lsass.exe - Anime forum

IPB

Forum Guidelines FAQ

Gallery Help Search Calendar

Welcome Guest ( Log In | Register )

Anime forum > otaku.lv > Rules, Problems and Suggestions

3 Pages

< 1 2 3 >

Reply to this topic

Start new topic

lsass.exe, system restart

Yume	Jan 11 2005, 22:47 Post #16
challenger Group: Jounin Posts: 3875 Joined: 4-March 04	Ek, es vairs nezinu kā ir jabūt, bet šķiet ka tā, nav jābū. Man tie SVCHosti 3 veidos parādās,bet es neatceros kas man agrāk bija. Vai tagad man jauna parādība, viņs pirms izslēgties man tā prasa.. --------------------

MareX	Jan 11 2005, 23:52 Post #17
Heimin Group: Chuunin Posts: 17 Joined: 27-December 04	Kaa jau agraaak "edg" mineeja tas visticamaak ir Sasser viirusa paveids -> links (liidziigs gadiijums)... Vari pameegjinaat izdariit sekojosho... 1) Atrodi kaadu Sasser removal tool (ieteicams jaunaako)... piem Symantec, Microsoft, McAfee AVERT Stinger. 2) Lejuplaadee manis jau iteikto SafeXP. 3) Ieteicams jau laiciigi pamekleet kaadu ugunsmuuri... piem Microsoft (Win XP iebuuveetais), citi... 4) Atvieno datoru no interneta un jebkaada datoru tiikla... 5) Palaid Sasser removal tool (ieteicams to dariit nostarteejot datoru Safe Mode)... seko instrukcijaam... 6) Palaid SafeXP un saliec vismaz shaadas opcijas (iteicams)... * Disable Remote Desktop support Prevents your machine from having the ability to be remotely controlled by a system administrator or via the internet. * Disable Remote Registry service Disallows remote computers to access and modify the registry on the local computer. * Disable RPC Locator service Prevents your machine from using a specially malformed argument to be executed with system privileges by an attacker. The Locator service is not enabled by default except on Windows 2000 domain controllers and Windows NT 4.0 domain controllers * Disable Windows Update service Changes Windows automatic updates to manual mode(jo dazhi viirusi prot Windows Auto Update izmantot sev par labu). * Disable UPNP/SSDP service UPnP is a set of communications protocol standards that allow networked TCP/IP devices to announce their presence to all other devices on the network and to then inter-operate in a flexible and pre-defined fashion. There are currently limited UnPnP devices available and due to a recent security flaw it's advisable to disable this service. This also allows you to disable Universal Plug and Play Network Address Translation discovery which uses the Simple Service Discovery Protocol (SSDP) to reduce bandwidth and increase security. * Disable support for DCOM Distributed Component Object Model, or DCOM, provides a method for distributed network applications to communicate with one another. This setting allow you to disable support for DCOM. * Disable the POSIX Subsystem Windows 2000 and XP still come with the POSIX subsystem which allows the use of Unix commands against your system. * Enable Windows File Protection Windows File Protection (WFP) protects certain files that are key to the Windows 2000/XP operating system. These files are protected to prevent deletion of key files, unauthorized updating, and file damage that may be caused by viruses. * Protect Against SYN Flood Attacks Windows includes protection that allows it to detect and adjust when the system is being targeted with a SYN flood attack (a type of denial of service attack). When enabled the connection responses time out more quickly in the event of an attack. * Prevent Denial of Service Attacks Denial of service attacks are network attacks that are aimed at making a computer or a particular service unavailable to network users. These settings can be used to increase the ability for Windows to defend against these attacks when connected directly to the Internet. It also eliminates DHCP vulnerability. * Disable listening on TCP port 445 Disables the raw SMB transport to cause malicious NetBIOS attacks and protect users from inadvertently exposing files on their computers, and also to block worms which spread via open file shares. 7) Pirms pievienot datoru atpakalj internetam (datoru tiiklam)... ieteicams uzinstaleet un aktivizeet kaadu no 3. punktaa mineetajiem ugunsmuuriem. Good Luck!!! --------------------

edg	Jan 12 2005, 00:03 Post #18
limpene grauž aknas Group: Jounin Posts: 2899 Joined: 17-February 04 From: PM	Par probleemas atkalparaadiishanos: * peec viirusa izdzeeshanas tas visdriizaak veikli no interneta atkal ieliida tavaa datoraa. Sasser ir ljoti epideemisks, normaals ieperinaashanaas laiks ir 40 sekundes. * antiviiruss tev vairs neko nepaliidzees, jo sasser vinju ir veiksmiigi piebeidzis Ietiekums: Lasi un klausi MareX postu, peec kura punktu izpildiishanas paarinstallee nortonu, jo tev vinjsh jau ir chupaa. -------------------- Mani posti top, jo tev dziivee truukst, ko lasiit! Es glaabju pasauli, piedaavaajot tai lasaamvielu! Kvalitaate, shvalitaate. Disclaimer: Viss manis teiktais ir apshaubaams manis pasha no gaisa uzpuusts un uz punjkjiem balstiits viedoklis.

