to be as
aggressive...
Cheers,
Kevin
- Original Message -
From: Michael Dinowitz [EMAIL PROTECTED]
To: CF-Talk cf-talk@houseoffusion.com
Sent: Friday, November 04, 2005 1:54 PM
Subject: Re: (OT) server rebooting after virus
W32.Mocbot.A was the first one but when I ran the CA
Only defense here really is to reformat -
move data to new server and start
afresh.
Experience tells you that as soon as a machine gets infected it needs to be
reformatted;
You just don't know how many rootkits you may have etc...
This e-mail is from Reed
Good point. I looked up the virus he posted, and it takes advantage of
a hole MS patched with the September or October patch Teusday (I can't
remember which). It's a worm that doesn't require any user intervention
to spread, but I wasn't able to find how it does spread...scanning IPs
for an open
I thought I was but I discovered something interesting about the attack. It
took a number of files in the dllcache directory (usually hidden) and set
their permissions so that no one 'owned' them. This prevented the automatic
updates from going on and left me vulnerable. Even when I tried to do
to be as
aggressive...
Cheers,
Kevin
- Original Message -
From: Michael Dinowitz [EMAIL PROTECTED]
To: CF-Talk cf-talk@houseoffusion.com
Sent: Friday, November 04, 2005 1:54 PM
Subject: Re: (OT) server rebooting after virus
W32.Mocbot.A was the first one but when I ran the CA anti-viral
Were you definitely up-to-date with patching? These worms exploit
security holes in Windows.
On 11/6/05, Michael Dinowitz [EMAIL PROTECTED] wrote:
I'm just a bit worried how they got on as the machine is secure and I never
had any problems in the past. This happened as soon as the hardware
Sounds like its time for Linux. jk ;)
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Friday, November 04, 2005 1:21 PM
To: CF-Talk
Subject: (OT) server rebooting after virus
The House of Fusion box picked up a virus somehow and even
after I've
MIchael,
What virus did you find originally?
-Mark
-Original Message-
From: Michael Dinowitz [mailto:[EMAIL PROTECTED]
Sent: Friday, November 04, 2005 2:21 PM
To: CF-Talk
Subject: (OT) server rebooting after virus
The House of Fusion box picked up a virus somehow and even after I've
W32.Mocbot.A was the first one but when I ran the CA anti-viral, it found (at
different times)
Win32.Rbot.DSV
Win32.Esbot.M
I've removed accounts from the drives that looked like they didn't belong,
removed permissions on the drives that looked added, cleaned out everything I
can think of and
If you could run HijackThis on it and send me the output, I'd be happy to
help.
Cheers,
Kevin
- Original Message -
From: Michael Dinowitz [EMAIL PROTECTED]
To: CF-Talk cf-talk@houseoffusion.com
Sent: Friday, November 04, 2005 1:54 PM
Subject: Re: (OT) server rebooting after virus
]
To: CF-Talk cf-talk@houseoffusion.com
Sent: Friday, November 04, 2005 1:54 PM
Subject: Re: (OT) server rebooting after virus
~|
Logware (www.logware.us): a new and convenient web-based time tracking
application. Start tracking
PM
Subject: Re: (OT) server rebooting after virus
W32.Mocbot.A was the first one but when I ran the CA anti-viral, it found
(at different times)
Win32.Rbot.DSV
Win32.Esbot.M
I've removed accounts from the drives that looked like they didn't belong,
removed permissions on the drives
Definately. Email me offlist tomorrow...
Cheers,
Kevin
- Original Message -
From: Michael Dinowitz [EMAIL PROTECTED]
To: CF-Talk cf-talk@houseoffusion.com
Sent: Friday, November 04, 2005 2:09 PM
Subject: Re: (OT) server rebooting after virus
I appreciate the offer and will do so
13 matches
Mail list logo