Genuine Message?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

During the process of a clean installation of XP Pro, I went on the internet
to start downloading Microsoft updates, driver updates, virus checking
program etc.. After a while my PC really slowed down, hung up and then a
message came up (sorry I didn't have time to write it down) saying the system
had to be shut down, save any data etc. so it wouldn't be lost.
When it rebooted, it was still really slow and jumpy, and as soon as I
connected to the internet a message came up saying it was from Messenger, my
system had been invaded by a virus (and a whole load of other stuff I didn't
get the chance to read and note down), and I was to paste the URL to my
address bar and download the "fix".
I haven't much experience yet so couldn't tell if this was a genuine
Microsoft message, or a way of trying to get me to download a problem.
My whole system seemed frozen again, so I panicked, and switched it off.
I can hear the tut tut's of the MVPs and MCPs, I KNOW I did everything
wrong. I broke the most important rule - don't mess with new things late at
night when you're tired!
Firstly - was it a genuine Microsoft message? My messenger needed updating
but that didn't seem a priority at the time (have since read some of the
security bits in the KB - understood SOME of it).

SORRY TO BE A PAIN. I just panicked.

I had activated so don't know if a new clean instal is possible.
 
Apparently, you accessed the internet before enabling Windows XP's
firewall and consequently infected your PC with the rampant Sasser worm.

Microsoft Windows Malicious Software Removal Tool (KB890830)
http://www.microsoft.com/downloads/...E0-E72D-4F54-9AB3-75B8EB148356&displaylang=en

This tool checks your computer for infection by specific, prevalent malicious software
(including Blaster, Sasser, and Mydoom) and helps to remove the infection if it is found.

How to turn on or turn off the Internet firewall in Windows XP
http://support.microsoft.com/default.aspx?scid=kb;en-us;283673

Get Windows XP Service Pack 2 with advanced security technologies
http://www.microsoft.com/athome/security/protect/windowsxp/choose.mspx

3 Simple Steps to Help Ensure the Protection of Your PC
http://www.microsoft.com/athome/security/protect/default.mspx

Antivirus software: Frequently asked questions
http://www.microsoft.com/athome/security/protect/antivirus.mspx

If your computer is constantly attempting to shutdown
or reboot, quickly go to:

Start > Run and type: CMD , and hit enter.
This opens the Command Prompt window.

Then type: shutdown -a , and hit enter.

This should halt the rebooting problem.

Follow these directions to remove The Sasser Worm from your computer:
http://www3.telus.net/dandemar/sasser.htm

[Courtesy of MS-MVP Jupiter Jones]

--
Carey Frisch
Microsoft MVP
Windows XP - Shell/User
Microsoft Newsgroups

Be Smart! Protect Your PC!
http://www.microsoft.com/athome/security/protect/default.mspx

------------------------------------------------------------------------------

:

| During the process of a clean installation of XP Pro, I went on the internet
| to start downloading Microsoft updates, driver updates, virus checking
| program etc.. After a while my PC really slowed down, hung up and then a
| message came up (sorry I didn't have time to write it down) saying the system
| had to be shut down, save any data etc. so it wouldn't be lost.
| When it rebooted, it was still really slow and jumpy, and as soon as I
| connected to the internet a message came up saying it was from Messenger, my
| system had been invaded by a virus (and a whole load of other stuff I didn't
| get the chance to read and note down), and I was to paste the URL to my
| address bar and download the "fix".
| I haven't much experience yet so couldn't tell if this was a genuine
| Microsoft message, or a way of trying to get me to download a problem.
| My whole system seemed frozen again, so I panicked, and switched it off.
| I can hear the tut tut's of the MVPs and MCPs, I KNOW I did everything
| wrong. I broke the most important rule - don't mess with new things late at
| night when you're tired!
| Firstly - was it a genuine Microsoft message? My messenger needed updating
| but that didn't seem a priority at the time (have since read some of the
| security bits in the KB - understood SOME of it).
|
| SORRY TO BE A PAIN. I just panicked.
|
| I had activated so don't know if a new clean instal is possible.
 
Thanks - that sounds dead right. Now let's see if I can get to these links on
my "damaged" PC. Really thought I's clicked yep for the firewall. Thanks so
much, I'll get back to you if further troubles.
 
Actually since this is a new installation and you seem to be stuck before
you installed anything else it might be better to just format the drive and
reinstall..........this time without being connected to the net.
And before you connect install a firewall and an AntiVirus.
Then connect and do the updates.
peter
 
Peterk,

Will it cause difficulties that I'd already activated it?
I'm trying desperately to get to this stage on the 'damaged PC' so I can
download the Malicous things Remover - but it's "not responding". Starting
from scratch sounds very appealing.

Erika.
 
Not Really..........I've installed mine 2 or 3 times in the past 18 months
and never had a problem activating
The last time I had a hard drive go down..bought the same model and
reinstalled without a problem
The worst that could happen is a phone call activation.
peter
 
Thanks for your help and advice.

I managed to use the malicious code find and remove tool by downloading onto
disk from my "good" pc, it did it's job. But then I found that as well as the
sasser worm, programs had been installed. The nature of those programs, and
actions that they performed (like overriding the web addresses I typed to try
to take me to other ones), were pretty distressing.

So, as I'd only just started my installation, and am upset at what has been
installed into my PC, I am going to do a second clean installation, and this
time be much more careful about security. (I had no idea that such nasty
things could happen, and in so short a space of time! What is the motivation
of people who want to invade other people's computers with viruses or
unsolicited programs?)

Anyway, you've been great, again, many thanks Carey and Peterk.

Erika.
 
You're welcome and might I suggest ZoneAlarm as a good Firewall that halts
both incoming and outgoing.
You might also invest in a Router with build in Firewall.They are not that
expensive nowadays.
peterk
 
Back
Top