zenofex	Jan 12 2005, 00:44 Post #19
Nausicaa fanboy Group: Jounin Posts: 1019 Joined: 12-February 04 From: Nav	Aizmirsu veel atgaadinaat - Windows apdeitus jaasaliek, viens no vinjiem aizlaapiija to sasser caurumu ciet. Katraa gadiijumaa, paskaties pie add/remove programms vai ir likti kaadi apdeiti windiem. Konkreeti jaabuut shaadam updeitam KB835732. Ja nav, tad te var nokachaat. -------------------- - "Amen, hallelujah and peanut butter!" © Dutch, Black Lagoon

MareX	Jan 12 2005, 04:07 Post #20
Heimin Group: Chuunin Posts: 17 Joined: 27-December 04	Tiko tikai pamaniiju... shito postu... QUOTE(Yume @ Jan 11 2005, 21:02) Op, nezinu kā būs pēc piecam minūtēm, bet pagaidām edq piedāvālais stingers palīdzēja, vienīgais ka vīruss ko tas atrada bija SVCHost. Bet nu jau labas 5 minūtes dators pieklāīgi stradā. UPDT: nep, pēc minūtēm 6 šoreiz izslēdzās. Nu bāc, kas tam ķēmam ir? KO? Informaacijai: Par svchost.exe... Microsoft, WinTasks, Security Task Manager info... no Security Task Manager (The svchost.exe file is located in the c:\windows\System32 folder. In other cases, svchost.exe is a virus, spyware, trojan or worm!)... shii sisteemas servisa nosaukumu ir iecieniijushi taadi viirusi kaa... * W32.Welchia.Worm no WinTasks (svchost.exe is a process which is registered as the W32.Welchia.Worm. It takes advantage of the Windows LSASS vulnerability, which creates a buffer overflow and instigates your computer to shut down.)... * W32.Blaster.Worm no Symantec Security Response (Due to the random nature of how the worm constructs the exploit data, this may cause the RPC service to crash if it receives incorrect data. This may manifest as svchost.exe, generating errors as a result of the incorrect data.)... --------------------

MareX	Jan 12 2005, 04:29 Post #21
Heimin Group: Chuunin Posts: 17 Joined: 27-December 04	Veidi kaa izsargaaties no shaada tipa viirusem (neviens variants negarantee 100% aizsardziibu... jo kuru katru mirkli kaads ljoti gudrs cilveeks... kas pielieto savu talantu par labu tumshajiem speekiem... var radiit kaarteejo jauno super viirusu vai arii jaunu jau esosho viirusu hibriidu)... 1) Izmantot Microsoft hot-fixus... vadoties peec Microsoft, Symantec Security Response vai VirusList.COM informacijas (jaapiebilst ka shis veids nav novice lietotaajam piemeerots un prasa pastaaviigu apsekoshanu)... 2) Vai arii izmantot vienkaarshu, bet efektiivu utiliitu kaa SafeXP (atkaartojos sorry)... kas vienkaarshi atsleedz lielaako dalju no funkcijaam kas ljauj viirusiem nokljuut juusu datoraa... turklaat shiis funkcijas nemaz naf nepiecieshamas vienkaarsham lietotaajam (ja nu vieniigi... juusu dators iisteniibaa ir korporatiivs dators un juus nestraadaajiet ar vinju atrodoties pie vinja, bet atrodoties attaalaa vietaa ar interneta starpnieciibu)... Es personiigi iesaku izmantot 2. variantu... shad tad arii uzmetot aci web lapaam no 1. varianta... + veel kaadu pusliidz normaalu ugunsmuuri un Anti-Viirusu (kas attiecaas uz AV softu... tad peec pieredzes varu teikt... pat ja uzinstalee kaut 4. vai vairaak AV... var gadiities gadiijumi kad kaads atradiis taadas lietas ko cits neatrada un neatradiis ko cits atrada). --------------------

deBUGa	Jan 12 2005, 09:44 Post #22
Shishaku Group: Chuunin Posts: 374 Joined: 25-May 04	Ņja... tas ir sāpīgs pasākums... Vienreiz iemanījos dabūt līdzīgu vīrusu sistēmas installēšanas laikā. No tā laika pirms Windows installācijas rauju tīklavadu laukā (DHCP gadījumā). QUOTE(Nezināms) Labāk nedabūt gribot nekā dabūt negribot. -------------------- viss augstāk uzrakstītais nepretendē uz absolūto patiesību un ir tikai mans subjektīvais viedoklis...

