Speakeasy forum

General discussion

Not an academic question: Is your WinXP Security up to date? NEW WORM WARNING!

by Dave Konkel [Moderator] / May 2, 2004 8:30 AM PDT
Discussion is locked
You are posting a reply to: Not an academic question: Is your WinXP Security up to date? NEW WORM WARNING!
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Not an academic question: Is your WinXP Security up to date? NEW WORM WARNING!
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Thanks DK!! Had a machine come in first thing this AM with Sasser on it :)

Was prepared because of your warning.
Already had a disk with the removal tool waiting.
Another of those situations where the customer would have been protected if he/she had been watching for the Windows critical updates. They had it out there for us in April. Oh well, that's part of what keeps me employed (at least part-time!!)

Thanks,
Marcia/Oregon/USA

Collapse -
Re: Sasser

Hi, Marcia.

Glad to help. Unfortunately, my work computer is unusable until they can manually patch it with the updatewhile disconnected from the network -- the guy supposed to roll the critical updates out to thousands of computers on campus somehow missed this one. Hopefully, they'll can him, as it's costing tens of thousands in lost productivity and extra support fees. Sasser is so omnipresent that you'll catch it before yu can install the update from the network Sad

-- Dave K, Speakeasy Moderator
click here to email semods4@yahoo.com

The opinions expressed above are my own,
and do not necessarily reflect those of CNET!

Collapse -
Hi Marcia...

Can I ask a favor? My home machine caught the bug. I can't get on line at all so I downloaded Microsoft's fix to disk here at work. I'm not a super user. Can you give me a short brief on how to install the fix?

Collapse -
Re: Hi Marcia -- Patrick...
by Dave Konkel [Moderator] / May 4, 2004 5:24 AM PDT
In reply to: Hi Marcia...

Hi, Patrick.

I'm sure Marcia will be glad to help, but she may not see your request by the time you're ready to go home. I thus suggest you ask on one of the help forums (either that specific to your particular OS or the Virus and Security forum). Do you have both the patch program and the cleaner? You'll probably have to boot from a floppy, so if you don't know how to change the BIOS to boot from a floppy, and how to make a boot floppy, be sure ask that too.

-- Dave K.
Speakeasy Moderator
click here to email semods4@yahoo.com

The opinions expressed above are my own,
and do not necessarily reflect those of CNET!

Collapse -
Re:Hi Marcia...
by Mary Kay / May 4, 2004 5:52 AM PDT
In reply to: Hi Marcia...

Hi Patrick. ME TOO. I was able to boot up I called my ISP (MSN) and they set me up a temp line and gave me all the directions. Hope you get it fixed be sure you disable system restore and then reconnect it later. There are several good articles on the Virus forum if you have time to copy b4 you go home. good luck

Collapse -
MK and Dave...
by Pat S / May 4, 2004 7:30 AM PDT
In reply to: Re:Hi Marcia...

Thanks guys. I posted on the virus forum first thing this morning and I read all the bad news. I copied some of the info for use at home tonight. One of the things I was able to do Saturday was install the Windows updates that had been delivered in the last couple of weeks but I'm not sure I got the patch. I'll go to MS and add it to my disk. Dave are you saying I should boot using the fix disk? I know how to change the BIOS to do that. I was thinking I start the computer normally nd then run the .exe file on the fix. That's the kind of info I was looking for.

Collapse -
Re: MK and Dave...
by Dave Konkel [Moderator] / May 5, 2004 1:16 PM PDT
In reply to: MK and Dave...

Hi, Patrick.

Hopefully you're fixed up by now. Point is that if the computer is already infected, you can't boot from the hard drive because the machine keeps rebooting before you can apply the patch.

-- Dave K, Speakeasy Moderator
click here to email semods4@yahoo.com

The opinions expressed above are my own,
and do not necessarily reflect those of CNET!

Collapse -
I think MS has instructions on their site. If not, try Symantec. (NT)
by Kiddpeat / May 5, 2004 1:36 PM PDT
In reply to: MK and Dave...

.

Collapse -
Hi Patrick.............
by MarciaB / May 5, 2004 9:58 PM PDT
In reply to: Hi Marcia...

Dave was correct, I never would have seen this in time to help you with your problem..... I just saw this thread for the first time since I had last posted in it.

Sounds like you got things taken care of. It took me awhile that day at work to get the Sasser Worm completely off that machine. Was flying blind somewhat on removal even though I had read about it somewhat from DaveK's post here.

