Re: Security Patch from Microsoft has caused problems
From: clare (anonymous_at_discussions.microsoft.com)
Date: 12/07/03
- Next message: jth: "hacked??"
- Previous message: Bill: "Re: Printer Sharing With XP Firewall Enabled"
- In reply to: Bruce Chambers: "Re: Security Patch from Microsoft has caused problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 6 Dec 2003 19:49:50 -0800
I was able to clean and delete the virus/worm from my
computer and now everything is back to normal (fingers
crossed). I'm now able to use Norton Anti-virus and have
run a complete scan of my system. My Eudora email is up
and running again.
I now know what NOT to do if ever receiving anything else
like that. But of course if the spammers are secretly on
one of several newsgroups I'm subscribed to, they'll just
try to figure another way to deceive.
Thanks for everyone's help and suggestions.
Clare
========
>-----Original Message-----
>Greetings --
>
> What you received is either a very common,
malicious hoax or the
>output of a computer infected by one of several widely
publicized,
>wide-spread, mass emailing worms. The most widely-known
are:
>
>W32.Swen.A_mm
>http://securityresponse.symantec.com/avcenter/venc/data/w
32.swen.a@mm.html
>
>W32.Dumaru_mm
>http://securityresponse.symantec.com/avcenter/venc/data/w
32.dumaru@mm.html
>
>W32.Gibe_mm
>http://securityresponse.symantec.com/avcenter/venc/data/w
32.gibe@mm.html
>
> Microsoft never has, does not currently, and very
probably never
>will email unsolicited security patches. At the most,
if, and only
>if, you subscribe to their security notification
newsletter, they will
>send you an email informing you that a new patch is
available for
>downloading.
>
>Microsoft Policies on Software Distribution
>http://www.microsoft.com/technet/treeview/?
url=/technet/security/policy/swdist.asp
>
>Information on Bogus Microsoft Security Bulletin Emails
>http://www.microsoft.com/technet/treeview/default.asp?
url=/technet/security/news/patch_hoax.asp
>
>How to Tell If a Microsoft Security-Related Message Is
Genuine
>http://www.microsoft.com/security/antivirus/authenticate_
mail.asp
>
> Any and all legitimate patches and updates are
readily available
>at http://windowsupdate.microsoft.com/. (Notice that
this is the true
>URL, rather than the bogus one that may have been
contained in the
>email you received.) Any messages that point to any
other source(s) or
>claim to have the patch attached are bogus.
>
> You're receiving these emails because your email
address is in
>the address book of someone infected with a worm, and/or
because you
>posted your real email address somewhere on-line, either
in a forum
>accessible to the public and spambots, such as Usenet,
or on an
>untrustworthy web site that subsequently sold your
address as part of
>a mailing list. One thing you can do is notify
_everyone_ with whom
>you've ever corresponded via email that one or more of
them may be
>infected with a mass emailing worm, and should take the
appropriate
>steps.
>
>
>Bruce Chambers
>
>--
>Help us help you:
>http://dts-l.org/goodpost.htm
>http://www.catb.org/~esr/faqs/smart-questions.html
>
>You can have peace. Or you can have freedom. Don't
ever count on
>having both at once. -- RAH
>
>
>"Clare" <clare@wans.net> wrote in message
>news:028701c3bc5b$727ebc20$a301280a@phx.gbl...
>> I received the following email from Microsoft after
>> posting problems with my firewall here on the
newsgroups
>> and today I clicked on the following (upgrade295.exe)
>> which was an attachment in my Eudora mail.
>> [] upgrade295.exe
>>
>> Afterwards, I noticed that my Norton Antivirus kept
>> sending messages with nothing in them continually and I
>> couldn't stop it until I finally shut down my computer.
>> Now my Anti-virus won't launch at startup; I can't send
>> out any messages with Eudora because I had it set to
>> always be screen messages for viruses before sending
out;
>> plus I can't get my MSCONFIG file to launch. When I
try
>> to RUN the MSCONFIG file, I get this message: MEMORY
>> ACCESS VIOLATION IN MODULE KERNEL32 AT 3773:36592533.
>>
>> Additionally, there is another email file from
Microsoft
>> with an attachment called: [] Installation71.exe and
>> another email message with an attachment called: []
>> Pack1.exe
>>
>> I haven't clicked on either of the other two files
since
>> this one I writing for help about (upgrade295.exe)
>> created such a havoc.
>>
>> Also, I have no AUTOEXEC.BAT or CONFIG.SYS files
>> anymore. When I launched SYSEDIT I discovered this.
>>
>> These files from Microsoft are coming from someplace
>> called:
>>
>> X-Originating-IP: [208.181.178.12]
>> Received: from joseph.ncoldns.com (generation.lgisp.net
>> [208.181.178.12])
>> by vm7-ext.prodigy.net (8.12.10/8.12.10) with
>> ESMTP id hB5KiOxp528388
>> for <clarew@wans.net>; Fri, 5 Dec 2003 15:44:24 -
>> 0500
>> Received: from gjxy (208.181.177.10.lgisp.net
>> [208.181.177.10])
>> by joseph.ncoldns.com (Postfix) with SMTP
>> id 8CFFFB8509; Fri, 5 Dec 2003 12:43:52 -0800
>> (PST)
>> From: "Microsoft Security Department" <>
>> To: "Microsoft Partner"
>> <partner.iahbekbw@bulletin.msdn.com>
>> SUBJECT: Latest Microsoft Security Pack
>> Mime-Version: 1.0
>> Content-Type: multipart/mixed;
boundary="zpynykpxnllfmt"
>> Message-Id:
<20031205204352.8CFFFB8509@joseph.ncoldns.com>
>> Date: Fri, 5 Dec 2003 12:43:52 -0800 (PST)
>>
>>
>>
>> What should I do now? I just want email to work and my
>> Norton Anti-virus up and running again. I have a final
>> paper to submit by midnight tonight and I can't send it
>> as an attachment with my Eudora email out of whack.
>>
>> Thanks,
>> Clare
>
>
>.
>
- Next message: jth: "hacked??"
- Previous message: Bill: "Re: Printer Sharing With XP Firewall Enabled"
- In reply to: Bruce Chambers: "Re: Security Patch from Microsoft has caused problems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
