PDA

View Full Version : New Virus - Watch out



Silver_2000
08-12-2003, 12:29 PM
There is a new virus going around the internet that is spreading fast. Unlike other viruses you don't have to do anything to get this one.
It infects mostly Windows NT, Windows XP and Windows 2000 PC's

The symptoms are a PC that is generating errors referring to TFTPXXXX and RPC and then rebooting.

More info Here http://story.news.yahoo.com/fc?c (http://story.news.yahoo.com/fc?cid=34&tmpl=fc&in=Tech&cat=Computer_Viruses)id=34&tmpl=fc&in=Tech&cat=Computer_Viruses
and here
http://vil.nai.com/vil/content/v_100547.htm (http://vil.nai.com/vil/content/v_100547.htm)

To keep all the PCs clean I would STRONGLY recommend that you use
the windows update feature on the PCs and install all the Critical patches that are available for each PC.

To use windows update go to the PC click start then Programs and look at the top of the programs list for a link to "Windows Update". FOllow the instructions on that page and install the "Critical updates and Service packs" that are recommended. The Windows updates and the drivers are NOT necessary.

Silver_2000
08-12-2003, 12:29 PM
I have gotten 3 calls since yesterday

This one is gonna get ugly

Doug

andy_cain
08-12-2003, 12:32 PM
Is Win 98 exempt?

blueoval01
08-12-2003, 12:41 PM
The word has gotten out.
The MS site is crammed .......
HTTP/1.1 Server Too Busy

Silver_2000
08-12-2003, 12:54 PM
Is Win 98 exempt?

It appears SO ..

Doug

dboat
08-12-2003, 01:06 PM
I didnt need any critical updates as mine watches for updates automatically... but I did update directx and some other goodies.. :banana:

but no prob getting in.. try it again Mark.. or maybe you need to hang up and redial..:evil j/k.. what are you on? a T1?

98Cobra
08-12-2003, 01:18 PM
You can download the patches appropriate to your OS here: http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp

Do NOT trust WIndows Update - my XP laptop was not updated but it did NOT tell me I needed this update. Windows Update does not work all the time.

BTW - it is ugly, we are fighting it like crazy over here...

dboat
08-12-2003, 01:30 PM
You can download the patches appropriate to your OS here: http://www.microsoft.com/technet/treeview/?url=/technet/security/bulletin/MS03-026.asp

Do NOT trust WIndows Update - my XP laptop was not updated but it did NOT tell me I needed this update. Windows Update does not work all the time.

BTW - it is ugly, we are fighting it like crazy over here...ok.. did the xp 32 bit patch last week or so.. so I am ok..thanks:tu:

Wht95Lightning
08-12-2003, 02:53 PM
I hate microsoft. Seems like the people that make these viri REALLY hate'm too. Oh well//// thats the price we pay to have our pc's. :rolleyes:

blueoval01
08-12-2003, 03:22 PM
I didnt need any critical updates as mine watches for updates automatically... but I did update directx and some other goodies.. :banana:

but no prob getting in.. try it again Mark.. or maybe you need to hang up and redial..:evil j/k.. what are you on? a T1?
Naw, I'm on cable here. But, I swear I did all this back the first of July before I left town. Unbelievable how many patches have come up in the past 5-6 weeks.
Plus, I have a Laptop, 2 servers and 3 test machines to keep updated. The test machines could have auto-update set, But not the servers. I've lost data while connected to a server and it decides to reboot about the time I'm writing data to SQL Server. Yeah, I could use different settings on the servers, but I'm somewhat protective (anel) of my data. Simalar to Doug and his "Lake pics". :D

Did I mention how unbelievable how many patches have come up in the past 5-6 weeks? :postwhore

microsuck
08-12-2003, 03:40 PM
Ahh yes, poor windows. The only "microsoft" driven machines I have are off my network. Hurray for UNIX!

98Cobra
08-12-2003, 03:49 PM
Ahh yes, poor windows. The only "microsoft" driven machines I have are off my network. Hurray for UNIX!

Is this the TALON board or Slashdot? Hard to tell with all the UNIX bigotry. Shouldn't you be off editing a text file or something right now? ;)

microsuck
08-12-2003, 03:53 PM
Is this the TALON board or Slashdot? Hard to tell with all the UNIX bigotry. Shouldn't you be off editing a text file or something right now? ;)
:rll: I just get a big kick out of windows. I think its really funny how something that fails so often is still #1. But in defense of microsoft I will say that they do have ALOT of people to make happy. Okay, thats enough nerd talk for me.:hammer:

cpeapea
08-12-2003, 03:56 PM
haha, i like unix/linux better than most standard windowz boxes. but windows is so much easier sometimes. my unix box hasnt been shutdown or rebooted in over a year. crazy...

thanks for the heads up doug. id like to read up on this new virus.

jmlay
08-12-2003, 06:22 PM
Ya, we got killed at work today!!! Customers will not load anyupdates until it is too late. Then thay call in P1 cases...

Mike

Logan
08-12-2003, 06:36 PM
My machine at the house got hit with this. My own damn fault, I was behind on the security updates to XP... McAfee's free "Stinger" tool nukes this virus from your system in short order.

whitelightning'02
08-12-2003, 08:03 PM
Ya, we got killed at work today!!! Customers will not load anyupdates until it is too late. Then thay call in P1 cases...

Mike

Yep, We got hammered, too!:hammer::hammer::hammer::hammer::hammer::hamme r::hammer::hammer:

Lee

aliekitn99
08-12-2003, 08:47 PM
Ya, we got killed at work today!!! Customers will not load anyupdates until it is too late. Then thay call in P1 cases...

Mike
We got slammed with it too. We had 25+ plants (close to 500 users) downed today. Luckily, no one at our corporate office got attacked. The whole day was super sucky tho...This is the first time that we have had an attack like this. I guess we've been pretty lucky so far. And, thankfully, this wasn't a really nasty virus like it could have been...

I don't understand the mindset of those that create such havoc. :confused:

Kim

Silver_2000
08-12-2003, 09:51 PM
My machine at the house got hit with this. My own damn fault, I was behind on the security updates to XP... McAfee's free "Stinger" tool nukes this virus from your system in short order.
The version of Stinger I used didnt do all it should have

There is a fix from Norton called fixblast.exe that is more thorough.

Lets just say that In my spare time in the past 30 hours I have made my boat payment + a 55 gallon tank of gas fixing PC's...

If any of you guys have the virus and need help I have a step by step email with the patch file and fixblast.. Ill send it if you promise not to forward it to my potential customer base...

Doug

Logan - Look for TFTPXXX files and delete them and turn off DCom on your PC. Both of those steps were skipped by Stinger when I used it this afternoon. Also obviously make sure msblast.exe is gone

Good Info from the Belly of the beast
http://microsoft.com/security/incident/blast.asp

98Cobra
08-12-2003, 11:47 PM
Logan - Look for TFTPXXX files and delete them and turn off DCom on your PC. Both of those steps were skipped by Stinger when I used it this afternoon. Also obviously make sure msblast.exe is gone

It should be noted also that turning off DCOM may not render you safe either. :mad:

http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind0308&L=ntbugtraq&F=P&S=&P=3979

Logan
08-13-2003, 08:36 AM
Thanks for the tips Dougie...

Mark #2
08-13-2003, 08:54 AM
Yep, really hammered here too, got the computer, phone, and test systems.

aliekitn99
08-13-2003, 10:00 AM
Yep, really hammered here too, got the computer, phone, and test systems.


Oh, updating the DAT files or virus definitions will NOT protect you if you have not been hit with this virus. You must apply the patch...

The next time this virus is set to run is on Saturday...

Kim

99WhiteBeast
08-13-2003, 09:45 PM
Sometimes it pays to behind the times- Win98:beer:

blueoval01
08-20-2003, 02:37 PM
Crap, is it just my e-mail accounts or does it seem like another wave of virus's are flying around today?
:hammer:

dboat
08-20-2003, 03:34 PM
Crap, is it just my e-mail accounts or does it seem like another wave of virus's are flying around today?
:hammer:

got it in the email yesterday and mcafee stopped it cold.. thank goodness..