 |
 |
I've ran that particular scan tool on some hosts over here in the College of business. I found in some cases that DCOM was disabled in the registry. (HKLM\software\microsoft\ole) EnableDCOM should be Y On some that came back I found trojans on the PC's as a result of the RPC vulnerability. Often they run processes that disable the ability for a system admin to connect to them remotely. I submitted some of the trojans found to Symantec. Tim -----Original Message----- From: Richard Houang [mailto:[log in to unmask]] Sent: Friday, September 05, 2003 11:46 AM To: [log in to unmask] Subject: Re: New "Image" of our Virus Removal/Security Patch CD is available for download if needed I followed the instruction and installed the service patch, etc. But when I ran checkmenow, it said "unable to determine patch status; please investigate." Any ideas? ----- Original Message ----- From: "scott thomas" <[log in to unmask]> To: <[log in to unmask]> Sent: Thursday, September 04, 2003 6:55 PM Subject: New "Image" of our Virus Removal/Security Patch CD is available for download if needed > We have just posted a new image of the latest CD that we are distributing to > students for removing and patching systems on campus. It has been upgraded > to be menu driven and has additional tools and service packs (see more info > below). Feel free to download it and burn copies if you find it useful. We > ordered a limited quantity of version 2.0 of the CD to be duplicated from > University Printing and will be distributing them from 306 Computer Center > to students, faculty, or staff on an "as needed" basis starting tomorrow. > > It is available from a link at http://help.msu.edu/virus/ > > > MSU Security Patch CD Version 2.0 > --------------------------------- > This updated CD Contains: 1) auto start and menu selections, 2) patches for > Windows XP and Windows 2000 for the security hole that is exploited by the > Blaster and Welchia Virus's, 3) fixes for the Blaster and Welchia Virus from > menus and Klez and Sobig in a folder on the CD, 4) Windows 2000 Service Pack > 4 (Service Pack 2 or greater is required to apply the Windows 2000 patch), > and a "checkme" file that runs a Microsoft tool that can be used to check if > an individuals computer is patched. When the CD is opened it also creates an > "MSU_Virus_Tools" directory that copies over the virus fix tools to the c: > drive of the pc for later use if necessary. > > > Scott G. Thomas > Division Mgr, Computing Services > 408A Computer Center > Michigan State University > 517-355-4500 x142 >