Home » Archives » June 2006 » VirCrash.Part.002.2006.0426

[ Previous entry: VirCrash.Part.001.2006.0425 ]
[ Next entry: VirCrash.Part.003.2006.0427 ]
06/07/2006:

VirCrash.Part.002.2006.0426


VirCrash.Part.002.2006.0426

Ah... CATALYST (TheOffice.PC.02) was infected, my laptop as well. Qsez two computers are clean even if her virus definitions are months late... ah.. talk about a fair life.

(A woman's intution is indeed far more powerful than the arsenal of tools I have.)

The info I have gathered online is not that accurate, or probably I am holding a mutated/evolved copy of that virus. It infects .exe and .scr files, but it also seems to have a target-list-of-to-be-infected-exe-files in its code since some .exe files that I haven't run nor touched for quite some time (and I'm pretty sure these are not system files) were infected too. Something online virus encylopedias from av sites are not stating.

It also hides its code in running processes which makes it hard to detect and manually remove when active. Process explorer tools are useless at this point.

But just because this was my major virus hit for quite some time means I don't deal with them regularly. In fact we see them during every client visit we have... to the extent that our first routine on site is to backup and scan files before installing our updates.

Add the fact that one of my bosses in my 'regular job' has this eternal fascination for porn sites. Even brought a couple of friends for some porn-fest, probably, months ago that produced the 10092 pop-ups the following day.

I hold him and them responsible for my constantly improving anti-spyware/virus/worm removal commando like skills... : )

Now off to clean this PC. I am now hearing the linux users cheering in the background.


Disclaimers are for castrated EARTHLINGS.
Powered: GREYMatter | GM-RSS

 

 
 
 
 

 

foxpro.main
foxpro.archives
richardbase.home

articles
downloads
snippets
utilities
knowledgebase.links
website.links

outpost.forum
the.site
the.catalyst
pixelcatalyst.lair

rss.feeds

June 2006
SMTWTFS
    123
45678910
11121314151617
18192021222324
252627282930 
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
December 2004
November 2004
October 2004
September 2004
August 2004
July 2004
June 2004
May 2004
April 2004
March 2004
February 2004





GEEK count:
visitors since the aliens rebooted the counter last 02.23.2006 (was around 33,000++ before the alien intrusion | SINCE: 02.26.2004)