Sasser / w32/sdbot.worm virus

  • Thread starter Thread starter MDJ
  • Start date Start date
M

MDJ

I believe that I have had the newest version of the sasser virus. I managed
to eventually clear it from my PC (WinXP) after having major problems with
my ADSL internet connection i.e. pinging other PC's in the domain and
thereby slowing things down. I have installed all the latest patches etc
which has cleared the pinging problem etc. However I am still finding via my
firewall traffic indicator that my pc is still trying to access something
external ??? - COMC ???.

Can anyone pass some light on this problem ??.

Regards

Mart
 
1) Download the following three items...

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp

Adaware SE (personal free version)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download sysclean.com and place it in that directory.
Dowload the signature files (pattern files) by obtaining the ZIP file.
For example; lpt202.zip

Extract the contents of the ZIP file and place the contents in the same directory as
sysclean.com.

2) Update Adware with the latest definitions.
3) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode
5) Using both the Trend Sysclean utility and Adaware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using both the
Trend Sysclean utility and Adaware
7) If you are using WinME or WinXP,Re-enable System Restore and re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) If you are using WinME or WinXP, create a new Restore point

You can also try some of the below online scanners.

Trend:
http://housecall.antivirus.com
http://housecall.trendmicro.com

F-Secure:
http://support.f-secure.com/enu/home/ols.shtml

McAfee:
http://www.mcafee.com/myapps/mfs/default.asp

Panda:
http://www.pandasoftware.com/activescan/

Kaspersky:
http://www.kaspersky.com/de/scanforvirus

Symantec:
http://security.symantec.com/

BitDefender
http://www.bitdefender.com/scan/license.php

Freedom Online scanner
http://www.freedom.net/viruscenter/index.html


* * * Please report your results ! * * *

Dave






| I believe that I have had the newest version of the sasser virus. I managed
| to eventually clear it from my PC (WinXP) after having major problems with
| my ADSL internet connection i.e. pinging other PC's in the domain and
| thereby slowing things down. I have installed all the latest patches etc
| which has cleared the pinging problem etc. However I am still finding via my
| firewall traffic indicator that my pc is still trying to access something
| external ??? - COMC ???.
|
| Can anyone pass some light on this problem ??.
|
| Regards
|
| Mart
|
|
 
I hope you also use the WinXP FireWall and patch your OS. Otherwise the Sasser or others
will be infecting you before you know it.

Dave




| Many thanks that seems to of got rid of the problem.
|
| Martin
|
| | > I believe that I have had the newest version of the sasser virus. I
| managed
| > to eventually clear it from my PC (WinXP) after having major problems with
| > my ADSL internet connection i.e. pinging other PC's in the domain and
| > thereby slowing things down. I have installed all the latest patches etc
| > which has cleared the pinging problem etc. However I am still finding via
| my
| > firewall traffic indicator that my pc is still trying to access something
| > external ??? - COMC ???.
| >
| > Can anyone pass some light on this problem ??.
| >
| > Regards
| >
| > Mart
| >
| >
|
|
 
Back
Top