kansasskydiver 0 #1 May 3, 2004 If you are running Win 2000, NT, 2003 or XP you may be at risk. These can be picked up from the internet no matter how you connect. We're having problems today at work so just letting everyone know 1. Sasser or Gaobot Worm - How to tell the difference? What is happening? Customers are being infected by either of these two worms: SASSER or GABOT (pronounced GO-BOT). If infected, customer will report slow browse, intermittent connectivity, systems rebooting every few minutes without user input, LSASS.exe error messages, LSA Shell error messages, and some customers whose computers have been infected may not notice the presence of the worm at all. Who was affected? All Dial and DSL customers/Cable customers How do I tell if infected by SASSER worm? Ask the customer to open the task manager on their computer. If the following processes are running, they are infected by SASSER. Have the customer terminate this process. · *_up.exe · avserv*.exe How do I tell if infected by GAOBOT worm? Ask the customer to open the task manager on their computer. If the following processes are running, they are infected by GAOBOT. Have the customer terminate this process. · hkey.exe · msiwin84.exe · wmiprvsw.exe Removal Instructions, for customer who CAN connect: Give the customer the following instructions. They must complete them in the order listed below. 1. Remove the worm from their computer by using a removal tool found on McAfee’s web site: 2. Download and install all available critical patches for your Window's operating system from the Microsoft web site: 3. Upgrade antivirus definitions to protect your computer from SASSER and GAOBOT and their variants, including future worms and viruses. Removal Instructions, for customer who CANNOT connect: If customer cannot connect or maintain a connection in order to remove these worms and download the necessary updates, please have them contact Microsoft at 866-PCSAFETY (866-727-2338).<--- See look, pink dolphins DO exist! Quote Share this post Link to post Share on other sites
sunshine 2 #2 May 4, 2004 I hate people that make viruses. Whats the fuckin point?? My home puter is infected which means no internet for me at home until michael gets a chance to come fix me up. ___________________________________________ meow I get a Mike hug! I get a Mike hug! Quote Share this post Link to post Share on other sites
kansasskydiver 0 #3 May 4, 2004 Can you get onto the internet at all? What version of Windows are you running and how do you connect? Dial, Cable or DSL?<--- See look, pink dolphins DO exist! Quote Share this post Link to post Share on other sites
ChasingBlueSky 0 #4 May 4, 2004 QuoteI hate people that make viruses. Whats the fuckin point?? My home puter is infected which means no internet for me at home until michael gets a chance to come fix me up. These days there really isn't a point. The large influx of virii is the result of several online groups attacking each other (if you look inside the virus code you will immature personal attacks in the messages). Or, it is a "political" statement against Microsoft. You really need to experience this group of individuals to see how sad and small their life really is. I worked with a kid that taught himself Unix over a weekend and a month later hacked his first major attack. Nine months later he was hiding in Canada because they tracked him down....he fit every stereotype of the "no-life" geek._________________________________________ you can burn the land and boil the sea, but you can't take the sky from me.... I WILL fly again..... Quote Share this post Link to post Share on other sites
kansasskydiver 0 #5 May 4, 2004 2 of the largest groups are actually in Brazil, hard to track, police don't care etc. The had a competition last month or so to see how many .gov servers they could hack into and take over leaving their logo on the homepage. The number they got in to was impressive. It was just a competition and I also believe that Microsoft leaves some of their doors open to learn from the attacks, I could be wrong. Amazon, care to fill in the truth to that rumor? Does Microsoft actually invite attacks to test their weak spots?<--- See look, pink dolphins DO exist! Quote Share this post Link to post Share on other sites
ChasingBlueSky 0 #6 May 4, 2004 Quote2 of the largest groups are actually in Brazil, hard to track, police don't care etc. The had a competition last month or so to see how many .gov servers they could hack into and take over leaving their logo on the homepage. The number they got in to was impressive. It was just a competition and I also believe that Microsoft leaves some of their doors open to learn from the attacks, I could be wrong. Amazon, care to fill in the truth to that rumor? Does Microsoft actually invite attacks to test their weak spots? The Anti-Virus companies have computers they leave open to attack so they can measure the volume of active virii....they tend to refer to those as "honeypots." I was challenged in college to attack the Novell 3.12 network to find any holes in the system by the faculty administrator. I got in three times and was nearly expelled because of it _________________________________________ you can burn the land and boil the sea, but you can't take the sky from me.... I WILL fly again..... Quote Share this post Link to post Share on other sites
sunshine 2 #7 May 4, 2004 QuoteCan you get onto the internet at all? What version of Windows are you running and how do you connect? Dial, Cable or DSL? I can connect to my ISP, thats about it. My whole puter runs slow and i keep getting told i'm low on virtual memory. It sucks. I'm freakin lucky that michael lives close by and is willing to come fix me up. Computer geek freinds are the best to have. ___________________________________________ meow I get a Mike hug! I get a Mike hug! Quote Share this post Link to post Share on other sites
kansasskydiver 0 #8 May 4, 2004 Quote I was challenged in college to attack the Novell 3.12 network to find any holes in the system by the faculty administrator. I got in three times and was nearly expelled because of it hehehe I installed Quake 3 on every computer in my HS, just because they said we didn't have internet access and couldn't do anything. I ran it through the network and gave everyone access. They weren't happy. Didn't get expelled, but had to show them where they had screwed up and then they made the mistake of letting me design the school webpage. My advisor didn't really care, I just sat in his office and went at it. Sometimes it takes a child to crack a mans mind, never underestimate the youth of our nation<--- See look, pink dolphins DO exist! Quote Share this post Link to post Share on other sites
ChasingBlueSky 0 #9 May 4, 2004 QuoteQuote I was challenged in college to attack the Novell 3.12 network to find any holes in the system by the faculty administrator. I got in three times and was nearly expelled because of it hehehe I installed Quake 3 on every computer in my HS, just because they said we didn't have internet access and couldn't do anything. I ran it through the network and gave everyone access. They weren't happy. Didn't get expelled, but had to show them where they had screwed up and then they made the mistake of letting me design the school webpage. My advisor didn't really care, I just sat in his office and went at it. Sometimes it takes a child to crack a mans mind, never underestimate the youth of our nation HAHA! Nice, I did the same thing - found a way to connect to the modem via the network and connect to the BBS's I was a part of. That was the same night I discovered Commander Keen and some new game called Castle Wolfenstein. Once they yelled at me, they realized I really understood the network and made me an admin!_________________________________________ you can burn the land and boil the sea, but you can't take the sky from me.... I WILL fly again..... Quote Share this post Link to post Share on other sites
