1. We suffered a brief outage this morning when our host noticed that HTF needed to be moved to a different server due to a hardware failure. That work is now complete. Please post in the feedback area if you have any issues.
    Dismiss Notice

Virus warning

Discussion in 'Archived Threads 2001-2004' started by Andrew Pratt, Sep 18, 2001.

  1. Andrew Pratt

    Andrew Pratt Producer

    Joined:
    Dec 8, 1998
    Messages:
    3,806
    Likes Received:
    0
    Guys there's a new virus going around thats simlar to the Code Red worm...its mainly a problem for Win NT and Win2K platforms running MS's ISS but I think its as good a reason as any to make sure your Anti Viral software is current and has the newest update available.
    http://www.canoe.ca/CNEWSTechNews0109/18_worm-ap.html
     
  2. Kevin P

    Kevin P Screenwriter

    Joined:
    Jan 18, 1999
    Messages:
    1,439
    Likes Received:
    0
     
  3. McPaul

    McPaul Screenwriter

    Joined:
    Apr 1, 1999
    Messages:
    1,792
    Likes Received:
    50
    Location:
    Vancouver
    Real Name:
    Paul M
    Yep I heard about this myself from a friend of mine, and shortly after I received an email from someone I dont know with an attachment of "hottie.exe" Which will not be opened. So it may not only be readme.exe files being sent. In general, don't open any .exe or .com file unless you are expecting something.
    ------------------
    THAT'S just EVIL!!!! and EVIL is WRONG!!!!!
     
  4. Steven K

    Steven K Supporting Actor

    Joined:
    Jan 10, 2000
    Messages:
    830
    Likes Received:
    0
    Ahh, the joys of running IIS. We got nailed by this today, hardcore... just got things back up and running. You know it's bad when the netadmins have the programmers coming in trying to help (of course, I dont know that much about IIS or networking to begin with, so I was of little help). So, I wrote a program that displays a sympathy message to the network admins [​IMG]
     
  5. Tim Johnson

    Tim Johnson Agent

    Joined:
    Feb 19, 2000
    Messages:
    34
    Likes Received:
    0
    I am running IIS, and while I am seeing hits to my server from this virus, I am not infected. Please people, if you are running ANY operating system keep up to date on your patches. These vulnerabilities in IIS have been known for months, and the patches have been available.
     
  6. brentl

    brentl Cinematographer

    Joined:
    May 7, 1999
    Messages:
    2,921
    Likes Received:
    1
    That's one of the great things about using Yahoo for my email. They remind me to scan every attachment.
    Never had a problem.
    Brent L
     
  7. Ryan Wright

    Ryan Wright Screenwriter

    Joined:
    Jul 30, 2000
    Messages:
    1,875
    Likes Received:
    0
    CAREFUL!!
    This one is nasty. It will infect client machines as well as servers. If you go to an infected server, YOU can be infected through an exploit in IE. That's right, IE will just up and run the code for you usually without prompting. (shudder).
    My Apache server is getting hit repeatedly and it's saturating my bandwidth. I went out to one of the sites listed in my logs and was immediately hit with the virus on the client side. I updated my anti-virus software an hour or two ago and it caught it.
    More info on the client side exploit: http://www.guninski.com/eml-desc.html
    My advice? Get yourself a virus scanner. NOW. If you are running Windows 2000 or NT, go out to Microsoft's site and apply the appropriate updates. NOW. It doesn't matter if you're not running a server; if you use 2000 or NT it's highly likely that IIS is running on your machine. In which case, you're probably already infected (with this AND the Code Red variations...).
    ------------------
    -Ryan (http://www.ryanwright.com )
    Before you criticize someone, walk a mile in their shoes.
    That way, when you do criticize them, you'll be a mile away and you'll have their shoes.
     
  8. Kevin P

    Kevin P Screenwriter

    Joined:
    Jan 18, 1999
    Messages:
    1,439
    Likes Received:
    0
    Update: Symantec has updated definitions that detect this worm.
    My firewall has logged over 800 http hits today, up from around 200 yesterday. Must be Nimda nocking... [​IMG]
    KJP
     
  9. McPaul

    McPaul Screenwriter

    Joined:
    Apr 1, 1999
    Messages:
    1,792
    Likes Received:
    50
    Location:
    Vancouver
    Real Name:
    Paul M
    hmmmmm... when my buddy first told me about this virus earlier, i did a liveupdate with norton.... did a scan... all was fine. went to work came home, did another live update as soon as I went back to this thread, seeing norton has supposedly has it on their site... did a scan.... 67 infected files that can't be cleaned or quarrantined. What to do? I haven't opened any wierd files in quite some time... what do I do now?
    ------------------
    THAT'S just EVIL!!!! and EVIL is WRONG!!!!!
     
  10. Parker Clack

    Parker Clack Schizophrenic Man
    Moderator

    Joined:
    Jun 30, 1997
    Messages:
    12,214
    Likes Received:
    58
    Location:
    Kansas City, MO
    Real Name:
    Parker
    Norton found two on my system and quarrantined them. I would go back to Norton and get the latest updates.
    Parker
     
  11. McPaul

    McPaul Screenwriter

    Joined:
    Apr 1, 1999
    Messages:
    1,792
    Likes Received:
    50
    Location:
    Vancouver
    Real Name:
    Paul M
    Parker... yeah, like I said, I did a "liveupdate" during the day when i first heard about the virus, then a scan, went to work, did another "liveupdate" and another scan and that's when I found all the infected files... I think I'm going to have to reformat... groan..
    ------------------
    THAT'S just EVIL!!!! and EVIL is WRONG!!!!!
     

Share This Page