How is the Welchia Worm virus transmitted?

  • Thread starter Thread starter JMartin
  • Start date Start date
J

JMartin

It's not supposed to affect Win98. But can it be transmitted to a
Win98 OS and wait for an upgrade? I recently upgraded a Win98 PC to
Win2k. After a day, I started receiving "svchost.exe" error messages
and the PC became unstable, often non-functional. I ran fixwelch.exe
from Symantec and it found and removed it.

So, I'm guessing that it was already on the PC just waiting for an
opportunity OR is it possible, that once Win2k was installed it set off
a beacon or something that the PC was vunerable? Or was it a random
port scan and I got hit?

The PC uses a dial-up connection. The virus has be removed and all
windows updates have been added so it's secure now. At this point, I'm
curious as to how it spreads. This is my mother's PC and she can
barely turn it on so computer security is a foreign topic to her.
 
It's not supposed to affect Win98. But can it be transmitted to a
Win98 OS and wait for an upgrade? I recently upgraded a Win98 PC to
Win2k. After a day, I started receiving "svchost.exe" error messages
and the PC became unstable, often non-functional. I ran fixwelch.exe
from Symantec and it found and removed it.
Click to expand...

It's most likely that this was a random port scan. After installing
Win2000, the machine would have been vulnerable to the exploit until
either:
1) a firewall was installed, blocking incoming connections to various
ports.
2) the PC was patched for the vulnerability.

There's more information at:
The PC uses a dial-up connection. The virus has be removed and all
windows updates have been added so it's secure now.
Click to expand...

<Sigh>
<http://securityresponse.symantec.com/avcenter/security/Content/9011.html>

You have no idea how happy I am to be behind a hardware firewall.

Derek
 
Derek said:
It's most likely that this was a random port scan. After installing
Win2000, the machine would have been vulnerable to the exploit until
either:
1) a firewall was installed, blocking incoming connections to various
ports.
2) the PC was patched for the vulnerability.

There's more information at:


<Sigh>
Click to expand...

Well, as can be for her.
<http://securityresponse.symantec.com/avcenter/security/Content/9011.h
tml>

You have no idea how happy I am to be behind a hardware firewall.
Click to expand...

Yep, I have a router and firewall protecting my network. I spend most
of my time fixing unprotected computers. You'd be amazed at how many
people complain about $50 for AV software.
 
Yep, I have a router and firewall protecting my network. I spend most
of my time fixing unprotected computers. You'd be amazed at how many
people complain about $50 for AV software.
Click to expand...

In the best tradition of British Pantomime ... "Oh, No I Wouldn't".

The thing that amazes me is the number of users who think that making
backups is a thing that only other people have to do.

Derek
 
Derek said:
In the best tradition of British Pantomime ... "Oh, No I Wouldn't".

The thing that amazes me is the number of users who think that making
backups is a thing that only other people have to do.

Derek
Click to expand...

LOL. Backup? What's that?

I setup a friend's business with a CDRW for backing up his files. I
setup a backup script and weekly reminder. He came to me last night
and says "I think we need to do another backup. can you come over?".
Well, at least he's thinking about it.
 
Back
Top