Tech Talk Discuss PC Hardware, Software, Internet and Other Technology

virus and dial up

Old 05-02-04, 04:43 PM
  #1  
DVD Talk Gold Edition
Thread Starter
 
Join Date: Mar 2000
Location: Smallville
Posts: 2,782
Sasser Worms, it will reboot your system

o/s win xp
when connect to the internet via dial up, after about 2 minutes my computer shut down, i can't stay connect for a long period of time. it said computer will shut down in 30 seconds.
it's this file C:\windows\system32\lsass.exe

i can't even run norton antivirus at all, it keep crashing, i think the virus {dont know what is the name since i can't even scan it}. does anyone know what causes the problem and a solution to correct it.

Last edited by the_dude8; 05-02-04 at 05:08 PM.
the_dude8 is offline  
Old 05-02-04, 04:52 PM
  #2  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Sounds like Sasser virus, Gad it's going to be a long MOnday!

http://news.yahoo.com/news?tmpl=stor...s_040502191735



fix:

http://securityresponse.symantec.com...er.b.worm.html
Lateralus is offline  
Old 05-02-04, 04:55 PM
  #3  
DVD Talk Gold Edition
Thread Starter
 
Join Date: Mar 2000
Location: Smallville
Posts: 2,782
Originally posted by Lateralus
Sounds like Sasser virus, Gad it's going to be a long MOnday!

http://news.yahoo.com/news?tmpl=stor...s_040502191735



fix:

http://securityresponse.symantec.com...er.b.worm.html
thanks for the quick reply.
the_dude8 is offline  
Old 05-02-04, 05:00 PM
  #4  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Originally posted by the_dude8
thanks for the quick reply.
I just read the article on Yahoo and buzzed over here to see if anybody was complaining that their computer was shutting down; and there you were!
Lateralus is offline  
Old 05-02-04, 05:12 PM
  #5  
DVD Talk Gold Edition
Thread Starter
 
Join Date: Mar 2000
Location: Smallville
Posts: 2,782
i tried scanning my computer with adware, but it didnt find the sasser worm. how do i prevent my system from getting worms in the future?
the_dude8 is offline  
Old 05-02-04, 05:16 PM
  #6  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Originally posted by the_dude8
i tried scanning my computer with adware, but it didnt find the sasser worm. how do i prevent my system from getting worms in the future?
This one is spreading because of a Windows vulnerability, run windows update on a regular basis and keep your antivirus and anti-spyware up to date.

Also, this is not spyware; this is a virus.
Lateralus is offline  
Old 05-02-04, 06:18 PM
  #7  
DVD Talk Gold Edition
Thread Starter
 
Join Date: Mar 2000
Location: Smallville
Posts: 2,782
i d/l the software from the link u posted above, i ran it, but when it get to this file C:\documents and settings\thedude8\local setting...\categories[6] htm
i encountered an error, saying something send error to MS or dont send it. i try rebooting the system and ran the removal tool again, but each time i encounter the same error, 5 times at least.
do you know what might causes the problem regarding that error above? thanks
the_dude8 is offline  
Old 05-02-04, 07:11 PM
  #8  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Try Stinger:

http://vil.nai.com/vil/stinger/
Lateralus is offline  
Old 05-02-04, 07:46 PM
  #9  
DVD Talk Gold Edition
Thread Starter
 
Join Date: Mar 2000
Location: Smallville
Posts: 2,782
thanks for the help again lateralus. lateralus, do u know how one get the sasser virus? i read the yahoo link article you provided about, and it seem that the sasser virus does not comes as a email atttachment file.
the_dude8 is offline  
Old 05-02-04, 08:50 PM
  #10  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
According to the Symantec site:

It attempts to exploit the LSASS vulnerability described in Microsoft Security Bulletin MS04-011, and spreads by scanning randomly-chosen IP addresses for vulnerable systems.

I guess your IP was one of the randomly chosen that did not have the patch. Little is known about this virus, I would imagine that a lot more information about this little snugglebug is going to be coming out tomorrow.
Lateralus is offline  
Old 05-03-04, 12:47 AM
  #11  
DVD Talk Limited Edition
 
Join Date: Feb 2000
Location: Sunny Hawaii
Posts: 6,597
You got the virus because your computer was connected to the Internet and you had not patched the security hole in Windows. It required no action on your part other than being connected to the Internet and not having the hole patched.

