Has anyone had problems with the Sasser virus, it crippled my pc knackering my anti-vrus, trojan remover as well as shutting my pc down every 10 secs....Eventually got rid off 23 sasser viruses spread all over my pc....I was not a happy chappy. :( but i won in the end :lol:

I've deleted about 250 from my email accounts, Mailwasher is just the best. My NAV hasn't found a virus from email since I started using Mailwasher, Norton has stopped virus that have been spread by other means so I always keep it updated.

Cheers
Colin

does Mailwasher work with yahoo or hotmail ??

It doesn't work with Yahoo, it works with POP3, Hotmail, IMAP and AOL.

Yeah we've been havin problems with the Sasser.B here at college. It is a right pain, keeps shutting down every minute. They haven't updated their virus definitions so it can be detected.

A word of advice, make sure you have the most up to date versions. Norton released new ones on the 1/5/2004 which will protect you from it. Otherwise visit the microsoft websit and follow the links to check your PC and remove the virus. www.microsoft.com

Hope you all manage to de-virus your PCs

Riff

Go to www.microsoft.com/security/incident/sasser.asp

I got the virus aswell but i am hoping the advise from microsoft will help fix it

I will let u know

Another reason why you should store all the e-mail address you use frequently in a text document and not in your windows address book.

Every time a virus like this goes round, I have to delete mail from so many familiar names who haven't bothered to keep their virus proggy up to date and dont do windows updates very often.

One thing you can do to help stop this is take all the useful names out of your address book and store them somewhere else. Then you can delete your address book.

Also, dont keep loads of old e-mails lying about your inbox/sent box/deleted items. Sort them out, copy information and photos elsewhere and delete the messages.

Empty your "temporary internet files" regularly.

Its not just about protecting yourself from these things, its about helping to prevent the spread.

There's plenty folk in the county with the ECDL who should now be realising it was like their driving test, now that they've passed, they can start to learn to drive properly.

So, here's a quick check list:

Update your antivirus regularly
Automatic Live Update just doesnt cut it, only updates virus definitions. Do a manual update at least once a week and keep up with program updates also.

Windows Updates
Most of these virii exploit some "hole" in windows, so visit windows updates once a week to make sure you have all the latest security patches.

Dont keep e-mail addresses in the address book.
Its one of the first places a virus will look if it infects your machine to find out where it can send itself now that its got your pc.

Delete old and unwanted e-mail
Another source of addresses for the virus, plus this also has sample message subjects for it to use when fooling your friends into believing you've sent them a "document"

Delete temporary internet files
Yet another source of e-mail addresses, this time from any pages you've visited on the net. Notice we are slowly removing our address from the site to help prevent this 1.

If you do these things regularly, you will find it only takes a couple of seconds to run through that list and you at least know that you're not making the problem any worse. A program like Mailwasher, as Colin says, will help you spot anything unusual before you download it. From my point of view, mailwasher has saved us over and over again.

http://securityresponse.symantec.com/

or

http://securityresponse.symantec.com/avcenter/tools.list.html

Even if you dont use norton antivirus, you can download "removal tools" from Symantec for free. That page has always got the latest virus warnings and tools to remove them (at least for the bad ones anyway)

...or get a Mac! ;)

seen this on a bbc news web site

An 18-year-old high school student has been arrested in Germany on suspicion of creating the Sasser internet worm, police say.
The worm spread through an estimated 18 million computers across the world last week, continually shutting down and rebooting them.

Police say the man was arrested in the northern German town of Rotenburg.

Investigators were searching his parents' home, according to the German newspaper Bild.

No further details have been given about the suspect, who was arrested on Friday.


Spread quickly

The Sasser worm quickly spread worldwide after its first appearance on 1 May.

Some businesses were forced to shut temporarily so they could clear their systems and update anti-virus protection.

Hospitals, banks, airlines, government agencies and many home users were affected.

The worm attacks recent versions of Microsoft's Windows operating systems - Windows 2000, Windows Server 2003 and Windows XP.

Experts say it apparently does no lasting harm.

But although the worst of the outbreak is over, it is thought the worm will never entirely disappear, and that future versions may be far more damaging.

All you have to do to stop getting the virus is get an up- to- date firewall and an Up-to-date anti virus software. I think that McAfee is the best.

Virus Sites: www.symantec.com
www.mcafee.com
www.trend-micro.com
MY SITE: killviruses.mysite.freeserve.com < FREE and its created by ME!!

Go to one of the sites for updates: www.windowsxp.com
www.windows98.com
www.windowsme.com
www.windows95.com
FOR UPDATES

Whatever you do dont install 2 anti virus programmes on your computer IT WONT WORK PROPERLY.

Robin, why do you think McAfee is the best?

I used to use McAfee but switched to Norton/Symantec because they came free with my current 2 PCs. I find Symantec much easier to use, and it's been 100% successful so far, well, as far as I know. It caught everything that was thrown at this PC before I firewalled it.

I have no idea which is technically better, that's why I'm asking why you say what you do.

