghing odd is happening to my pc, I've patched the Blaster threat, my firewall is blocking the relevant ports and I've disabled system restore and run a scan with several specific Lovesan removal tools (all came up clean)
But my system still occassionally (as in 2/3 times a night) reboots with the same pop up window as if infected.
Now I cant work out whats wrong, I've disabled the relevant windows service, rescanned, double checked firewall and updated av's and re-applied the patch(s) but no joy. It seems to pop up just as I surf to different sites out of my favourites, very odd.

Anyone have any ideas?

Are you running XP? There have been some reports that some XP systems are impacted though they have been patched. As far as I know, these are unconfirmed and I have no details unfortunately. I saw this on the SecurityFocus "Incidents" listserv.

Hi Tinribs!

Do you run windows xp?
if yes, desactivate the restoration mode before "disinfecting" your pc,
if you don't it won't work!


Windows xp: desactivate system restoration

1. Go to desktop panel.
2. Click on "system"
3. And click on the "restoration tab"
4. Tick "desactivate system restoration"

Then you scan your pc with the disinfection tool.

-------------------------------------------------------------------------------------------

Info and a disinfection tool at Symantec's:

http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html

And here's more:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A

And Fanj's post:

http://www.wilderssecurity.com/showthread.php?t=12332

And, if you could get rid of that nasty, don't forget to re-activate your system restoration after.

Hope this will be helpful for you.


Uguel

Thanks all (and thanks Pieter) I've tried everything suggested,, it didnt reboot at all last night which was good, I'll see how things go. The odd thing is that I patched my system long before the threat reared its head!

I guess I'm just unlucky, or my pc is possessed with demons!

wow Kev you need to call "Host Busters"

;D I reckon I do SPC, happened again after bootup today, rescanned and again I'm clean, I give up.

Hey Tinribs,

Can you please download and run HijackThis from

http://www.tomcoyote.org/hjt/hijackthis.zip

and scan the system but do *not* try to fix anything yet as many of the items listed are necessary, instead press the "save log" button and copy and paste the log here for someone to review and advise on.

Thx,

Dan

Thanks Dan but I have done this and found nothing untowards , Pieter has seen it too and nothing is obviously wrong.

Thanks for the interest though, it only seems to pop up when I first boot after a break, on subsequent bootups its fine ???

??? Possibly weird memory bug? Reseat/swap position of dimms/simms for fix?