I figured I'd post this here:
EDIT: Apparently, I should let you know, for those on 2000, backing up your system is recommended, as some of the patches according to one incident, have caused a major slow down in preformance. I've not confirmed this on a 2000 box of my own, but I may do this later in the week to test.With the onslaught of the Netsky virus and newer Sasser virus, this will probably be a good idea to read:
SASSER VIRUS INFORMATIONAnyone using Windows 2000 or Windows XP should immediately run Windows Update at http://windowsupdate.microsoft.com[/i]
BASIC OVERVIEW OF SASSER:This virus is spreading rapidly across the Internet. Unlike viruses sent via Email attachments, this 'worm' virus can infect computers by taking advantage of a security vulnerability in Windows 2000 and Windows XP. It can be spread from computer to computer with no user intervention.
SYMPTOMS:If your computer has been infected, the SASSER virus will cause your computer to frequently restart. While your computer is rebooting, you may also see pop-up systems messages regarding "NT Authority\System" or "LSA Shell". Your computer will attempt to infect other computers without your knowledge.
HOW TO PREVENT INFECTION1. Run Windows Update:[/i]
All customers using Windows 2000 and Windows XP users should run Windows Update at
http://windowsupdate.microsoft.com and follow the on-screen instructions to patch their systems and avoid infection.
2. Update your virus protection software:If you already have virus protection software installed on your computer, you should update it immediately. If you do not have virus protection software installed on your computer, you can visit various free web scans. One such place is Trend Micro:
http://housecall.trendmicro.com/HOW TO REMOVE IT:1. Download and run McAfee's Free Virus Removal Tool[/i] - Stinger If you believe that your computer has been infected, McAfee has released a stand-alone virus removal tool which can detect and can remove this virus. Their free 'Stinger' virus removal tool can be downloaded from their Website:
http://vil.nai.com/vil/stinger/ NOTE: Stinger can only remove the virus, it does not protect your computer from future infection by this virus or any other virus. 2. Run Windows Update:After removing the virus, you should install the Microsoft update to be protected from the SASSER virus:
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx 3. Update your virus protection software:If you already have virus protection software installed on your computer, you should update it immediately. If you do not have virus protection software installed on your computer, you can visit various free web scans. One such place is Trend Micro:
http://housecall.trendmicro.com/ADDITIONAL INFOTo get additional details on the SASSER Virus, visit:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=125008 ------------------------------------------------------------
NETSKY VIRUS INFORMATIONBe very cautious when opening Email attachments. it is recommended to be using an updated Virus Protection software package to avoid being infected by this or other viruses. If you receive an infected Email message, immediately delete it and empty your Deleted Items folder.
BASIC OVERVIEW OF NETSKY:This virus arrives as an infected Email attachment and can infect your computer if the attachment is opened. The virus affects computers running Windows Operating Systems. Once infected, your computer can send out infected Email messages (without your knowledge) to others within your Email address book.
The name of the infected attachment, body of the Email message and the From: line all vary greatly (See below).
TYPICAL SUBJECT LINES FOR EMAIL MESSAGES INFECTED WITH THE NETSKY VIRUS:- Correction
- Hurts
- Privacy
- Password
- Wow
- Criminal
- Pictures
- Text
- Money
- Stolen
- Found
- Numbers
- Funny
- Only
- love?
- More
- samples
- Picture
- Letter
- Question
- Illegal
TYPICAL BODY TEXT OF EMAIL MESSAGES INFECTED WITH THE NETSKY VIRUS:- Please use the font arial!
- How can I help you?
- Still?
- I've your password.
- Take it easy!
- Why do you show your body?
- Hey, are you criminal?
- Your pictures are good!
- The text you sent to me is not so good!
- True love letter?
- Do you have no money?
- Do you have asked me?
- I've found your creditcard.
- Check the data!
- Are your numbers correct?
- You have no chance...
- Wow! Why are you so shy?
- Do you have more samples?
- Do you have more photos about you?
- Do you have written the letter?
- Does it hurt you?
- Please do not sent me your illegal stuff again!!!
TYPICAL EMAIL ATTACHMENT NAMES INFECTED WITH THE NETSKY VIRUS:- corrected_doc.pif
- hurts.pif
- document1.pif
- passwords02.pif
- image034.pif
- myabuselist.pif
- your_picture01.pif
- your_text01.pif
- your_letter.pif
- your_bill.pif
- my_stolen_document.pif
- visa_data.pif
- pin_tel.pif
- your_text.pif
- loveletter02.pif
- all_pictures.pif
- your_letter_03.pif
- your_picture.pif
- abuses.pif
SYMPTOMS:Your computer can only be infected with the NETSKY virus if you opened one of the attachments detailed above. Once infected, your computer will begin sending out copies of the virus Email message without your knowledge, so it is difficult to detect.
HOW TO PROTECT YOURSELF FROM INFECTION1. Delete infected messages and empty your Deleted Items folder.[/i]
2. Update your Virus Protection software:[/i]
If you already have virus protection software installed on your computer, you should update it immediately. If you do not have virus protection software installed on your computer, you can visit various free web scans. One such place is Trend Micro:
http://housecall.trendmicro.com/HOW TO REMOVE IT:1. Download and run McAfee's Free Virus Removal Tool[/i] - Stinger If you believe that your computer has been infected, McAfee has released a stand-alone virus removal tool which can detect and remove this virus. Their free 'Stinger' virus removal tool can be downloaded from their Website:
http://vil.nai.com/vil/stinger/ NOTE: Stinger can only remove the virus, it does not protect your computer from future infection by this virus or any other virus. 2. Update your virus protection software:[/i]
If you already have virus protection software installed on your computer, you should update it immediately. IIf you do not have virus protection software installed on your computer, you can visit various free web scans. One such place is Trend Micro:
http://housecall.trendmicro.com/ADDITIONAL INFOTo get additional details on the NETSKY Virus, please visit:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=124873
