Announcement

Collapse
No announcement yet.

Got hit by Sasser

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Got hit by Sasser

    and it'a pissing me off, I can't install any patches because the CPU utilization hits 100% on this slow antiquated PC and services.exe is shutting it down.

    How do I stop it from initially restarting so I can install the patches?

    Thanks,
    Elie
    Tags: None
  • #2
    I believe "shutdown -h" in run/commandline did tre trick. (would have to also google to make sure...)

    Comment

    • #3
      Thanks, did some more digging, turns out that this is more serious than I thought!

      What's shuttuing my system down is services.exe caused by a backdoor trojan, so I have a few files to fix this, I will try and let everyone know how it got fixed.

      Comment

      • #4
        Update: A system restore to a previous time (three weeks ago) actually worked, was able to install SP2 which fixed the problem permanently.

        Regards,
        Elie

        Comment

        • #5
          Originally posted by Elie View Post
          and it'a pissing me off, I can't install any patches because the CPU utilization hits 100% on this slow antiquated PC and services.exe is shutting it down.

          How do I stop it from initially restarting so I can install the patches?

          Thanks,
          Elie

          WHAT? Is this 2003?
          The Internet - where men are men, women are men, and teenage girls are FBI agents!

          I'm the least you could do
          If only life were as easy as you
          I'm the least you could do, oh yeah
          If only life were as easy as you
          I would still get screwed

          Comment

          • #6
            he must be forgetting the golden rule of never plugging a box directly out to the net
            If there's artificial intelligence, there's bound to be some artificial stupidity.

            Jeremy Clarkson "806 brake horsepower..and that on that limp wrist faerie liquid the Americans call petrol, if you run it on the more explosive jungle juice we have in Europe you'd be getting 850 brake horsepower..."

            Comment

            • #7
              Originally posted by Technoid View Post
              he must be forgetting the golden rule of never plugging a box directly out to the net

              Why would someone do that? Uhh... no, seriously?

              (Don't worry Elie, just giving you a hard time.)

              No, SERIOUSLY?
              The Internet - where men are men, women are men, and teenage girls are FBI agents!

              I'm the least you could do
              If only life were as easy as you
              I'm the least you could do, oh yeah
              If only life were as easy as you
              I would still get screwed

              Comment

              • #8
                Originally posted by Nowhere View Post
                I believe "shutdown -h" in run/commandline did tre trick. (would have to also google to make sure...)

                Heh, its always been, for me :
                Start -> Run -> shutdown -a

                that stops the timer, and closes it down.
                There is a patch from Microsoft to close the hole that sasser uses i think...

                I have used it mostly on french machines, but i don't think the command line interface is affected...could be wrong

                Edit : A week or so ago, i let one of my machines onto the net with no Av and no firewall. I used uTorrent twice on it previously, but not at that time.
                3 seconds. Thats when a wierd .exe file with random name appeared, and my outbound connection went haywire...3 seconds...
                PC-1 Fractal Design Arc Mini R2, 3800X, Asus B450M-PRO mATX, 2x8GB B-die@3800C16, AMD Vega64, Seasonic 850W Gold, Black Ice Nemesis/Laing DDC/EKWB 240 Loop (VRM>CPU>GPU), Noctua Fans.
                Nas : i3/itx/2x4GB/8x4TB BTRFS/Raid6 (7 + Hotspare) Xpenology
                +++ : FSP Nano 800VA (Pi's+switch) + 1600VA (PC-1+Nas)

                Comment

                Previous template Next
                Working...
                X