Author |
Topic: New BASTARD is out there (Read 661 times) |
|
The mad viking
CH.com Alumnus
New Board Hall of Famer
Always Look on The Bright Side of Life
 
 
Gender: 
Posts: 3135
|
 |
New BASTARD is out there
« on: Aug 16th, 2005, 3:11am » |
 Quote  Modify
|
Search our siteSkip navigation Products Support Virus infoVirus analysesSpyware and adwareHoaxesBest practiceViruses explainedArticlesWhite papersTop ten virusesEmail notificationInfo feed Spam info Company info Press office Partners Skip breadcrumbs Home Virus info Virus analyses
Virus information
W32/Zotob-A
Summary
Summary Description Recovery Advanced
Profile Prevalence: low high
Name W32/Zotob-A
Type Worm
Affected operating systems Windows
Side effects Allows others to access the computer
Reduces system security
Installs itself in the Registry
Exploits system or software vulnerabilities
Aliases Net-Worm.Win32.Mytob.cd
W32/Zotob.worm
WORM_ZOTOB.A
Protection Download virus identity (IDE) file
Protection available since 14 August 2005 15:53:19 (GMT)
Included in our products from October 2005 (3.9
More information on IDE files What are IDE files?
How to use IDE files
Get the latest IDE files
Staying up to date
EM Library provides fully automated updating of Sophos Anti-Virus on a wide range of platforms. If you're using one of our enterprise solutions and aren't already using EM Library, check it out now. Users of our small business solutions are automatically updated by Sophos AutoUpdate.
Description
Summary Description Recovery Advanced
This section helps you to understand how it behaves
W32/Zotob-A is a worm and backdoor Trojan for the Windows platform.
W32/Zotob-A spreads to other network computers by exploiting common buffer overflow vulnerabilites, including LSASS (MS04-011) and PnP (MS05-039).
W32/Zotob-A runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
Recovery
Summary Description Recovery Advanced
This section tells you how to disinfect.
Please follow the instructions for removing worms.
Advanced
Summary Description Recovery Advanced
This section is for technical experts who want to know more.
W32/Zotob-A is a worm and backdoor Trojan for the Windows platform.
W32/Zotob-A spreads to other network computers by exploiting common buffer overflow vulnerabilites, including LSASS (MS04-011) and PnP (MS05-039).
W32/Zotob-A runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
When first run W32/Zotob-A copies itself to <System>\botzor.exe.
The following registry entries are created to run botzor.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
WINDOWS SYSTEM
botzor.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
WINDOWS SYSTEM
botzor.exe
W32/Zotob-A also sets the following registry entry
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess
Start
4
The worm may drop a file 2pac.txt. This is a text file that may be safely deleted.
W32/Zotob-A also appends the following to the system HOSTS file in order to prevent access to certain websites:
Botzor2005 Made By .... Greetz to good friend Coder. Based On HellBot3
MSG to avs: the first av who detect this worm will be the first killed in the next 24hours!!!
n127.0.0.1 www.symantec.com
127.0.0.1 securityresponse.symantec.com
127.0.0.1 symantec.com
127.0.0.1 www.sophos.com
127.0.0.1 sophos.com
127.0.0.1 www.mcafee.com
127.0.0.1 mcafee.com
127.0.0.1 liveupdate.symantecliveupdate.com
127.0.0.1 www.viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 f-secure.com
127.0.0.1 www.f-secure.com
127.0.0.1 kaspersky.com
127.0.0.1 kaspersky-labs.com
127.0.0.1 www.avp.com
127.0.0.1 www.kaspersky.com
127.0.0.1 avp.com
127.0.0.1 www.networkassociates.com
127.0.0.1 networkassociates.com
127.0.0.1 www.ca.com
127.0.0.1 ca.com
127.0.0.1 mast.mcafee.com
127.0.0.1 my-etrust.com
127.0.0.1 www.my-etrust.com
127.0.0.1 download.mcafee.com
127.0.0.1 dispatch.mcafee.com
127.0.0.1 secure.nai.com
127.0.0.1 nai.com
127.0.0.1 www.nai.com
127.0.0.1 update.symantec.com
127.0.0.1 updates.symantec.com
127.0.0.1 us.mcafee.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 rads.mcafee.com
127.0.0.1 trendmicro.com
127.0.0.1 pandasoftware.com
127.0.0.1 www.pandasoftware.com
127.0.0.1 www.trendmicro.com
127.0.0.1 www.grisoft.com
127.0.0.1 www.microsoft.com
127.0.0.1 microsoft.com
127.0.0.1 www.virustotal.com
127.0.0.1 virustotal.com
127.0.0.1 www.amazon.com
127.0.0.1 www.amazon.co.uk
127.0.0.1 www.amazon.ca
127.0.0.1 www.amazon.fr
127.0.0.1 www.paypal.com
127.0.0.1 paypal.com
127.0.0.1 moneybookers.com
127.0.0.1 www.moneybookers.com
127.0.0.1 www.ebay.com
127.0.0.1 ebay.com
Patches for the operating system vulnerabilities exploited by W32/Zotob-A can be obtained from Microsoft at:
MS04-011
MS05-039
© 1997-2005 Sophos Plc. All rights reserved. Legal | Privacy
continues
|
| « Last Edit: Aug 16th, 2005, 4:40am by The mad viking » |
 IP Logged |
Always Look on The Bright Side of Life
|
|
|
The mad viking
CH.com Alumnus
New Board Hall of Famer
Always Look on The Bright Side of Life
Gender:
Posts: 3135
|
 |
Re: New BASTARD is out there
« Reply #1 on: Aug 16th, 2005, 3:12am » |
Quote Modify
|
Search our siteSkip navigation Products Support Virus infoVirus analysesSpyware and adwareHoaxesBest practiceViruses explainedArticlesWhite papersTop ten virusesEmail notificationInfo feed Spam info Company info Press office Partners Skip breadcrumbs Home Virus info Virus analyses
Virus information
W32/Zotob-A
Summary
Summary Description Recovery Advanced
Profile Prevalence: low high
Name W32/Zotob-A
Type Worm
Affected operating systems Windows
Side effects Allows others to access the computer
Reduces system security
Installs itself in the Registry
Exploits system or software vulnerabilities
Aliases Net-Worm.Win32.Mytob.cd
W32/Zotob.worm
WORM_ZOTOB.A
Protection Download virus identity (IDE) file
Protection available since 14 August 2005 15:53:19 (GMT)
Included in our products from October 2005 (3.9
More information on IDE files What are IDE files?
How to use IDE files
Get the latest IDE files
Staying up to date
EM Library provides fully automated updating of Sophos Anti-Virus on a wide range of platforms. If you're using one of our enterprise solutions and aren't already using EM Library, check it out now. Users of our small business solutions are automatically updated by Sophos AutoUpdate.
Description
Summary Description Recovery Advanced
This section helps you to understand how it behaves
W32/Zotob-A is a worm and backdoor Trojan for the Windows platform.
W32/Zotob-A spreads to other network computers by exploiting common buffer overflow vulnerabilites, including LSASS (MS04-011) and PnP (MS05-039).
W32/Zotob-A runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
Recovery
Summary Description Recovery Advanced
This section tells you how to disinfect.
Please follow the instructions for removing worms.
Advanced
Summary Description Recovery Advanced
This section is for technical experts who want to know more.
W32/Zotob-A is a worm and backdoor Trojan for the Windows platform.
W32/Zotob-A spreads to other network computers by exploiting common buffer overflow vulnerabilites, including LSASS (MS04-011) and PnP (MS05-039).
W32/Zotob-A runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
When first run W32/Zotob-A copies itself to <System>\botzor.exe.
