OK! Mircosoft has just discovered a new worm. I repeat! NEW WORM! The new worm is called "Zotob". It's a worm that can takes weeks, months, to get embeded into your system and take over. It digs so deep that it's very difficult to erase. So PLEASE! Listen carefully!
Zotob --
The worm targets Windows 2000 Computers and once it's embeded, it'll try sending itself to other computers! The worm IS *NOT* caught by emails, websites, anything. It's a worm that opens itself, so you have to be really carefull now.
What it does:
Is simply *RANDOMLY* shutsdown your system by send invalid links to your computer.
EX. C:\Program Files\Josephslasj9wa
Obviously, not a valid file. When your computer searchs for that file it'll never find it, the worm repeats this OVER and OVER until your Buffer Overflows, once this happens you'll get a pop-up like you would in command promt saying your computer will now shutdown in 30 seconds. It'll do this very randomy.
Doesn't seem harmful? Well, I would be worried about loss of info.
It's easily prevented from entering your system, just turn on the firewall and your virus protector.
I'm not sure what "Zotob" stands for but, I believe it was a terrorist attack. I'm not possitive don't think we're being invaded.
Oh KuBi, you're slipping man! The topic started here already http://www.trap17.com/forums/index.php?sho...ndpost&p=175476 I'm not sure which one members would prefer to reply. It's up to them. But let's stick to the thread that already started.
When this is all over, this topic should be unpinned.
oh .... I really scared , and it's really strange for me that microsoft detected this worm! and this worm use really simple and insteresting way to buffer overflow the system, really smart worm writer! Dunno why this worm has released...
Buffalo, that's not about Zotob, that's about a different worm, I guess they work the same but it's a different one.
@Cmat -- I had the topic title as "worm" so if you changed something you changed the wrong topic, yes, this topic is still pinned. Is there a problem with that? I'm unpinning it in a week.
#Kubi - The description said New Virus Detected. I have no problem with this topic being pinned and open but you said that you unpinned and closed in the third post so I was confused because it wasn't.
#BuffaloHELP - That's a different ZotoB. At the moment there's ZotoB.a through to ZotoB.h. Patches and more info can be found at:
Anyway, it's has been discussed and I'm unpinning this topic. I'm sorry I didn't know there were other various worms to zortob. But the topic title states a new worm, not specific to just one. Otherwise the title should have been reflect to such. Okay guys? Let's not have a contest to see who's right...
http://english.chosun.com/w21data/html/new...0504250004.html Not only does it not differentiate
between legal and illegal mp3 files, it also doesn't let you reboot your computer. So far,
it's been circulating only in Europe, but those in the US and Asia had better take caution as
well. It's only a matter of time......
I have the Alcra D worm which starts up limewire and disables regedit and other things. If anyone
knows how to get rid of this tell me. PLEASE. I have adaware, but it never seems to find it. I cant
use ctrl alt delete and limewire slows my computer down because it opens non stop. SO PLEASE HELP. I
have tried other things, but they never seem to work. I found a program for the type B worm, but it
dosnt work for D i tried. Any info on this post back. If you use limewire and it keeps opening this
is what you have by the way. And i love how limwire's FAQ says you have a ...
To think the Microsoft ANI exploit and the botnet things were bad but this just top the charts, this
new variation of the Storm virus of last year gets a new powerful punch. The virus gets sent
through a password protected zip fil in which the password is contain in a image file in the email.
The email subject contains either Worm Alert!" or "Trojan Detected! so do not open and just
delete it. Also the image file will read something like UrgentNotice.gif" or "AbuseReport.gif. and
the zip file will read something like "patch-####.zip" or "removal-####.zip.". ...
Well buffaloHELP just mention and I have confirmed it by many articles myspace accounts have been
hacked or in hte sense that if your account was hijacked then anyone viewing your profile will also
get infected as well. In a article by chaseandsam.com go into detail on how this happen and a
solution to it as well Click here for more ---WARNING--- Also this hack is also a virus in
which a person who is viewing your hacked profile will get their profile hijacked as well. Also
Symantec mentions about it as well Nortan How it was done ---SOLUTION--- ...
QUOTE IT security experts have warned of a worm that purports to be Microsoft's Windows
Genuine Advantage (WGA) anti-piracy tool. WGA has recently been branded as 'spyware' in
that it collects unnecessary hardware and software data from users' PCs. The Cuebot-K worm
spreads via AOL Instant Messenger, registering itself as a new system driver service called
'wgavn'. It carries the display name 'Windows Genuine Advantage Validation
Notification', and runs automatically during system startup. Once in place the worm disables
the Wi...
QUOTE W32.Areses.H@mm is a mass-mailing worm that opens a back door on the compromised computer
and may download files. When W32.Areses.H@mm is executed, it performs the following actions:
Copies itself as the following file: %Windir%\csrss.exe Note: %Windir% is a variable that
refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.
Adds the value: "Debugger" = " " to the registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File
Execution Options\e...
QUOTE Windows users are being urged to scan their computers before 3rd February 2006 to avoid
falling victim to a destructive Worm. On that date the Nyxem E Worm is set to delete Word,
Powerpoint, Excel and Acrobat files on infected machines! Don't get caught out... See
complete article at http://www.updatexp.com/nyxem-e.html Better get your anti-virus updated by
3rd Febuary before seeing your files go missing. It's kindda scary worm if not handled properly.
The date is near so get updated fast. Edited topic title. ...
http://news.zdnet.com/2100-1009_22-5893344.html?tag=nl.e589 Here is another proof that the words
'Windows' and 'Security' simply cannot go together... And yet another good reason
for installing and start using Linux... Cheers! KoYoda...
New Virus is emerging. Microsoft users, be alerted!. This is one of the reason why i dont really
like M$ stuff, but still, i need it really much despite of its problems QUOTE Dear Trend
Micro customer, As of August 16, 2005 5:12 PM (Pacific Daylight Time; GMT-7:00), TrendLabs has
declared a Medium Risk Virus Alert to control the spread of WORM_ZOTOB.D and WORM_RBOT.CBQ.
TrendLabs has received several infection reports indicating that this malware is spreading in
Brazil and the U.S.A. WORM_ZOTOB.D is a memory-resident worm that drops a copy of itself in ...
QUOTE The worm is a packed PE executable file 22528 bytes long. Installation to system When
run, the worm copies under %SYSTEM% directory using the name 'botzor.exe' and creates a
named mutex 'B-O-T-Z-O-R' for making sure that only one copy of the worm is run at the same
time. Then it adds the following registry entries to ensure that it is started when a user logs on
or the system is restarted: "WINDOWS SYSTEM" = "botzor.exe" The worm also adds the
following registry key for diasabling shared access service: "Start" = "4" Spr...
Express your Opinions, Thoughts or Contribute more info. to help others.
Ask your Doubts & Queries to get answers, So that "Together We can help others!"
Register FREE for AD-FREE
forum, Create your own topics, Ask Questions, track topics, setup
subscriptions & notifications and Get a Free Website w/ Email and FTP.
The topic started here already 
