  |
|
|
View previous topic
::
View next topic
|
| Author |
Message |
Ed Oliver
Joined:
08 Aug 2003
Posts:
7
|
Posted: Tue Aug 12, 2003 5:47 pm
Post subject: Is the MSBlast Worm affecting your Adsense clickthrough?
|
 |
|
Hi All,
My Adsense clickthrough rate dropped by 20% overnight,
compared to the clickthrough average of previous weeks,
however the number of impressions are about the same as
always.
Why? Not sure, but I think it has something to do
with the "latest MSBlast worm" crippling most computers
on the net, because I had a nasty first hand experience
with it yesterday. If you haven't had it yet, then thank
your firewall or anti-virus software.
In a nutshell, this is what happened to my partner and I,
we have 2 Desktop Computers and 1 laptop, 2 out of the
3 computers got infected, therefore progress on my
http://www.go-2-air-purifier-reviews.com came to a
frustrating halt! I had just downloaded and installed two
new software programs and almost accused both vendors
of having bugs.
Luckily, we had one computer left to search google for
any info on this worm but unfortunately it was too early for
any links etc, then this morning we continued searching
and then finally found all the info and patches to remedy
the situation.
All our computers are up and running smoothly
and a lesson well learnt, use firewalls and anti-virus
software and activate them all the time.
For the latest security patches from Microsoft,
go to:
http://www.microsoft.com/security/security_bulletins/ms03-026.asp
then click on the bottom link titled
"Get more technical details about this update"
A good article titled "Cleaning up after the MSBlast worm"
can be found here;
http://insight.zdnet.co.uk/software/0,39020463,39115651,00.htm
How could this have affected Adsense clickthroughs?
Well you see - the MSBlast worm crashes your computer
within 5 minutes of going online - therefore that
could have been the amount of time it took a visitor
to my website (caused an impression) but
did not have enough time to clickthrough before the
MSBlast worm terminated unexpectedly the Remote
Procedure Call (RPC) service this closed your
computer down within a few seconds.
Let's hope there is an improvement in the next few days
as most microsoft internet explorer users get their patches
and fixes sorted out.
Good Luck
Ed Oliver
http://go-2-air-purifier-reviews.com
-------------------------------------------
PS. Anyone got a similar experience to share?
_________________
Are You Just Keeping Time or Enjoying Time? |
|
| Back to top |
   |
 |
Bobby
Joined:
12 Jul 2003
Posts:
764
|
Posted: Wed Aug 13, 2003 6:33 pm
Post subject:
|
|
|
Ed,
Do you have the XP edition of Windows on your "infected" computers?
Bobby |
|
| Back to top |
|
|
Ed Oliver
Joined:
08 Aug 2003
Posts:
7
|
Posted: Wed Aug 13, 2003 10:45 pm
Post subject: W32.Blaster, MSBlast and W32/Lovsan vs AdSense
|
|
|
Hi Bobby,
You asked;
>Do you have the XP edition of Windows on
>your "infected" computers?
All our 3 computers have XP and I know reports
have it that, Windows XL and Widows2000 were
mostly affected, one computer was Ok, because
my partner had downloaded and installed a
Microsoft Security patch a day before, we
never got around to "patching" the other
2 computers before we got hit.
Other sources report of the virus carrying a
message for the Microsoft chairman: ?Billy Gates
why do you make this possible? Stop making
money and fix your software!!?
Obviously, targeting Microsoft and it's users.
Users of Linux, Unix, Netscape or Mac are Ok.
Symantec reports - more than 188,000 computers
were infected
The New York Times reports of different names
including "W32.Blaster," "MSBlast" and "W32/Lovsan,"
Who knows what's next?
I guess we all have to be constantly on our guard
with firewalls, anti-virus and all those patches.
Could this explain why the forums have been quiet
in the past 24 hours?
Regards
Ed Oliver
www.go-2-air-purifier-reviews.com
_________________
Are You Just Keeping Time or Enjoying Time? |
|
| Back to top |
|
|
Bobby
Joined:
12 Jul 2003
Posts:
764
|
Posted: Wed Aug 13, 2003 11:40 pm
Post subject:
|
|
|
Ed,
Based on what I've read, "most computers on the net" were not "crippled," so I doubt this explains any drop in AdSense impressions or revenue.
My understanding is only a small percentage of computers were affected.
Bobby |
|
| Back to top |
|
|
Ed Oliver
Joined:
08 Aug 2003
Posts:
7
|
Posted: Thu Aug 14, 2003 12:17 am
Post subject: Adsense Clickthrough Update
|
|
|
Hi Bobby,
It is my fervent hope that most computer users
did not experience that nasty worm, but those that did
know how awful those 24hrs or so felt like.
The good news is, I have been checking my Adsense
clickthrough rates today and it's back to pre-MSBlast worm days
of over 30% so I am rocking with Adsense again.
Thanks for sharing your experience.
Regards
Ed Oliver
http://go-2-clocks.com
_________________
Are You Just Keeping Time or Enjoying Time? |
|
| Back to top |
|
|
Sam Odiaka
Joined:
10 Aug 2003
Posts:
17
Location:
London-UK
|
Posted: Thu Aug 14, 2003 7:31 am
Post subject: You're Not Alone!
|
|
|
Ed,
Neil Shearing had the same problem as you. Here is the special
issue he wrote: | Quote: |
------------------------------------------------------
Special: You Ugly Worm!
------------------------------------------------------
Hi everyone,
If you're guarded by firewalls, antivirus software and
have all the latest security patches from Microsoft,
you don't need to read this. 
If you're on Unix, Linux or a Mac, you don't need to
read this either. (but if you'd like a chuckle at my
expense, read on)...
Everyone else, this is for you!
Yesterday my computer kept crashing within five minutes
of going online.
I work online for a living, so this was very, very
annoying!
I'd just installed some new software, so I cursed the
programmers for leaving bugs in their products, and
tried to cure the problem by uninstalling their
software.
It didn't work.
Then I did a "roll back" to a version of Windows XP
from before I'd installed the software.
That didn't work, either.
So I checked the programs running on my machine and
tried to identify them.
I found a program running called "MSBLAST.EXE". I
didn't recognise it, so I plugged the filename into
Google. There were NO search results. Google didn't
know of any sites where "MSBLAST.EXE" was mentioned.
What? Google has billions of pages listed!!
OK, now I was *really* worried.
I searched for the error message I got when the
computer died...
"Remote Procedure Call Service" error.
I found a forum saying that the error was caused by
an overload resulting from someone trying to run
code on my machine! There was a patch at Microsoft...
http://www.microsoft.com/technet/treeview/default.
asp?url=/technet/security/bulletin/MS03-026.asp
(I also found that there were tons of other
"critical" patches I needed to install! Boy, it's
scary when they say you need these patches because
otherwise someone could run any kind of code on
your machine!)
You can check for the latest updates and patches
at:
http://www.windowsupdate.com or
http://windowsupdate.microsoft.com or
http://v4.windowsupdate.microsoft.com/en/default.asp
(they are VERY busy, so if the site doesn't load,
keep trying!)
OK, the patch seemed to have stopped my machine
falling over. But what was MSBLAST and was it still
doing bad things to my computer??
Today, I searched Google again for "msblast", first
thing in the morning, and found out the answer...
http://www.google.com/search?hl=en&lr=&ie=ISO-8859-1&q=msblast
MSBLAST is a new worm. When I got infected, it
was so new that Google didn't know it existed!
The worm installs itself on your machine and
loads into memory each time you re-boot.
I got infected by having an unprotected port...
it was nothing to do with the software download.
(check your ports for security here...
http://security.symantec.com )
The way to protect your ports is to use a firewall.
So that was the next step...
I installed Norton Firewall...
http://www.symantec.com/sabu/nis/npf/
...and one of the first things it told me was that
"MSBLAST" was trying to access the Internet...every
few seconds! It was trying to infect other computers!
The little worm!
I told Norton to tell MSBLAST to take a running jump
and totally block its Internet requests!
The final task was to get rid of the worm. I checked
out Trend Micro, and they detailed a way to remove
the worm from my system...
http://www.trendmicro.com/vinfo/virusencyclo/
default5.asp?VName=WORM_MSBLAST.A
Finally, I ran "HouseCall" over my computer and
deleted the one infected file (from 66,000+
files on my machine.
http://housecall.trendmicro.com/
Job Done!
