Tweet
Yup, RPC exploit it seems.
-
-
Symantec has released a tool to remove the worm.<font size="-4">User error:
Replace user and try again.
System 1: P4 2.8@3.25, P4C800-E Deluxe, 1024MB 3200 CL2, 160+120 GB WD, XP Pro, Skystar 2, Matrox Parhelia 128R, Chieftec Dragon Full Tower (Silver).
System 2: P4 2.0, Intel 845, 1024MB Generic RAM, 80GB WD, XP Pro, Promise Ultra133 TX2, GF3 Ti500. Resides in a neat Compaq case.
</font>Comment
-
Doh. I use Kerio myself. I used to love Zonelalarm's functionality, but it would often bork my internet connection randomly. Even uninstalling it wouldn't bring my connection back.Originally posted by Zao
*sigh*
I was browsing the Windows Update website and was just going to download all patches when it struck. That's what I call good timing.
Tiny Personal Firewall doesn't seem to catch it for me, but Symantec does.
I wonder if it would be a good idea to install Symantec Antivirus again
Comment
-
AVG didn't catch this thing either. I think it just hit TOO DAMN FAST for most people's antivirus defs to have been up-to-date on it.
Gpar_The Internet - where men are men, women are men, and teenage girls are FBI agents!
I'm the least you could do
If only life were as easy as you
I'm the least you could do, oh yeah
If only life were as easy as you
I would still get screwedComment
-
Nothing so far made its way through our linksys router here at work.. I send out warnings to everyone else I know too...We have enough youth - What we need is a fountain of smart!
i7-920, 6GB DDR3-1600, HD4870X2, Dell 27" LCDComment
-
Still, get the patch. If one machine gets infected, the firewall won't help you.Originally posted by tjalfe
Nothing so far made its way through our linksys router here at work.. I send out warnings to everyone else I know too...Gigabyte P35-DS3L with a Q6600, 2GB Kingston HyperX (after *3* bad pairs of Crucial Ballistix 1066), Galaxy 8800GT 512MB, SB X-Fi, some drives, and a Dell 2005fpw. Running WinXP.Comment
-
I did patch all the machines here too.. and NAV is up to date also
We have enough youth - What we need is a fountain of smart!
i7-920, 6GB DDR3-1600, HD4870X2, Dell 27" LCDComment
-
Well you can guess what I was dealing with this afternoon on the helpdesk.
I wish users would patch their damn systems. Call after call "we can't get rid off it". Guess what system restore restoring the files.
There also seems a side effect of it preventing office 2000 from working afterwards unless it's incidental.Comment
-
This worm does more than Symantec would care to admit.
I've seen it:
- Lock people out of Office
- Lock people out of Regedit
- Trash Winsock
In addition to its KNOWN malignancies.
Gpar_The Internet - where men are men, women are men, and teenage girls are FBI agents!
I'm the least you could do
If only life were as easy as you
I'm the least you could do, oh yeah
If only life were as easy as you
I would still get screwedComment
-
I wouldn't just signal out Symantec for that.Originally posted by Gurm
This worm does more than Symantec would care to admit.
I've seen it:
- Lock people out of Office
- Lock people out of Regedit
- Trash Winsock
In addition to its KNOWN malignancies.
Gpar_
Also add disabling disable system restore to the list.
Wait till the variants start coming out.Comment
-
Well, after checking the systems here at work, only 2 where infected (surpise, the 2 that the boss uses, and he had disabled NAV on both).
Those 2 infected systems where taking down 6 XP rigs in the building.
Shows that a system doesn't have to be infected to be affected...Core2 Duo E7500 2.93, Asus P5Q Pro Turbo, 4gig 1066 DDR2, 1gig Asus ENGTS250, SB X-Fi Gamer ,WD Caviar Black 1tb, Plextor PX-880SA, Dual Samsung 2494sComment
-
Can't you sack your Boss for being stupid ????Originally posted by Kruzin
Well, after checking the systems here at work, only 2 where infected (surpise, the 2 that the boss uses, and he had disabled NAV on both).
Those 2 infected systems where taking down 6 XP rigs in the building.
Shows that a system doesn't have to be infected to be affected...Comment
-
We got struck at work today too.
I'd estimate that 400-ish machines got infected.
Work was impossible to perform due to that I work on a program that utilises a fair amount of RPC calls to another program.
Guess what happens if the RPC server dies.
Took the better part of the day for the lousy tech guys to clean out the last machines.
I can tell you, the internet is all browsed out now, nothing left to see.
<font size="-4">User error:
Replace user and try again.
System 1: P4 2.8@3.25, P4C800-E Deluxe, 1024MB 3200 CL2, 160+120 GB WD, XP Pro, Skystar 2, Matrox Parhelia 128R, Chieftec Dragon Full Tower (Silver).
System 2: P4 2.0, Intel 845, 1024MB Generic RAM, 80GB WD, XP Pro, Promise Ultra133 TX2, GF3 Ti500. Resides in a neat Compaq case.
</font>Comment
-
I wish.Originally posted by The PIT
Can't you sack your Boss for being stupid ????
You could not possibly imagine how ignorant he is.
He doesn't like seeing virus warning pop-up, or the reports from the weekly full scans I set them up to do.
In his mind those screens are "spam", and cost him $10,000/year to click off
I cannot put into words just how profoundly stupid this guy is...Core2 Duo E7500 2.93, Asus P5Q Pro Turbo, 4gig 1066 DDR2, 1gig Asus ENGTS250, SB X-Fi Gamer ,WD Caviar Black 1tb, Plextor PX-880SA, Dual Samsung 2494sComment
-
I must have the most unusual bosses then. I actually took away one's admin access and told her it was permanent. Of course the fact that my two bosses are my cousin and her husband could have something to do with it.Originally posted by Kruzin
Well, after checking the systems here at work, only 2 where infected (surpise, the 2 that the boss uses, and he had disabled NAV on both).
Those 2 infected systems where taking down 6 XP rigs in the building.
Shows that a system doesn't have to be infected to be affected...
She kept clicking on the plugin ads. She's the kind of person who tends to think things should be her way which works very well for her primary job but her computer does not agree. 
Comment
Comment