Thanks,
SG

Ive tried using: Norton (SYMANTEC) its ok aswell but if you go to this website it tells you which is best. Norton was quite low down on the list and Mcafee was second from the top. Go to my website that i createdkillviruses.mysite.freeserve.com ITS QUITE GOOD.

to stop the countdown clock if you get the virus :-
From the start menu, click the RUN option, in the box that appears, type shutdown -a then click ok.
This should stop the countdown clock.
Then got to http://www.microsoft.com/security/incident/sasser.asp
to download patch. ;)

I'm not sure if this is the sasser thang or not - but I have files that are infected with something but I cannot delete them using HouseCall from Trend Micro. It says that it "CanNotAccess" the file because it's being used.

windows\system\_dmiu01e.exe
windows\system\explorer.exe
windows\system\gfxhengi.exe

- should I close down all running applications on my computer and delete these files like the site says I should? Or should I do something else?

I ask because I'm unsure about the 2nd file... as to whether or not it should be deleted.

Thanks

To add to Niall's recommendations:

Don't use Outlook Express as it seems to be the most vulnerable email utility. Our systems guys here went around taking it off everyone's machines a while ago. The guy who "helpfully" compiled and circulated a HUGE Outlook address file for the whole campus a few years ago has been very quiet lately. :D

If you have more than one PC connected to your new high-speed internet connection, use the firewall features of your router. On our campus we have firewall software in all our routers and another level in the email servers and (for a change) this latest outbreak hasn't affected us at all (except we had a minor panic the other night when a PC showed many of the sysmptoms of the sasser worm, but it was programmer error, for which the programmer is suitably contrite).

And I absolutely endorse what Niall said about WIndows Updates - my machine is set up to check automatically so I had the security hole exploited by the sasser worm plugged long ago.

Maybe we should all go back to writing letters? On paper? With a pen?

Hi Folks
Looking for some advice. I recently had to turn the firewall off to try and get a piece of software to work. I forgot to turn it back on for three days ( I know stupid no lectures please :~( ) Anyway when I logged on last night to check my email I had one from that mailer demon person who said that the address was undeliverable. The problem is the original email was sent at 8.30 in the morning when I was not in and the pc was not switched on. I contacted aol technical support and was told I had a virus but I run my virus checker about three times a week and did again last night and found no virus. I also tried to update the definitions again incase I had missed on and it said it was up-to-date. I run Norton and AOL on a dial-up connection.

Can anyone shed some light on this.

Can viruses send emails from pc's that are switched off.

I don't seem to be experiencing any other problems as of yet.

Hi zagor, from what you have written it doesn't sound like you have a virus. I am with AOL dial up too and sometimes i get my emails sent back by the daemon thingy too. What happens is that if it can't find the right address, or if the address is busy, or having tech problems, it returns the email to sender. As to why the original email was sent at 8.30, it either is because the email was returned at that time or because AOL has a nasty habit of holding emails for a while. I know it does this because sometimes i have to send an email to someone but i does not arrive for ages. All my web-based emails are instant, so it is a bit of a pin.

Anyway, hope that gives you some insight into your problems. If you are worried that your pc might be staring its self up, check your modem settings. Most modems can be set to start the computer if they recieve a certain signal (like a fax) so something may have set you modem to do this. To stop it doing this go to the control panel and open the modem properties. There you should be able to stop it waking when contacted. There is a very low chance that your computer is starting its self, but if it is the case then the modem is your best bet.

Sorry if i have made it sound too tech. hope it helps you

Riff
______________
"Wind turbines—perfect plane shredders"

I'm glad I went to Windows Update mid april when the patch was released.

if you're using aol, expect a great deal of "bounced" e-mail.

We pretty much bounce anything that has AOL anywhere in the header as its usually spam. Also, I've read about a great number of private mailservers that are configured to automatically bounce anything from AOL.

Face it, they have one of the worst ISP reputations on the planet, AOL is a problem, change to someone with a good reputation, plenty of charts on the net to help you find a better one.

BTW, my rule in these issues is to pick a company thats not offering a deal. If they need to persuade you with some cheap offer, you have to ask yourself why? Good ISPs need no TV advertising and dont need to offer cheap deals to gain customers. Good service speaks volumes. try www.lobsterpot.net (for dial-up)

I use pipex for broadband. They are pretty good, well I've had no problems with them anyway. I wouldn't touch AOL with a stick. The AOL software does some horrible things to your PC. For one it changes the standard network protocols to AOL branded network protocols. That's all fine and dandy when your using AOL but if you try and change to another ISP... expect problems.

Zagor, the email that bounced wasn't sent from your account or your computer, but by a virus infecting someone else's computer, which forged the "From:" field on the message. This has been happeneing a lot lately. I get a lot of these "message refused because of virus content" messages from other people I have never even heard of, never mind sent something.

As for AOL, the best phone call I have made in years was the one to the AOL customer service dept terminating my account, the day the cable guys hooked me up to broadband. Poor silly woman asked me why I didn't want to stay with them...

Thanks for all the help.

I know a lot of people don't like AOL but I find it ok and haven't had that many problems with bounced emails. Its good for the kids too.

However when BT do finally get their finger out and connect broadband in my area (next January) then I will be moving on :lol: