Jump to content
xisto Community
Sign in to follow this  
soleimanian

How to recognize and remove Sasser Internet worm?

Recommended Posts

Name: Sasser
Nick name: Sasser.A, Worm.Win32.Sasser.a
Size: 15872
All version of this worm attack by "MS04-011 (LSASS)".
MS04-011 (LSASS) cause overrun buffer in Local Security Authority Subsystem Service.
Related:
1- this worm can run in Win 2000/Xp
2- There isnât any security Patch.
3- This worm cause connect to Internet without any Firewall.
4- One of the characteristics of this worm is following file "C:\win.log",
5- This worm make a traffic on the TCP,9996,445 and 5554 Ports

To remove this worm:
1- go to following address and download anti worm, https://www.f-secure.com/en/web/home_global/products

OR

2- go to Microsoft update and download Microsoft patch MS04-011

OR
3- Run Task Manager, close "avserve.exe", and delete AVSERVE.EXE from Windows Dir.

Share this post


Link to post
Share on other sites

Correct. My dad got bit by this virus because he is extremely computer illiterate and keeps turning off his virus scanner somehow. Anyway, he has a current and updated version of norton antivirus. It detected some files infected by sasser but could not clean/delete them due to the nature of the infected files and the virus. The cleaning programs will do some very low level things including cleaning memory, etc to make sure that there is no trace whatsoever of it remaining.

Share this post


Link to post
Share on other sites

This worm is quite annoying! Tsk, it really gave me a hard time when I tried to fix it in my dad's office PC. Dang! Good thing there are articles in the net about fixing things. I found this - https://www.microsoft.com/en-us/security/default.aspx - Well, it provides some protection against the worm but the article is focused on Windows users.

Share this post


Link to post
Share on other sites

seems that I am the only lucky ***** who newer cought up with a worm or a VIRUS .. :)I have been on internet for allmost 2.5 yrs now on my Personal PC .. and am online most of the times .. :)I still newer used a firewall software or even an antivirus software .. I think all u need to do is be aware of wat u r doing on net and u will newer catch up with one

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.