D9r
05-06-2004, 09:54 PM
Friday evening I caught the Sasser Worm. Isn't that exciting? I was one of the first to catch it -- I'm a sasser pioneer.
I went to microsoft's support site and was only the 3rd person to report the symptoms. And of course no one knew what it was at that point. I found another security forum and was the first to report the problem there and they didn't know what it was either, but they told me all about using spyware, adware, and hijack this to root out the problem.
It was kind of fun being in on it early and solving it as a mystery. Immediately I was suspicious of the 'avserve.exe' file because it was consuming all of my CPU. I knew enough to end its process, but that only gave about 5-10 minutes before it shutdown anyway. I also knew enough that I ought to go get the Critical Updates from microsoft which I hadn't updated since January so I did that -- it was a little annoying because it was only a 26 minute download but with constantly shutting down and restarting it took 2 or 3 hours.
Once I got the patch installed the shutdowns/restarts ceased, but the file was still there taunting me. Someone told me to delete it but I didn't want to delete something important, so I installed Grisoft's AVG and scanned it - came out clean. By this time my Firewall was on of course. This was all during Friday night. (am I rambling enough for you? good)
Then Saturday morning the reports came out telling what the problem was, someone said, hey there's a new virus out -- they pointed me to McAffee's Stinger tool (they were the first with a removal tool), I got the tool and removed it and then was cured. It was pretty cool, actually. It was a crash immersion course in internet security.
Think I'll go turn my firewall off now and see what happens. Maybe I can catch a couple of worms to play with.
I went to microsoft's support site and was only the 3rd person to report the symptoms. And of course no one knew what it was at that point. I found another security forum and was the first to report the problem there and they didn't know what it was either, but they told me all about using spyware, adware, and hijack this to root out the problem.
It was kind of fun being in on it early and solving it as a mystery. Immediately I was suspicious of the 'avserve.exe' file because it was consuming all of my CPU. I knew enough to end its process, but that only gave about 5-10 minutes before it shutdown anyway. I also knew enough that I ought to go get the Critical Updates from microsoft which I hadn't updated since January so I did that -- it was a little annoying because it was only a 26 minute download but with constantly shutting down and restarting it took 2 or 3 hours.
Once I got the patch installed the shutdowns/restarts ceased, but the file was still there taunting me. Someone told me to delete it but I didn't want to delete something important, so I installed Grisoft's AVG and scanned it - came out clean. By this time my Firewall was on of course. This was all during Friday night. (am I rambling enough for you? good)
Then Saturday morning the reports came out telling what the problem was, someone said, hey there's a new virus out -- they pointed me to McAffee's Stinger tool (they were the first with a removal tool), I got the tool and removed it and then was cured. It was pretty cool, actually. It was a crash immersion course in internet security.
Think I'll go turn my firewall off now and see what happens. Maybe I can catch a couple of worms to play with.