My computer is behind a firewall, has all the latest
"critical" security patches and the worm is history.
If only I'd kept up-to-date with the security patches
and had a firewall before, I wouldn't have wasted
an entire morning!
Which is why I've written this article. Hopefully
it helps some of the 50,000+ subscribers from getting
infected, or to find the cure!
Apparently the worm contains the text...
"I just want to say LOVE YOU SAN!!
billy gates why do you make this possible ? Stop making
money and fix your software!! "
...it's also primed to attack windowsupdate.com
on several days each month. I guess the virus
programmer really wants Microsoft to know about this
security bug in their software!
I'm just glad it wasn't as nasty as I first suspected!
If you're not protected yet, you may want to follow the
links in this article to get protected.
Then forward this article to friends so that they
know what to do.
Thanks for reading.
Regards,
Neil Shearing.
|
As for your AdSense clickthrough rate dropping.
Over here in the UK, the weather has been extremely hot! It was
really hard to work in such conditions.
My guess is either most people decided to take some holidays or
do some manual work like gardening or fixing bits and bob in the
house.
Take some time out to play with the kids etc...
Glad to know your click through rate is back to normal rate. I guess
that means more money to spend.<smile>
Success to You,
Sam Odiaka
http://WorkAtHomeOnlineBusiness.com
_________________
Sam Odiaka
Helping Hands That Make A Difference
In The Internet Business
http://www.Oraifite.com
http://www.WorkAtHomeOnlineBusiness.com |
|
| Back to top |
|
|
Harith Al-Jibury
Joined:
11 Jul 2003
Posts:
37
Location:
Denmark
|
Posted: Thu Aug 14, 2003 11:17 am
Post subject: Re: Is the MSBlast Worm affecting your Adsense clickthrough?
|
|
|
| Ed Oliver wrote: | Hi All,
My Adsense clickthrough rate dropped by 20% overnight,
compared to the clickthrough average of previous weeks,
however the number of impressions are about the same as
always.
PS. Anyone got a similar experience to share? |
The same thing happened with my site, though my CTR dropped by around 50%.
However, I?m not buying the story of "MSBlast worm". Worms don?t eat clickthroughs 
Not sure, but maybe there is something wrong with Google clickthrough tracking!
All the best,
Harith
http://www.danex-exm.dk
Last edited by Harith Al-Jibury on Thu Aug 14, 2003 7:51 pm; edited 1 time in total |
|
| Back to top |
|
|
Ed Oliver
Joined:
08 Aug 2003
Posts:
7
|
Posted: Thu Aug 14, 2003 11:39 am
Post subject:
|
|
|
Hi Harith,
You wrote;
>The same thing is happening with my site, though my CTR dropped by >around 50%.
>However, I?m not buying the story of "MSBlast worm". Worms don?t eat >clickthorughs
Thanks for your contribution, I like your line "Worms don?t eat clickthorughs"
When strange things happen like what I described below in
my previous posting - you start asking all sorts of questions
How could this have affected Adsense clickthroughs?
Well you see - the MSBlast worm crashes your computer
within 5 minutes of going online - therefore that
could have been the amount of time it took a visitor
to my website (caused an impression) but
did not have enough time to clickthrough before the
MSBlast worm terminated unexpectedly the Remote
Procedure Call (RPC) service this closed your
computer down within a few seconds.
The good news is - my Adsense stats are back to normal
and rocking now.
Best Wishes
Ed Oliver
www.go-2-air-purifier-reviews.com
_________________
Are You Just Keeping Time or Enjoying Time? |
|
| Back to top |
|
|
2create
Joined:
29 Jul 2003
Posts:
45
Location:
Dallas
|
Posted: Thu Aug 14, 2003 7:43 pm
Post subject:
|
|
|
I had a very dismal day yesterday but things have picked up today.
_________________
Get the facts before you build...
2CreateAWebSite.com |
|
| Back to top |
|
|
Harith Al-Jibury
Joined:
11 Jul 2003
Posts:
37
Location:
Denmark
|
|
| Back to top |
|
|
Ed Oliver
Joined:
08 Aug 2003
Posts:
7
|
Posted: Sat Aug 16, 2003 12:03 am
Post subject: How to handle email hoax about MSBlast Worm
|
|
|
Hi All,
Microsoft announced on Friday that an e-mail hoax is circulating.
