Register

Forgot Password

Site FAQ

Home > IT Answers > Security > Sasser… UGHHHHHH

Chetta

100 pts.

Sasser… UGHHHHHH

Antivirus, Desktop, lsass.exe, Sasser, Virus removal, worms

I usually take great pride in how good I am at removing spam and viruses and cleaning a computer to a great potential (at my job and for friends). About 2 months ago I somehow received the Sasser virus. Did 3 different types of virus scans and at least 4 different types of antispware scans. With no results. Over the last 2 months i have formatted my computer, literally, at least 12 times. What happens is about 1/3 times I boot up it comes up with LSA (Export) error or Lsass.exe is shutting down my system. I've checked every program I install to see if it somehow embedding it in to the system and I cannot find anything. I've run HiJack this and had there checker check the data results. I've even switched to a new hard drive. Just been a humongous frustration and suggestions would be greatly appreciated.

Software/Hardware used:

ASKED: March 13, 2009 4:37 AM

UPDATED: March 31, 2009 4:34 AM

RELATED QUESTIONS

Answer Wiki:

Maybe its not you at all. What are you connecting to? Home router, work router? Is there a server between you and the 'outside'? I would start looking back from your device to the internet. Maybe there's another device constantly searching just for your pc, or username and will send a trojan each time you login. If you think it's constantly happening to your pc, no matter what you do, then maybe it's not your pc.

Last Wiki Answer Submitted: March 20, 2009 3:59 pm by mnman66

265 pts.

All Answer Wiki Contributors: mnman66

265 pts.

To see all answers submitted to the Answer Wiki: View Answer History.

RSS - Discussions Help

Discuss This Question:

_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

POSTED: Mar 25, 2009 3:41 PM (GMT)

“Search and Destroy” (not to be confused with “SpyBot Search and Destroy” is at least Malware. Please see the F-Secure WebLog at http://www.f-secure.com/weblog/archives/00001545.html

Also, I did download the Search and Destroy product (in my Lab) and Symantec A/V detected it as MalwarePro, a “Misleading Application”

BigMike10

25 pts.

POSTED: Mar 27, 2009 7:53 PM (GMT)

Yeah, this may not be a malware issue…or a hardware issue. Lsass.exe is a legitimate service for Windows security policy enforcement. What happens when you boot to safe mode with networking?

KevinBeaver

10,785 pts.

POSTED: Mar 31, 2009 4:34 AM (GMT)

The LSASS exploit was fixed with Service Pack 2. If an up-to-date virus scan can’t find any viruses, you should check for conflicting applications. If you use applications similar to TweakXP, you may run into issues like the one you described.

mshen

27,310 pts.

Ask a Question

Browse IT Answers by Topic

>>VIEW ALL TAGS

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.
All Rights Reserved, Copyright 1999-2013, TechTarget | Read our Privacy Policy
Questions and Answers Index 1 | Questions and Answers Index 2 | IT Topics Index 1 | IT Topics Index 2 | Blogs Index | Blogs Tags