Sasser Virus

  • Thread starter Thread starter ad0lescnts
  • Start date Start date
A

ad0lescnts

New member
The other day i got the Sasser virus and it kept messing with my computer. I deleted all my files and reinstalled windows but apparently I still have it.

Does anyone know how to get rid of it? I hear all you need to do is get the new patch from the microsoft website for XP, but i cant get to the website (virus?) does anyone know anythign about this guy?

thanks,
T
 
If it came back, it was probably through your Internet connection after you reinstalled Windows.

www.symantec.com has removal information.

Ed
 
I tried reinstalling windows twice when MSBLASTER hit us last year. Ended up going to Symmantec on another computer to download the patch and burn it to CD. Apperently these buggers have found a place to hide during reinstalls (the second time I didn't connect to the internet for the install, so they are hiding out somewhere...perhaps in the page-file, if it is stored on seperate partition???).
 
yeah,
nothing i've tried has worked for this thing and it's just over the internet, so when you reinstall it just comes back thru the same problem you had before. The thing is smart too, it wont let me go to any antivirus websites that seem to be able to have a solution, or any microsoft websites or windows update. I downloaded the Panda sasser stinger but i still have the problem.

does anyone know how to fix this thing?

thanks,
T
 
Make sure you have turned off system restore. The Symantec sasser removal tool tells you how. I didn't have to reinstall windows at all. Just install updates, use removal tool, and clean system.
 
Assuming that your running WinXP Here is a direct link to the microsoft update:

http://www.microsoft.com/downloads/...9e-da3f-43b9-a4f1-af243b6168f3&displaylang=en

If your running win2k :

http://www.microsoft.com/downloads/...7E-F63A-414C-B3EB-D2342FBB6C00&displaylang=en

Here is some additional information on getting your system stable enough so that you can actually keep your PC up long enough to download the patch:

http://www.microsoft.com/security/incident/sasser.asp


Try that first. If it doesn't work let me know and I can email the update to you. It's a 2.58 Mb file so it should make it through your email.

Problem is that everytime you reinstalled windows, you still have the same Microsoft vulnerability that has caused this issue. We had a couple hundred PC's infected at work on Monday, and simply installing the patch, rebooting and running a virus check seems to work.

You might want to look at getting a linksys router/firewall or a software firewall like zonealarm or something. And always make sure that you update your PC from microsoft.
 
That is why I never regreted having my music pc as a totally stand alone machine not networked to anything at all, and with all Windows network related services disabled.
 
thanks a lot for the info vestast. It still won't let me get to the windows update page. is the virus doing that??

It'd be in utmost debt to you if you could send me the patch. If it's too big for email i can give you the server information for my website if you have FTP capabilities. Thank you very much

T
 
To everyone: get a firewall (zone alarm is free) or use the one that comes with windows. I read that simply have XPs crappy ass firewall enabled prevents the entry of sassar.
 
No problem ad0lescnts. Just send me a PM with your FTP info and I'll upload it to your server. Are you using Win2k or WinXP ? Do you have the latest service pack installed ?

I'm not really sure why you would be having that issue with the update page. Maybe check that you don't have a proxy set up on Internet explorer ? You would check that by selecting tools > internet options > connections > Lan settings and unselect automaticaly detect proxy settings.
 
I just received an e-mail from someone I don't know with an attachment called readme.exe.

So to read it I just need to double-click on the filename, right?












:D :D :D :D
 
dachay2tnr said:
I just received an e-mail from someone I don't know with an attachment called readme.exe.

So to read it I just need to double-click on the filename, right?












:D :D :D :D
Click to expand...

Yes . And if it looks like nothing is happening, just keep double clicking on it.. :p
 
webstop said:
That is why I never regreted having my music pc as a totally stand alone machine not networked to anything at all, and with all Windows network related services disabled.
Click to expand...

What he said.
 
dachay2tnr said:
I just received an e-mail from someone I don't know with an attachment called readme.exe.

So to read it I just need to double-click on the filename, right?
Click to expand...

No. Most likely a virus.

Ed
 
Ed - I sure hope that your just playing along with dachay2tnr....... :eek:
 
You must log in or register to reply here.
Back
Top