The following registry entries are created to run botzor.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
WINDOWS SYSTEM
botzor.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
WINDOWS SYSTEM
botzor.exe
W32/Zotob-A also sets the following registry entry
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess
Start
4
The worm may drop a file 2pac.txt. This is a text file that may be safely deleted.
W32/Zotob-A also appends the following to the system HOSTS file in order to prevent access to certain websites:
Botzor2005 Made By .... Greetz to good friend Coder. Based On HellBot3
MSG to avs: the first av who detect this worm will be the first killed in the next 24hours!!!
n127.0.0.1 www.symantec.com
127.0.0.1 securityresponse.symantec.com
127.0.0.1 symantec.com
127.0.0.1 www.sophos.com
127.0.0.1 sophos.com
127.0.0.1 www.mcafee.com
127.0.0.1 mcafee.com
127.0.0.1 liveupdate.symantecliveupdate.com
127.0.0.1 www.viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 f-secure.com
127.0.0.1 www.f-secure.com
127.0.0.1 kaspersky.com
127.0.0.1 kaspersky-labs.com
127.0.0.1 www.avp.com
127.0.0.1 www.kaspersky.com
127.0.0.1 avp.com
127.0.0.1 www.networkassociates.com
127.0.0.1 networkassociates.com
127.0.0.1 www.ca.com
127.0.0.1 ca.com
127.0.0.1 mast.mcafee.com
127.0.0.1 my-etrust.com
127.0.0.1 www.my-etrust.com
127.0.0.1 download.mcafee.com
127.0.0.1 dispatch.mcafee.com
127.0.0.1 secure.nai.com
127.0.0.1 nai.com
127.0.0.1 www.nai.com
127.0.0.1 update.symantec.com
127.0.0.1 updates.symantec.com
127.0.0.1 us.mcafee.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 rads.mcafee.com
127.0.0.1 trendmicro.com
127.0.0.1 pandasoftware.com
127.0.0.1 www.pandasoftware.com
127.0.0.1 www.trendmicro.com
127.0.0.1 www.grisoft.com
127.0.0.1 www.microsoft.com
127.0.0.1 microsoft.com
127.0.0.1 www.virustotal.com
127.0.0.1 virustotal.com
127.0.0.1 www.amazon.com
127.0.0.1 www.amazon.co.uk
127.0.0.1 www.amazon.ca
127.0.0.1 www.amazon.fr
127.0.0.1 www.paypal.com
127.0.0.1 paypal.com
127.0.0.1 moneybookers.com
127.0.0.1 www.moneybookers.com
127.0.0.1 www.ebay.com
127.0.0.1 ebay.com
Patches for the operating system vulnerabilities exploited by W32/Zotob-A can be obtained from Microsoft at:
MS04-011
MS05-039
© 1997-2005 Sophos Plc. All rights reserved. Legal | Privacy
Svenn
|
|
IP Logged |
Always Look on The Bright Side of Life
|
|
|
The mad viking
CH.com Alumnus
New Board Hall of Famer
Always Look on The Bright Side of Life
Gender:
Posts: 3135
|
|
Re: New BASTARD is out there
« Reply #2 on: Aug 16th, 2005, 3:17am » |
Quote Modify
|
Reboot the computer from a clean startup or system disk.
Delete the worm files manually or using the DOS instructions.
5. Macintosh OS X computers
To remove a worm:
Check the virus analysis for details on the worm and its removal.
Close down all programs.
Run the Sophos Anti-Virus program.
Go to ‘Sophos Anti-Virus preferences'.
Choose 'Disinfection' from the ‘Immediate Mode' menu.
Select 'Infected Files' and 'Delete'.
Close ‘Sophos Anti-Virus preferences'.
Click the green ‘Play' arrow button.
Click 'OK' when asked if files should be deleted.
Run another scan to ensure that the worm has been removed.
Go back to 'Virus Action' and deselect 'Infected Files' and 'Delete'.
If problems persist, contact support.
6. DOS
You will need SWEEP for DOS on floppy disk. To do this, make a set of Emergency SAV disks.
Check the virus analysis for details on the worm and its removal.
Reboot your PC from a clean system disk, put the SWEEP for DOS disk in the floppy drive and at the A: prompt type:
SWEEP *: -REMOVEF
|
|
IP Logged |
Always Look on The Bright Side of Life
|
|
|
The mad viking
CH.com Alumnus
New Board Hall of Famer
Always Look on The Bright Side of Life
Gender:
Posts: 3135
|
|
Re: New BASTARD is out there
« Reply #3 on: Aug 16th, 2005, 3:17am » |
Quote Modify
|
7. OS/2
Check the virus analysis for details on the worm and its removal.
For drive C: at a command prompt type
OSWEEP C: -REMOVEF
Run a scan to check that all worm files were deleted.
If infection persists, disinfect in stand-alone mode:
If OS/2 is running, shut it down.
Boot OS/2 from the OS/2 Utility disk set. Follow the on-screen instructions. When booting has finished the A: prompt appears.
Remove the OS/2 Utility disk.
Place the Emergency OSWEEP disk in drive A:.
For drive C: at the A: command prompt type
OSWEEP C: -REMOVEF -CI
(-REMOVEF deletes the infected files, -CI checks the integrity of SWEEP on the 'Emergency OSWEEP' disk.) The computer checks program integrity then asks for the virus data disk. Replace the Emergency OSWEEP disk with the virus data disk.
After disinfection, run another scan to check that all worm files were deleted.
If problems persist, contact support.
8. NetWare
Note: This will delete any documents infected with macro viruses. Deal with them first.
Check the virus analysis for details on the worm and its removal.
Run a scan to locate all worm files.
Select 'Delete' in the 'Removal mode' option of the Immediate Mode menu.
Delete the worm files.
9. UNIX
Check the virus analysis for details on the worm and its removal.
Use SWEEP with the -remove option
sweep -remove
Run a scan to check that all worm files were deleted.
10. OpenVMS
Check the virus analysis for details on the worm and its removal.
Delete the worm files by running VSWEEP from DCL using the command line qualifier '/REMOVEF'.
Note: '/REMOVEF' does not prompt for confirmation before deletion and should be used with caution.
For details on the use of these command line qualifiers and sample batch files using them, see the Sophos Anti-Virus for OpenVMS manual.
© 1997-2005 Sophos Plc. All rights reserved. Legal | Privacy
Svenn
Continues
|
|
IP Logged |
Always Look on The Bright Side of Life
|
|
|
The mad viking
CH.com Alumnus
New Board Hall of Famer
Always Look on The Bright Side of Life
Gender:
Posts: 3135
|
|
Re: New BASTARD is out there
« Reply #4 on: Aug 16th, 2005, 3:17am » |
Quote Modify
|
Search our siteSkip navigation Products Support Virus infoVirus analysesSpyware and adwareHoaxesBest practiceViruses explainedArticlesWhite papersTop ten virusesEmail notificationInfo feed Spam info Company info Press office Partners Skip breadcrumbs Home Virus info Virus analyses
Virus information
W32/Zotob-A
Summary
Summary Description Recovery Advanced
Profile Prevalence: low high
Name W32/Zotob-A
Type Worm
Affected operating systems Windows
Side effects Allows others to access the computer
Reduces system security
Installs itself in the Registry
Exploits system or software vulnerabilities
Aliases Net-Worm.Win32.Mytob.cd
W32/Zotob.worm
WORM_ZOTOB.A
Protection Download virus identity (IDE) file
Protection available since 14 August 2005 15:53:19 (GMT)
Included in our products from October 2005 (3.9
More information on IDE files What are IDE files?
How to use IDE files
Get the latest IDE files
Staying up to date
EM Library provides fully automated updating of Sophos Anti-Virus on a wide range of platforms. If you're using one of our enterprise solutions and aren't already using EM Library, check it out now. Users of our small business solutions are automatically updated by Sophos AutoUpdate.
