Sasser Worm (01/05/04)

From software to hardware, breakthough to disaster, it all belongs here!

Moderator: CricketMX Forum Moderators

Post Reply
quicksilver
Helpful Hands
Helpful Hands
Posts: 1926
Joined: Mon Mar 22, 2004 12:12 am

This worm is currently doing the rounds... :( it will infect your machine via an open port usually 455.. then broadcast itself to other ip address which it generates. It will also makes a selection of copies of itself (8 jumbled letters) in your windows folder. (typically C:\ LFGCIOBL.exe, YEQKZPBY.exe). Sasser works in conjunction with another nastier virus
W32GaoboT!INF this ones a meanie, it will disable your anti viral software , leaving you open to everything the web can send you :evil: .
Both of these two have variants already! Usual preventive options ie update your antiviral package regularly , microsoft update , and only let known applications through your firewall using only the ports they need to work. Help with these 2 can be found at sysmantec. (norton) :D
http://securityresponse.symantec.com/av ... .tool.html
http://securityresponse.symantec.com/av ... .tool.html
Top
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:
Contact battye

What does the virus do? :(
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
Top
User avatar
Bacon
Boo, or Boo-urns?
Boo, or Boo-urns?
Posts: 283
Joined: Sat Jan 31, 2004 8:08 am
Location: Australia
Contact:
Contact Bacon

Sasser is a new worm which will constantly shut down your computer and boot it back up again. As long as your Windows Updates are all up to date your protected.
Top
User avatar
battye
Site Admin
Site Admin
Posts: 14391
Joined: Sun Jan 11, 2004 8:26 am
Location: Australia
Contact:
Contact battye

I ran it today and it said there were no critical updates :?
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!

"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
Top
quicksilver
Helpful Hands
Helpful Hands
Posts: 1926
Joined: Mon Mar 22, 2004 12:12 am

You can read about it here , (this is the B variant but it discusses the normal one as well ) http://securityresponse.symantec.com/av ... .worm.html Basically it will eat up your resources. Its not a file damager. and if you have updated on certain microsoft packages you may never even see this one : )
Top
Post Reply

Return to “Computers”