LiveMusic Posted May 2, 2004 Share Posted May 2, 2004 WinXp computer. Error will say something about LSA SHELL, whatever that is. Then, a clock starts and then it will shut everything down and reboot. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Mats Olsson. Posted May 2, 2004 Share Posted May 2, 2004 Sasser Worm spreading rapidly http://www.lexam.net/peter/carnut/man.gif What do we want? Procrastination! When do we want it? Later! Link to comment Share on other sites More sharing options...
LiveMusic Posted May 2, 2004 Author Share Posted May 2, 2004 How can I fix? I have about ten more seconds. Bye. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Mats Olsson. Posted May 3, 2004 Share Posted May 3, 2004 Bump for LiveMusic! Guys, can anyone help him? http://www.lexam.net/peter/carnut/man.gif What do we want? Procrastination! When do we want it? Later! Link to comment Share on other sites More sharing options...
LiveMusic Posted May 3, 2004 Author Share Posted May 3, 2004 Ain't this a bitch. This is friend's computer. I have 45 seconds now. It was infected with another virus and I am to fix. Now, this virus. I got to MS site to download and it said MUST HAVE IE. I am using MOZILLA. So, I can't even get a patch for step one. Bye. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Mats Olsson. Posted May 3, 2004 Share Posted May 3, 2004 Go to this page and click a link named "Skip the details and go to Windows Update now" This some info I found about Sasser: "It typically shuts down the computer then automatically re-boots it and repeats this process several times, but is not thought to cause lasting damage." http://www.lexam.net/peter/carnut/man.gif What do we want? Procrastination! When do we want it? Later! Link to comment Share on other sites More sharing options...
LiveMusic Posted May 3, 2004 Author Share Posted May 3, 2004 I've already done that and as I said, it said you must use IE to get it and I use Mozilla. IE was already made non-functional by a previous virus that I was supposed to FIX. (Waiting on serial numbers from the friend to reinstall.) > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Mats Olsson. Posted May 3, 2004 Share Posted May 3, 2004 Symantec have a tool to remove Sasser: web page http://www.lexam.net/peter/carnut/man.gif What do we want? Procrastination! When do we want it? Later! Link to comment Share on other sites More sharing options...
LiveMusic Posted May 3, 2004 Author Share Posted May 3, 2004 You da man, Mats! I fixed it from that Symantec page you posted. Every time I would go online, I only had about 70 seconds before the clock would tick down and then crash. Thank goodness, the fix file was small enough I could download it pretty fast on a dial-up. I have no idea how this computer got this because it's been offline for a week. Maybe when I logged on the one time just prior to it surfacing. I didn't get any email, just surfed three sites. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Mats Olsson. Posted May 3, 2004 Share Posted May 3, 2004 http://www.lexam.net/peter/carnut/man.gif What do we want? Procrastination! When do we want it? Later! Link to comment Share on other sites More sharing options...
Rim Posted May 3, 2004 Share Posted May 3, 2004 Duke, Another useful utility is Stinger by Network Associates (McAfee). You can download it here: http://vil.nai.com/vil/stinger/ It currently detects and removes 41 select viruses and worms, including Sasser. It's not a replacement for a full antivirus program, but they normally include those that have widely propagated. They always update it when they feel necessary so keep downloading the newest version. - Rim aka riffing Double Post music: Strip Down http://rimspeed.com http://loadedtheband.com Link to comment Share on other sites More sharing options...
LiveMusic Posted May 3, 2004 Author Share Posted May 3, 2004 I keep getting it. This is three more times since I first deleted it this morning... after the fix fixes it each time. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Mats Olsson. Posted May 3, 2004 Share Posted May 3, 2004 Sounds like you still need the windows update http://www.lexam.net/peter/carnut/man.gif What do we want? Procrastination! When do we want it? Later! Link to comment Share on other sites More sharing options...
LiveMusic Posted May 3, 2004 Author Share Posted May 3, 2004 Heck, this time, it lasted about two minutes and bamm, again. I don't know how to get the Windows update without IE and IE on here is toast from another virus. I might switch to Mac. This sucks. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Rim Posted May 4, 2004 Share Posted May 4, 2004 Duke, You can download the security patch for that specific vulberability here: http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx Under the Affected Software section, there are links labeled "Download the update" for each different type of Microsoft OS (like XP, 2000, etc.). Download the ".exe" file and then double-click it to run it. - Rim aka riffing Double Post music: Strip Down http://rimspeed.com http://loadedtheband.com Link to comment Share on other sites More sharing options...
LiveMusic Posted May 4, 2004 Author Share Posted May 4, 2004 I have been fighting this sucker all day. I finally got the MS downloads within the past hour. So far, it appears to be working. That doesn't mean much. This has taken part of last night and all day. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
TeleCarlos Posted May 4, 2004 Share Posted May 4, 2004 Just so you all know.. This sucker shut down all the computers at work (a U.S. gov. agency, providing cust service for you all, or all of us) that had XP, leaving us playing cards. My salary is payed by all of you and I actually felt bad. Wish we were better prepared. Guess we live and learn... Link to comment Share on other sites More sharing options...
Cruel Hoax Posted May 4, 2004 Share Posted May 4, 2004 To brute-force stop the worm from shutting down your computer: Select Start Menu->Run and then type "shutdown -a" (without the quotes. Thats shutownspace-a). To prevent yourself from getting re-infected (even if you haven't done Windows Update), right-click your internet connection and select properties. Page over to the rightmost pane, advanced. Check the first option ("protect my computer...") Now disconnect and reconnect. Should keep you safe. You can manually delete the "avserve.exe" and "avserve2.exe" files, if you want, and also the "*_up.exe" file (where * is a four- or five-digit number). You can manually delete the registry entry, too, by using Regedit. (Don't do this unless you're sure of what you're doing, of course!) -Hoax Link to comment Share on other sites More sharing options...
henrysb3 Posted May 6, 2004 Share Posted May 6, 2004 Well, my wife's computer has the worm, but we can't get it on line long enough to download the fix. I captured it to the desktop of my Mac, but can't figure out how to get it on a CD-RW and take it to her Dell. I ran Norton Antivirus from safe mode but it found nothing. I have a Sony disk drive with Discribe and Retrospect software, but I can't figure out how to get this download (which my Mac can't read) onto a disk to see if her Dell will stay on long enough to read it. I told her she needs to update when prompted, and she said she was afraid she'd be charged for something she didn't want or need. I can't understand how anybody could get that impression from Micro$oft. Any links, advice, or even a dreaded Coaster analysis would be welcome. Thanks, Henry He not busy being born Is busy dyin'. ...Bob Dylan Link to comment Share on other sites More sharing options...
LiveMusic Posted May 6, 2004 Author Share Posted May 6, 2004 Henry, the tip by Cruel Hoax above works. It might be your solution. However, I did it before I saw that. I put the link to the download site in my browser, then got back on line and IMMEDIATELY did the download. And I am on dial-up. > > > [ Live! ] < < < Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.