Description
Summary Description Recovery Advanced
This section helps you to understand how it behaves
W32/Zotob-A is a worm and backdoor Trojan for the Windows platform.
W32/Zotob-A spreads to other network computers by exploiting common buffer overflow vulnerabilites, including LSASS (MS04-011) and PnP (MS05-039).
W32/Zotob-A runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
Recovery
Summary Description Recovery Advanced
This section tells you how to disinfect.
Please follow the instructions for removing worms.
Advanced
Summary Description Recovery Advanced
This section is for technical experts who want to know more.
W32/Zotob-A is a worm and backdoor Trojan for the Windows platform.
W32/Zotob-A spreads to other network computers by exploiting common buffer overflow vulnerabilites, including LSASS (MS04-011) and PnP (MS05-039).
W32/Zotob-A runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer.
When first run W32/Zotob-A copies itself to <System>\botzor.exe.
The following registry entries are created to run botzor.exe on startup:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
WINDOWS SYSTEM
botzor.exe
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
WINDOWS SYSTEM
botzor.exe
W32/Zotob-A also sets the following registry entry
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess
Start
4
The worm may drop a file 2pac.txt. This is a text file that may be safely deleted.
W32/Zotob-A also appends the following to the system HOSTS file in order to prevent access to certain websites:
Botzor2005 Made By .... Greetz to good friend Coder. Based On HellBot3
MSG to avs: the first av who detect this worm will be the first killed in the next 24hours!!!
n127.0.0.1 www.symantec.com
127.0.0.1 securityresponse.symantec.com
127.0.0.1 symantec.com
127.0.0.1 www.sophos.com
127.0.0.1 sophos.com
127.0.0.1 www.mcafee.com
127.0.0.1 mcafee.com
127.0.0.1 liveupdate.symantecliveupdate.com
127.0.0.1 www.viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 viruslist.com
127.0.0.1 f-secure.com
127.0.0.1 www.f-secure.com
127.0.0.1 kaspersky.com
127.0.0.1 kaspersky-labs.com
127.0.0.1 www.avp.com
127.0.0.1 www.kaspersky.com
127.0.0.1 avp.com
127.0.0.1 www.networkassociates.com
127.0.0.1 networkassociates.com
127.0.0.1 www.ca.com
127.0.0.1 ca.com
127.0.0.1 mast.mcafee.com
127.0.0.1 my-etrust.com
127.0.0.1 www.my-etrust.com
127.0.0.1 download.mcafee.com
127.0.0.1 dispatch.mcafee.com
127.0.0.1 secure.nai.com
127.0.0.1 nai.com
127.0.0.1 www.nai.com
127.0.0.1 update.symantec.com
127.0.0.1 updates.symantec.com
127.0.0.1 us.mcafee.com
127.0.0.1 liveupdate.symantec.com
127.0.0.1 customer.symantec.com
127.0.0.1 rads.mcafee.com
127.0.0.1 trendmicro.com
127.0.0.1 pandasoftware.com
127.0.0.1 www.pandasoftware.com
127.0.0.1 www.trendmicro.com
127.0.0.1 www.grisoft.com
127.0.0.1 www.microsoft.com
127.0.0.1 microsoft.com
127.0.0.1 www.virustotal.com
127.0.0.1 virustotal.com
127.0.0.1 www.amazon.com
127.0.0.1 www.amazon.co.uk
127.0.0.1 www.amazon.ca
127.0.0.1 www.amazon.fr
127.0.0.1 www.paypal.com
127.0.0.1 paypal.com
127.0.0.1 moneybookers.com
127.0.0.1 www.moneybookers.com
127.0.0.1 www.ebay.com
127.0.0.1 ebay.com
Patches for the operating system vulnerabilities exploited by W32/Zotob-A can be obtained from Microsoft at:
MS04-011
MS05-039
© 1997-2005 Sophos Plc. All rights reserved. Legal | Privacy
Svenn
|
|
IP Logged |
Always Look on The Bright Side of Life
|
|
|
AussieBrian
New Board Hall of Famer
Got beer?
