[Wolves] Blaster

Jayne Heger wolves at mailman.lug.org.uk
Thu Aug 14 12:16:00 2003

Lee Jordan wrote:

>why am I posting about a W32 worm here ............
Bloody Win32 worms, Bloody, Bloody, Bloody, grrrr! ;)
Its ok, I've just had a friend phone me from her work to say her 
computer at work keeps behaving weirdly, and she did a virus scan and 
found a virus with a file called msccn32.exe which is the W32.Sobig.B@mm 
worm,so have just spent all morning on the phone to her giving her 
instructions on its removal.

Mind you, might be good for me... she was saying they may need someone 
to come in and sort out the machines in the office properly, they're all 
messed up apparently. Hmmmmm..... I am *so* tempted to suggest them 
installing Linux, ;) - it'll be so much easier. - will have to see what 
applications they are running first.
But whatever I do, I will be making sure they block all .exe., .pif., 
.scr files in their mailserver.

>Look out for a new worm that gets in via port 135 and is due to DDos the M$
>Windows Update site on Saturday via port 4444 on an infected machine.
>Symantic have a clean up tool, just in case you get it at work or something.
>The worm should block some DCOM communications OLE, freeze out network
>settings and mess with the control panel.
yeah I've been getting a load of hits on port 135, every 10 seconds ;)

>Great quote from Channel 4 News : "If you want to avoid this you could
>always use an Apple or Unix", hmmmm maybe he should have said Linux, anywho
>it made the national news :)
w00t ;)