how-to block ads
|
|
Uniqs:
304 |
Share Topic
 |
 |
|
|
| FIX it your self FOLKS CAUSE: The worm will exploit the DCOM RPC vulnerability. The purpose of the virus is to spread to as many machines as possible. By exploiting an unplugged hole in Windows, the virus is able to execute without requiring any action on the part of the user.
Resolution if you have Norton and the subscription is current.
1. Disable system Restore.
a. Click Start, settings control panel
b. Windows XP classic control panel double click system or in Windows XP category view click Performance and Maintenance, then click system.
c. Click the System Restore tab in the system properties box.
d. Select “Turn off system restore” or “Turn off system restore on all drives”
e. Click Apply
f. A system restore box will come up, “Do you want to turn off system restore?” Click YES
g. Click OK
2. Update virus definitions. Run LiveUpdate. NOTE: If you are unable to download the update follow step 2 in the resolution below “Resolution if you don’t have a current Norton subscription.” then attempt it again.
3. Scanning for and deleting the infected files.
a. Run a full system scan.
b. If any files are detected as infected with W32.Blaster.Worm, click Delete.
4. Deleting the registry value.
a. Delete the registry value.
b. Click Start, and then click Run
c. Type regedit
d. Click OK
e. Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
f. Delete the value “windows auto update” “msblast.exe” in the right panel.
g. Exit the registry editor.
5. Enable system Restore
a. Click Start, settings control panel
b. Windows XP classic control panel double click system or in Windows XP category view click Performance and Maintenance, then click system.
c. Click the System Restore tab in the system properties box.
d. Clear the “Turn off System Restore” or “Turn off system restore on all drives.
e. Click Apply and then OK.
6. Do a Windows update and download all critical updates.
Resolution if you don’t have a current Norton subscription.
1. Disable system Restore.
a. Click Start, settings control panel
b. Windows XP classic control panel double click system or in Windows XP category view click Performance and Maintenance, then click system.
c. Click the System Restore tab in the system properties box.
d. Select “Turn off system restore” or “Turn off system restore on all drives”
e. Click Apply
f. A system restore box will come up, “Do you want to turn off system restore?” Click YES
g. Click OK
2. Enable the Microsoft Firewall. (This should allow you to download without losing the connection.)
a. Click Start, settings control panel
b. Windows XP classic control panel double click network connections or in Windows XP category view click Network and Internet connections, then click Network connections.
c. Right click on the local area connection and select properties.
d. Click on the advanced Tab.
e. Click Protect my computer.
f. Click OK
g. Close the control panel.
3. Download update.
Download and install the MS03-026 patch
MICROSOFT PATCH: www.microsoft.com – go to [resources] in left-frame and downloads. Under [Most Popular Downloads]: Windows XP Security Patch: Buffer Overrun In RPC Interface Could Allow Code Execution
4. Deleting the registry value, and files.
Delete the registry value.
a. Click Start, and then click Run
b. Type regedit
c. Click OK
d. Navigate to the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
e. Delete the value “windows auto update” “msblast.exe” in the right panel.
f. Exit the registry editor.
End task on msblast.exe
g. Hit
h. Select Task Manager
i. Choose the Processes tab.
j. Select msblast.exe then click the end process button.
Delete msblast.exe.
k. Click start then Search
l. Select all files and folders.
m. In all or part of the file name type msblast
n. Verify look in has your local hard drives.
o. Click search.
p. After it searches delete the files msblast.exe
q. Empty the recycle bin.
5. Enable system Restore
a. Click Start, settings control panel
b. Windows XP classic control panel double click system or in Windows XP category view click Performance and Maintenance, then click system.
c. Click the System Restore tab in the system properties box.
d. Clear the “Turn off System Restore” or “Turn off system restore on all drives.
e. Click Apply and then OK.
If this does not resolve the issue a format and reload will be required, please use your system restoration process.
--
Subnetting Sucks! | | |
|
| MAKE SURE YOU CLOSE THE DOOR my freind this will definetly get it out but if you do not fix the cause it not gonna help ya at all....
you must close the DOOR people to do this you must add a password to the Administrator account that windows makes at install.... you find that in the control panel, preformance and maintenance, Administrative Tools, Computer Management then sub dir system tools you see local users and groups go through there and any account you didn't make delete the 2 it will not allow you to delete you need to password protect... this will stop it from happening it will also allow you to see if the rest of it is still working... there are 3 parts the ftp the sdbot and the ddos bot part of it... to see this activety open up windows task manager by pressing alt ctrl delete one time all at same time... do not do repeatedly or computer will reboot... | |
 museheartPremium
join:2002-08-11
Hazel Green, AL | About closing the door. Isn't there a program that allows you to close certain ports? | |
|