Inc	Jan 12 2005, 09:59 Post #23
Danshaku Group: Jounin Posts: 158 Joined: 22-July 04	Antivīruss rokas neiztaisnos.

Yume	Jan 12 2005, 13:42 Post #24
challenger Group: Jounin Posts: 3875 Joined: 4-March 04	Oi, tagad zināšu ko darīt, un ceru ka man pietiks laika to izdarīt. Bet jebkurā gadījumā paldies, gudriem cilvēkiem par palīdzību! Un, jā.. ko lai dara ka rokas no nepareizās vietas aug, tur pat antivīrus nepalīdz. --------------------

Laugh\|nGMan	Mar 9 2005, 11:00 Post #25
Samurai Group: Chuunin Posts: 118 Joined: 5-October 04 From: Riga, Latvia	QUOTE(zenofex @ Jan 12 2005, 00:44) Aizmirsu veel atgaadinaat - Windows apdeitus jaasaliek, viens no vinjiem aizlaapiija to sasser caurumu ciet. Katraa gadiijumaa, paskaties pie add/remove programms vai ir likti kaadi apdeiti windiem. Konkreeti jaabuut shaadam updeitam KB835732. Ja nav, tad te var nokachaat. Zelta vārdi Vajadzīgs tikai ielāps. Bet viņu nav tik vienkārši novilkt, jo tiklīdz tu esi globālajā timeklī dažu sekunžu-minūšu laikā notiek restarts Tamdēļ komandrindā jāraksta kaut kāda shutdown delay komanda un tad varēs mierīgi novilkt to ielāpu. -------------------- Laugh\|nGMan [ACF] [KOR] [CHN] [ARC]

ETM	Mar 9 2005, 11:06 Post #26
Very Old Fart Group: 40K Posts: 1177 Joined: 20-January 05 From: Man pajāt	shutdown -a -------------------- Because i can!

Laugh\|nGMan	Mar 9 2005, 11:40 Post #27
Samurai Group: Chuunin Posts: 118 Joined: 5-October 04 From: Riga, Latvia	Nu Yume! Tagad viss ir tavās rokās. -------------------- Laugh\|nGMan [ACF] [KOR] [CHN] [ARC]

ETM	Mar 9 2005, 12:04 Post #28
Very Old Fart Group: 40K Posts: 1177 Joined: 20-January 05 From: Man pajāt	emmm... tas topiks ir 2 meeneshus vecs. shaubos, vai probleema veel ir aktuaala. -------------------- Because i can!

Yume	Mar 9 2005, 23:21 Post #29
challenger Group: Jounin Posts: 3875 Joined: 4-March 04	Tu vari smieties, bet ir.. Es tiku galā ar system shutdown.. bet tas lsass vēlarvien nec laukā. Un tiklīdz es viņu aiveru, man slēdzās system restore. Imēģināts jau ir viss iespējamais, neskaitot- winda restartēšanu. Tagad gaidu brīvāku brīdi, lai to izdarītu. --------------------

jurc	Mar 9 2005, 23:29 Post #30
Tennou Group: Jounin Posts: 1993 Joined: 21-October 04 From: Liepāja	Yume.. neilgi pēc šī topica izveidošanas, man bija tā pati problēma! Man palīdzēja tas ka pirmāmkārtām uzliku firewall, jo pamanīju ja slēdzas pie neta, ta viņš izmet to figņu, kā tīkla vadu izrauj ārā tā viss ok. Nācās bik pačakarēties kamēr novilku kādu firewall, jo parasti pie kādiem 98% kompis pārstartējās... Bet nu uzliku firewall, ta vēl antivīrusu un ar kompi tagad viss ir ok... -------------------- I have anime to thank for my life now,my attitude,my friends,i have learned lifes greatest lessons through simple anime.They are my sanctuary.

« Next Oldest · Rules, Problems and Suggestions · Next Newest »

3 Pages

< 1 2 3 >

Reply to this topic

Start new topic

1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)

0 Members:

Display Mode: Standard · Switch to: Linear+ · Switch to: Outline

Track this topic · Email this topic · Print this topic · Subscribe to this forum

Lo-Fi Version

Time is now: 27 April 2024 - 03:46

Invision Power Board v2.1.7 © 2024 IPS, Inc.