DescentBB

aney one got hit by this sucker yet?
it got me befor it was even a day old

http://securityresponse.symantec.com/av ... .worm.html

bothersome little worm but to easy to kill off

5-10 people on this floor got it..took all of 10 minutes to remove.

Anyone with a router won't even notice. For some reason, those ports weren't closed at the Aramark building. I'm guessing they are now!

spent this morning at a clients house taking care of 4 machines.....

No router (Buying two now)

Yea, if you have a firewall of some sort that doesn't let in the RPC ports you'll be fine.

But if you are infected, it's a pain to remove. Very smart worm from all accounts I've heard.

You can check to see if you have it here: http://www.microsoft.com/security/incident/sasser.asp

i had my xp fire wall up but had to kill it so my bro can send files and i forgot to turn it back on oh well no damage

but that worm done some thang els thats not on there page.
when it took over i couldent go to norton..com and all the other AV pages well i saw it goes in and edits the host file and blocks u from the pages

....automatic update....

MAYOR company network got blasted by Sasser.C.. My coworker catched it from them immediately, fortunately I'd taken care of our LAN before he returned. Killed our Linksys BEFSR41 V.2 (nothing a reset couln't fix tho).

past tense of "catch" = "caught"

I will catch you.
You will catch cold.
I'm catching up to you.
I [have] caught Herpes from Sasser.
Tomorrow, I will have caught the train to Pookagee = same as ---> Tomorrow I will catch the train...

English is a stupid language, I know.

English is a stupid language, and Pookagee is a stupid place name ;)

And Mobius isn't even English!

My friend got hit with this. Does autoupdate and a quick virus scan get rid of this?

Mobius is STUPID!

Topher wrote:....automatic update....

i know
i kept putting it off and putting it off so its my fault i got infected

ugh.... this one's making life utter misery at the HellDesk ...


Well, for the ones getting hit by this, i guess you had it coming, and i hope in the future you might consider updating windos a bit more, and/or running a firewall

It's been kinda quiet here. Haven't heard of anyone getting in my neck of the woods.

That was pretty funny, Mobius.

Never got hit by it.

i love my firewall.

Looks good on my end. Two firewalls and A/V software. Also have A/V on my ISP's end before stuff gets through

You know, someone needs to write a worm that does nothing but shut off your internet access, bombard you with messenger prompts every 5 seconds saying "You are an idiot because you can't even bother to get off your lazy ass and update your damn OS and Anti-Virus software!" and dump the infamous "Your are an Idiot!" flash in their startup....

Maybe then people will get a damn clue.

The patch has been out for two weeks people. If you get bit, its your own damn fault.

Patch is available here for those too lazy to run Windows Update.

Removal tool (McAffe) Removal tool (symantec) for those that got bit.

Anyone who frequents this board and gets a virus because they were too lazy to check for updates on O/S and AV needs to box up their computer and send it back to whence it came. Especially if you are running a Network of computers.... enable auto update if your lazy.

Norton used to only update their Virus Def's once a week, now it is almost on a daily basis..... come on folks

i never got it. i havn't updated windows for at least a few months, but reading this thread made me do it. ^_^

i also used the scaners and i didn't have it.
but i'm talking a customer through howto get rid of it on the phone right now.

Heh. I never update, I'm still running the first release of Win2000

*Pats router and norton AV.

So far the only computers I have seen that have had viruses on them, also had norton auto-protect on them and it was kept up to date, cant say the same for windowsupdate tho.

Tricord wrote:Heh. I never update, I'm still running the first release of Win2000

*Pats router and norton AV.

*notes Tricord's IP...

Seriously, how can you justify not applying security patches? I mean really, it's the retarded people that don't patch that let viruses like this spread.

Well, for one thing, I am not a retarded user and I know what exposes me and what doesn't. I don't browse dubious sites and I'm sitting behind a Linux router with NAT. My ISP blocks all ports under 1024, scans emails for viruses on the mailserver, and if you can still root my router you won't get very far. Only 13k of RAM left

I'm just applying the "don't fix what isn't broken" rule of thumb. In this way I'm still using ICQ2000a, MSN 5.0, IE 5.0 and more of that software that got upgraded at least four years ago...

Tricord wrote:Well, for one thing, I am not a retarded user and I know what exposes me and what doesn't. I don't browse dubious sites and I'm sitting behind a Linux router with NAT. My ISP blocks all ports under 1024, scans emails for viruses on the mailserver, and if you can still root my router you won't get very far. Only 13k of RAM left

I'm just applying the "don't fix what isn't broken" rule of thumb. In this way I'm still using ICQ2000a, MSN 5.0, IE 5.0 and more of that software that got upgraded at least four years ago...

Whatever... next time i see you at a lanparty your pc'll be owned by both msblast and sasser

(last OCC i saw an entire row of pc's getting shut down by blaster at the same time, heh)

Vertigo wrote:Whatever... next time i see you at a lanparty your pc'll be owned by both msblast and sasser

That might be a problem

Tricord wrote: I'm just applying the "don't fix what isn't broken" rule of thumb. In this way I'm still using ICQ2000a, MSN 5.0, IE 5.0 and more of that software that got upgraded at least four years ago...

But...it is broken, that's why there's a fix for it!
That's like saying "I won't get the vaccine until I know I have the disease" or "I won't buckle up unless I see a car coming".

Or am I just being ornery? (Quite possible)

"Anyone who frequents this board and gets a virus because they were too lazy to check for updates on O/S and AV needs to box up their computer and send it back to whence it came. Especially if you are running a Network of computers.... enable auto update if your lazy. "

COUNT ME IN!!!!!
I got it. I had JUST reformatted and installed XP fresh. There must have been a matter of 1 hour where I hadn't installed windows XP updates and virus definitions.

For some reason the Dlink wireless router i have isn't doing NAT. Also, I can't contact it at all using 192.168.1.

yeah i connected to the net in the morning and went to the store and came back and computer was acting all funney

thank god for system restore went back 2 weeks and sick AVG on it.

this worm was to easy to kill i like the hard ones like Monkey where you half to really work to kill it

Nothing here.

I taught everyone here in the office how to use windowsupdate.

nothing says loving like a good firewall.

should the first thing people install on a new copy of NT/2K/XP.

Warlock wrote:yeah i connected to the net in the morning and went to the store and came back and computer was acting all funney

thank god for system restore went back 2 weeks and sick AVG on it.

this worm was to easy to kill i like the hard ones like Monkey where you half to really work to kill it

No offense, but if you get infected with a virus or worm, using system restore is the worst thing you can do since they tend to go after restore points first thing. All you're doing by running SR is making things worse.

well at that point i didnt care but it did good though it got my net back up and running so i can get the new virus def

but if it didnt work i would have just blown my C drive cause nothing is on there but the OS