I'm not too sure about your sasser like symptoms, though if it's anything like
the users I have worked with, he might have an unpatched machine. Recently
however, working in a school, I have encountered an outbreak of a virus known
as Sumom.A which will do what you say and kill task manager and other things. I
find that IF lsass.exe is killed by any means, yes, you will have that shutdown
message.
This apparently uses MSN messenger to spread with unpatched machines. I hope
this link helps you track down the cause:
http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?ID=42017
If you are continually getting shutdown problems, I would suggest grabbing the
latest virus updates via another computer and coping them to a USB removable
device and putting them in your problem computer and copying them off, then
booting to safe mode to install the updates and do a scan. Good Luck with it!
Cheers
-Edwin
Quoting Syklops <syklops@duicon.com>:
Hi Guys,
I work in Technical support for BT Yahoo Broadband and had a call from a =
guy who appeared to have the sasser, the system was shutting down when =
trying to access websites, and I attempted to fix the problem using =
CTRL+ALT+DEL and kill the lsasss process, however, when I do that, Task =
Manager does not appear. I get an egg-timer for about a second and it =
disappears. A quick google did not find me mention of a variant of =
sasser which killer Task Manager.=20
Have I found a new variant, or is this already known?
Cheers
-A-
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