Gender:
Posts: 1695
|
|
Re: New BASTARD is out there
« Reply #5 on: Aug 16th, 2005, 4:05am » |
Quote Modify
|
Lovely, Svenn. Just loverly!
The underlying influence of Browning's imagery subjugates the analogy and the prolypse to Jung was purely metaphysical in it's nature.
Yeats tried this, backing on Keat's failure to establish the metaphore, even the modernists thought twice. Given my computer wizardry, I shall now C & P this to our poetry section where it shall hang with pride in finitum et ad nauseum.
I raise my hat and bend my knee to a higher authority, and will never write another poem. I simply can't compete with perfection.
|
|
IP Logged |
Vulcrania horrendus - twice daily, then two at night in lieu of sleep.
|
|
|
Jasmyn
CH.com Alumnus
New Board Hall of Famer
Each day will be a new trick in life's journey
Gender: 
Posts: 2762
|
|
Re: New BASTARD is out there
« Reply #6 on: Aug 16th, 2005, 4:11am » |
Quote Modify
|
Svenn like Aussie Brain just said, it's a bit over my head! 
|
|
IP Logged |
Jazz 
Madness is proclaimed by society’s inability to accept its own infallibility
|
|
|
The mad viking
CH.com Alumnus
New Board Hall of Famer
Always Look on The Bright Side of Life
Gender:
Posts: 3135
|
|
Re: New BASTARD is out there
« Reply #7 on: Aug 16th, 2005, 4:44am » |
Quote Modify
|
Its jusdt a warning about a new worm out there folks
I just cut and pasted the stuff in case those poor bastards with dialup dont have to open more windows then neccesery
Read or not,thats your problem 
|
| « Last Edit: Aug 16th, 2005, 4:45am by The mad viking » |
IP Logged |
Always Look on The Bright Side of Life
|
|
|
TheMasterBaker
New Board Junior
Gender:
Posts: 68
|
|
Re: New BASTARD is out there
« Reply #8 on: Aug 16th, 2005, 7:37am » |
Quote Modify
|
I work with two major global networks, both slowed or down since yestreday....BASTARDS!!
Thanks Svenn!!
|
|
IP Logged |
|
|
|
Jeepgun
CH.com Alumnus
New Board Hall of Famer
BOHICA!!!
Gender:
Posts: 3840
|
|
Re: New BASTARD is out there
« Reply #9 on: Aug 16th, 2005, 8:01am » |
Quote Modify
|
on Aug 16th, 2005, 4:05am, AussieBrian wrote:The underlying influence of Browning's imagery subjugates the analogy and the prolypse to Jung was purely metaphysical in it's nature.
Yeats tried this, backing on Keat's failure to establish the metaphore, even the modernists thought twice. Given my computer wizardry, I shall now C & P this to our poetry section where it shall hang with pride in finitum et ad nauseum. |
|
I quite agree.
|
|
IP Logged |
Her: "Have you ever hit a deer?"
Me: "What, like, in the FACE?"
Her: ..... "WHAT is the MATTER with you!?"
|
|
|
Redd_baby_girl
New Board Newbie
Love can't be found, unless we seek it for ourself
Posts: 30
|
|
Re: New BASTARD is out there
« Reply #10 on: Aug 16th, 2005, 8:12am » |
Quote Modify
|
i feel like i have a migrane. i have had one b4, believe me. easter time. ask Redd; she'll tell you. had to go home early... i didn't get enough candy..... GR U U STUPID MIGRANES!!!!!!!! GR U U STUPID CLUSTERHEADACHES!!!!!!!! WHY DID YOU HAVE TO COME TO RUIN SOME PPLZ LIVES BY INFECITNG THEM OR WHATEVER U DO AND TO RUIN THE LIVES OF THE PPLZ AROUND THEM BECASUE U HURT THEIR FEELINGS BY SHOWING UP AND TORMENTING THE PPLZ WITH WHOM U HAVE INFECTED OR WHATEVER!!!!
but, anyway, i will watch out for this new worm. REAL worms are squiggley, COMPUTER worms are very stupid. i hope that it doesn't affect any1's comeputer that i know and love.
