Full Version of this article can be found
here
wserver.exe
What Is It?
W32.Sasser.G - wserver.exe
What Does it Do?
W32.Sasser.G is a variant of
W32.Sasser.Worm
that attempts to exploit the LSASS vulnerability described in
Microsoft Security Bulletin MS04-011
. The worm spreads by scanning random IP addresses and drops
W32.Netsky.AC@mm
.
Copies itself to:
%Windir%avserve3.exe
%Windir%wserver.exe
Removal Instructions
@ Symantec