Jump to content


Please note: You can easily log in to MPN using your Facebook account!

OT - System Shutdown lSA Shell


Recommended Posts



  • Replies 19
  • Created
  • Last Reply
Ain't this a bitch. This is friend's computer. I have 45 seconds now. It was infected with another virus and I am to fix. Now, this virus. I got to MS site to download and it said MUST HAVE IE. I am using MOZILLA. So, I can't even get a patch for step one. Bye.

> > > [ Live! ] < < <

Link to comment
Share on other sites

Go to this page and click a link named "Skip the details and go to Windows Update now"

 

This some info I found about Sasser:

"It typically shuts down the computer then automatically re-boots it and repeats this process several times, but is not thought to cause lasting damage."

http://www.lexam.net/peter/carnut/man.gif

What do we want? Procrastination!

When do we want it? Later!

Link to comment
Share on other sites

I've already done that and as I said, it said you must use IE to get it and I use Mozilla. IE was already made non-functional by a previous virus that I was supposed to FIX. (Waiting on serial numbers from the friend to reinstall.)

> > > [ Live! ] < < <

Link to comment
Share on other sites

You da man, Mats! I fixed it from that Symantec page you posted. Every time I would go online, I only had about 70 seconds before the clock would tick down and then crash. Thank goodness, the fix file was small enough I could download it pretty fast on a dial-up.

 

I have no idea how this computer got this because it's been offline for a week. Maybe when I logged on the one time just prior to it surfacing. I didn't get any email, just surfed three sites.

> > > [ Live! ] < < <

Link to comment
Share on other sites

Duke,

 

Another useful utility is Stinger by Network Associates (McAfee). You can download it here: http://vil.nai.com/vil/stinger/

 

It currently detects and removes 41 select viruses and worms, including Sasser. It's not a replacement for a full antivirus program, but they normally include those that have widely propagated. They always update it when they feel necessary so keep downloading the newest version.

 

- Rim

aka riffing

 

Double Post music: Strip Down

 

http://rimspeed.com

http://loadedtheband.com

Link to comment
Share on other sites

Heck, this time, it lasted about two minutes and bamm, again. I don't know how to get the Windows update without IE and IE on here is toast from another virus. I might switch to Mac. This sucks.

> > > [ Live! ] < < <

Link to comment
Share on other sites

Duke,

 

You can download the security patch for that specific vulberability here:

http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx

 

Under the Affected Software section, there are links labeled "Download the update" for each different type of Microsoft OS (like XP, 2000, etc.). Download the ".exe" file and then double-click it to run it.

 

- Rim

aka riffing

 

Double Post music: Strip Down

 

http://rimspeed.com

http://loadedtheband.com

Link to comment
Share on other sites

I have been fighting this sucker all day. I finally got the MS downloads within the past hour. So far, it appears to be working. That doesn't mean much. This has taken part of last night and all day.

> > > [ Live! ] < < <

Link to comment
Share on other sites

Just so you all know..

 

This sucker shut down all the computers at work (a U.S. gov. agency, providing cust service for you all, or all of us) that had XP, leaving us playing cards. My salary is payed by all of you and I actually felt bad. Wish we were better prepared. Guess we live and learn...

Link to comment
Share on other sites

To brute-force stop the worm from shutting down your computer: Select Start Menu->Run and then type "shutdown -a" (without the quotes. Thats shutownspace-a).

 

To prevent yourself from getting re-infected (even if you haven't done Windows Update), right-click your internet connection and select properties. Page over to the rightmost pane, advanced. Check the first option ("protect my computer...")

 

Now disconnect and reconnect. Should keep you safe. You can manually delete the "avserve.exe" and "avserve2.exe" files, if you want, and also the "*_up.exe" file (where * is a four- or five-digit number). You can manually delete the registry entry, too, by using Regedit. (Don't do this unless you're sure of what you're doing, of course!)

 

-Hoax

Link to comment
Share on other sites

Well, my wife's computer has the worm, but we can't get it on line long enough to download the fix. I captured it to the desktop of my Mac, but can't figure out how to get it on a CD-RW and take it to her Dell. I ran Norton Antivirus from safe mode but it found nothing. I have a Sony disk drive with Discribe and Retrospect software, but I can't figure out how to get this download (which my Mac can't read) onto a disk to see if her Dell will stay on long enough to read it.

 

I told her she needs to update when prompted, and she said she was afraid she'd be charged for something she didn't want or need. I can't understand how anybody could get that impression from Micro$oft.

 

Any links, advice, or even a dreaded Coaster analysis would be welcome.

 

Thanks,

 

Henry

He not busy being born

Is busy dyin'.

 

...Bob Dylan

Link to comment
Share on other sites

Henry, the tip by Cruel Hoax above works. It might be your solution. However, I did it before I saw that. I put the link to the download site in my browser, then got back on line and IMMEDIATELY did the download. And I am on dial-up.

> > > [ Live! ] < < <

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...