A
APH
Hi
On a W2k stand alone machine I strated to get the "svchost.exe has generated
.... 2 messages and had problems if I hooked to to the Internet, and also
with copying files from folders.
W2k is patched to Sp3 but not 03-026.
1. Looked for registry entry and msblast.exe files couldn't find them
anywhere.
2. Downloaded removal tool and ran that - didn't find anything
3. Applied Patch 03-026 that I had downloaded using another machine
4. Ran removal tool again - still not found.
Perplexed read up some more and found that the worm guesses which operating
system you are running. Apparently there is an 80% chance it will attempt
to exploit XP, and a 20% chance it will attempt to exploit W2k.
If it guess wrong, then the process svchost.exe on the target machine will
crash and the system become unstable, BUT THE INFECTION WILL FAIL.
This is what i think has happended on my machine - but what I cannot
establish (without running the machine), is if now having applied the patch,
the machine is secure?
Anyone any ideas on this p[lease
Thanks
Alex
On a W2k stand alone machine I strated to get the "svchost.exe has generated
.... 2 messages and had problems if I hooked to to the Internet, and also
with copying files from folders.
W2k is patched to Sp3 but not 03-026.
1. Looked for registry entry and msblast.exe files couldn't find them
anywhere.
2. Downloaded removal tool and ran that - didn't find anything
3. Applied Patch 03-026 that I had downloaded using another machine
4. Ran removal tool again - still not found.
Perplexed read up some more and found that the worm guesses which operating
system you are running. Apparently there is an 80% chance it will attempt
to exploit XP, and a 20% chance it will attempt to exploit W2k.
If it guess wrong, then the process svchost.exe on the target machine will
crash and the system become unstable, BUT THE INFECTION WILL FAIL.
This is what i think has happended on my machine - but what I cannot
establish (without running the machine), is if now having applied the patch,
the machine is secure?
Anyone any ideas on this p[lease
Thanks
Alex