Greetings --
If you've connected the PC to the Internet, or any other infected
network, without having first enabling a firewall, without having
first installed an antivirus application with current virus definition
files, and/or before installing the KB824146 Hotfix, you're very
likely to have been infected from any of the thousands of PCs on the
Internet that are constantly broadcasting the Blaster and/or Welchia
worms. It only takes a few seconds of exposure.
To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next RPC countdown begins. This will abort the shut down. Also, make
sure you've enabled a firewall before starting, to preclude any more
intrusions while getting the updates/patches/tools.
Microsoft Security Bulletin MS03-39
http://support.microsoft.com/?kbid=824146
What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp
W32.Blaster.Worm a.k.a. W32/Lovesan.Worm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html
W32.Blaster.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html
W32.Welchia.Worm a.k.a. W32/Nachi.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html
W32.Welchia.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.welchia.worm.removal.tool.html
McAfee AVERT Stinger
http://us.mcafee.com/virusInfo/default.asp?id=stinger
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH