I was able to recover from the asam.exe and thorssktssd.exe by doing a system restore. I am running windows XP and the restore was quick and simple and didn't cause me to lose any files or data. I didn't even know I had the option until tonight.
I got these viruses/malware on 4/21/2010 around 9pm. It may have been from clicking on a link in a forum that I frequent, since that was the only thing I remember doing around that time A rather serious looking message popped up asking me if I wanted to activate my anti-virus software, software which I've never actually installed. It appeared to be scanning my computer and finding lots of sordid problems. It would not allow to open Add or Remove programs, nor access anything on the internet. AIM was still connected and operating after reboot, but Yahoo Messenger couldn't connect. I received responses via ping for yahoo and google, but could not connect through IE or Chrome. I searched for all files modified today and found asam.exe, which had just been created. Also a file named something like thorssktssd.exe, which yielded no related results on my iPhone.
I found and disabled both executables in the startup (Start --> Run -->msconfig -->OK, go to the Startup Tab and Uncheck them then select OK)
I still couldn't access the internet so I ended up doing a System Restore from the prior day.
I am posting this because when I searched for the asam.exe virus on my iPhone, I was unable to quickly find any useful information. Mostly I found sites trying to sell things to get rid of asam.exe. I won't make any definitive statements about what I suspect are the origins of this virus I got tonight, but it is interesting that these sites would encourage you to download something specifically to clean this up, when you can do so very easily with a restore, no? It may not work for everyone, but it could at least be mentioned. The comment sections on these sites seem suspicious, too.
This article from Joli Ballew, Windows XP Expert Zone Community Columnist explains how XP System Restore works and how to perform it: http://www.microsoft.com/windowsxp/using/helpandsupport/getstarted/ballew_03may19.mspx
If you just want the instructions, click the link and search for "Use System Restore". Again, it was quick and easy.
I will post more details if I recall them. If you found this because your computer caught asam or thorssktssd, I hope I saved you a bit of aggravation.
Who knows alot about some particular software, a little about most software, and learns about hardware and operating system when absolutely forced.
I know nothing about software. Thank god other people do!ReplyDelete
I found this because I caught asam, and I agree, those "fix it" sites seem suspicious. I had the exact symptoms you mentioned. I'll check out your posted system restore link... so far have been disabling the asam process through task manager each time I start up the computer. Hopefully it works for Vista. Thanks for the post.ReplyDelete
I actually did that as well. It seems like there is a whole host of malware like this popping up. A friend had a similar issue on his computer, and didn't have the restore option turned on so we just disabled it for now in the way you describe. Not a great long-term solution but he was at least able to get back online until we find a better solution. It turns out I got this from a google adsense ad on a forum. Didn't even click anything. Pretty freaky. I saw reports from others on the forum saying it hijacked their yahoo email account and started sending out ads. I have a yahoo account, but that didn't happen to me. Sadly, the laptop with the issue is not behaving quite right since I did the restore. Yahoo Mail does seem to be consuming way too many resources when it is running, whether I am using IE, Chrome or Firefox. I'm going to dig into this issue more, because I suspect it's not entirely resolved.ReplyDelete