West Toddlehills
Web
Blackhills
Peterhead
Aberdeenshire
Scotland
AB42 0LY
[t] 0800 018 62 65
[f] 01779 473549
sasser
b/d/etc worm
A
new internet "worm" is putting businesses at risk as staff
return from the bank holiday and switch on their computers.
The worm, known as Sasser, is thought to have infected between 2,000
and 1m computers so far.
Experts say small and medium-size businesses are most at risk from
Sasser, which spreads to computers directly from the internet, unlike
many worms which are transmitted through emails and attachments.
A computer virus is a parasitic code that attaches to other programmes
whereas a worm is independent of them. They both produce the same
result: disruption and, in some cases, damage to computer systems.
The computer security industry's catch-all term for viruses and
worms is "malware", which is short for "malicious
software".
The Sasser worm attacks recent versions of Microsoft Windows, such
as Windows 2000, Windows Server 2003 and Windows XP, and causes
computers to slow down, crash and reboot frequently. Sasser does
not cause any permanent damage to files or machines, experts say.
Graham Cluley, a senior technical consultant at the computer security
firm Sophos, said: "You can get it just by connecting to the
internet. You don't have to open an email or go to a dodgy website.
"If you don't have a firewall in place, there is a good chance
you will be hit."
He said that an email had also emerged that appeared to be from
an anti-virus company and warned people they had been infected with
the Sasser worm, but if people opened the attachment their computers
would be attacked by a new worm.
Sasser has infected computer systems throughout the world. Britain's
Maritime and Coastguard Agency has been hit, although the agency
said search and rescue work would not be affected.
If your computer has been infected with Sasser, here
are some simple instructions for removing the Internet virus:
1. Disconnect your computer from the Internet.
2. Locate and stop the worm’s actions: Press the keys “Ctrl”
“Alt” and “Del” at the same time. That
should launch Windows Task Manager. Click on the “Processes”
tab. Look for a file called “aserve.exe” or “*_up.exe”
or "avserve2.exe". If one of these files appears, highlight
it and click on the “End Process” button. Click “yes”
when it asks for confirmation.
3. Find and delete the worm: Click on the “Start”
button in the bottom left corner of your screen, then choose “Search.”
Search your entire computer (in the field next to the “all
files and folders” option) for the following files: “avserve.exe”
and “*_up.exe.” Delete any matching files.
4. Enable a firewall: Right-click on the Internet connection
icon in the bottom-right corner of your screen (or wherever the
task bar is located). Click on “open network connections.”
When a box pops up, right-click on the connection you use to get
online, and select “properties.” Then, on the “Advanced”
tab you should see a box underneath the words “Internet
connection firewall.” If that box is not checked, check
it.
7. Check to make sure your computer is disinfected: Visit Microsoft’s
Sasser page on its Web site and click on the button that reads
“Check My PC for Infection.” Follow the instructions
provided.
If your computer continues to try to restart:
Click on the “Start” button at the bottom-left corner
of your screen, then choose “Run” from the list of
options. Type “cmd.exe” (without the quotation marks).
When a command prompt pops up, type in “shutdown -a”
(again, without the quotation marks). That should stop the reboot
process and give you enough time to carry out steps 2 through
4.
This
is already affecting a high proportion of home users.
If you don't have an up-to-date Firewall/Antivirus suite,
try
by Symantec for best priced all round protection for the home user,
including Spam protection and Parental Control.
See also: Fake 'Microsoft' MS Blaster Email Scam.
More>>
And also: W32.Novarg.A@mm virus.
More>>
And also: 'Teddy Bear' Hoax Virus Alert (jdbgmgr.exe).
More>>
And also: SoBig F worm. More>>
sasser
b/d/etc worm
A
new internet "worm" is putting businesses at risk as staff
return from the bank holiday and switch on their computers.
This
is already affecting a high proportion of home users.