Guest jpurdy2003 Posted August 18, 2004 Report Share Posted August 18, 2004 Alright, so my secondary PC (Windows XP Professional, Gateway) got owned by Sasser back in late April/Early May. I cleared it up with Panda QuickRemove for each variant of the virus (A, B, C, and D) and ran windows update. All has been well since May 7th, which was the day I disconnected it from the internet. It has not been online since. However, symptoms of infection have reappeared (automatic shutdowns for no reason that refer to the "Remote Procedure Call Service"). I thought that the Panda QuickRemove and Windows Update would have fixed the problem, but apparently I'm wrong. My questions to the board are: 1. What's wrong? 2. How do I fix it? Quote Link to comment Share on other sites More sharing options...
Guest riggs867 Posted August 18, 2004 Report Share Posted August 18, 2004 If you go to the registry, you should see: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Run "skynetave.exe" = %WinDir%\skynetave.exe That will tell if you have the virus or not. You might try downloading a different tool this time (i.e. McAfee or Symantec / Norton). They may do some things the other clean tool didn't. I am pretty sure the removal tools are free from both of the big boyz. Microsoft's security patch for W32.Sasser.worm.* can be found at: http://www.microsoft.com/technet/security/bulletin/MS04-011.mspx Since this was one badass worm, and it went through a few variants, it wouldn't hurt to run the latest stuff on your machine again. The D variant (I think the last one) used the file skynetave.exe to spread. You may want to do a search for this file and delete it if you find it. Quote Link to comment Share on other sites More sharing options...
Guest jpurdy2003 Posted August 18, 2004 Report Share Posted August 18, 2004 I'll try these tonight and let y'all know how it works out. Quote Link to comment Share on other sites More sharing options...
stealthmonkey Posted August 18, 2004 Report Share Posted August 18, 2004 I have a better remedy for you specifically. Take 45mm desert eagle & then load. Point end at Computer case and pull trigger. Virus Problem and computer idiot problem fixed. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.