| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 44873 | 2004-05-02 07:44:00 | Sasser worm on XP, very agressive, beware lsass.exe problem | robo (205) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 233662 | 2004-05-02 07:44:00 | I've hit two machines being struck by this today. One was a brand new machine out of the box at 2pm and had it within minutes of getting on the net, the other a friends that we cleaned out and he was reinfected inside of an hour. It stops your machine and shuts it down within about two minutes of connecting to the web. A nasty worm, if ever I saw one. Anyone else been hit? Is it new? I've never come across it before and twice today is bizarre. robo. |
robo (205) | ||
| 233663 | 2004-05-02 07:49:00 | Hi Robo, I just posted about it. Yes its new :( Mike. |
Mike (15) | ||
| 233664 | 2004-05-02 07:51:00 | Oh yeah...it's spreading like wildfire. Same basic principle as MSBlaster , so if you have a firewall, you are very unlikely to get it. It uses the infected machine to search out other PC's it can spread to, again, only to NT, Win2K, Win2k3 server and XP. So far been recommending :- If XP, turn your restore off. Download Stinger from here (www.majorgeeks.com) and get the patch from here (www.microsoft.com) Stay offline, run Stinger , then patch. |
Pheonix (280) | ||
| 233665 | 2004-05-02 07:51:00 | See my thread here. Mike. |
Mike (15) | ||
| 233666 | 2004-05-02 07:53:00 | robo, Reasonably new see W32/Sasser.worm (vil.nai.com) for information and Stinger here (download.nai.com) for a removal tool. As alsways keep AV(s) up to date... Cheers, Babe |
Babe Ruth (416) | ||
| 233667 | 2004-05-02 07:53:00 | is this worm only on xp? ?:| | fus1_n (3818) | ||
| 233668 | 2004-05-02 07:56:00 | win2k as well, I think. Not NT 4. robo. |
robo (205) | ||
| 233669 | 2004-05-02 07:57:00 | I didn't spot that. I did look. robo. |
robo (205) | ||
| 233670 | 2004-05-02 07:58:00 | > I didn't spot that. I did look. :D I think I was posting mine when you posted yours :) So it wasn't there yet LOL Mike. |
Mike (15) | ||
| 233671 | 2004-05-02 08:02:00 | As per Pheonix's post: NT, Win2K, Win2k3 server and XP. So far. ie; there could be other variants on the way on an unsecured network near you. No need to rush though, plenty of available stocks in supply ;). If by any chance people don't want to take up this opportunity of the week (party poopers :( ), they can get a firewall with incoming and outgoing protection (ie; not XP's) and a good antivirus programme, all updated to the latest def's/pattern files. Cheers Murray P |
Murray P (44) | ||
| 1 2 3 4 | |||||