www.webdeveloper.com
Results 1 to 7 of 7

Thread: LSA Shell

  1. #1
    Join Date
    Nov 2003
    Location
    Canada
    Posts
    1,592

    LSA Shell

    Hi, there's probly allready a thread about this, but I couldn't find one. Has anyone else encountered the "LSA Shell" virus? Well, it seems to be getting everyone today(and yesterday). My friend got it, aswell as my dad's entire workplace(they have government computers, so obviously this thing is good at gettin through security), and got ours aswell. Right now, I'm running in safemode, and trying to fix the problem. Has anyone else managed to remove it? If so, what all files do I have to change/remove for my system to be clean again? They had about 20 systems in at the local computer store, with the exact same thing, so if I were to take it in, it would be a long wait. Any help would be greatly appreciated. Thanx,
    -Dan

    **EDIT*
    Apparently, it's called the Sasser worm(because it messes up the mandatory system process, Isass) and I found information on fixing it here. To be able to have time to download the fix, you will have to be in safemode with networking, or else have at connection presumably faster than DSL(I have a connection similar to DSL, and it only got half done downloading before the virus kicked in and shut down my computer).
    Last edited by Daniel T; 05-03-2004 at 09:35 PM.
    Windows XP SP2 - theme: Thallos
    AMD Athlon 64 X2 4600+ | ASUS M2N32-SLI Deluxe | 2 * 1024 PC2-6400 Mushkin DDR2-800 | eVGA GeForce 6800XT 256MB | Creative Sound Blaster X-FI Music
    5 * 320GB Seagate Barracuda SATA-II 3Gb/s in RAID 5 | Lite-On 16x DVD-RW | Mitsumi 7-in-1 Floppy drive and card reader
    Samsung SyncMaster 204B 20" TFT LCD | Logitech G15 Keyboard | Logitech G7 Mouse | Seasonic PC160SK Headset

  2. #2
    Join Date
    Nov 2002
    Location
    Auburn, AL
    Posts
    9,224
    seems to me like if all of your ports are stealth ports you are safe... I do not know much about this, but it scans ranom ips, I guess a mini port scan, I mean it needs to go through an open port and all.

  3. #3
    Join Date
    Nov 2003
    Location
    Canada
    Posts
    1,592
    Yeah, I can easily see how it could get through our home computer, as we have no firewall, just an ancient version of McAffee. But I found it rather shocking that it could get to my dad's federal machines, as security is top-notch on them. Have you had any trouble with this Peo? (today or in the past)

    BTW, I seem to have successfully removed it. All you have to do is go into "Safemode with networking" and download the updates in my above post.

    -Dan
    Windows XP SP2 - theme: Thallos
    AMD Athlon 64 X2 4600+ | ASUS M2N32-SLI Deluxe | 2 * 1024 PC2-6400 Mushkin DDR2-800 | eVGA GeForce 6800XT 256MB | Creative Sound Blaster X-FI Music
    5 * 320GB Seagate Barracuda SATA-II 3Gb/s in RAID 5 | Lite-On 16x DVD-RW | Mitsumi 7-in-1 Floppy drive and card reader
    Samsung SyncMaster 204B 20" TFT LCD | Logitech G15 Keyboard | Logitech G7 Mouse | Seasonic PC160SK Headset

  4. #4
    Join Date
    Nov 2002
    Location
    Auburn, AL
    Posts
    9,224
    nope, I installed the update this mourning. But I would be vulnerable because I have 3 ports open. Http, shoutcast, ftp, and I am in a dmz on my router, so I would be in the same boat as you. I have this sophos virus scanner, that is up to date, runs in a prompt... its pretty awesome, but thats about it. My mom is safer then me lol, because she is behind the firewall. But she is more likely to get something, she is always giving me stuff because she opened attachments... I put norton on her machine because I was sick of getting her germs.

  5. #5
    Join Date
    Nov 2003
    Location
    Canada
    Posts
    1,592
    The virus seems to have corrupted my sound driver(SoundMAX Integrated Digital Audio) before I took care of it. It is playing all the system sounds fine(ie: alert sound, error beeps, etc.), but it won't play any other sounds. Also, when I open programs that require the audio driver(ie: Windows Movie Maker, Sound Recorder, etc.), it brings up the following error message:
    <insert app name> cannot record or play back because a sound device is not installed. To install a sound device, go to Control Panel, click Printers and Other Hardware, and tehn click Add Hardware.
    I went to the control panel, but wasn't able to fix anything from there. Can someone help me?? Thanks,
    -Dan
    Windows XP SP2 - theme: Thallos
    AMD Athlon 64 X2 4600+ | ASUS M2N32-SLI Deluxe | 2 * 1024 PC2-6400 Mushkin DDR2-800 | eVGA GeForce 6800XT 256MB | Creative Sound Blaster X-FI Music
    5 * 320GB Seagate Barracuda SATA-II 3Gb/s in RAID 5 | Lite-On 16x DVD-RW | Mitsumi 7-in-1 Floppy drive and card reader
    Samsung SyncMaster 204B 20" TFT LCD | Logitech G15 Keyboard | Logitech G7 Mouse | Seasonic PC160SK Headset

  6. #6
    Join Date
    Mar 2003
    Location
    Escondido, CA
    Posts
    998
    To reload your sound driver, delete it in Device Mgr. Then reboot. Windows will reload it. If the file is truly corrupted, you'll need to download a new version from the Internet or install from your driver CD. Note: sometimes the only way to really get rid of the existing driver is to do it in Safe Mode (remove all audio-related drivers listed in the Dev. Mgr. - there may be several duplicates), so I'd suggest doing it that way in the first place.
    Computer Zen:
    Program aborting
    Close all that you have worked on
    You ask far too much

  7. #7
    Join Date
    Nov 2003
    Location
    Canada
    Posts
    1,592
    Ok, thanx, I'll try that out!
    Windows XP SP2 - theme: Thallos
    AMD Athlon 64 X2 4600+ | ASUS M2N32-SLI Deluxe | 2 * 1024 PC2-6400 Mushkin DDR2-800 | eVGA GeForce 6800XT 256MB | Creative Sound Blaster X-FI Music
    5 * 320GB Seagate Barracuda SATA-II 3Gb/s in RAID 5 | Lite-On 16x DVD-RW | Mitsumi 7-in-1 Floppy drive and card reader
    Samsung SyncMaster 204B 20" TFT LCD | Logitech G15 Keyboard | Logitech G7 Mouse | Seasonic PC160SK Headset

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles