lsass service virus

  • Thread starter Thread starter rhltechie
  • Start date Start date
R

rhltechie

hi all,

yesterday my machine was having the lsass.exe issue where it was
creating an application error. along with nt authority wanting to shut
down my machine. i have current network associated virus protection
that did not detect anything. i immeaditaly disconnected from my
network and went to another machine downloading any currect XP patches
along with the stinger and microsoft malicious software removal tool.
none of which found anything. i installed zone alarm and i continue to
see my machine trying to access other workstations on 445, and can only
assume it is trying to spread the issue. what else can i do?! i have
ran every tool i know about and checked my registry for the keys that
could be created. a lil help please?!

thanks,
m
 
From: "rhltechie" <[email protected]>

| hi all,
|
| yesterday my machine was having the lsass.exe issue where it was
| creating an application error. along with nt authority wanting to shut
| down my machine. i have current network associated virus protection
| that did not detect anything. i immeaditaly disconnected from my
| network and went to another machine downloading any currect XP patches
| along with the stinger and microsoft malicious software removal tool.
| none of which found anything. i installed zone alarm and i continue to
| see my machine trying to access other workstations on 445, and can only
| assume it is trying to spread the issue. what else can i do?! i have
| ran every tool i know about and checked my registry for the keys that
| could be created. a lil help please?!
|
| thanks,
| m


Please exame the JPEG posted in; alt.binaries.comp.virus
The subject of the post is the same as in this thread; "lsass service virus"

Does your shutdown error look the same as in the JPEG ?

Please try the following...

Dump the contents of the IE Temporary Internet Folder cache (TIF)
Start --> Settings --> Control Panel --> Internet Options --> Delete Files

Dump the contents of the Mozilla FireFox Cache
Tools --> Options --> Privacy --> Cache --> Clear

1) Download the utility SYSCLEAN_FE at the following URL --
http://www.ik-cs.com/got-a-virus.htm
SYSCLEAN_FE automates the download and execution process of the Trend Sysclean Package.
Direct URL --
http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe

2) Update Adaware with the latest definitions then exit the software.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode and shutdown as many applications as possible
5) Using the Trend Sysclean perform a Full Scan of your platform and clean/delete
any infectors found
6) Restart your PC and perform a "final" Full Scan of your platform using Trend
Sysclean
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point

* * Please report back your results * *
 
From: "rhltechie" <[email protected]>

| yesterday my machine was having the lsass.exe issue where it was
| creating an application error. along with nt authority wanting to shut
| down my machine. i have current network associated virus protection
| that did not detect anything. i immeaditaly disconnected from my
| network and went to another machine downloading any currect XP patches
| along with the stinger and microsoft malicious software removal tool.
| none of which found anything. i installed zone alarm and i continue to
| see my machine trying to access other workstations on 445, and can only
| assume it is trying to spread the issue. what else can i do?! i have
| ran every tool i know about and checked my registry for the keys that
| could be created. a lil help please?!

I forgot to ask; What version of Stinger ?
 
David H. Lipman wrote:
[snip]
Please exame the JPEG posted in; alt.binaries.comp.virus
The subject of the post is the same as in this thread; "lsass service virus"

Does your shutdown error look the same as in the JPEG ?
Click to expand...

ugg... there are better (more convenient for everyone) ways to share
images... http://www.imageshack.us, for example...
 
Back
Top