|
Home > Archive > General Discussion > September 2001 > please help w/tech issue
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
please help w/tech issue
|
|
|
| getting message "system eror h80004005...unspecified error" Visual Basic error. I click ok and then "out of Memory" pops up. This happens when I try to open MS Word 2000 or wordpad. I cannot open any of the funcions from the menu bar. can someone please help!
and it is not ram. | |
| Joe Blacke 2001-09-19, 8:01 pm |
| 1. Check event viewer if you are running Windows 2000.
2. At a command prompt, type net helpmsg h80004005 | |
| Omletteboy 2001-09-19, 9:02 pm |
| Could be a virus too, the nimda virus can cause a pc to get out of memory errors. Saw it first hand yesterday morning. | |
|
| I believe you are correct. I got an email saying I had a virus attached to an email I sent to someone else. what is this virus you named and how do I get rid of it? I have norton antivirus but it did not pick it up. | |
| Pavlov 2001-09-20, 8:23 am |
| This is straight from www.symantec.com and I highly recommend everyone stay on top of the MS security patches. The patch to save yourself from this was put out several months ago...
----------------
Note: Once a computer has been attacked by W32.Nimda.A@mm, it is very difficult to determine what security settings have been compromised. Unless - by reading the logs - you can be absolutely sure that nothing else malicious has been done to the computer, it may be best to completely reinstall the system. This is the only way you can be 100 percent certain that the computer is clean.
1. Run LiveUpdate to make sure that you have the most recent virus definitions.
2. Locate the line that begins with Shell= in c:\windows\system.ini. Remove all text following Explorer.exe from this line. When finished the line should look like:
shell=Explorer.exe
Note: If Windows is installed in a different location, make the appropriate substitution. Also, some computers may have an entry other than Explorer.exe after shell=. If this is the case and you are running an alternative Windows shell, then change this line to shell=Explorer.exe for now. You can change it back to your preferred shell after you have finished this procedure.
3. If AutoProtect is not enabled, enable it before restarting the computer. For instruction on how to do this please read the document How to enable and disable NortonAntiVirus Auto-Protect.
4. Restart the computer.
5. Start Norton AntiVirus (NAV), and make sure that NAV is configured to scan all files. For instruction on how to do this, read the document How to configure Norton AntiVirus to scan all files.
6. Scan your system with NAV. For instruction on how to run a scan with NAV, please read the document: How to scan for viruses.
7. For each file detected as infected by W32.Nimda.A@mm or W32.Nimda.A@mm (html), choose Repair.
8. For each file detected as infected by W32.Nimda.A@mm (dr), W32.Nimda.enc, W32.Nimda.A@mm (dll), choose Delete.
9. Restore admin.dll and riched20.dll from backup or the Windows/Office .cab files if necessary.
10. Remove unnecessary shares.
11. Delete the guest account from the Administrators group (if applicable). | |
| stefanw 2001-09-24, 10:11 am |
| Another snippet of information ->
NIMDA-ZILLA! This One is a Monster - PE_NIMDA.A (High Risk)
------------------------------------------------------------------------
This worm uses three modes for propagation. It spreads via email, network
shares, or through servers with IIS installed using the IIS Web Directory
Traversal exploit. The worm propagates via email using its own SMTP engine
and also through Messaging APIs. It may execute when the recipient of its
carrier email opens the email using Microsoft Outlook or Outlook Express.
This PE worm arrives as an embedded README.EXE file or as attachment in an
email that has an empty message body and typically, an empty subject field.
It does not require that the target user double-click the attachment for
it to execute.
The worm also propagates through shared drives by searching the network that
the infected machine belongs to, for shared folders with write access. If it
finds one, it drops a randomly named .NWS (Newsgroup posting) or .EML file.
These dropped files also contain the worm as an attachment.
Similar to TROJ_BLUECODE.A, this worm spreads to machines with IIS installed.
It sends a request to a machine with IIS installed, forcing it to download a
copy of ADMIN.DLL from the infected machine. The worm then forces the remote
computer to copy the recently downloaded .DLL file into its root directory.
This PE worm has been classified as high risk. A free fix tool is available at
Trend Micro's Web site.
As of September 21, Trend Micro has received 654,910 reports of infection by PE_NIMDA.A, worldwide. | |
| TW2001 2001-09-24, 6:02 pm |
| "and I highly recommend everyone stay on top of the MS security patches".
I agree.
The patch to save yourself from this was put out several months ago...
buls**&! These virus`s are eating through IIS and IE.MS themeselves (which they of course deny) were not even on top of it.(nimda was on front page.)
The virus is so persistent as well.It likes to come back..even on patched innoculated boxes.
I pity the enterprise that puts it all on MS products.I hate to even think about the next ones which will come...sick fu*&6ers | |
| stefanw 2001-09-26, 5:54 am |
| What virus software do you run (if any)? Try to update that if possible and scan your drives (if your machine will let you do this).
 |
|
|
|
|