|
dl this patch ASAP (pg. 2)
|
View this Thread in Original format
| [N]ûk|êû[Z] |
| quote: | Originally posted by Turbonium
For those who don't trust me, run Windows Update, as it will list the Critical Updates there, the same as on that site.
I'm surprised you guys accuse me of trying to install trojans on your comps.
I'd further prove my truth by giving you the link to the original site where I heard the news, but their site is currently down. Try it later: www.neowin.net |
nah, no-one eaccusing you of that mate, its just the fact that i installed without having a clue what it was mate hehe :)
by the way, my comment was just being sarcastic ;) lol
peace |
|
|
| [N]ûk|êû[Z] |
| quote: | Originally posted by DJ Mikey Mike
lol why dont u just install a ing trojan while ur at it mate :p use ur noggin and dont download random links like that without a bit of research :p Even tho its a trusted site i guess. :S |
waaahahahaha for those of you that didnt d/l this patch, this is the patch that stops the virus thingy thats hit everyoine yesterday/today :p |
|
|
| whiskers |
muhaha, my mom just came in and she was like "come on, unplug all computers, there's a microsoft word virus that shuts down your computer and erases the hard drive" and i'm like "relax, mom, it just shuts down your computer remotely, besides, it won't do much harm when your computer is on DIAL UP, NOT connected, and TURNED OFF"
and she's like "well, who knows better, you or tech support people?" and i'm like ROTFLFMAO |
|
|
| Maaz |
| quote: | Originally posted twice for some unknown reason by [N]ûk|êû[Z]
lmao! |
lmao! :p |
|
|
| DaveT |
There has to be other methods of receiving it....All four of my work PC were infected when I came in this morning, but only one is used for email. I have one cleaned so far, having trouble with the others as my PCs are rebooting faster than I can get to the path.
Dave |
|
|
| St_Andrew |
| quote: | Originally posted by whiskers
muhaha, my mom just came in and she was like "come on, unplug all computers, there's a microsoft word virus that shuts down your computer and erases the hard drive" and i'm like "relax, mom, it just shuts down your computer remotely, besides, it won't do much harm when your computer is on DIAL UP, NOT connected, and TURNED OFF"
and she's like "well, who knows better, you or tech support people?" and i'm like ROTFLFMAO |
Hahahahahhahahahahahhahahaha :haha: :haha: :haha: :haha: :haha: :haha: :haha: :haha: |
|
|
| Moongoose |
Its the users that are dumb sometimes too u know :) ---> www.techtales.com
Anyway the install of this patch is higly reccomended. There is a new wprm out there that exploits a security flaw in windows. For all you geeks out there this is what the worm does
a) attacker runs a TFTP server due to the worm code.
b) TCP135 connection from attacker to victim.
c) a command shell is established on victim listening on TCP4444
d) attacker sends command, via command shell, to cause victim to invoke TFTP.exe to attacker to retrieve msblast.exe
e) attacker sends command, via command shell, to cause victim to invoke msblast.exe
f) attacker drops connection victim command shell, victim command shell stops listening on 4444
g) victim starts TFTP server and processes other instructions in msblast (to modify the registry keys, start attacks on TCP135, etc...)
If your not infected yet instal the atch and/or block port 135 in your firewall. Those that are already infected (simptoms: file named msblast.exe in your \windows\system32\ directory , computer reports RPC - Remote Procedure Call Error and gives you 1 minute to close all the programs until it restarts) need to instal the patch (that fixes the windows flaw) and download AV software that can remove the worm. I used Stinger which u can get here ---> http://vil.nai.com/vil/stinger/ , but other AV programs should have the worm in their lists by now (pesky little bugger it is). One more thing. Turn off system restore before using the AV software. The worm puts a key in there and can renew (bad word?) itself.
More links...
http://www.annoyances.org/exec/forum/winxp/t1037200267
http://www.ecommercetimes.com/perl/story/31296.html
http://www.ecommercetimes.com/perl/story/31258.html
Modified MSSecure.XML file to use with HFNetchk/MBSA to detect Windows 2000 SP2 installations without the patch:
http://www.ntbugtraq.com/LovSAN-W2KSP2.asp
Symantec Removal Tool:
http://securityresponse.symantec.co...moval.tool.html
Trend Micro Removal Tool:
http://www.trendmicro.com/download/tsc.asp
F-Secure Removal Tool:
http://www.f-secure.com/v-descs/msblast.shtml
Computer Associates Removal Tool:
http://www3.ca.com/virusinfo/virus.aspx?ID=36265 |
|
|
| jonsimmonds |
| quote: | Originally posted by Moongoose
Its the users that are dumb sometimes too u know :) |
The number of times ive seen "it takes to long to download a update" or "i just ignore those automatic updates" in the last day is way to high... seeing as the update to windows has been around for a month imm supprised so many people are being afected by it |
|
|
| Moongoose |
| Well i didnt install the update on my pc until today, but i had port 135 blocked so i didnt get infected :) Who said firfewalls wore a waste of time, sometimes it pays to be a little paranoid (especialy if a computer is on 24/7 :D |
|
|
| [N]ûk|êû[Z] |
| also try http://www.symantec.com if you look on the bottom left, there are 3 steps, give them a go. my mate that works for this user support line told me it, theres a cleaner on there too (step 3) :) |
|
|
|
|
