Last night I had my DSL connection open and had stepped
away from the computer when suddenly I saw an alert come
up saying the system was shutting down. A timer was
counting down from 1 minute, saying save all work, etc.
Then a box appeared saying 'some Windows XP files were
being overwritten by unrecognized versions, you may need
to insert your Windows XP installation disk.' The system
shut down and when it restarted everything seemed normal
except that it shut down again the same way within about 3
minutes (this time the DSL connection wasn't logged on).
I reinstalled Windows XP (actually I selected the 'repair'
option) and when it finished, I logged on as a different
user (not administrator) and things seemed ok, except that
my DSL network connection icon had disappeared in the
Network Connections panel. I wasn't able to set it up
again so I 'switched users' to the original administrator
user account. On that desktop I had a shortcut to my DSL
connection but it didn't work. Again, the DSL network
connection icon was missing in the Network Connections
panel so I called my ISP tech assistance line. While on
the phone with them, they instructed me to reboot and
after I did that, ALL icons were missing in the Network
Connections panel. About 30 seconds later, the system
shut down on it's own as above. When the dialogue box
saying it was replacing Windows files appeared, I simply
turned off the power and it remains off for the moment.

My computer is not on a network. It's the only computer
in my home. I don't open attachments I don't expect - I
even have the preview pane turned off. However, I did not
have anti-virus software installed at the time and I did
have the telnet service activated, under Administrator
services.

Could this be the work of a hacker, or does it sound like
a virus? Any advice would be appreciated.

Thanks!

Being that it is still happening even when you're not connected to the
internet, I would have to say that it's a virus. But it's always possible
that a hacker got in and installed the virus on your machine. So I guess
the answer is that it could be both. Either way you look at it though,
you're going to want to install viruschecking software to see if you have a
registered virus on your machine. After that, if you still have the
problem, you may be stuck with having to completely wipe your harddrive and
re-install windows (you should save any needed files to a disk though first
and then check them on a computer that has viruschecking software before
re-installing them on your computer).

"Eric Rosenwinkel" > wrote in message
...
> Last night I had my DSL connection open and had stepped
> away from the computer when suddenly I saw an alert come
> up saying the system was shutting down. A timer was
> counting down from 1 minute, saying save all work, etc.
> Then a box appeared saying 'some Windows XP files were
> being overwritten by unrecognized versions, you may need
> to insert your Windows XP installation disk.' The system
> shut down and when it restarted everything seemed normal
> except that it shut down again the same way within about 3
> minutes (this time the DSL connection wasn't logged on).
> I reinstalled Windows XP (actually I selected the 'repair'
> option) and when it finished, I logged on as a different
> user (not administrator) and things seemed ok, except that
> my DSL network connection icon had disappeared in the
> Network Connections panel. I wasn't able to set it up
> again so I 'switched users' to the original administrator
> user account. On that desktop I had a shortcut to my DSL
> connection but it didn't work. Again, the DSL network
> connection icon was missing in the Network Connections
> panel so I called my ISP tech assistance line. While on
> the phone with them, they instructed me to reboot and
> after I did that, ALL icons were missing in the Network
> Connections panel. About 30 seconds later, the system
> shut down on it's own as above. When the dialogue box
> saying it was replacing Windows files appeared, I simply
> turned off the power and it remains off for the moment.
>
> My computer is not on a network. It's the only computer
> in my home. I don't open attachments I don't expect - I
> even have the preview pane turned off. However, I did not
> have anti-virus software installed at the time and I did
> have the telnet service activated, under Administrator
> services.
>
> Could this be the work of a hacker, or does it sound like
> a virus? Any advice would be appreciated.
>
> Thanks!

You did not mention if you have a "firewall" enabled. You need to
enable XP's firewall to help prevent hackers from entering and taking
over your system. Also, visit the Windows Update website and download
all the available "critical updates".

Windows Update: http://v4.windowsupdate.microsoft.com/en/default.asp=20

Open XP's "Help and Support" and type: FIREWALL , and hit enter.
Click on the topic titled "Enable or Disable Internet Connection =
Firewall".

Essential Security Tools for Home Office Users
http://www.microsoft.com/technet/treeview/default.asp?url=3D/technet/colu=
mns/security/5min/5min-105.asp =20

Essential protection from viruses, hackers, and privacy threats:

Symantec's Norton Internet SecurityT 2004 provides essential protection=20
from viruses, hackers, and privacy threats. Powerful yet easy to use, =
this=20
award-winning suite now includes advanced spam-fighting software to =
filter=20
unwanted mail out of your inbox. Protect yourself, your family, and your =

PC online with Norton Internet Security 2004.

Visit: http://www.symantec.com/sabu/nis/nis_pe/

--=20
Nicholas

-------------------------------------------------------------------------=
--------

"Eric Rosenwinkel" > wrote in message:
...

| Last night I had my DSL connection open and had stepped=20
| away from the computer when suddenly I saw an alert come=20
| up saying the system was shutting down. A timer was=20
| counting down from 1 minute, saying save all work, etc. =20
| Then a box appeared saying 'some Windows XP files were=20
| being overwritten by unrecognized versions, you may need=20
| to insert your Windows XP installation disk.' The system=20
| shut down and when it restarted everything seemed normal=20
| except that it shut down again the same way within about 3=20
| minutes (this time the DSL connection wasn't logged on). =20
| I reinstalled Windows XP (actually I selected the 'repair'=20
| option) and when it finished, I logged on as a different=20
| user (not administrator) and things seemed ok, except that=20
| my DSL network connection icon had disappeared in the=20
| Network Connections panel. I wasn't able to set it up=20
| again so I 'switched users' to the original administrator=20
| user account. On that desktop I had a shortcut to my DSL=20
| connection but it didn't work. Again, the DSL network=20
| connection icon was missing in the Network Connections=20
| panel so I called my ISP tech assistance line. While on=20
| the phone with them, they instructed me to reboot and=20
| after I did that, ALL icons were missing in the Network=20
| Connections panel. About 30 seconds later, the system=20
| shut down on it's own as above. When the dialogue box=20
| saying it was replacing Windows files appeared, I simply=20
| turned off the power and it remains off for the moment.
|=20
| My computer is not on a network. It's the only computer=20
| in my home. I don't open attachments I don't expect - I=20
| even have the preview pane turned off. However, I did not=20
| have anti-virus software installed at the time and I did=20
| have the telnet service activated, under Administrator=20
| services.
|=20
| Could this be the work of a hacker, or does it sound like=20
| a virus? Any advice would be appreciated.
|=20
| Thanks!

Greetings --

If you connected the PC to the Internet without having first
installed the KB824146 Hotfix, without having first installed an
antivirus application with current virus definition files, and before
enabling a firewall, you're very likely to get infected from any of
the thousands of PCs on the Internet that are constantly broadcasting
the Blaster and/or Welchia worms.

Microsoft Security Bulletin MS03-39
http://support.microsoft.com/?kbid=824146

What You Should Know About the Blaster Worm
http://www.microsoft.com/security/incident/blast.asp

W32.Blaster.Worm a.k.a. W32/Lovesan.Worm
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.html

W32.Blaster.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.blaster.worm.removal.tool.html

W32.Welchia.Worm a.k.a. W32/Nachi.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.welchia.worm.html

W32.Welchia.Worm Removal Tool
http://www.symantec.com/avcenter/venc/data/w32.welchia.worm.removal.tool.html

McAfee AVERT Stinger
http://us.mcafee.com/virusInfo/default.asp?id=stinger


Bruce Chambers

--
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html

You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH


"Eric Rosenwinkel" > wrote in message
...
> Last night I had my DSL connection open and had stepped
> away from the computer when suddenly I saw an alert come
> up saying the system was shutting down. A timer was
> counting down from 1 minute, saying save all work, etc.
> Then a box appeared saying 'some Windows XP files were
> being overwritten by unrecognized versions, you may need
> to insert your Windows XP installation disk.' The system
> shut down and when it restarted everything seemed normal
> except that it shut down again the same way within about 3
> minutes (this time the DSL connection wasn't logged on).
> I reinstalled Windows XP (actually I selected the 'repair'
> option) and when it finished, I logged on as a different
> user (not administrator) and things seemed ok, except that
> my DSL network connection icon had disappeared in the
> Network Connections panel. I wasn't able to set it up
> again so I 'switched users' to the original administrator
> user account. On that desktop I had a shortcut to my DSL
> connection but it didn't work. Again, the DSL network
> connection icon was missing in the Network Connections
> panel so I called my ISP tech assistance line. While on
> the phone with them, they instructed me to reboot and
> after I did that, ALL icons were missing in the Network
> Connections panel. About 30 seconds later, the system
> shut down on it's own as above. When the dialogue box
> saying it was replacing Windows files appeared, I simply
> turned off the power and it remains off for the moment.
>
> My computer is not on a network. It's the only computer
> in my home. I don't open attachments I don't expect - I
> even have the preview pane turned off. However, I did not
> have anti-virus software installed at the time and I did
> have the telnet service activated, under Administrator
> services.
>
> Could this be the work of a hacker, or does it sound like
> a virus? Any advice would be appreciated.
>
> Thanks!