If you have any version of Windows XP, Windows 2000 or Windows NT 4.0, and do not regularly (weekly) use Windows update, (and also do not update your virus definitions for your antivirus software), you may (probably) have the "Welchia" (aka "Nachi") virus.

This virus appeared in the last 3-4 weeks. It doesn't come through email. It spreads through a security flaw in your Windows operating system. Microsoft fixed this flaw back in July.

Here are things you should do (IN THIS ORDER):

1. Download to your computer the following Symantec removal tool. (Click on the "W32.Welchia.worm" link below.)

   W32.Welchia.worm (The name of the removal tool is: "FixWelch.exe")

   Disconnect from the internet after downloading the tool.

   Instructions for running this tool are supplied on the website.

   (URL for all Symantec removal tools: http://securityresponse.symantec.com/avcenter/tools.list.html)

2. Download and install the Microsoft security update for your operating system (see below.) Remember where you downloaded the update to so you can run it after it has downloaded.

   To download the security patch, click on the operating system your computer has below:

   Windows XP

   Windows 2000

   Windows NT 4.0

   Disconnect from the internet after downloading the security patch.

3. Run the "Welchia" removal tool again in case you got reinfected while downloading the security update.

4. Update your antivirus software for the latest virus definitions. (ASDE recommends using Norton antivirus software. If you have Norton antivirus, just run the "Live Update" feature to update your definition files.)

5. Download and install all other Microsoft Critical updates. (Only the Critical updates are necessary.) The URL for Windows updates is: http://v4.windowsupdate.microsoft.com/en/default.asp

Sincerely, ASDE Computer Services