How I Got Rid of Sasser -- Is It Okay? ...

[Linda W.]

Hello ...

My computer was infected with the Sasser worm -- twice -- over the
weekend.

I called Hewlett Packard because my computer is still under warranty.
However, I was told that HP charges $40 to tell someone how to deal
with the worm, even if the computer is under warranty.

So I decided to see if I could do it myself.

I am using Windows XP.

I did a system restore back a few days. I got online fine and was
doing some exploring when the worm found me again.

So I did another system restore back a few days more.

This time, I went right to the Microsoft Web site and followed the
instructions there re: the Sasser worm.

I confirmed that my firewall was operating.

Then I downloaded and stalled the security patch for the Sasser worm.

Then I clicked on the box on the Microsoft Web page that checks to see
if the worm is found on the computer.

The message I received said that my computer was not infected.

So I left the computer at that system restore point, with the patch
now installed.

The computer works fine.

Is there anything else I need to do, or is what I did sufficient?

Many thanks for any information.

Linda W.

 

[GSV Three Minds in a Can]

Bitstring <[email protected]>, from the

This time, I went right to the Microsoft Web site and followed the
instructions there re: the Sasser worm.

I confirmed that my firewall was operating.

Then I downloaded and stalled the security patch for the Sasser worm.

Then I clicked on the box on the Microsoft Web page that checks to see
if the worm is found on the computer.

The message I received said that my computer was not infected.

So I left the computer at that system restore point, with the patch
now installed.

The computer works fine.

Is there anything else I need to do, or is what I did sufficient?

What you did is sufficient, however it'll only =stay= sufficient if you
leave the firewall on, install MS security patches when they are
released (auto update is good for that), and you really ought get
yourself some Anti Virus software too.

Alternatively www.google.com and search for "safe hex", which'll get you
mroe stored knowledge than you probably need. You are not alone .. the
UK Coastguard service has been computerless most of today from the same
cause. Hopefully someone will be keelhauled.

 

[kurt wismer]

Hello ...

My computer was infected with the Sasser worm -- twice -- over the
weekend.

I called Hewlett Packard because my computer is still under warranty.
However, I was told that HP charges $40 to tell someone how to deal
with the worm, even if the computer is under warranty.

So I decided to see if I could do it myself.

I am using Windows XP.

I did a system restore back a few days. I got online fine and was
doing some exploring when the worm found me again.

So I did another system restore back a few days more.

This time, I went right to the Microsoft Web site and followed the
instructions there re: the Sasser worm.

I confirmed that my firewall was operating.

Then I downloaded and stalled the security patch for the Sasser worm.

Then I clicked on the box on the Microsoft Web page that checks to see
if the worm is found on the computer.

The message I received said that my computer was not infected.

So I left the computer at that system restore point, with the patch
now installed.

The computer works fine.

Is there anything else I need to do, or is what I did sufficient?

there is one thing, you may have simply taken it for granted but some
people neglect to do it and then wonder why their supposedly patched
system is still vulnerable - did you reboot after installing the patch?
if so then it should be all good...

 

[John Donson]

: Hello ...
:
: My computer was infected with the Sasser worm -- twice -- over the
: weekend.
:
: I called Hewlett Packard because my computer is still under warranty.
: However, I was told that HP charges $40 to tell someone how to deal
: with the worm, even if the computer is under warranty.
:
: So I decided to see if I could do it myself.
:
: I am using Windows XP.
:
: I did a system restore back a few days. I got online fine and was
: doing some exploring when the worm found me again.
:
: So I did another system restore back a few days more.
:
: This time, I went right to the Microsoft Web site and followed the
: instructions there re: the Sasser worm.
:
: I confirmed that my firewall was operating.
:
: Then I downloaded and stalled the security patch for the Sasser worm.
:
: Then I clicked on the box on the Microsoft Web page that checks to see
: if the worm is found on the computer.
:
: The message I received said that my computer was not infected.
:
: So I left the computer at that system restore point, with the patch
: now installed.
:
: The computer works fine.
:
: Is there anything else I need to do, or is what I did sufficient?
:

How about installing a virusscanner (and keeping it up to date?)? (DUH!)

How about installing a real firewall? (DUH!)

How about updating your windows regularly? (DUH!)

Doesn't your ISP check you for competency, before they let you on the net?

 

[Conor]

Hello ...

My computer was infected with the Sasser worm -- twice -- over the
weekend.

I called Hewlett Packard because my computer is still under warranty.
However, I was told that HP charges $40 to tell someone how to deal
with the worm, even if the computer is under warranty.

I don't blame them. Yety another incompetent ****witted user incapable
of installing CRITICAL UPDATES that Microsoft issued for this very
threat NEARLY 4 WEEKS AGO.

You know when Automatic updates tell you there's a critical update to
download? Its a pretty good idea to do it. It stops this sort of thing.

 

[Pistol Pete]

Why can't you just answer the question, or better still, give no input at
all, instead of adding a useless snide remark?

 

[Jerry]

Yeah - he'd be a great guy to have around when you're drowning!!

