dba

I got some viruses somehow,they came in after an XP fresh install before i had installed an AV,i went for the security patches first thinking i wont get viruses so quickly,so is used Stinger and then switched to McAfee.

I got Blaster,Nachi,Lovsan and SVChost

Then I made the same mistake with my sons PC when loading XP

basically,i assume they are coming in via the hole that the Blaster patch shuts down,but how am i getting them so quickly,literally minutes within first connecting to the web?

are they just scanning for open ports without the Windows patch and downloading them? and how are they doing this via BT?

I have no end of hassle,but in future i will load a firewall first,then go to Windows update

john_s

iTrader: (1)

Not sure about the rest, bu blaster certainly scans for open ports.

You could download the patch that srt out the hole that blaster exploits and keep it on a floppy to install it before going online with a fresh intall.

John.

dba

yeah,i have done that now,after bitter experience,i just cant believe it happened twice that quickly
these scans must be on all the time

ChrisB

Just means there's a number of infected PCs on the BT Broadband network and you get hit straight away.

Service Pack 2 for XP improves the firewall drastically in a number of ways.

dba

i havent seen a service pack 2,is that coming to the update page soon?

RichiW

I did the same with my m8's machine, went online and installed the updates before installing AV/ firewall ... got a virus within minutes, couldn't believe it!!



Live and learn i guess

elgordano

you should do the fresh install off the network so that when you conenct you have a/v and firewall already in place.

Gordo

ChrisB

MS should be releasing SP2 for Windows XP first half of this year.

It also brings pop-up ad blocking to Internet Explorer.

Once it's out, you'll see it listed in Windows Update. Any copies floating around the 'Net now will be betas and previews, so I'd avoid them.

Jiggerypokery

"I got Blaster,Nachi,Lovsan and SVChost"

Me too (on BT)! Fresh install of XP on Sunday, connected to the internet and literally watched the suspicious .exe's adding to the process list and registry. I think McAfee had difficulty cleaning SVChost as the machine was rebooting regularly with SVChost errors until all updates were installed.

200+Bhp

Is svchost.exe a virus for definate, I thought it was a service within WinXP

How did you guys scan for these I run Norton right up to date with definations etc. and it doesnt pick anything up

JackClark

svchost.exe is not a virus, but as an executable file is open to infection by a virus.

Markus

Blaster is evil! getting it within seconds of putting a machine on the internet is not uncommon, we had the same problem here, brand new machine, hooked it up to net (outside our firewall, just to see what happened) wham, 5 seconds after plugging the Cat 5 cable in, Norton picked up a Blaster attack.

R1916v

And the moral here is put your AV and patches on before connecting to the net

Make sure you download all the hotfixes etc for these before you format, store them on another partition or something.

i8gtmf

I had exactly the same fresh install of xp when straight to windows update, next thing i know is my pc is shutting down and iv'e got W32.Welchia.Worm and that svchost.
The svchost was going nuts trying to connect to the internet and kept creating a file called .Daz which came back everytime i deleted it.When i opened the .Daz file in notepad al i could make out amongst the gibberish was "user exceeded bandwidth"
When i deleted svchost everything sorted

scottywrx

As Gordon said ...

Never Never Never connect your pc unpatched to the internet . It does not matter if its BTBroadBand or whatever ...
the blaster variants are out there just waiting for their victims ...

Ask a m8 to download the patches and get anti-v & firewall installed before you consider plugging into the wild wild internet !! ...