I thought I was but I discovered something interesting about the attack. It took a number of files in the dllcache directory (usually hidden) and set their permissions so that no one 'owned' them. This prevented the automatic updates from going on and left me vulnerable. Even when I tried to do it by hand I got errors until I figured out what was going on. I've found the hidden rootkit, the extra files, the altered permissions and more and have fixed it all. Something's you just have to do for yourself. The AV programs didn't see the virus files and couldn't help.
> Good point. I looked up the virus he posted, and it takes advantage of > a hole MS patched with the September or October patch Teusday (I can't > remember which). It's a worm that doesn't require any user intervention > to spread, but I wasn't able to find how it does spread...scanning IPs > for an open port maybe? > >> From: James Holmes >> >> Were you definitely up-to-date with patching? These worms exploit >> security holes in Windows. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:223429 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
