Προς το περιεχόμενο

NEOS IOS SAN TON BLASTER? HELP!

kazantzidis

Από τον kazantzidis
στο Windows

Προτεινόμενες αναρτήσεις

  • Απαντ. 40
  • Δημ.
  • Τελ. απάντηση
polaki Crazy Insomniac

polaki

Δημοσ.
Δημοσ.

nai, emena mou erxontai toulaxiston 5 kathe mera...

Ton kainourio io ton exo kai go..

Katevazo to update tou Norton, gia na doume ti ginetai...

 

Kathe 2mino ta idia exoume......

Lupus Experienced

Lupus

Δημοσ.
Δημοσ.

telika kai egw eimai pathwn... xthes mou evgale to parathiro gia restart kai simera anakalipsa oti to sygkekrimeno process mou anevaze tin cpu sto 100%. epeita apo ena restart mou xtypaei kai to firewall kai leei oti to avserv paei na vgei stin 445. twra katevazw to patch...gia na doume...

philos Crazy Insomniac

philos

Δημοσ.
Δημοσ.

A worm, dubbed Sasser by antivirus firms, was spreading slowly throughout the Internet on Saturday, taking advantage of a vulnerability in unpatched Windows systems to infect new hosts.

The Sasser worm began spreading Friday night and seems to be moving at a pace far slower than previous worms such as MSBlast and Code Red, said Alfred Huger, senior director of security firm Symantec's response team.

 

"It is a slow burn," he said. "It is picking up speed, but right now we aren't seeing to much activity."

 

Symantec initially rated the Sasser worm as a two on its five-point scale of threats. A five is the highest danger rating on the scale. Rival antivirus firm Network Associates rated the threat a medium danger, and the Internet Storm Center, which monitors network threats, raised its general Internet danger level to yellow, essentially a medium rating as well.

 

"Due to the release of this worm, we moved to infocon yellow for the next 24 hrs," the Internet Storm Center site said. "The exact impact is not clear at this point."

 

Security experts did not know how far the worm had spread, but many companies reported some infections, said Vincent Gullotto, vice president of Network Associates' antivirus emergency response team.

 

"We have had 25 to 50 reports from companies that have had up to a few hundred machines infected," he said. "One company wanted to patch this weekend, but the worm infected their network first."

 

The creation of the worm didn't surprise the Internet's security community. Security experts widely predicted that a worm would soon start spreading using that particular flaw by exploiting a recent vulnerability in a component of Microsoft Windows known as the Local Security Authority Subsystem Service, or LSASS.

 

 

The Sasser worm spreads from infected computer to vulnerable computer with no user intervention required. The worm scans for vulnerable systems, creates a remote connection to the system, installs a file transfer protocol (FTP) server and then downloads itself to the new host.

 

The worm opens up the initial connection on a specific application data channel, or port, numbered 9996. After the worm infects the new host, the FTP server listens on port 5554 for new files.

 

 

The worm uses multiple processes to scan different ranges of Internet addresses. The scans attempt to detect the vulnerable LSASS component on port 445. Microsoft has analyzed the worm and believes it also spreads through port 139. Both are data channels used by the Windows file sharing protocol and, in many cases, are blocked by Internet service providers.

 

A team of Microsoft engineers worked through the night to analyze the worm, said Stephen Toulouse, security program manager for the software giant.

 

"We are still studying the worm, but we do know customers that install the update are protected from Sasser," Toulouse said.

 

 

The worm will cause the LSASS component of Windows to crash, according to analyses. Infected systems will then perform a 60-second countdown before restarting. Microsoft has created a Web page telling customers how to manually clean up the worm.

 

 

Antivirus firms also continue to analyze the worm.

 

-----------------------------------------------------------------------

 

Original article:

http://news.com.com/2100-7349_3-5203764.html?part=rss&tag=feed&subj=news

Joykiller Proficient

Joykiller

Δημοσ.
Δημοσ.

elate re...feygei paneykola...o sasser einai worm dhladh non-malicious virus den katastrefei arxeia den prokalei vlaves...to mono "sovaro" pou kanei einai oti kanei to pc na sernetai sa savra xwris podia...exei vgalei h symantec (isws oxi mono alla ayto xrhsimopoihsa) removal tool tou opoiou link yparxei sthn arxikh selida tou insomnia se sxetiko arthro kai to security update (patch) apo thn microsoft....prwta trexoume to removal tool kai meta to patch meta restart kai eisaste komple...ayta....elpizw na boithisa...gia apories pm me

GIORGARAS Experienced

GIORGARAS

Δημοσ.
Δημοσ.

emena to removal tou norton to etreksa dio fores kai kolissa. ipopsin me ton io exei sxesi kai kathe arxeio pou einai ston fakelo system32 kai exei onoma XXXX_up.exe opou X tixaia noumera. to diabasa se kseno forum. ta programata den mporoun na to sbisoun auto to arxeio kai ama prosekste exei idio megethos me to arxeio pou lene oti einai o ios. ksexasa na po oti otan pao na kano boot se safe mode kleinei o ipologistis!!! efaga megalo paketo...

 

paidia ta katafera me to arxeio apo tin f-secure. bgazei ta panta. poli kalo!!

OXTROS Experienced

OXTROS

Δημοσ.
Δημοσ.

Se emena oute o nortonas to biskei OUTE to patch sthn arxiki selida, oute otan arxizei h antistrofh metrish mporw na kanw kati apo to task manager !!!!

Ta symptomata einai san kai tou SASSER alla aftos einai afantos !!!!

 

p.s. ekana to post 2 fores giati prin prolabw na to teleiwsw.... SASSER hit !!!! :twisted: :twisted: :twisted:

Αρχειοθετημένο

Αυτό το θέμα έχει αρχειοθετηθεί και είναι κλειστό για περαιτέρω απαντήσεις.

Προς την λίστα θεμάτων
  • Δημιουργία νέου...