Viruses downloaded with update from Microsoft

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I successfully installed Win XP Pro without losing any
files. However, when I downloaded & installed the Pack 1
upgrade, it wiped out virtually everything on my C drive
& put XP in an endless loop where it kept trying to open,
but would get to the logo window, crash, & reboot.

With the help of a friend who is a computer security
expert, I was able to get XP loaded again & discovered
the disaster that had occurred. Before trying to download
the upgrade pack 1, I reinstalled my anti-virus program,
Panda Platinum, & scanned my whole system (it was clean).
During the download it detected W32/Nashi.A in the
operating system portion of the download, but it was
unable to modify it because of some internal protection.
After the download was completed, I scaned the computer
with Panda's ActiveScan on their web site. It found the
Nashi.A plus four of W32/Dumaru which had also come with
the download. ActiveScan was able to remove the four
Dumaru, but it too was also unable to get to modify
Nachi.A.

Does anyone know how to get rid of this W32/Nachi.A
virus? And why is Microsoft so sloppy that it doesn't
test its own programs & downloads for virus? This is
unconscionable on their part!
 
Microsoft is not sloppy in this case, you got it because you connected
your unprotected computer to the internet.
You should have enabled/installed a firewall BEFORE connecting to the
internet..
The worm came into the unprotected computer.

DISCONNECT the subject computer from any network IMMEDIATELY.

If necessary to stop the reboot process:
Start/Run
Type "shutdown -a" ENTER

Install or enable a firewall IMMEDIATELY, before connecting to the
internet:
http://support.microsoft.com/?kbid=283673

VERY IMPORTANT to follow ALL steps, closing ports or installing the
patch is NOT enough.
Download the patch and regedit referenced in the article below.
You may need to do this at an uninfected computer and burn to CD or
save on floppies.
Each file is small enough to fit on a floppy.

Follow this to clean and protect your computer:
http://www.kellys-korner-xp.com/xp_qr.htm#rpc

After this is resolved prevent similar occurrences by installing ALL
Critical Updates from Windows Update.
Keep antivirus up to date and run at least weekly.
Install or enable a firewall.

See also:
http://support.microsoft.com/?kbid=826955
http://www.microsoft.com/security/incident/blast.asp
 
You were not infected by MS...you connected without a decent firewall, and
you had your port 135 and also port 844 open. Your unprotected computer was
detected and infected, because you neglected to follow basic security
measures. Your friend must not be much of a security expert if he could not
figure out what happened.


Bobby
 
Back
Top