sasser infection

  • Thread starter Thread starter Kelly
  • Start date Start date
K

Kelly

I am running Windows XP Home SP1. I have followed all
the instructions as outlined here:
http://www.microsoft.com/security/incident/sasser.asp

The infection scanning provided at the above location
tells me that my system is clean. I have also ran a
removal tool provided by Symantec, which also says my
system is clean. My issue is that I cannot access the
internet and my system shuts itself down randomly. In
task manager, the Processes screen is blank, so I can't
see if some of the virus processes are running. I'm not
sure what to do. Can anyone help me out?

Thanks,
Kelly
 
Hello,Kelly,
There are a number of virii capable of shutting your
computer down.Are you getting an "erroe message"/Although
bogus,it can help to identify which virus precisely is
causing the shutdowns.

Please run a virus scan at any of the locations below:

Trend:
http://housecall.antivirus.com
http://housecall.trendmicro.com

McAfee:
http://www.mcafee.com/myapps/mfs/default.asp

Panda:
http://www.pandasoftware.com/activescan/

If offered an option to quarentine or delete,opt for
delete.

IF you cannot stay online long enough to complete the
scan,please download and run Stinger (Best saved to
floppy):

stinger:
http://vil.nai.com/vil/stinger/

Post back results,

Sadie
 
Thanks Sadie,

I am not getting an error message anymore. Initially I
was getting the "LSASS.exe error" before a shutdown.
I have ran Stinger and it did find an infection and
removed it. That was a few days ago, but Stinger will
not run anymore. I am still getting random shutdowns and
VERY limited access to the internet. As I said before, I
cannot see any of the processes running in Task Manager,
the processes screen is blank. I have followed all the
instructions provided on Microsoft's website pertaining
to the sasser virus. I've enabled a firewall, downloaded
the appropriate security updates and ran Stinger; as well
as Microsoft's detection tool and they tell me I'm clean.
I'm not sure what to do at this point.

Kelly
 
Hello,Kelly,

Try this which *may* give an insight into what virus is
running amok on your O.S.

Go to start>run>type cmd.

This will open up a command box,carefully type:

tasklist /svc

Then press enter.

Save the list generated (right-click,edit,select all,save
etc)Copy and paste it here.With any luck,we'll then
identify at least the malicious process,and *maybe* even
murder it via the ol' task kill command.
At the very least,I'll find a fix tool/removal
instructions somewhere.

Sadie
 
cmd

I am so sorry-force of habit,I put afull stop at the end
of the sentence.
cmd (no dot.)

Sadie
 
Back
Top