In response to a widespread internet worm (more details will be available in a second email) we are pushing out a removal tool and a Windows patch to all University-owned and issued computers. Due to the nature of the security threat, we are moving quickly and putting this in place before the start of business on Monday. Instructions for off-campus or non-Drew computers are towards the bottom of this email. Please read this carefully. Failure to follow these directions can not only pose a risk to your computer and data, but those of other network users as well.
If you have any questions, please call the CNS Helpdesk at x3205 or send email to firstname.lastname@example.org
, you will be prompted after login to run a Symantec tool designed to remove this specific malicious software. You must click "I Accept" for the software to run
. After several minutes, you will be presented with the results of the scan. The Windows patch mentioned in that feedback will be applied when your computer shuts down. One minute after the scan completes, the shutdown will automatically occur
. After the reboot, your newly-patched computer will be scanned a second time. Again, please click "I Accept" when prompted
. If it reports no virus was found, please continue your work. If it reports that it found and removed the virus after this second pass, please shut down and re-start your computer one more time via the Start Menu
Drew-issued, on-campus computers with Windows XP Service Pack 1
(some older desktops - primarily Compaq and HP models and old laptop models may have Service Pack 1) cannot be patched without a major update
. They need to be updated to Windows XP Service Pack 3 before they can be patched against the vulnerability. The computer can be cleaned, but will be reinfected quickly. Call the Helpdesk at x3205 if you have Service Pack 1
. You can check by right-clicking on "My Computer" on your Windows XP system and selecting "Properties". The service pack level is listed under the "System" heading.
If you are NOT on campus, or have a non-Drew-issued computer running Windows XP or Vista
, you will need to use the Windows Update feature to update your computer. If your computer is already infected, the worm prevents Windows Update from running correctly, and also blocks you from accessing Symantec's web site, among others, so you can't download the disinfection tool from their web site. You can get a copy of it at:
Once you do that and reboot, you should be able to get to Windows Update. If you are a Windows XP users using Windows Update should install Service Pack 3 and then return to Windows Update after that to check for remaining packages.
This could take a considerable amount of time, depending on the speed of your internet connection. We strongly recommend you re-run FixDownadup.exe again after you have installed all critical Windows patches