Sasser, or not?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by SusieK, Jul 28, 2005.

  1. SusieK

    SusieK Private E-2

    Hope I'm in the right place.

    Recently my notebook, running XP, has had all sorts of problems, and AVG reported that it had the sasser worm, and that it (AVG) could not heal it. I panicked, deleted AVG, and reinstalled Windows XP.

    There were still all kinds of issues, and a box that kept coming up saying System Shutdown, RPC, NT Authority System. When I looked that up on the web it said I had sasser, so I downloaded the fixsasser tool from Symantec. When I ran it, it said sasser was not found on my system. I installed the Windows patch that was recommended too.

    So sasser isn't there, apparently, but I'm still getting occasional System Shutdown bla bla messages. Please, does anybody have any suggestions?

    Thanks.

    Susie :(
     
    SusieK, Jul 28, 2005
    #1
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Please follow standard cleanup procedures as given below:

    - Run ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    Make sure you check version numbers and get all updates.

    - Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.


    After doing ALL of the above and you still have a problem, make sure you have booted to normal mode and run the steps below:



    [​IMG] Download HijackThis 1.99.1

    [​IMG] Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT

    [​IMG] Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file as your backups will not be safely stored.

    [​IMG]Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.

    [​IMG]Run HijackThis and save your log file.

    [​IMG] Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post as it will be removed).

    [​IMG]Need help with HJT? See this thread: NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting
     
    Major Attitude, Jul 28, 2005
    #2
  3. SusieK

    SusieK Private E-2

    Thank you for all that. I was so daunted that I asked someone else to do it for me, and it's OK now.
     
    SusieK, Aug 18, 2005
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds