Tojo
December 20th 03, 11:42 PM
Hello
A friend of mine got infected with the Welchia/Nachi worm virus in it's XP
machine. I ran the Stinger utility and it said it was removed from the
system but I still see 5 svchosts processes in the processes list, the
regedit and NAV processes are stopped seconds after they're started and none
of the Microsoft security patches can be installed. The integrated firewall
is on. Could somenone give any directions on this please?
Thanks,
Tojo
Doug Knox MS-MVP
December 20th 03, 11:42 PM
They are still infected. See www.dougknox.com, Win XP Utilities, Create
Emergency Copies of Critical XP System Utilities. This small VB Program
will create backup, usable copies of Task Manger, Regedit and MSConfig
(named Taskmgr1.exe, Regedit.com and MSConfig1.exe) in a new folder
C:\EmergencyUtil. Many virus programs will intercept these programs, based
on their original file name. The modified file names, allow them to be run.
Open Windows Explorer to C:\EmergencyUtil and double click the application
you need. The next revision will allow you to browse for the folder you
want to place the backups in.
Additionally, see the Win XP Utilities section for Startup Programs Tracker.
This small utility scans your system for startup programs and running
processes. It also allows you to create a log file that can be copied and
pasted into a newsgroup post. The contents of the program window are also
copied to the Windows Clipboard, automatically. For replies to newsgroup
posts, do NOT include the Running Services, unless its absolutely necessary.
--
Doug Knox, MS-MVP Windows XP/ Windows Smart Display
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Associate Expert
ExpertZone - http://www.microsoft.com/windowsxp/expertzone
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Tojo" > wrote in message
...
> Hello
>
> A friend of mine got infected with the Welchia/Nachi worm virus in it's XP
> machine. I ran the Stinger utility and it said it was removed from the
> system but I still see 5 svchosts processes in the processes list, the
> regedit and NAV processes are stopped seconds after they're started and
none
> of the Microsoft security patches can be installed. The integrated
firewall
> is on. Could somenone give any directions on this please?
>
> Thanks,
> Tojo
>
>
vBulletin® v3.6.4, Copyright ©2000-2024, Jelsoft Enterprises Ltd.