Re: My Doom Updates

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Kelly (anonymous_at_discussions.microsoft.com)
Date: 08/11/04 

Date: Tue, 10 Aug 2004 17:00:09 -0700

can anybody tell me what this is,and how can I find the
Worm tool it loaded?(KB936528)
>-----Original Message-----
>I kmow that Chuck,but I went to start,windows
>update,click the button for scan updates,it was critical
>(KB936528)It's even in my installation history.Google
>search didn't show up for anything,and it's not in MS
>Knowledge Base,Just wondered if anybody else had that
>update from Microsoft update page.If you can Chuck,check
>your computer for updates and see if it shows up.
>>-----Original Message-----
>>On Tue, 10 Aug 2004 15:56:50 -0700, "kelly"
>><anonymous@discussions.microsoft.com> wrote:
>>
>>>Just got an update saying I may have mydoom,download
>now
>>>to remove it.My AV comes up clean,I'm I being
>bamboozled
>>>by MS again?Anybody else getting the same updates for
>XP?
>>
>>Kelly,
>>
>>This may not be MS telling you anything. Most likely,
>it is a popup intended to
>>sell you the product that you are to download. The
>product being pushed will
>>not necessarily protect you from anything but further
>messages.
>>
>>No legitimate software product advertises thru popups.
>>
>>There are at least three varieties of pop-ups, and the
>solutions to block /
>>eliminate them vary accordingly. Which specific type
(s)
>are you seeing?
>>
>>I. "Messenger Service" Pop-Ups
>>
>>This will be a text only message, and will only hit you
>when you're online. A
>>Messenger Service pop-up can't contain a clickable
>link. The window will be
>>titled "Messenger Service".
>>
>>This type of spam has become quite common over the past
>year or so, and
>>unintentionally serves as a valid security alert. It
>demonstrates that you
>>haven't been taking sufficient precautions while
>connected to the Internet.
>>Your data probably hasn't been compromised by these
>specific advertisements, but
>>if you're open to this exploit, you most definitely
open
>to other threats, such
>>as the Blaster Worm that still haunts the Internet.
>Install and use a decent,
>>properly configured firewall.
>>
>>Messenger Service of Windows
>><http://support.microsoft.com/default.aspx?scid=KB;en-
>us;168893>
>>
>>Messenger Service Window That Contains an Internet
>Advertisement
>>Appears
>><http://support.microsoft.com/?id=330904>
>>
>>Stopping Advertisements with Messenger Service Titles
>><http://www.microsoft.com/windowsxp/pro/using/howto/comm
u
>nicate/stopspam.asp>
>>
>>Whichever firewall you decide upon, be sure to ensure
>UDP ports 135, 137, and
>>138 and TCP ports 135, 139, and 445 are all blocked.
You
>may also disable
>>Inbound NetBIOS (NetBIOS over TCP/IP). You'll have to
>follow the instructions
>>from the firewall's manufacturer for the specific steps.
>>
>>You can test your firewall at:
>>
>>Gibson Research <http://grc.com/default.htm>
(ShieldsUp!)
>>SecurityMetrics
><http://www.securitymetrics.com/portscan.adp>
>>Sygate Security Scan <http://www.sygatetech.com/>
>>Symantec Security Check
><http://security.symantec.com/ssc/vr_main.asp>
>>
>>Be especially wary of people who advise you to do
>nothing more than disable the
>>messenger service. Disabling the messenger service, by
>itself, is a "head in
>>the sand" approach to computer security. The real
>problem is not the messenger
>>service pop-ups; they're actually providing a useful,
if
>annoying, service by
>>acting as a security alert.
>>
>>
>>II. Regular Browser Based Pop-Ups
>>
>>This will be an HTML message, and will only hit you
when
>you're online. A
>>browser based popup will probably contain clickable
>links. The window title
>>will vary.
>>
>>Get the free Google Toolbar from
><http://toolbar.google.com/>. Hosts file
>>blocking works on this problem also.
>>
>>Blocking Ads, Parasites, and Hijackers with a Hosts File
>><http://www.mvps.org/winhelp2002/hosts.htm>
>>
>>
>>III. Adware / Spyware
>>
>>This will be an HTML message, and can hit you when
>you're online, or offline.
>>An adware based popup will probably contain clickable
>links. The window title
>>will vary.
>>
>>This is where you need a thorough adware / spyware
scan,
>including CWShredder,
>>AdAware, Spybot S&D, and HijackThis, with expert advice
>to interpret the
>>HijackThis log.
>>
>>Start by downloading each of the following free tools:
>>AdAware <http://www.lavasoftusa.com/>
>>CWShredder <http://www.majorgeeks.com/download4086.html>
>>CoolWWWSearch.SmartSearch (v1/v2) MiniRemoval
>><http://www.majorgeeks.com/download4113.html>
>>HijackThis <http://www.majorgeeks.com/download.php?
>det=3155>
>>LSP-Fix and WinsockLSPFix
><http://www.cexx.org/lspfix.htm>
>>Spybot S&D <http://www.safer-networking.org/index.php?
>page=download>
>>Stinger <http://us.mcafee.com/virusInfo/default.asp?
>id=stinger>
>>
>>Install and run Stinger.
>><http://us.mcafee.com/virusInfo/default.asp?id=stinger>
>>
>>Create a separate folder for HijackThis, such as
>C:\HijackThis - copy the
>>downloaded file there. AdAware and Spybot S&D have
>install routines - run them.
>>The other downloaded programs can be copied into, and
>run from, any convenient
>>folder.
>>
>>Start by closing all Internet Explorer and Outlook
>windows, and running
>>CoolWebSearchSmartKillerMiniRemoval, then CWShredder.
>Have the latter fix all.
>>
>>Next, run AdAware. First update it ("Check for updates
>now"), configure for
>>full scan (<http://www.lavahelp.com/howto/fullscan/>),
>then scan ("Start" - "Use
>>custom scanning options" - "Next"). When scanning
>finishes, select everything,
>>and hit Next again.
>>
>>Next, run Spybot S&D. First update it ("Search for
>updates"), then run a scan
>>("Check for problems"). Trust Spybot, and delete
>everything ("Fix Problems")
>>that is displayed in Red.
>>
>>Then, run HijackThis ("Scan"). Do NOT make any changes
>immediately. Save the
>>HJT Log.
>><http://forums.spywareinfo.com/index.php?showtopic=227>
>>
>>Finally, have your HJT log interpreted by experts at
one
>or more of the
>>following security forums (and post it, or a link to
>your forum posts, here):
>>Aumha: <http://forum.aumha.org/index.php>
>>Net-Integration: <http://forums.net-integration.net/>
>>Spyware Info: <http://forums.spywareinfo.com/>
>>Spyware Warrior: <http://spywarewarrior.com/index.php>
>>Tom Coyote: <http://forums.tomcoyote.org/>
>>
>>If removal of any spyware affects your ability to
access
>the internet (some
>>spyware builds itself into the network software, and
its
>removal may damage your
>>network), run LSP-Fix and / or WinsockXPFIx.
>>
>>Cheers,
>>Chuck
>>Paranoia comes from experience - and is not necessarily
>a bad thing.
>>.
>>
>.
>

Quantcast