Re: Please Help on Computer Virus!
From: Bruce Chambers (bchambers_at_nospamcableone.net)
Date: 07/09/04
- Next message: Don MI <>: "Re: ZoneAlarm ver 5.0.590.015"
- Previous message: Wilson Sheh: "Please Help on Computer Virus!"
- In reply to: Wilson Sheh: "Please Help on Computer Virus!"
- Next in thread: Tom R: "Re: Please Help on Computer Virus!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 8 Jul 2004 21:56:44 -0600
Greetings --
You've apparently contracted the latest worm, W32.Sasser.Worm,
specifically designed to attack people who do not update their
computers promptly and who do not practice "safe hex." In other
words, like Blaster, this worm was developed and distributed _after_ a
patch for the vulnerability was announced and made publicly available.
Further, and also like Blaster, this worm could not affect any
computer whose user had taken the basic precaution of using a properly
configured firewall.
To stay on-line long enough to get the necessary updates, patches,
and removal tools, click Start > Run, and enter "shutdown -a" when the
next Shutdown countdown begins. This will abort the shut down. Also,
make sure you've enabled a firewall before starting, to preclude any
more intrusions while getting the updates/patches/tools.
What You should Know about the Sasser Worm and its Variants
http://www.microsoft.com/security/incident/sasser.asp
Microsoft Security Bulletin MS04-011
http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx
W32.Sasser.Worm
http://www.symantec.com/avcenter/venc/data/w32.sasser.worm.html
A tool is available to remove the Sasser worm variants
http://support.microsoft.com/default.aspx?scid=kb;EN-US;841720
W32.Sasser.Worm Removal Tool
http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html
McAfee AVert Stinger Virus Removal Tool
http://vil.nai.com/vil/stinger/
Bruce Chambers
-- Help us help you: http://dts-l.org/goodpost.htm http://www.catb.org/~esr/faqs/smart-questions.html You can have peace. Or you can have freedom. Don't ever count on having both at once. - RAH "Wilson Sheh" <khsheh@hotmail.com> wrote in message news:48dec4ec.0407081931.1fd733ea@posting.google.com... > Hi, > > I am using Windows XP and dial up to Internet. The XP is newly > installed, so there is no firewall or antivirus or Windows Update on > it. A few days before, when I surfing the net with it, I get the > message of: > > The system process 'C:\WINNT\system32\lIsass.exe' terminated > unepectedly with status code 128. The system will now shut down and > restart.' So, the system restart in 60 seconds. > > However, after I restart the computer, there is NO restart cycle. The > computer can be used the same as before without automatic shutdown > issue. > > Moreover, I downloaded the Sophos Antivirus with the latest virus > signature IDEs, there is no virus detected in it. > > I have also use the http://housecall.trendmicro.com/housecall/start_corp.asp > to scan it online, but still there is no virus infected. > > Can you help me how to solve and tackle the problem? How to check it > is infected, which I think so because of the above message. > > Thanks a lot! > > Wilson.
- Next message: Don MI <>: "Re: ZoneAlarm ver 5.0.590.015"
- Previous message: Wilson Sheh: "Please Help on Computer Virus!"
- In reply to: Wilson Sheh: "Please Help on Computer Virus!"
- Next in thread: Tom R: "Re: Please Help on Computer Virus!"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
