Sasser worm infection

From: Tim Lister (t.listerNoSpam_at_ntlworldNoSpamPlease.com)
Date: 05/21/04

  • Next message: Eliza: "Re: Why suck hatred towards me" 
    Date: Thu, 20 May 2004 23:07:05 +0100

        I recently reformatted the hard drive on my mum's pc which had been
    running WinMe & then installed WinXP. Due to a problem with a modem
    driver, I only got around to getting her internet connection up today &
    as soon as the modem connected, I went to the YahooUK homepage from
    where she could have a quick look at her webmail!
        Almost imediately, strange things started to happen including
    freezes & Zone alarm asking for connection permissions for executables
    that I didn't recognise so I swtched off the pc & rebooted. Zone alarm
    asked for connection permissions for everything that I'd previously
    given permission to (such as the browser, etc)along with the
    unrecognised programs (one of which was avserve2.exe)so I switched off
    again & asked her to leave it alone until I could chheck this out!
         Upon returning home, I googled for info & am pretty sure that she
    has the Sasser worm in one of its various guises!
        Being new to all of this pc stuff, I'm intrigued as to how she's
    managed to pick this up. Is it possible that she'd been infected whilst
    using WinMe & that the infrection remained within the pc throughout the
    reformatting & installation of a new OS or is it more likely that the pc
    was infected in the few minute that it was connected to the internet
    after the installation of XP & if so, how could it have been infected
    from the two sites visited (Mozilla.org & YahooUK).
        I know that I'm just asking for speculation but I'd be grateful for
    any feelings upon this as it'd help me in my education on computer
    security in general to be able to comprehend the abilitles of these
    nasty pieces of malicious code! Thanks in advance & as always, I look
    forwards to hearing you opinions & furthering my knowledge of these things!

  • Next message: Eliza: "Re: Why suck hatred towards me"

    Relevant Pages

    • Installing FreeBSD via FTP with a PPP link via direct serial connection using a null modem cable fro
      ... connection using a null modem cable from a Windows 95 computer. ... Select the option to choose the modem from a list. ... Place all the installation files in a directory on the windows ...
      (comp.unix.bsd.freebsd.misc)
    • Re: Installing FreeBSD via FTP with a PPP link via direct serial connection using a null modem cable
      ... > connection using a null modem cable from a Windows 95 computer. ... Select the option to choose the modem from a list. ... Place all the installation files in a directory on the windows ...
      (comp.unix.bsd.freebsd.misc)
    • Re: Newbie modem prob.
      ... The new installation was probably a waste of time, ... hovering over reads "no network connection". ... When I was using a modem as the primary connection to the world, ... ran a script from the boot scripts ...
      (alt.os.linux.suse)
    • Re: Creating ISP connection ADSL
      ... The ISP is Wanadoo. ... The ADSL modem is an Alcatel ... I cannot get it to create a new connection icon ... THE MODEM ATTACHED and DO NOT plug it in until indicated by the installation ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: Newbie modem prob.
      ... The new installation was probably a waste of time, ... hovering over reads "no network connection". ... When I was using a modem as the primary connection to the world, ... ran a script from the boot scripts ...
      (alt.os.linux.suse)