Home > Need Help > Need Help With Sasser-like Virus

Need Help With Sasser-like Virus

You list two, there's also Sasser and several others. Update: As was predicted, follow-on viruses that exploit the same vulnerabilities that Sasser exploits are starting to show up. The intent of the originator doesn't matter at that point. - by Kagehi The point of it kagehi… (3:40pm EST Mon May 03 2004)Isn't the point of it, similar to open Also I noticed this new prosses: the lsass.exe and the alg.exe and it doesnt let me terminate the lsass.exe, saying that: "This is a critical system process. http://thatswp.com/need-help/need-help-here-msn-virus-log.html

Jeezus dude, go back to the short bus and try not to hit yourself in the head so much. - by Geekzilla Sorry Chucky! (5:20pm EST Mon May 03 2004)I'm flaming Run a regular scan of the system with the proper exclusions: >"C:\Documents and Settings\user1\Desktop\FxSasser.exe" /NOFILESCAN /LOG=c:\FxSasser.txt Notes: The greater than symbol (>) is not part of the path. Register now! USER COMMENTS 64 comment(s) Sasser hitting Windows machines big time. (12:54pm EST Mon May 03 2004)On Friday, we had the first Sasser worm which was rated category 3. https://www.symantec.com/security_response/writeup.jsp?docid=2004-050114-1706-99

pepsi-style flamewar that always ensues any time anyone mentions pc vs. Since this now looks pretty much like a virus issue, moving the thread to Security. ---------------- Tony September 5, 2004 5:37 AM Just wondering what the lasting effects of Sasser are. It can also be a great opportunity to justify to senior management what additional financial resources may be needed to contain future outbreaks. Yet, they want zero infections. “Your most unhappy customers are your greatest source of learning.” 0 Login to vote ActionsLogin or register to post comments Would you like to reply?

So your proabably wondering why im rambeling on and when im gona get to the point right? Internet worms are not the only things that can be addressed with information taken from a virus infection. Corn July 18, 2004 11:20 AM Hello, i had the same troubles, i love to spit in my machine and i found lsass.exe en dirote.exe, it was hard to delete it, I know i still have both Bobax.A and Ronoper.U viruses as i have instaled "AVG 6.0 Anti-Virus System" which does not run but it has a scan shell of somesort which

Revisiting our first example, a Sasser outbreak, shows how an infection can point to non-technical problems. As of May 2nd at least three different variants of this worm are in the wild, spreading fast. Boo-hoo. http://ask-leo.com/what_are_lsass_lsassexe_and_sasser_and_how_do_i_know_if_im_infected_what_do_i_do_if_i_am.html John Leo July 17, 2004 8:00 PM You're probably being attacked, and don't have the latest patches.

Those that had not patched have been hit hard. jagadeesh May 25, 2004 5:45 AM my computer is automaticaly shutdown problem basically when i have connected my internet explorer or my outlook experss that time my computer is automatically shutdown There will always be very few people who have the knowledge to successfully exploit a UNIX/Linux/open-source vulnerability. The security firms urged users to install the latest security patches from Microsoft and advised home broadband users to install and run a firewall.

However, IDS detection is certainly capable of pointing out a lot of failed logins to SMB resources, which is an anomaly that often indicates a worm is trying a weak set https://books.google.se/books?id=cXq8cnsBlrUC&pg=PA75&lpg=PA75&dq=Need+help+with+Sasser-like+virus&source=bl&ots=gyk9scH2U1&sig=fqnXpEHsEgd65B13uvHfQcJwN4w&hl=en&sa=X&ved=0ahUKEwiX4e_ro7zRAhUrGZoKHa4CA7MQ6AEIPjAE http://ask-leo.com/archives/000114.html Eoghan May 18, 2004 9:34 AM I have done what the update has said to do but when i open the host file there is no list of sites. elina May 25, 2004 11:33 PM there r a process "dirote.exe","dorod.exe" appear in my win2000 professional PC,I know it's the Troj virus and serach the website all,but still donnot know what's Then you would not have this problem home users. - by Truth4U Truth4U (11:49am EST Tue May 04 2004)Download Mozilla or Opera and set it as your default browser, and delete

try opening all the ports on any PC that a default XP install leaves open - you'll get hit with something. navigate here still its not allowing me to boot the system. I did a scan yesterday and all seems well. julian October 2, 2004 2:27 PM sorry, i forgot to mention im on windows xp Leo October 2, 2004 4:07 PM I'd try another virus checker.

They are free and extremely good. Run the removal tool again to ensure that the system is clean. And for the bastards who are writing them I have contempt. Check This Out As I have said he was setting up his Bt Broadband first then I think he was going to carry out MS and Antivirus (Norton) updates but he did not get

UPnP Buffer Overflow4 .RPC DCOM Buffer Overflow5. Fortunate security officers may work in organizations that provide a few hours of safe computer training every year, however gathering everyone for a conference each week to talk about viruses is burn them to a CD-ROM) in case for some reason they'd need to be replaced, but it seems unlikely.

Make sure windows is up to date, and if you're running Windows XP, enable the firewall when on the road.

Tim Nelson June 10, 2004 9:34 PM Hello. Helping people with computers... That's why I've been continually recommending the use of a firewall, such as a NAT router or XP's built in firewall. If i run shutdown -a it will stop but the taskmanager items retain their user identity instead of reverting to unknown and i regain my cpu power Is this the sasser

Stacia June 7, 2004 4:37 PM Leo, you have brought my sanity back, I bought a new laptop over the weekend, and that day got infected, this thing is rife! rafi June 24, 2004 2:16 AM My PC is shuting down every 15min it is showing error of your windows going to shutdown within 50seconds ther is some error in lsass.exe Learn it or stay stagnant. - by 1 sweet whirled Afterthought (2:45pm EST Tue May 04 2004)Security should not be an afterthought.UNIX and Linux and open source software were designed with this contact form Is it because it's not worth hacker's time?

Also during Windows loading up and Login Screen, is my computer vulnerable? Recommendations here: http://ask-leo.com/d-recommend Misty July 14, 2004 12:53 PM I am attempting to download the patch and use the removal tool, however shutdown -a does not stop the shutdown process on Wizard Re: Windows (3:10pm EST Mon May 03 2004)To Chris- Hurray, someone with half a brain. I checked the hosts file in system32 and everythings fine there, but i cannot sign into hotmail,and ive been having problems with an exponentially slow dialup, after 40 seconds of connecting

Leslie September 18, 2004 3:42 AM I had troubles with Sasser in June, cleaned my computer and now it's OK. This can be as simple as turning on the Internet Connection Firewall included in Windows XP, to purchasing and installing hardware devices such as a NAT router. Idiots who open enclosures in emails get a harsh education. - by Bobster Re: Bob (2:37pm EST Mon May 03 2004)I am a Windows user, and I am not frustrated or The progression isn't usually straight from virus to mass infection, more like:

1.

I *believe* zonealarm will protect you before logging in. Book your tickets now and visit Synology. It is free from worrying about such things as whether all of your fileservers drop offline, whether you really needed those documents on your hard disk, or if the traffic it the cpu usage is 100%.

who uses them anyway !!!!Time will came when Linux will rule and we will have Viruses for Linux Too Just wait and see. - by Dennis Mhango Imma (5:06am EST Tue I try to find out wich one my friend has. It appears in my task manager and starts to sap all cpu power. The main reason that I am safe is that I don't run outlook, I use instead a mail client that doesn't even have a scripting language(pegasus mail), doesn't render images that

You may need to disconnect from the network, and possibly boot into safe mode or from a floppy of CD in order to run a virus check on your system. Unfortunately, Sasser shares several behaviors common with other recent viruses. Depending on the costs involved in cleaning up the infection(s), the compromises required may serve as the needed catalyst to spend the money on education and better client-side security tools.