RE: W32.GAOBOT.AFJ Virus in Win32.exe file
From: Subramanian S [MSFT] (v-subs_at_online.microsoft.com)
Date: 05/10/04
- Next message: EAR: "Sasser Virus removal"
- Previous message: henry baker: "Re: Failing Keyboard"
- In reply to: pedritom_at_aol.com: "W32.GAOBOT.AFJ Virus in Win32.exe file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 10 May 2004 03:29:49 GMT
Hi,
W32.Gaobot.AFJ is a worm that spreads through open network shares,
backdoors that the Beagle and Mydoom worms install, and several Windows
vulnerabilities, including:
--DCOM RPC Vulnerability (described in Microsoft Security Bulletin
MS03-026) using TCP port 135.
--Workstation Service Buffer Overrun Vulnerability (described in Microsoft
Security Bulletin MS03-049) using TCP port 445. Windows XP users are
protected against this vulnerability if Microsoft Security Bulletin
MS03-043 has been applied. Windows 2000 users must apply MS03-049.
--Exploits the Microsoft Windows Local Security Authority Service Remote
Buffer Overflow (described in Microsoft Security Bulletin MS04-011).
http://securityresponse.symantec.com/avcenter/venc/data/w32.gaobot.afj.html
gives you information on removal of W32.Gaobot.AFJ.
pls follow the same & ensure the virus is cleaned and try again.
Regards,
Subbu
--- Subramanian .S v-subs@online.microsoft.com Microsoft GPS This posting is provided "AS IS" with no warranties, and confers no rights.
- Next message: EAR: "Sasser Virus removal"
- Previous message: henry baker: "Re: Failing Keyboard"
- In reply to: pedritom_at_aol.com: "W32.GAOBOT.AFJ Virus in Win32.exe file"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