Take care,
Marcia/Oregon/USA

Collapse -
Hi Guys...
by Pat S / May 6, 2004 12:36 AM PDT

Well I'm almost back. My home computer had six different pests. Five have been sucessfully banished but there is a stubborn one called Agobot.14.AX still wandering around. I posted in the Virus forum for help. AVG finds it and attempts to move it to the vault but I get a message that says "System32/soundcontrol.exe cannot be moved". At least I'm able to access the internet. This particular nasty doesn't seem to have much of an effect except for slowing performance on some programs.

Collapse -
Are you running with a fire wall?
by Kiddpeat / May 6, 2004 12:52 AM PDT
In reply to: Hi Guys...

You might want to explore that. Zone Alarm has a free fire wall that does a pretty decent job.

Collapse -
Knocking on wood as I post this! :)
by MarciaB / May 6, 2004 2:10 AM PDT

I have never, ever, had a virus/worm/trojan, or even a major type of adware/malware/spyware infect my machines at home. Part Luck - Big Part Prevention. This is what I run on my WXP Pro machine:
1. Norton System Works - set for automatic updates and automatic full system scan (3x week on scan). I also manually run the NSW checkups a minimum of 1x week. Also set for e-mail protection.
2. AdAware & Search & Destroy - update and run 3-4x week.
3. Zone Alarm Pro - runs in the background - very rarely "bothers" me with anything unless it is new. One must realize you have to "train" some of these programs to do what you want them to do.
4. Windows Updates - I prefer to deal with these manually. I check updates on a regular basis (like 1x wk or so). Since I have a broadband Internet service it only takes a minute or two to get there & download/install it if necessary. So far, since I have changed my machine over to XP, I have opted to install all Critical Updates. I was more "picky" with my W98SE setup.
5. I keep a close watch on anything that I register for or d/l and install on my machine. I will opt to "save" rather than "open" so that I can scan first.
6. I have several e-mail addresses. I utilize Outlook Express for my primary e-mail.I have OE set up with no preview pane and to empty the "deleted items folder" when I exit the program. I am very selective re: attachments, and will save it to a specified folder and scan prior to opening. My other e-mail addresses are for various online ordering and/or registration necessities.
7. I read PC World and PC Magazine. I have learned a great deal from these sources. I also read various help forums to keep up-to-date.

Collapse -
Re: Knocking on wood -- WARNING re Norton Systemworks (2004 only)
by Dave Konkel [Moderator] / May 6, 2004 8:24 AM PDT

Hi, Marcia.

Major warning about Norton SystemWorks -- don't under any circumstances try to use the 2004 version, as apparently they really fouled it up big time in the "upgrade." Last I looked, it had a 0% favorable rating in the
ZDNet Reviews.

-- Dave K.
Speakeasy Moderator
click here to email semods4@yahoo.com

The opinions expressed above are my own,
and do not necessarily reflect those of CNET!

Collapse -
Was aware of that already, DK - I use diff. version - tks though!

and others may not be aware of that issue.

Marcia

Collapse -
Re:Was aware of that already, DK - I use diff. version - tks though!

Pssst....hope some of those retailers don't read this, but what I have been doing Marcia for the past few years is getting the latest Norton System Works free by just waiting out until stores like Best Buy, Circuit City, Office Depot, OfficeMax, put out their ads "free after mail in rebates". To be totally free tho means you must have a UPC code cut out from a previous product. A lot of times they will advertise it for $19.99 or $9.99 after rebates, but just wait until it is free after rebates. I got my 2004 last Nov 2003.

I don't like paying for the new prices Nortons charges for subscription renewals ever since it used to be $3.00 per year. So, what I did on my Win98se and WinME desktops is not renew, and just delete the Anti-Virus only (the renewal is for definitions updates), retaining the excellent Norton Utilities, and Norton CleanSweep. I use the commercial "Go-Back" on my computers, so don't engage the GoBack that is in Nortons System Works.
For a Anti-Virus program, I then use the Free AVG, keeping the good stuff of Norton System Works.

John

Collapse -
(nt) You are a computer person after my own heart, JR!! LOL

.

Collapse -
Another old trick if it still works

is to change the date on your computer to one a year or more into the future, check it in DOS with the DATE command to make sure it's not just windows date changed. When you load the software, whether for 30 days or longer, it sets the expiration date for the software and then you change your computer date back to the current date, which of course gives you a lot more time than was intended by the software.

Collapse -
Re:Heh heh, Man, I love this forum. Anymore tips. I'm all ears here.]:) nt
by Rolway / May 6, 2004 11:21 AM PDT

.

