| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 38577 | 2003-10-11 19:10:00 | removal of virus | agus99 (4716) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 182378 | 2003-10-11 19:10:00 | I have picked up a "w32,welchia.worm" nortons has notified me but cannot repair the file C:\windows\system32\wins\DLLHOST>EXE. I alsocannot gain acess to the file Hellllp please thanks |
agus99 (4716) | ||
| 182379 | 2003-10-11 19:28:00 | Removal tool here (securityresponse.symantec.com) If using XP disable system restore |
Jim B (153) | ||
| 182380 | 2003-10-11 20:16:00 | Just as a matter of interest, I also picked up this worm, but I don't know how. A friend brought me her Laptop which was giving trouble, the thing was so messed up the only answer was to wipe it & use the restore disks. After restoring XPSP1 I updated Nortons then went to MSoft & strated downloading the plethora of updates/fixes etc. I chose about half of them, downloaded & installed them Whammo! XP reboots, gets to the Welcome to XP & that was it, tried safe mode, same thing. Tried a heap of workarounds to no avail. Only option left was to restore again from the HP disks, Updated Nortons again, downloaded about half the updates again only to pick up the welchia worm this time. Ran the removal tool & all seems fine. The only 2 sites I visited each time were MSoft & Symantec. Weird. |
Stumped Badly (348) | ||
| 182381 | 2003-10-11 21:02:00 | Most likely came in this way. W32.Welchia.Worm is a worm that exploits multiple vulnerabilities, including: The DCOM RPC vulnerability (described in Microsoft Security Bulletin MS03-026) using TCP port 135. The worm specifically targets Windows XP machines using this exploit. |
Jim B (153) | ||
| 182382 | 2003-10-11 21:44:00 | A lesson to be learnt here from this exercise. Before updating and going online, turn on XP's firewall, or install one first. :D I'll have to keep that in mind myself now. |
Pheonix (280) | ||
| 182383 | 2003-10-11 22:39:00 | all its fixed thanks to u guys | agus99 (4716) | ||
| 1 | |||||