Generic Host Process for Win32 Services Error
in [Windows Viruses]
|
From: Kris Antonius Kris on 15 Dec 2008 00:12 Hi Jez, Thanks for your solution, I have download hot fix for 958644 and install it and then restart, the virus not appear again.
From: Baron Thener on 16 Dec 2008 21:00 Dear Mike, If The computer already infected by using this hotfix can it restore the computer condition before it get infected? Thanks "mike" wrote: > Hi! > > I had exactly the same problem on two of our 2003 servers (SP1). > It occurred 2 days ago for the first time. > I´ve found a workaround: > > I installed, in order: > > Hotfix KB914810 (included in SP2) > Hotfix KB932762 > Security update KB958644 > > However the root cause is still unclear. But I suspect the auto update > service. It´s hosted by a svchost instance together with some important > networkservices. > > greetings, > Michael > > "Baron Thener" wrote: > > > Dear Jez, > > After trialing for this couple of days, we take preventive action to update > > the servers. for the last server that was infected we decided to formatting > > the server after we install the antivirus updating the windows update > > suddently the server service is down again. but without any virus warning. > > can it be the windows update contain some kind of bug? or the mcafee is the > > one causing this? I already run of Idea.. please advice > > > > Thanks > > > > "JezRobinson" wrote: > > > > > > > > Hi, > > > > > > This problem appears to be related to the Microsoft Vulnerability that > > > allows remote code execution on ports 139 and 445. > > > > > > Check to make sure you have hot fix 958644 installed. > > > > > > http://www.microsoft.com/technet/security/bulletin/MS08-067.mspx > > > > > > There is a large amount of activity on the web with variants of a virus > > > published last week. > > > > > > So install the Hot Fix and reboot, hopefully that will solve your > > > problem. > > > > > > Over and out. > > > > > > > > > -- > > > JezRobinson > > > ------------------------------------------------------------------------ > > > JezRobinson's Profile: http://forums.techarena.in/members/jezrobinson.htm > > > View this thread: http://forums.techarena.in/security-virus/1077813.htm > > > > > > http://forums.techarena.in > > > > > >
From: David H. Lipman on 16 Dec 2008 21:03 From: "Baron Thener" <BaronThener(a)discussions.microsoft.com> | Dear Mike, | If The computer already infected by using this hotfix can it restore the | computer condition before it get infected? | Thanks NO ! A HotFix will only correct the vulnerability that was used in the exploit that got the PC infected. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Baron Thener on 16 Dec 2008 21:14 Dear Dave, So how to restore the condition of the server before it get infected without have to reinstalling it? "David H. Lipman" wrote: > From: "Baron Thener" <BaronThener(a)discussions.microsoft.com> > > | Dear Mike, > | If The computer already infected by using this hotfix can it restore the > | computer condition before it get infected? > | Thanks > > NO ! > > A HotFix will only correct the vulnerability that was used in the exploit that got the PC > infected. > > -- > Dave > http://www.claymania.com/removal-trojan-adware.html > Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp > > >
From: David H. Lipman on 16 Dec 2008 21:24 From: "Baron Thener" <BaronThener(a)discussions.microsoft.com> | Dear Dave, | So how to restore the condition of the server before it get infected without | have to reinstalling it? Tape for one. Otherwise you have to discern what was changed and undo said changes. In this case, I don't know what infected your Server and thus have no idea what changes were made. -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
First
|
Prev
|
Pages: 1 2 3 4 5 Prev: X12-30107-DLM.EXE Virus or Hacker Hook Next: Fatal Error TNT.11020 |