Error

Thank god I checked my post, thanks for merging my post! (along with everyone elses)
will apply the ms patch and symantec removal tool as soon as I get 2 work.

BL
 
hey someone in my compound had the virus and i removed it but i cant apply the patch it says the cryptographic services could not be started. then when i went to the services and tried to enable it it gave me error 1068 and couldnt start it???? what can i do
 
Originally posted by body electric
Thank god I checked my post, thanks for merging my post! (along with everyone elses)
will apply the ms patch and symantec removal tool as soon as I get 2 work.

BL
Click to expand...

Heh heh... welcome to da party. We're havin a "worm" roast. :D
 
yeah ive helped alot of people removed it for a couple of people on the compound. and ive been battling the beast telling everyone that sings in to msn to get the two files. and ive helped alot prevent it and alot remove it LOL!. btw thanks for qouting me on the front page. was that u jewelzz?
 
come on guys we can stop this virus come on!!!! maybe if we "ntfs.org stop it billy gates will give us some of that money and fix his software" lol jk bill!

hey can the authorities track down the coder of this virus like they did for other major viruses?
 
I am pretty sure they will do everything possible to track him down after all he or they are taking on the Giant , The King of the hill so to speak , and Uncle Bill has the $ to chase them to all ends of the earth and back ..... so I would think we will get news soon enough on the origin of this lovsan worm :)
 
Update: A new string has surfaced, W32.MSBLAST.D, which names itself DLLHOST.EXE so update Ad-Aware which has a new ref file and load up your av and scan away.
 
I know this is on the front page and also convered by Enyo above - but I did receive automatic liveupdates last night on both of these (unuusual as normally liveupdates occur on Wed unless something heavy is going down)



1. Level 4 Virus Alert! W32.Welchia.Worm

Due to an increase in submissions, Symantec Security Response has upgraded
W32.Welchia.Worm to Category 4, as of 6:00pm Monday, August 18, 2003.

The worm attempts to download the DCOM RPC patch from Microsoft's Windows
Update Web site, install it, and then reboot the computer. The worm checks
for active machines to infect by sending an ICMP echo, or PING, which will
results in increased ICMP traffic.

The worm will also attempt to remove W32.Blaster.Worm.

Definitions dated August 18, 2003 will detect the W32.Welchia.Worm. Run
LiveUpdate or download the Intelligent Updater virus definitions at
http://securityresponse.symantec.com/avcenter/defs.download.html

Also Known As: W32/Welchia.worm10240 [AhnLab], W32/Nachi.worm [McAfee],
WORM_MSBLAST.D [Trend], Lovsan.D [F-Secure]

Type: Worm
Infection Length: 10,240 bytes
Systems Affected: Windows 2000, Windows XP
Systems Not Affected: Linux, Macintosh, OS/2, UNIX
CVE References: CAN-2003-0109, CAN-2003-0352

For additional information, visit the following Internet address:

http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html
_____________________________

2. Level 3 Virus Alert! W32.Dumaru@mm

W32.Dumaru@mm is a mass-mailing worm that drops an IRC Trojan onto the
infected machine. The worm gathers email addresses from certain file types
and uses its own SMTP engine to email itself.

Definitions dated August 18, 2003 will detect the W32.Welchia.Worm. Run
LiveUpdate or download the Intelligent Updater virus definitions at
http://securityresponse.symantec.com/avcenter/defs.download.html

The email has the following characteristics:

From: "Microsoft" <security@microsoft.com>
Subject: Use this patch immediately !
Message:
Dear friend , use this Internet Explorer patch now!
There are dangerous virus in the Internet now!
More than 500.000 already infected!
Attachment: patch.exe

This threat is written in the Microsoft C++ programming language and is
compressed with UPX.

Type: Worm
Infection Length: 9,216
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me,
Windows NT, Windows XP
Systems Not Affected: Linux, Macintosh, OS/2, UNIX

For additional information, visit the following Internet address:

http://securityresponse.symantec.com/avcenter/venc/data/w32.dumaru@mm.html
 
Nothing can replace good ol AV scanning. A worm is never a good thing, even if it removes another.
 
You must log in or register to reply here.

Members online

No members online now.
Total: 347 (members: 0, guests: 347)

Affiliates

lunarsoft.net techzonez.com

- Contact us to trade links -

OSNN OSNN NTFS XP-erience

Latest profile posts

Steevo
Steevo
Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
•••
Steevo
Steevo
Any of the SP crew still out there?
•••
Xie
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
•••
N
Nismo83
hello peeps... is been some time since i last came here.
•••
Electronic Punk
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.
•••

Forum statistics

Threads
62,015
Messages
673,494
Members
5,623
Latest member
AndersonLo
Back