Virus SVChost errors?
bartj
had a difficult time getting rid of the virus. Norton
could not repair the file so it deleted the SVCHOST.exe
file.
I reformated hard drive loaded win2000, and reloaded anti
virus software and connected to micosrosoft to do the
patch thing.
I would get window that pop up and ask me to type a adress
in the web browser win-patch. the message was from
mesenger service, then then norton pops up that it found
the virus again?
I trashed that drive and bought a new one reloaded and now
i get these svchost errors that are very anoying, and now
a get a different pop-up telling me to go to a different
site??
wuss up wit that>?
Sandi - Microsoft MVP
immediate reaction is "huh?"
BTW, you haven't told us the name of the virus that Norton is supposedly
detecting.
--
Hyperlinks are used to ensure advice remains current
Do NOT send me an email. I will NOT see it (thank the spammers and viruses)
_______________________________________
Sandi - Microsoft MVP since 1999 (IE/OE)
http://www.mvps.org/inetexplorer
"bartj" <anon...@discussions.microsoft.com> wrote in message
news:10be201c40e47$415eb850$a101...@phx.gbl...
Bruce Chambers
All of your problem stem from your refusal to protect your PC by
using a firewall.
If you connected the PC to the Internet without having first
enabled a firewall, without having first installed an antivirus
application with current virus definition files, and before installing
the KB824146 Hotfix, you're very likely to get infected from any of
the thousands of PCs on the Internet that are constantly broadcasting
the Blaster and/or Welchia worms. It only takes a few seconds of
exposure.
To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.
Microsoft Security Bulletin MS03-39
http://support.microsoft.com/?kbid=824146
What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp
W32.Blaster.Worm a.k.a. W32/Lovesan.Worm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html
W32.Blaster.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
W32.Welchia.Worm a.k.a. W32/Nachi.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html
W32.Welchia.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.welchia.worm.removal.tool.html
McAfee AVERT Stinger
http://us.mcafee.com/virusInfo/default.asp?id=stinger
Does the title bar of these pop-ups read "Messenger Service?"
This type of spam has become quite common over the past several
months, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you may well be open to other threats, such as the Blaster Worm that
recently swept cross the Internet. Install and use a decent,
properly configured firewall. (Merely disabling the messenger
service, as some people recommend, only hides the symptom, and does
little or nothing to truly secure your machine.) And ignoring or just
"putting up with" the security gap represented by these messages is
particularly foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Whichever firewall you decide upon, be sure to ensure
UDP ports 135, 137, and 138 and TCP ports 135, 139, and 445 are _all_
blocked. You may also disable Inbound NetBIOS (NetBIOS over TCP/IP).
You'll have to follow the instructions from firewall's manufacturer
for the specific steps.
You can test your firewall at:
Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT
Security Scan - Sygate Online Services
http://www.sygatetech.com/
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
Bruce Chambers
--
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
"bartj" <anon...@discussions.microsoft.com> wrote in message
news:10be201c40e47$415eb850$a101...@phx.gbl...
Gianluigi
But what you say is like saying that virus (tho not highly
dangerous) was created by a company that produces anti-
virus programs to show you how useful it is to have their
programs.....even tho I have always been convinced that
virus come from that source (well at least most of them)
your reasoning is basically wrong.
Say that he needs protection is one thing, but saying that
the virus was created to show people they need protection
is senseless (like a Doctor who shoots you to show that
paying medical insurance is good LOL).