Re: What the heck is this msblast.exe

Rich -

Killing the process from the task manager does not seem to give extra time, as I have fixed machines this AM on which I:

(1) Killed msblast.exe
(2) These were winXP boxes, so we turned off system restore.
(3) Started the symantec fixblast executable
(4) Hurriedly started a command prompt to issue "shutdown -a"
to abort the shutdown.
(5) Installed the appropriate patches from MS after the symantec
cleaner was complete.

On the first machine I didn't get the commmand prompt open in time, and it shut down. After that, my _zeroth_ step was opening a command prompt, then I executed on steps 1-3 and 5.

Disclaimer: I'm not the sysadmin on the machines I was fixing, just part of the recovery team. Mine are patched and firewalled.
(Of course, they also have a much smaller user base, so the
firewall can be more restrictive and I adminster the only machines with trans-firewall access.) I think the sysadmin for this cluster got tired of my grumbling that proper patching prevents piss-poor performance, so hopefully he'll mend his ways.

Good luck with avoiding the recovery teams!

Charley

-- 
Charles Hamilton, PhD EIT               Faculty Fellow
Department of Civil and                 Phone: 949.824.3752
     Environmental Engineering           FAX:   949.824.2117
University of California, Irvine        Email: chamilto@uci.edu



---------------------------------------------------------------------------
Your network firewall and IDS products do not prevent Web application 
attacks - the most common form of online exploitation- resulting in Web 
defacement, data theft, sabotage and fraud.
KaVaDo is the only company that provides a complete suite of Web 
application security products.
Download a FREE whitepaper on "Security Policy Automation for Web
Applications":
http://www.securityfocus.com/Kavado-focus-ms
---------------------------------------------------------------------------

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek