Results 1 to 8 of 8

Thread: Help with infection

  1. #1
    av_envy Guest

    Default Help with infection



    Message Edited by av_envy on 06-21-2006 07:03 PM

  2. #2
    Join Date
    Apr 2004
    Location
    East Coast of Florida - Lightening/Shark Bite Capital of the World
    Posts
    2,477

    Default Re: Help with infection - Sasser



    Hi,

    Download Ewido

    http://www.ewido.net/en/

    After the installaton, search for updates and download any available. Start your computer in safe mode , open Ewido,press scanner, complete system scan, fix anything that is found, next run a full virus scan also fix any problems you have. Restart your computer normally and run some more scans with Ewido and your virus scanner, to make sure your clean. If after the second round of scans the trojan still exist we will have to turn off system restore , go back into safe mode again going through the same procedure as before but see if this works first.

    Hope this info has helped you.

    SlyFox
    "Politeness costs nothing and gains everything".

    Click here for ZA Support

    Avail. 24x7 - Excl. Holiday













  3. av_envy Guest

    Default Re: Help with infection - Sasser



    Hi, I downloaded Ewido and installed on the infected computer, but can't update (no internet access on that pc). In safe mode have run full scan with Ewido, found some medium threat spywares, no serious infection. ZA will not run in Safe Mode - "True Vector Service has encountered a problem and needs to close" and then repeated loop of "The True Vector Internet Monitor has shut down. Do you wish to restart it?" Yes ---> Same window..... Also, no System Restore enabled, so that won't be an issue. Any further direction? Thanks

  4. #4
    Join Date
    Apr 2004
    Location
    East Coast of Florida - Lightening/Shark Bite Capital of the World
    Posts
    2,477

    Default Re: Help with infection - Sasser

    Hi,

    PLEASE try the following solution and PLEASE let me know if it solves your problem or not, Thanks.

    A database reset will fix it if that is the problem. Reset the database this way; you will lose your customizations and will need to reconfigure Zone Alarm.

    1. Boot your computer into the Safe Mode.
    2. Navigate to the c:\windows\internet logs folder.
    3. Delete the backup.rdb and iamdb.rdb files in the folder.
    4. Reboot into the normal mode.

    SlyFox
    "Politeness costs nothing and gains everything".

    Click here for ZA Support

    Avail. 24x7 - Excl. Holiday













  5. Join Date
    Apr 2004
    Location
    East Coast of Florida - Lightening/Shark Bite Capital of the World
    Posts
    2,477

    Default Re: Help with infection - Sasser

    Hi,
    Also, try "Last Known Good Configuration", by tapping F8 on boot up, scroll down until you see it, click on it and reboot computer. PLEASE let me know on your results, Thanks.

    SlyFox
    "Politeness costs nothing and gains everything".

    Click here for ZA Support

    Avail. 24x7 - Excl. Holiday













  6. Default Re: Help with infection - Sasser



    Hi there av_envy

    Here is a symantec link on how to fix the sasser SHOULD you really have it.

    READ THE WHOLE INSTRUCTIONS carefully print out from another computer or friends computer if you can. I personally save it to notepad txt file that I can access in safe mode for example.

    http://securityresponse.symantec.com...sser.worm.html

    You will also have to download the removal tool which probably u will have to get again from another computer or friends - save to diskette probably. I doubt your usb will work in safe mode and probably you can not burn it to cd rom safely ???

    I do not "envy" you on this task as it is quite a few major steps.

    File is 148 k - so you might even save on a diskette.

    PS MS had released a way to avoid this old hole in their patches -

    http://www.microsoft.com/technet/sec.../MS04-011.mspx

    Yes I know sounds like preaching but no one probably told you to do the ms updates.

    AND to update frequently when it tells you to.

    AND I hope you make backups of your important stuff like essays, resumes, cookies, favourites, documents.

    Good luck and let us know how it works out- you will be at it for a good 2 hours.

    I have repaired many pc machines for clients already so I know!

    thanks danny:mansad:

  7. #7
    av_envy Guest

    Default Re: Help with infection - Sasser

    Thanks - I will have to try this tomorrow.... I will let you know if it works. Interestingly, I had applied all MS updates, which I do regularly, as well as updates for other important programs. I also have a working firewall on my router. Thanks again, I will try the fix and let you know.

    Message Edited by av_envy on 06-21-2006 05:47 AM

    Message Edited by av_envy on 06-21-2006 05:48 AM

  8. #8
    av_envy Guest

    Default Re: Help with infection - Sasser

    Hi - I'm not sure which problem this was addressing, but I did it and now am running ZA virus scan in normal mode? Thanks

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •