Home > IT Answers > Security > Sasser... UGHHHHHH
Chetta
85 pts.
0
Q:
Sasser... UGHHHHHH
Virus removal, Sasser, worms, lsass.exe, Antivirus, Desktop
I usually take great pride in how good I am at removing spam and viruses and cleaning a computer to a great potential (at my job and for friends).
About 2 months ago I somehow received the Sasser virus. Did 3 different types of virus scans and at least 4 different types of antispware scans. With no results.

Over the last 2 months i have formatted my computer, literally, at least 12 times.
What happens is about 1/3 times I boot up it comes up with LSA (Export) error or Lsass.exe is shutting down my system.
I've checked every program I install to see if it somehow embedding it in to the system and I cannot find anything.
I've run HiJack this and had there checker check the data results.
I've even switched to a new hard drive.

Just been a humongous frustration and suggestions would be greatly appreciated.
ASKED: Mar 13 2009  4:37 AM GMT
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
RELATED QUESTIONS
0
Mnman66
230 pts.
0
A:
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
  • AddThis Social Bookmark Button
Maybe its not you at all. What are you connecting to?
Home router, work router?
Is there a server between you and the 'outside'?
I would start looking back from your device to the internet. Maybe there's another device constantly searching just for your pc, or username and will send a trojan each time you login.
If you think it's constantly happening to your pc, no matter what you do, then maybe it's not your pc.
Last Answered: Mar 20 2009  3:59 PM GMT by Mnman66   230 pts.
  •   
0
0
RSS - Discussions Help
Discuss This Answer:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _



_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

BigMike10   25 pts.  |   Mar 25 2009  3:41PM GMT

“Search and Destroy” (not to be confused with “SpyBot Search and Destroy” is at least Malware. Please see the F-Secure WebLog at <a href="http://www.f-secure.com/weblog/archives/00001545.html" title="http://www.f-secure.com/weblog/archives/00001545.html" target="_blank">http://www.f-secure.com/weblog/archives/…</a>

Also, I did download the Search and Destroy product (in my Lab) and Symantec A/V detected it as MalwarePro, a “Misleading Application”

 

KevinBeaver   7385 pts.  |   Mar 27 2009  7:53PM GMT

Yeah, this may not be a malware issue…or a hardware issue. Lsass.exe is a legitimate service for Windows security policy enforcement. What happens when you boot to safe mode with networking?

 

Mshen   23525 pts.  |   Mar 31 2009  4:34AM GMT

The LSASS exploit was fixed with Service Pack 2. If an up-to-date virus scan can’t find any viruses, you should check for conflicting applications. If you use applications similar to TweakXP, you may run into issues like the one you described.

 
0