?

Log in

No account? Create an account

Previous Entry | Next Entry

Who needs sleep....

I have my different things in the office setup to e-mail my phone when things happen. For example, when there is a RAID event on the server, it sends my phone an e-mail. If the SQL Server fuck's up, then I get an e-mail, and last but not least, if it finds a virus on one of my server's I get an e-mail about it. I have it setup this way so I know when major things are going down, so I can avoid major problems or at least get a jump start on issues.

We I got woken up by one of these e-mails this morning at 1:07am. So being that I am deep in sleep, I think its my alarm going off, so I wake up enough to shut it off. This is when I realize that its not 5am which is when my alarm was set to go off. So I wake up a little more to figure out its a text message. So at first I figure someone text'ed me or something, so as I check it, I realize that its a notification to "Check your PCS Mail!". Looking at the address I see its an internal CAC email address, that this is when I wake full up.

I check my PCS Mail, and it tells me "AVG Resident Shield Alert Found: W97M/Pri on SERVER". Now it has my full attention and I am well awake. So I get out of bed (mind you I have been looking at all of this from my cellphone in bed, still half asleep) and fire up my MAC MINI to research the virus. Looking at AVG's website, I see that it's a "Macro-virus written in VBA language (Visual Basic for Applications), which infects Word documents within MS Office 97, 2000, XP and 2003."

Since it's on "SERVER" which is our Windows NT Server box, I have to use my laptop running Windows XP to access it. So I fire that bad boy up and open the VPN connection to the office. I open the pcAnywhere connection to server, and log-on. I do not see any virus notifications on screen, but that may just be cus it timed out. So I open AVG (our anti-virus software), and look, and sure as shit, a freaking really old word document is found to be infected. Seeing no major wide-spread infection, I try to heal the file first, but it fails. So then I move it to the "Virus-Fault" so it can not infect anything else.

Right now I have a full-scan of the system running and am going back to bed as there is nothing I can do about it right this second, plus if it finds anything else, I will just get an e-mail on my phone. I think that AVG change one of the properties that it scans for "W97M/Pri" with, and it found it on our server. The major reason why I am not worried right now, is that the directory it was found it, is from an former controls employee who has not worked at our site in like 2 years, and I know his computer is no longer on site.

So here to not getting anymore e-mails on my cell-phone before the morning. LOL. Hey, a boy can wish right?

Comments

( 2 People Thought — Tell Me What You Think )
trinity_kate
Sep. 9th, 2006 11:00 pm (UTC)
Who is we and why the crap were you getting up at 5 AM?
claystorm
Sep. 9th, 2006 11:34 pm (UTC)
Well, being that I wrote that at 1:30am, "we" should be "well". And we were doing company breakfast that morning, so I needed to be in the office sometime around 6:30, and lets face it, I do not wake right up to my alarm.
( 2 People Thought — Tell Me What You Think )

Profile

keyword-288
claystorm
Kevin Murray

Latest Month

May 2019
S M T W T F S
   1234
567891011
12131415161718
19202122232425
262728293031 

Other

Page Summary

Tags

Powered by LiveJournal.com
Designed by Tiffany Chow