Megi
|
|
IP Logged |
http://tickers.TickerFactory.com/ezt/d/4;10708;116/st/20060701/e/My+Birthday%21/k/6963/event.png
|
|
|
Jasmyn
CH.com Alumnus
New Board Hall of Famer
Each day will be a new trick in life's journey
Gender:
Posts: 2762
|
|
Re: New BASTARD is out there
« Reply #11 on: Aug 16th, 2005, 8:28am » |
Quote Modify
|
Hang in there Megi! 
|
|
IP Logged |
Jazz
Madness is proclaimed by society’s inability to accept its own infallibility
|
|
|
Jeepgun
CH.com Alumnus
New Board Hall of Famer
BOHICA!!!
Gender:
Posts: 3840
|
|
Re: New BASTARD is out there
« Reply #12 on: Aug 16th, 2005, 8:33am » |
Quote Modify
|
Hang in there, Megi. 
|
|
IP Logged |
Her: "Have you ever hit a deer?"
Me: "What, like, in the FACE?"
Her: ..... "WHAT is the MATTER with you!?"
|
|
|
ClusterChuck
CH.com Alumnus
New Board Hall of Famer
The BEAST rises again, and again, and again, and .
Gender:
Posts: 3181
|
|
Re: New BASTARD is out there
« Reply #13 on: Aug 16th, 2005, 10:42am » |
Quote Modify
|
OK, call me "Not too smucken fart" ... ... (NO wise a$$ comments required ... I can hear you all thinking of a comment to make ...)
Can you tell me, in plain language, how you get this worm/virus, like is there any particular message to watch out for? Also, how do you know (in a dummy's eyes) that you have been infected?
Chuck, the 'puter dumkoff
|
|
IP Logged |
"No man can be happy without a friend, nor be sure of his friend till he is unhappy."
Thomas Fuller
|
|
|
Jeepgun
CH.com Alumnus
New Board Hall of Famer
BOHICA!!!
Gender:
Posts: 3840
|
|
Re: New BASTARD is out there
« Reply #14 on: Aug 16th, 2005, 10:47am » |
Quote Modify
|
In other news, the OLD BASTARD is still out there. ME!!!!!
|
|
IP Logged |
Her: "Have you ever hit a deer?"
Me: "What, like, in the FACE?"
Her: ..... "WHAT is the MATTER with you!?"
|
|
|
The mad viking
CH.com Alumnus
New Board Hall of Famer
Always Look on The Bright Side of Life
Gender:
Posts: 3135
|
|
Re: New BASTARD is out there
« Reply #15 on: Aug 16th, 2005, 1:47pm » |
Quote Modify
|
on Aug 16th, 2005, 10:42am, ClusterChuck wrote:OK, call me "Not too smucken fart" ... ... (NO wise a$$ comments required ... I can hear you all thinking of a comment to make ...)
Can you tell me, in plain language, how you get this worm/virus, like is there any particular message to watch out for? Also, how do you know (in a dummy's eyes) that you have been infected?
Chuck, the 'puter dumkoff |
|
Plain language is=
Du vet da hva du må gjøre Chuck.Er ikke så vanskelig
You know what to do is the other plain language
For the rest of you keep your antivirusprogg updates at all time also use a worm/spy program remover like spybot or adaware
|
| « Last Edit: Aug 16th, 2005, 1:49pm by The mad viking » |
IP Logged |
Always Look on The Bright Side of Life
|
|
|
Jeepgun
CH.com Alumnus
New Board Hall of Famer
BOHICA!!!
