Sign In »
Register Now!
Help
Posted 23 January 2009 - 12:04 AM
This tool is designed to remove the infections of:
Important:
- If you are on a network or have a full-time connection to the Internet, such as a DSL or cable modem, disconnect the computer from the network and Internet. Disable or password-protect file sharing, or set the shared files to Read Only, before reconnecting the computers to the network or to the Internet. Because this worm spreads by using shared folders on networked computers, to ensure that the worm does not reinfect the computer after it has been removed, Symantec suggests sharing with Read Only access or by using password protection.
For instructions on how to do this, refer to your Windows documentation, or the document: How to configure shared Windows folders for maximum network protection.
For further information on the vulnerability and patches to resolve it please refer to the following document:
Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability
F-secure also provides a removal tool: http://www.f-secure....wnadup_al.shtml
If you do not already have this patch .. it should be done as soon as possible.
The MS08-067 Patch - http://www.microsoft.com/technet/security/...n/MS08-067.mspx
Back to top
MultiQuote