LinkBack URL
About LinkBacksFYI
Although applying the M$ patch will stop you seeing the error message, I just ran the W32.Blaster.Worm Removal Tool and the worm showed up and was removed, maybe worth running it guys
FYI
Although applying the M$ patch will stop you seeing the error message, I just ran the W32.Blaster.Worm Removal Tool and the worm showed up and was removed, maybe worth running it guys
viruses and stupid naff MS security suck.
I can imagine this could end up causing us (as an IT support person) a major nightmare if it gets into our network.
(we do have firewalls and a/v software on the exchange server which seems to be blocking it so far...)
Join the HEXUS Folding at Home Team!!
Welcome to HEXUS! - Read this if you're new!
hexus trust | joshwaller.co.uk | tea review
i got it last night, it sucks cos it doesnt give you enough time to do anything about it. So i started up my other pc and started trying to find a way to fix it then THAT one got infected too!! ARGH! eventually i got it sorted tho and everything is a-o-kay!
If you have an exchange server that suddenly stops allowing connections, then it's likely it's this as it attacks port 135 and causes it to crash, patching it with the MS patch fixes it. (then a reboot enables users to connect again...)
// speaking from experience...
Join the HEXUS Folding at Home Team!!
Welcome to HEXUS! - Read this if you're new!
hexus trust | joshwaller.co.uk | tea review
I had it last night. I posted on 3 different forums trying to get an answer. Good ol' HEXUS helped me out though
It was so annoying! Its like an epidemic!
The virus affects WinNT4.0 and higher, Win2000, WinXP, Windows Server2003, etc... Windows 98 is actually supposed to be ok!? Go figure!!
Home users are most affected b/c most aren't using firewalls.
My computers all have a NAT firewall (router) and software firewalls (Zonealarm). btw ZoneAlarm is free for home users. I highly recommend it www.zonelabs.com
Who needs patches if nothing can get in or out with out your permission. (USE A FIREWALL!!! besides the default MS firewall)
Knoxville, rember a while back i sent you a program that shut down your pc after 20 mins and displaed a message? exactley the same thing
not really a major problem if you know how to fix it, took me 2 resets
if you are stuck on 56k, and carnt download the file in time then, then go to start > run > type "command" > then type "shutdown -a"
and that will stop it
its clever that us uses a built in xp program, and yes i think it will only work in xp / 2000 as you carnt use the shutdown command in 98 / 95
Hehe same thing exept that your didnt automatically replicate itself to tens of thousands of pc's, and yours isnt gonna lauch a huge DDOS attack on windowsupdate.com on the 16th therefore downing £1 million worth of load balancing reduntant superdooper server kitOriginally posted by Dave2986
Knoxville, rember a while back i sent you a program that shut down your pc after 20 mins and displaed a message? exactley the same thing
OK for the people that are managing corp networks with firewalls and stuff, the trojan cant get through your firewall, but if your network is not physically secured, then your in for a long day tomorrow maybe.
By physical security I am talkign about laptops here. How many laptops do you got that staff take home? These laptops are the weak link in your network and should not be allowed to be connected to your network untill theyre patched and cleaned. If you fail to control your laptop useage over the next cpl of days, your gonna get infected big time.
Good luck.
Butuz
Oh - and disabling port 135 on your main routers / backbone switches would also be a wise idea just incase
Butuz
lol, true, but i did have some fun with it at college, i used their network client to send it to peopleOriginally posted by Butuz
Hehe same thing exept that your didnt automatically replicate itself to tens of thousands of pc's, and yours isnt gonna lauch a huge DDOS attack on windowsupdate.com on the 16th therefore downing £1 million worth of load balancing reduntant superdooper server kit
all fun and games though, i always sent them a fix just before it reset the pc
also its NOT a virus its a exploit/worm
If your blocking ports to stop it because you cant patch a machine, you also need to block port 445.
Originally Posted by Saracen
Just got hit by this one and I have a feeling some people will be calling me to get them to fix their pcs. Oh joy...
Ok yes Windows 98 is safe BUT I'm convinced it's a carrier for the virus. I did a format and everything but it still came up with errors in XP and to say the least I was pissed off...
While I could I did a quick google for svchost errors and managed to find the information and cure.
My theory is that my other machine (win 98) which is on the same network as my XP machine reinffected it when I took files back across after the format. I could be wrong though.
Other theory is I simply got inffected again after going on the internet.
Ah well, another life experience...
/me crys into hands
Why do i have to be a tech support agent for a fooking big ADSL ISP
These things are just not good for my work load!
Originally posted by Butuz
Oh - and disabling port 135 on your main routers / backbone switches would also be a wise idea just incase
Butuz
Done that, redirected 135 to 192.168.1.250, which doesnt exist on my network. Thats the IP where all the rubbishrubbishrubbishrubbishe gets sent that I dont want. Ports that viri use get sent there. Now Ive just got to remember to never put another 149 computers on my home network, and Im sorted.
i got this virus yesterday, i don't run virus software and in over 10 years of owning a PC this is the first virus i've got, i think it might be a big problem for the AOL users, if you know where i'm coming from. Just as well i was running zonealarm.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Reply With Quote
