Beware , brand new worm, only discovered tonight ..... dont seem too malitious (sp?) but its like only a few hours old so they may not know everything about it yet.
Was just removing the Blaster worm from my mum's machine and this popped up in norton.
more info here http://securityresponse.symantec.com...chia.worm.html
thought I would let you know
cheers mate
if war is the answer, then we are asking the wrong question
2 things i hate the most - xenophobia and the french
"chuffing"
thanks for the headsup
Cheers. man. I think i might write a lil script for dealing with it. I just know Im gonna get mates that dunno wot to do when they get it. Microsoft patches are to big to download quickly on dial up so a nice lil script will did the job last time. Poor german mate on dial up couldnt stay online long enuff to download the patch.
Arguing with an administrator is like kicking God in the nuts
You dont need the patch to stop it shuting down.
Originally Posted by Saracen
I havnt really looked at the virus and I havnt had it because Im on 98 and my mate lives in germany and there is no way she would have understood instructions so I just read its paths and wrote a lil script.
Arguing with an administrator is like kicking God in the nuts
lol i wondered why the TCP port 135 died done and suddenly today i've had +80 ICMP "ping" attempts.
all safely blocked so no problemo
thanks for just clearing that up
That's a very strange virus! Why stop another virus then disable yourself when it gets to 2004?
just read this on anuffer forum looks like anuffer 1 is doing its rounds
Virus Warning: W32/Nachi.worm
Anyone else been hit by this Virus yet?
Causing a bit of mayhem in the office this morning....
most systems have been affected by it..
Quick Description:
This is another virus that exploits the MS03-026 vulnerability. In addition to exploiting this RPC DCOM vulnerability, the virus also attempts to exploit an NTDLL.DLL vulnerability (MS03-007) via WebDav
it's a friendly virus !
"The worm attempts to download the DCOM RPC patch from Microsoft's Windows Update Web site, install it, and then reboot the computer.
The worm checks for active machines to infect by sending an ICMP echo request, or PING, which will result in increased ICMP traffic.
The worm will also attempt to remove W32.Blaster.Worm."
Join the HEXUS Folding at Home Team!!
Welcome to HEXUS! - Read this if you're new!
hexus trust | joshwaller.co.uk | tea review
Still nice idea thoughOriginally posted by www.josh.org.uk
it's a friendly virus !
I hereby name it Capser " The friendly worm
Oh, for those of us on Blueyonder, they have kindly blocked all port 135's on thier routers.
Read more on status.blueyonder.co.uk cant remember what ticket it was, something about slowspeeds IIRC.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
LinkBack URL
About LinkBacks
Reply With Quote
