Comments
Read the article that everyone's commenting on.
Subscribe to the RSS Feed for comments on this article.
Hi Leo,
Well, im still trying!! I got a big brake when i downloaded SpyBot!! I scaned my hd which only took about 2hrs and its found 52 files of which it couldnt delete 2 of them. one of them is the bridge.dll which im preaty sure is the ronoper.U virus doing its bad deeds. Now, i cannot find anything on the net that can help me rid myself of this pest!! The only thing is on symatec but it means i have to buy it, please tell me there is another way! Im a student, or soon to be, and im real short of cash!! lol. I will keep you up to date :-)
Thank you so much for the help you have given me so far, even if it hasnt worked yet, im sure it will soon.
Domen
You might visit Computer Cops (http://ask-leo.com/d-compcops ) or the forums over at Spyware Info (http://ask-leo.com/d-spywareforums ) - they'll probably ask you to run something called "HiJackThis" (http://ask-leo.com/d-hjt ) which creates a report that they can analyze and give you specific steps to take.
Good luck!
Posted by: Leo at May 27, 2004 7:27 PMHi Leo,
Im still battleing away although i have a feeling i am aproaching the light. I found hijakthis before i posted on here but it would not run. I have tried it again and now it runs for about 4sec before dissapearing into thin air, enogh time for me to creat a log. I will keep you up to date with how im going. This might be the brake i was looking for.
Thanks heaps for your help, even though i dont like crying victory before im in the clear.
:-)
Domen
Hi Leo
I rescently installed windows XP Prof in my laptop and I bought macfee internet security software (Virus Scanner/Firewall/Privacy Protection/SpamKiller) and installed in my laptop and when i connected to the internet using a DSL my system is going Crazy. after five minutes in the internet the name in the start button "START" will disappear and that it am unable to do anything I have to hard boot my system and restart to work for five minutes in the internet and again boom its gone. what should i do. I first thought its a SASSER virus so i downloaded Nortorn AV in a different M/c (My friends computer)and installed in my computer and scanned it didnt detect any virus. I badly need help / suggestion. all my work is in that laptop and am stuck now with no options.
Posted by: Sheik at May 28, 2004 5:56 PMWhile I might not suspect Sasser, I think your instincts on a virus infection feel right on. I'd be tempted to try a virus scan with a different product as well. (Recommendations: http://recommend.pugetsoundsoftware.com ). There's an outside chance this could be caused by spyware, so check this article: http://ask-leo.com/archives/000131.html . And finally, if the machine will run long enough while not connected to a network, a System File Check might also be appropriate: http://ask-leo.com/archives/000074.html .
Good luck!
Posted by: Leo at May 30, 2004 4:39 PMHi Leo
I recently found a company laptop which kept attempting a dial up connection.
After hunting around a bit I found a program called 'wave eggs.exe'.
I managed to get rid of it, but couldnt find anything on the net about it.
Have you encountered it before and how can I protect against it?
Thanks
I just addressed that in a new post: http://ask-leo.com/archives/000154.html
Posted by: Leo at June 1, 2004 9:50 AMhey,
I am infected with the virus lsass.exe, it restarts the computers contigously.
i dont know how to cure myself from that. please help me, i cant connect to the internet. because as i connect , in the very next 15 minutes it restarts. please help me.
regards
Anjum
You need to read the full article here. All the information I currently have is in it.
Posted by: Leo at June 1, 2004 4:15 PMHi Leo,
I got the LSASS.exe infected on my computer (running window 2000). When I saw the error message, I renamed the "lsass.exe" to "lsass_old.exe". Now, I can't start my computer (not even in safe mode). The hd is in "NTFS" format, is there any way I can rename the file back and following the right path to clean the virus?
Thanks,
Frank
Subscribe to the RSS Feed for comments on this article.
To post a comment on "What are "LSASS", "LSASS.EXE" and "Sasser" and how do I know if I'm infected? What do I do if I am?", please return to that article's main page.