This is why it's critical on Windows to keep abreast of all the latest security updates, at least weekly. Turn on your Automatic Update feature in Windows. Enable the built-in firewall if you're running Windows XP. Consider buying a firewall if you don't have Windows XP. These are all suggestions that Microsoft prescribes at their "Protect Your PC" site:

http://www.microsoft.com/security/protect/default.asp

If you don't start practicing safe computing practices, you will continue to get infected with new worms and viruses as they begin appearing faster and faster.
TheBang is offline  
Old 05-03-04, 01:46 AM
  #12  
DVD Talk Gold Edition
Thread Starter
 
Join Date: Mar 2000
Location: Smallville
Posts: 2,782
thanks for the link todd b.

the patch i found for the nasty sasser virus, it's one nasty sassy son of a B
http://www.microsoft.com/downloads/d...displaylang=en
the_dude8 is offline  
Old 05-03-04, 08:39 AM
  #13  
DVD Talk God
 
Join Date: Feb 2000
Location: Directionally Challenged (for DirecTV)
Posts: 122,474
I was victimized as well.
Red Dog is offline  
Old 05-03-04, 08:54 AM
  #14  
DVD Talk God
 
Join Date: Feb 2000
Location: Directionally Challenged (for DirecTV)
Posts: 122,474
the patch i found for the nasty sasser virus, it's one nasty sassy son of a B
http://www.microsoft.com/downloads/...&displaylang=en

So is this the one to download if I have already been infected?
Red Dog is offline  
Old 05-03-04, 10:17 AM
  #15  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Try Stinger:

http://vil.nai.com/vil/stinger/

Then run Windows Update
Lateralus is offline  
Old 05-03-04, 12:00 PM
  #16  
DVD Talk God
 
Join Date: Feb 2000
Location: Directionally Challenged (for DirecTV)
Posts: 122,474
Thanks, lateralus - I have to download these things at work and then take them home to fix my PC. Hopefully it works.
Red Dog is offline  
Old 05-03-04, 12:05 PM
  #17  
DVD Talk Special Edition
 
Join Date: Jan 2001
Location: New York, N.Y.
Posts: 1,706
I got infected as well.
By the way, this is NOT a virus, it is a worm.
You get it just by logging into the internet.
If you log into the internet and do absolutely nothing you can still get it.
How it works is it looks for an unprotected computer and then it ftp over the worm and puts it on your computer.

I would highly recommend you use a firewall. This would've prevented you from getting infected. (I had mine turned off).
Windows XP has a built in firewall.
timewaster is offline  
Old 05-03-04, 06:10 PM
  #18  
DVD Talk God
 
Join Date: Feb 2000
Location: Directionally Challenged (for DirecTV)
Posts: 122,474
Those fixes worked - thanks lateralus.
Red Dog is offline  
Old 05-03-04, 06:49 PM
  #19  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Originally posted by Red Dog
Those fixes worked - thanks lateralus.
Now run windows update so it does not happen again.
Lateralus is offline  
Old 05-04-04, 10:24 PM
  #20  
DVD Talk Limited Edition
 
Join Date: Feb 2000
Location: Sunny Hawaii
Posts: 6,597
Make sure you run Windows Update weekly. The patch for this security hole came out on April 13, and the worm was released on April 30. So if you didn't patch in that 2 week period, you were vulnerable.
TheBang is offline  
Old 05-06-04, 02:57 PM
  #21  
Moderator
 
Giles's Avatar
 
Join Date: Dec 1999
Location: Washington DC
Posts: 33,476
Originally posted by Lateralus
This one is spreading because of a Windows vulnerability, run windows update on a regular basis and keep your antivirus and anti-spyware up to date.

Also, this is not spyware; this is a virus.
in terms of spyware, is there a way to get rid of it once it affects a computer - mainly my work computer, which caused multiple negatvie effects to happen today - grrr!
Giles is offline  
Old 05-07-04, 12:43 AM
  #22  
DVD Talk Gold Edition
Thread Starter
 
Join Date: Mar 2000
Location: Smallville
Posts: 2,782
lateralus, do u know what virus is this one?
C:\WINNT\winlogon.exe trojan adclicker
this one is on Win 2000
norton AV detect it but can't delete it, only quarantine it. thanks
the_dude8 is offline  
Old 05-08-04, 09:28 PM
  #23  
DVD Talk Hall of Fame
 
Lateralus's Avatar
 
Join Date: Jun 2001
Location: Valley of Megiddo
Posts: 9,569
Originally posted by the_dude8
lateralus, do u know what virus is this one?
C:\WINNT\winlogon.exe trojan adclicker
this one is on Win 2000
norton AV detect it but can't delete it, only quarantine it. thanks
Do a search here for adclicker.

http://us.mcafee.com/virusInfo/default.asp

As long as it's in quarantine you will be fine, now back to my vacation.
Lateralus is offline  

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Thread Tools
Search this Thread

Archive Advertising Cookie Policy Privacy Statement Terms of Service

Copyright 2018 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.