Gender:
Posts: 3840
|
|
Re: New BASTARD is out there
« Reply #16 on: Aug 16th, 2005, 2:18pm » |
Quote Modify
|
Sappari wakaranai... Gata-gata itten jianaiyo! Chikusho... 
|
|
IP Logged |
Her: "Have you ever hit a deer?"
Me: "What, like, in the FACE?"
Her: ..... "WHAT is the MATTER with you!?"
|
|
|
Charlie
CH.com Alumnus
New Board Hall of Famer
Happy to be here
   
Gender:
Posts: 14968
|
|
Re: New BASTARD is out there
« Reply #17 on: Aug 16th, 2005, 8:18pm » |
Quote Modify
|
Yikes.
Charlie 
|
|
IP Logged |
There is nothing more satisfying than being shot at without result---Winston Churchill
|
|
|
Redneck
Guest
|
|
Re: New BASTARD is out there
« Reply #18 on: Aug 16th, 2005, 8:48pm » |
Quote Modify
 Remove
|
Kevlar in place, adware already updated, avast updated, microsoft anitspyware updated, spywareblaster updated, spysubtract (now trend micro) updated, windows firewall and windows updated. Network at the office already cleaned it out. And a couple more I aint a telling about
|
|
IP Logged |
|
|
|
Opus
New Board Hall of Famer
(Insert witty comment here)
Gender:
Posts: 2509
|
|
Re: New BASTARD is out there
« Reply #19 on: Aug 16th, 2005, 9:06pm » |
Quote Modify
|
It is a worm, it doesn't require user intervention to infect like a virus does, it attacks and infects vulnerable systems automatically. Since it only affects Microsoft Windows systems, only those users need to be concerned. This worm affects Windows 2000 ( NT5.0) and can be stopped by getting the recent updates, blocking port 445 ( which will affect file sharing with other windows systems and samba servers) and disabling Universal Plug and Play.
Opus/Paul
|
|
IP Logged |
Zed-Zed-nine plural-Zed alpha,
There is no place like home.
|
|
|
Opus
New Board Hall of Famer
(Insert witty comment here)
Gender:
Posts: 2509
|
|
Re: New BASTARD is out there
« Reply #20 on: Aug 16th, 2005, 9:18pm » |
Quote Modify
|
More on the worm
Sorry but the site seems to be Slashdotted so you might have to wait a while before it works.
Opus/Paul
|
| « Last Edit: Aug 16th, 2005, 9:25pm by Opus » |
IP Logged |
Zed-Zed-nine plural-Zed alpha,
There is no place like home.
|
|
|
Opus
New Board Hall of Famer
(Insert witty comment here)
Gender:
Posts: 2509
|
|
Re: New BASTARD is out there
« Reply #21 on: Aug 16th, 2005, 9:22pm » |
Quote Modify
|
on Aug 16th, 2005, 8:48pm, Redneck wrote:| Kevlar in place, adware already updated, avast updated, microsoft anitspyware updated, spywareblaster updated, spysubtract (now trend micro) updated, windows firewall and windows updated. Network at the office already cleaned it out. And a couple more I aint a telling about |
|
And all I had to do was install Ubuntu to get the same result.
Opus/Paul 
|
|
IP Logged |
Zed-Zed-nine plural-Zed alpha,
There is no place like home.
|
|
|
BobG
New Board Hall of Famer
Gender:
Posts: 5747
|
|
Re: New BASTARD is out there
« Reply #22 on: Aug 17th, 2005, 1:10pm » |
Quote Modify
|
We just got a notice that the worm has gotten into the U.S. Senate computers and has caused a work slow down.
Slowdown? Yeah right, how could any body tell?
|
|
IP Logged |
Stay stressed. Never relax. Never sleep. Ever.
|
|
|
|
|
|
Home
Help
Search
Members
Member Map
Login
Register
Reply
Notify of replies
Send Topic
Print
test rss