Solved

VIRUS AFFECTING SYSTEM

Posted on 2004-07-31
6
607 Views
Last Modified: 2010-04-03
MY SYSTEM WILL STUTTING DOWN  BY ITSELF AND IT ILL START COUNTING FROM 60 SECONDS WITH ISASS.EXE WRITTEN.THEN WILL SHUT DOWN AUTOMATICALLY WITH LOSING ALL MY INFORMATION ON THE SYSTEM.
0
Comment
Question by:1-4-4-4
6 Comments
 
LVL 65

Accepted Solution

by:
SheharyaarSaahil earned 500 total points
Comment Utility
Hello 1-4-4-4 =)

What You Should Know About the Sasser Worm and Its Variants:
http://www.microsoft.com/security/incident/sasser.asp

Apply MS Security Bulletin:
http://www.microsoft.com/technet/security/bulletin/ms04-011.mspx

Use One of the Following Removal Tools to Delete the Virus:
======================================
1) Sasser (A-F) Worm Removal Tool (KB841720) >> http://www.microsoft.com/downloads/details.aspx?familyid=76C6DE7E-1B6B-4FC3-90D4-9FA42D14CC17&displaylang=en

2) FxSasser.exe.from Symantec >> http://securityresponse.symantec.com/avcenter/venc/data/w32.sasser.removal.tool.html

3) Stinger from McAfee >> http://vil.nai.com/vil/stinger/

4) SysClean PACKAGE from TrendMicro >> http://www.trendmicro.com/download/dcs.asp

5) SASSGUI\SASSSFX from Sophos >> http://www.sophos.com/support/disinfection/sasser.html

6) ClnSasser from Computer Associates >> http://www3.ca.com/Files/VirusInformationAndPrevention/clnsasser.zip

7) F-Sasser from F-Secure >> http://www.f-secure.com/tools/f-sasser.zip

8) SasserFix2 from Norman >> http://www.norman.com/Virus/Virus_removal_tools/14938

9) QuickRemover from Panda >> http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?lst=sol&idvirus=46865
---------------------------------------------------------
NOTE: plzz see the Relevant Sites for FULL Instructions on Removal in the First Link Before using the Tools

!! GOOD LUCK !!
0
 
LVL 4

Expert Comment

by:LMuadDIb
Comment Utility
it can be tricky trying to grab the fix and the update (not enough time) and to run them before the viri strikes.

use a differrent comp to grab the fix & update if you cant download them fast enough.
After you have them on your comp,make sure you a firewall running to block re-infection. Which can happen fast.
If your not sure, disconnect from the internet totally and reboot... and run the update quickly then the fix
0
 
LVL 8

Expert Comment

by:Jeff Rodgers
Comment Utility
if your PC starts to shutdown, you need to open a command prompt and type " shutdown -a "  this aborts the system shutdown... you should have sufficient time to download any patches or software to fix the problem.

0
 
LVL 2

Expert Comment

by:Shattuc
Comment Utility
oi, Virii Suck. Which OS are you using, very helpful.
first, you can try to manually locate the file.
after the bios goes through start up, hold F8 until a boot menu appears.
Boot in Safe mode
while in windows do a file search fo ISASS.exe
when you locate the file, while in safe mode you should be able to delete it. if not, write down the full file path.
while in windows click start, run
type Sysedit
check for references to isass.exe
remove the references if you find them.
on your win.ini file there is a section near the top that says load=
scroll all the way to the left of the file and make sure there isn't anything hiding there.

now, restart, and use the F8 key to get back to the menu.
choose command prompt only.
 
if you were unable to delete ISass.exe while in safe mode, now is the time to do it
type cd\insert full written down path here no spaces
next, empty your temporary internet files from Dos.
 if you are using windows 98
cd\windows\temporary internet files\content.ie5

dir
type CD directoryname (usually letters and numbers)
type del *.*
type cd\windows\temporary internet files\content.ie5
rd directoryname
repeat until all subdirectories of content.ie5 are gone.

reboot normal

follow the links provided above, immunize your system.
back up everything you want to keep, mainly audio, images, txt files.
try not to back up executable files as they may still be infected.

reinstall your OS, but first do an FDISK and format of your drives.

it is always best to do a clean reinstall after a major infection. this way you can be sure your system is intact when you get back up and running.

get a copy of a good Anti Virus software program, I recommend either PC Cillin
or F-PROT which if I remember correctly is free for non commercial use
get Zonealarm personal firewall if you need one from http://www.zonelabs.com
get a copy of spyware blaster
get a copy of Spybot search and destroy, when you run it you have the option of turning on Spybot S&D resident. which monitors your registry files for changes.
and lastly a copy of LavaSoft Ad-aware.
install in that order, make sure you do the registry backup when you start spybot S&D, sometimes can be very useful when your system starts going places in handbaskets.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

I have written before on the benefits of using a Boot media other than your HDD when it has become infected.   The article I wrote about creating a bootable CD/DVD/USB (http://e-e.com/A_2343.html) was mainly concerned with building a UBCD4Win on CD …
AWS Glacier is Amazons cheapest storage option and is their answer to a ‘Cold’ storage service.  Customers primarily use this service for archival purposes and storage of infrastructure backups.  Its unlimited storage potential and low storage cost …
This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
This Micro Tutorial will teach you how to reformat your flash drive. Sometimes your flash drive may have issues carrying files so this will completely restore it to manufacturing settings. Make sure to backup all files before reformatting. This w…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now