Collapse -
Re:Another old trick if it still works
by John Robie / May 6, 2004 11:33 AM PDT

Err....thanks, didn't know that one. Mischief

Collapse -
If you use Quicken, or other software with a schedule
by Roger NC / May 6, 2004 12:50 PM PDT

Just don't forget to change back date.

And don't open software with date changed, it'll record everything you've got scheduled till that day in the registered as transacted already.

Yeah, hard knocks school, changed date by accident in Windows.

RogerNC

click here to email semods4@yahoo.com

Collapse -
Re: Norton Subs.

Hi, John.

Does the free AVG have the equivalent of Norton's automatic live update? That feature is worth the sub price to me, though it grates on me as well.

-- Dave K, Speakeasy Moderator
click here to email semods4@yahoo.com

The opinions expressed above are my own,
and do not necessarily reflect those of CNET!

Collapse -
Re:Re: Norton Subs.
by John Robie / May 7, 2004 2:07 AM PDT
In reply to: Re: Norton Subs.

Sorry I haven't answered sooner. Went off the Net before you posted and just now returned.

The Free AVG has definition updates about as often as Norton's, but you have to have the pay version to get it automatic like it is available on Nortons. I keep the AVG icon on my Quick Launch Task Bar and manually click on it almost every day or at least every other day to get "live updates" that may be available.

Collapse -
What do you mean....."don't under any circumstances try to use the 2004 version..."

just because you read a few disgruntled peoples comments out of millions who have installed the 2004 version. I have been using Norton Systems works since 1999 with versions, 2000, 2001, 2002, 2003 and currently have the 2004 version which I plan to install on my WinXP machine within the next few months when my subscription expires. Most all those complaints are installation types...and guess why....Nortons went the MS way in the type of registration where you cannot cheat easy and use the program on several computers without screwing up. Also, the computer savy (ability) of people, by not completely uninstalling the older or other versions including other anti-virus programs. The only problem I've seen with Nortons is with the "Live Update" on the Anti-Virus around last January. People went out of their gord complaining in the different forums, but Norton/Semantec gives excellent guidance at their site on how to correct almost any problem. It is just many people do not know or try to know how to get the info. Course' telephone and email to any company help site is a problem.

Collapse -
Re:What do you mean.....

Hi John;

I saw what Dave is talking about too. Did'nt read too much about it because I use 2003 and do not plan on changing it. Any time I ever installed Nortons or any program for that matter I use a little program called "End It All" first. Gives you a clean install.
Maybe this is why some have problems, by not ending all the stuff running in the background before installing.

George

Collapse -
You are so right George about EnditAll.....
by John Robie / May 6, 2004 10:03 AM PDT

That little program came out around 1999 and I have been suggesting it for years. When PC Mag had a forum in ZDNet (CNet) Neil ..what's his name...'Rickenback' I think, wrote it. He has since made a version 2, but IMO is a little more involved for the newbie. I have been using the version 1 in WinXP, Win98se, and WinME computers for installing (not downloading) all programs of any type from the Net or a CD, and especially playing any high tech or low tech games. What EnditAll does is just make is very easy and fast to temporarily disengage those programs (except Explorer & System Tray) that run in the background. Instead of "End Task" line item by line item in Ctrl-Alt-Delte, EnditAll does it for you...fast. A reboot engages them back.

Collapse -
Re:You are so right George about EnditAll.....
by Rolway / May 6, 2004 10:13 AM PDT

Yep, I like Enditall. Using Version 1 also. Buy the way John, Thanks for the links on that sasser worm.

George

Collapse -
Hi KP
by Pat S / May 6, 2004 4:04 AM PDT

I thought (something less and less reliable these days) that I had enabled the XP firewall. After asking for and obtaining instructions on how to activate it I don't recall performing the operation so that was probably my downfall. I'm not sure if it was possible but I left my DSL modem on Thursday night when I turned off the computer and Friday afternoon when I got back to it it was crawling with critters. Is it possible to infect a computer when it's turned off?

Collapse -
Re:Not an academic question: Is your WinXP Security up to date? NEW WORM WARNING!

What You Should Know About the Sasser Worm and Its Variant....Find out how to tell if your computer is infected with the Sasser worm and what steps you should take to remove it.
http://www.microsoft.com/security/incident/sasser.asp

Three steps to protect your PC against other attacks.....(including activations of your XP Firewall)
http://www.microsoft.com/security/protect/


And our local CNet Virus & Security Forum has been on top of "Sasser":
http://cma.zdnet.com/texis/forums/search.html?q=Sasser&qt=Sasser&p=&a=&b=&fi=32&f=1&o=d&m=

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?