The subject line of the e-mail is "updated," and the message
appears to contain a critical update to patch systems against
the MSBlast worm. In reality, clicking on the attached file
will infect the recipient's computer with a Trojan horse program.
Antivirus company Sophos dubbed the new program Graybird.
Microsoft warned consumers that the company never uses e-mail
to distribute patches.
For your perusal, find below one of the best articles I have read
regarding MSBlast and how to best handle it;
You may have read recently that a computer virus known as MSBlast or Lovsan is
affecting computers with Microsoft Windows Operating systems. This virus utilises
vulnerability in the Microsoft software. Its effect is to cause computers to restart
regularly. MSBlast is a type of virus known as a ?worm? which does not appear to
cause permanent damage but is a threat to be taken seriously.
Which computer operating systems are affected?
Users of the following operating systems could be affected: Windows XP, Windows 2000,
Windows 2003, Windows NT 4.0.
Customers using Windows 95, Windows 98 or Windows ME are not affected.
What is the name of the virus?
Microsoft refers to this virus as the ?W32.Blaster.Worm?, but it is also known as
W32/Lovsan.worm, WORM_MSBLAST.A, Win32.Posa.Worm.
How do you I avoid getting the virus?
Firstly, you should ensure that you install a Firewall application and anti virus
software on your computer. A Firewall prevents unauthorised access to your computer
and will prevent attack from viruses. Anti-virus software will protect you from
viruses as long as you keep it up to date with the latest updates. Microsoft XP
comes equipped with a Firewall ? or you can download and install a free Firewall from
www.zonealarm.com.
Users of the operating systems listed above, in the section ?Which computer operating
systems are affected?? should enhance their software with the latest update called a
?patch?. The patch that will address this issue is called MS03-026. Updating your
computer with this patch will remove the vulnerability and prevent this type of virus
affecting you.
Customers that have previously applied the security patch MS03-026 before today are
protected and no further action is required.
How do you know if your computer has the virus?
The most common symptom of the virus is that your computer will restart every few
minutes, without your input. You may also find that a file called msblast.exe has
been created in your computer?s WINDOWS SYSTEM32 directory.
How do you know if you have the virus?
To detect this virus, search for msblast.exe in the WINDOWS SYSTEM32 directory or
download the latest anti-virus software signature from your anti-virus vendor and
scan your machine.
A number of software vendors are working together to overcome this virus. Additional
information on this virus is available from any of the following links:
Network Associates:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=100547
Trend Micro:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MSBLAST.A
Symantec:
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
Computer Associates:
http://www3.ca.com/virusinfo/virus.aspx?ID=36265
Microsoft's Virus Information Alliance:
http://www.microsoft.com/technet/security/virus/via.asp
If you get the Virus how do you remove it?
1. In order to remove this virus please follow these instructions:
Do a search for msblast.exe by using the find files or programmes command (usually
found in system32 folder)
Delete it.
Click Start and select Run
Type msconfig & click OK
Select the start-up tab
Disable msblast
Reboot machine and enable your Firewall or anti-virus software. Refer to your
software instructions provided to ensure that it is set up correctly.
Alternatively
Security specialists Symantec have released a tool which will remove the current
infection from your computer. To download this tool, go to www.symantec.com and go to
the security response section. Then click the W32.Blaster.Worm link in the latest
virus threats section. This page offers more information regarding the worm, and a
downloadable tool to remove it.
2. Once you have removed the virus, immediately select one of the links below to
install the security patch needed to ensure no repeat infection occurs.
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html
http://microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03
-026.asp
If you are away from your machine or are unable to get on-line, then the above links
will provide patches which are small enough to download from another PC on to a
floppy disc, to install on your PC at a later date.
To Your Happy & Safe surfing,
Ed oliver
Get your airborne virus busted at;
www.go-2-air-purifier-reviews.com
_________________
Are You Just Keeping Time or Enjoying Time? |
|
| Back to top |
|
|
| View previous topic :: View next topic |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Private Messages
Log in
