Announcement

Collapse
No announcement yet.

W32.Zotob.A

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • W32.Zotob.A

    Anyone get infected by this one?

    Where I work got hit with this one. I work at a hospital. Almost all of the 15,000 computer systems were compromised.

    W32.Zotob.A
    RAWGRLRLRLRRLGLRL!!!

    Nations are like individuals: they achieve more when they plan to plant a tiny tree, and do it, than when they propose to raise an entire forest and then fall asleep in the furrows.

    I AM socializing artard, I'm logged on to an MMORPG with people from all over the world and getting XP with my party using Teamspeak

  • #2
    Re: W32.Zotob.A

    Damn looks like a pain in the ass to remove. That's a neat hosts file trick it does, so they can't get AV updates to remove it :)
    |TG| aschmack

    Comment


    • #3
      Re: W32.Zotob.A

      Originally posted by elmerfudd
      Damn looks like a pain in the ass to remove. That's a neat hosts file trick it does, so they can't get AV updates to remove it :)
      There's a few out there that use that method to keep you away from the needed sites to get it fixed. Course the really good ones just disable your anti virus and you wonder if it's Norton actiing up again or an actual virus causing the issue (yeah I don't have much faith in NAV but it's what customers seem to buy and install).

      Comment


      • #4
        Re: W32.Zotob.A

        Originally posted by msft
        What is Plug and Play?
        Plug and Play (PnP) allows the operating system to detect new hardware when you install it on a system. For example, when you install a new mouse on your system, PnP allows Windows to detect it, allows Windows to load the needed drivers, and allows Windows to begin using the new mouse.

        How could an attacker exploit the vulnerability?
        On Windows 2000, an anonymous attacker could try to exploit the vulnerability by creating a specially crafted message and sending the message to an affected system.
        Why is the automatic hardware installation service hooked up to the internet anyway? This is like tying your phone line to your gas oven. You're just asking for trouble.

        Comment


        • #5
          Re: W32.Zotob.A

          Originally posted by rs_al
          Why is the automatic hardware installation service hooked up to the internet anyway? This is like tying your phone line to your gas oven. You're just asking for trouble.
          Probably meant to be able to download new drivers off the interweb.

          Comment


          • #6
            Re: W32.Zotob.A

            Originally posted by TEMM
            Probably meant to be able to download new drivers off the interweb.
            I am sure you meant the intarweb.

            Well they found out what happened. Someone brought their laptop home and got it infected. They came back and connected to the network here, behind the firewall.
            It seemed to stop spreading as fast when the servers were patched.

            And that, as they say, is that.
            RAWGRLRLRLRRLGLRL!!!

            Nations are like individuals: they achieve more when they plan to plant a tiny tree, and do it, than when they propose to raise an entire forest and then fall asleep in the furrows.

            I AM socializing artard, I'm logged on to an MMORPG with people from all over the world and getting XP with my party using Teamspeak

            Comment


            • #7
              Re: W32.Zotob.A

              I work at a school (where I am also attending highschool) and we have achieved a 1 to 1 student/computer ratio with IBM Thinkpads that are issued to the students, that they can keep at the end of their four years attending school here. I have never realized how many morons out there who are going to get infected with viruses because they have no idea what they are doing. The biggest problem is, it is the Computer teacher/Network Administrator and me who get to do damage control. I hope like hell this school year goes better than last. A little off topic, but still related because I don't want to have to fix this type of thing.

              |CS:S Dev Team|



              root: I do it to
              steve: OMG
              steve: TOO
              root: ****ing hell
              root: Spelling nazi down! MEDIC!

              Go ahead, you know you all envy me, I corrected root's grammar :D

              Comment

              Connect

              Collapse

              TeamSpeak 3 Server

              Collapse

              Advertisement

              Collapse

              Twitter Feed

              Collapse

              Working...
              X