Why didn't you learn to swim? (duh)
Why didn't you stay out of the water? (duh)
Why did you leave your house? (duh)
Does your mother know you left the house?

 

[Dave Cohen]

MS markets computers meant to be used by a non technical audience. AOL and
others attempt to enhance that environment for the same audience. Before I
retired I finished up doing IT work and can attest that some users find
using computers somewhat intimidating and have no interest at all in the
technical details..
Rather than post snide, smartass remarks in response to individuals
attempting to make sense of topics they shouldn't need to be concerned with,
why not save the sarcasm for those marketing vulnerable software and the
complete idiots who seek to exploit those vulnerabilities to the nuisance of
all for reasons I for one fail to understand.
Dave Cohen

 

[FromTheRafters]

[snip]

How about installing a real firewall? (DUH!)

How does one go about installing a "real" firewall?

Doesn't your ISP check you for competency, before they let you on the net?

I have never heard of an ISP that does this. Not a bad idea though,
after all it *is* their equipment.

 

[John Donson]

: Why can't you just answer the question, or better still, give no input at
: all, instead of adding a useless snide remark?
:

How about your usefull input? Anything on topic to add? How were my tips
useless in preventing infection in the future?

And learn not to top-post.

 

[John Donson]

: Yeah - he'd be a great guy to have around when you're drowning!!
:
: Why didn't you learn to swim? (duh)
: Why didn't you stay out of the water? (duh)
: Why did you leave your house? (duh)
: Does your mother know you left the house?
:

Ah, anotherone crawled from under his rock. And your usefull input is?

 

[John Donson]

: MS markets computers meant to be used by a non technical audience. AOL and
: others attempt to enhance that environment for the same audience. Before I
: retired I finished up doing IT work and can attest that some users find
: using computers somewhat intimidating and have no interest at all in the
: technical details..
: Rather than post snide, smartass remarks in response to individuals
: attempting to make sense of topics they shouldn't need to be concerned
with,
: why not save the sarcasm for those marketing vulnerable software and the
: complete idiots who seek to exploit those vulnerabilities to the nuisance
of
: all for reasons I for one fail to understand.

Yes, and MS also has an easy to use feature to prevent these infections
called auto-update. If that would be turned on by all users, more than half
the sasser infections would have been prevented, because most infections
took place AFTER the patch was released.

 

[Linda W.]

: Hello ...
:
: My computer was infected with the Sasser worm -- twice -- over the
: weekend.
:
: I called Hewlett Packard because my computer is still under warranty.
: However, I was told that HP charges $40 to tell someone how to deal
: with the worm, even if the computer is under warranty.
:
: So I decided to see if I could do it myself.
:
: I am using Windows XP.
:
: I did a system restore back a few days. I got online fine and was
: doing some exploring when the worm found me again.
:
: So I did another system restore back a few days more.
:
: This time, I went right to the Microsoft Web site and followed the
: instructions there re: the Sasser worm.
:
: I confirmed that my firewall was operating.
:
: Then I downloaded and stalled the security patch for the Sasser worm.
:
: Then I clicked on the box on the Microsoft Web page that checks to see
: if the worm is found on the computer.
:
: The message I received said that my computer was not infected.
:
: So I left the computer at that system restore point, with the patch
: now installed.
:
: The computer works fine.
:
: Is there anything else I need to do, or is what I did sufficient?

I'm sorry if you think I'm stupid. I am an independent user and am
attempting to do the best I can manage without the assistance of a
systems administrator, et cetera.

I am also far from a stellar "tech" person.

But I am trying. And I'm trying to learn. That's why I ask
questions. If I have been a bother by asking the questions, I do
apologize.

:

How about installing a virusscanner (and keeping it up to date?)? (DUH!)

I had a trial with Norton. I had been told, however, by some people
(including someone who asked an ISP about this) that if one is not
connected to a network, it is not essential to have a virus scanner,
so I did not renew with Norton.

I realize now, however, that it is probably a good idea indeed to have
the anti-virus scanner. That is why I have been seeking
recommendations on a good product.

How about installing a real firewall? (DUH!)

Again, I have read pros and cons about using a firewall on a home
computer not connected to a network.

From what I've been able to determine at the Microsoft Web site, the
firewall that came preinstalled is considered sufficient. If this is
not the case, I would be most interested in any information you might
be generous enough to share.

How about updating your windows regularly? (DUH!)

Once again -- I've been told pros and cons about this. I've been told
that some people have had frustrations with some of the updates
causing problems with their computers. So I've been uncertain just
what to do about updates.

In fact, I am on the updates notification e-mail list. However, I
have also been getting false notifications of updates from people
claiming to be Microsoft. I get far more of these than I do the
"real" ones.

Consequently, sometimes I don't notice right away that I have received
a "real notification from Microsoft because I have become so
accustomed to receiving the false ones, which I ignore.

Doesn't your ISP check you for competency, before they let you on the net?

I've been on the Internet for years, using various ISPs. I have not
been checked for competency. Apparently you feel I should be.

Either way, I am trying to learn. That's why I ask questions.

I apologize if my questions are boring or stupid.

Linda W.

 

[Linda W.]

Thank you for your kindness.

And I am sorry if my question(s) were bothersome.

Linda W.

 

[Linda W.]

Bitstring <[email protected]>, from the


What you did is sufficient, however it'll only =stay= sufficient if you
leave the firewall on, install MS security patches when they are
released (auto update is good for that), and you really ought get
yourself some Anti Virus software too.

Alternatively www.google.com and search for "safe hex", which'll get you
mroe stored knowledge than you probably need. You are not alone .. the
UK Coastguard service has been computerless most of today from the same
cause. Hopefully someone will be keelhauled.

Thanks for the reassuring words.

I'll leave the firewall on. And I'll try to stay more current with
the updates. (Do you have any opinion on how one should decide which
ones to install and which ones to not bother with? As a general rule,
should one check for and always install critical updates?)

And I'm looking for a good anti-virus program.

Any opinions about McAfee? (I'm not sure if I should start a new
thread or if poeple would get annoyed.) But they have a good rebate
offer right now and I was thinking of trying their anti-virus.

Thanks so much.

Linda W.

 

[Linda W.]

Bitstring <[email protected]>, from the


What you did is sufficient, however it'll only =stay= sufficient if you
leave the firewall on, install MS security patches when they are
released (auto update is good for that), and you really ought get
yourself some Anti Virus software too.

Alternatively www.google.com and search for "safe hex", which'll get you
mroe stored knowledge than you probably need. You are not alone .. the
UK Coastguard service has been computerless most of today from the same
cause. Hopefully someone will be keelhauled.

P.S. I hadn't been familiar with Safe Hex, but I will check that out, too.

Thanks.

Linda W.

 

[Linda W.]

there is one thing, you may have simply taken it for granted but some
people neglect to do it and then wonder why their supposedly patched
system is still vulnerable - did you reboot after installing the patch?
if so then it should be all good...

Thank you so much.

Yes, I did reboot.

Linda W.

 

[Linda W.]

I don't blame them. Yety another incompetent ****witted user incapable
of installing CRITICAL UPDATES that Microsoft issued for this very
threat NEARLY 4 WEEKS AGO.

You know when Automatic updates tell you there's a critical update to
download? Its a pretty good idea to do it. It stops this sort of thing.

Sorry if I'm stupid. (And -- well -- the other word you used, which
I'd rather not use again here.)

As I mentioned in another response -- I sometimes miss those Microsoft
notifications because I get so many "fake" Microsoft notifications,
which I ignore.

I guess I overlooked the one from Microsoft to which you are
referring, because I'd gotten the "fake" ones and didn't realize this
was a real one.

Sometimes some people make mistakes. I know I do.

Thank you for your advice.

Linda W.

 

[Linda W.]

Dave ...

Thank you for these understanding and perceptive comments.

It can be difficult for those of us who are operating home computers
and are not "technical" by nature.

I do try to learn what I can and to apply my knowledge when I can.
Some of the more advanced issues can indeed be intimidating, but I do
try to ask questions, do Internet searches, and try things on my own
in an effort to become a better and more informed computer user.

That's how I came to think of my "virus solution" this weekend. I'd
learned how to do a system restore, and so I attempted to think it
through for a solution.

Apparently I did okay.

And I learned even more in the doing.

And now I continue to learn even more, thanks to the helpful and
informative information that has been shared here.

Thank you.

Linda W.

 

[Beauregard T. Shagnasty]

Quoth the raven named Linda W.:


Good idea. I'd recommend either Kerio or ZoneAlarm for starters. Both
are free. There are others.

Again, I have read pros and cons about using a firewall on a home
computer not connected to a network.

When you go check email, you are connecting to a network. The internet
is a network. You could be found and infected in seconds if you are
not firewalled and patched.

From what I've been able to determine at the Microsoft Web site,
the firewall that came preinstalled is considered sufficient. If
this is not the case, I would be most interested in any information
you might be generous enough to share.

I manufacture and sell Lada automobiles.

My web site tells you Lada automobiles will fulfill your every need,
no matter what you require for an automobile.

(no I don't really make Ladas, but you get the idea)

Once again -- I've been told pros and cons about this. I've been
told that some people have had frustrations with some of the
updates causing problems with their computers. So I've been
uncertain just what to do about updates.

'Tis far better to keep up than to worry about an occasional glitch.
Personally, I've never had such a glitch.

In fact, I am on the updates notification e-mail list. However, I
have also been getting false notifications of updates from people
claiming to be Microsoft. I get far more of these than I do the
"real" ones.

The false ones are virus-generated and will have an attachment. This
is the virus looking for new victims. Microsloth never sends patches
or attachments.

I've been on the Internet for years, using various ISPs. I have
not been checked for competency. Apparently you feel I should be.

No, but after years of experience, you are asking more or less newbie

Either way, I am trying to learn. That's why I ask questions.

Well then, all is well.