A caller on 5/16/06 described a Windows problem which may (or may not) be the ISASS virus, a/k/a or related to the Sasser worm. He kept getting a 'file missing' message.
Note that there is a real, needed Windows program spelled "lsass.exe". The first letter of the genuine program is a lowercase 'L'.
The virus uses an uppercase 'i' and is written "Isass.exe". The confusion is undoubtedly deliberate on the part of the virus writers.
So we're not certain if the caller has the virus, or is actually missing a used resource.
See the other comments below. Here is Guy Moore's analysis:
Tips on this virus
Another source
Also after removing the Sasser worm users need to do Windows updates. There was a Windows patch that protected computers from this problem.
Using Stinger to remove viruses on Windows based computers:
1. Download the Stinger removal tool using another computer
2. Put Stinger on a floppy then write protect the floppy.
3. Boot in safe mode and choosing the DOS option which I hope will boot OK.
4. Switch to drive A: by typing:
a:
then hit the return/enter key
5. Run Stinger by typing:
stng260
and hitting the return/enter key
Note: In this case "stng260" is the name of the Stinger application. This name may change so look to see what its name is when you download it.
6. Let it scan and clean up the problems
7. Remove the floppy
8. Re-boot hopefully it will boot properly
9. Check for Windows updates right away. Some of these things have had security updates that protect you from them.
Also -- here is a message sent too late for inclusion in the show, from Shawn M.:
"For the lass.exe missing file. I would use the XP installation disc and use the "Repair" windows option. This should reinstall the corrupt or missing file, without losing current files on the HD, , , Great ShoW!!!!"
Finally, we heard from the original caller, Mike O., who had the 'file missing' message:
"I found what I was doing wrong when I could not create the 6 XP boot disks. I now have the 6 disks. My error was that I thought the download from windows would create the disks. That was wrong. A program is downloaded which when executed creates the 6 disks. Got the answer via my son who is kinda a nerd, and he asked me a simple question. (What are you trying to load -- the download program or the program output?) God Bless the American school system."
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment