[ Previous entry: VirCrash.Part.001.2006.0425 ]
[ Next entry: VirCrash.Part.003.2006.0427 ]
Ah... CATALYST (TheOffice.PC.02) was infected, my laptop as well. Qsez two computers are clean even if her virus definitions are months late... ah.. talk about a fair life.
(A woman's intution is indeed far more powerful than the arsenal of tools I have.)
The info I have gathered online is not that accurate, or probably I am holding a mutated/evolved copy of that virus. It infects .exe and .scr files, but it also seems to have a target-list-of-to-be-infected-exe-files in its code since some .exe files that I haven't run nor touched for quite some time (and I'm pretty sure these are not system files) were infected too. Something online virus encylopedias from av sites are not stating.
It also hides its code in running processes which makes it hard to detect and manually remove when active. Process explorer tools are useless at this point.
But just because this was my major virus hit for quite some time means I don't deal with them regularly. In fact we see them during every client visit we have... to the extent that our first routine on site is to backup and scan files before installing our updates.
Add the fact that one of my bosses in my 'regular job' has this eternal fascination for porn sites. Even brought a couple of friends for some porn-fest, probably, months ago that produced the 10092 pop-ups the following day.
I hold him and them responsible for my constantly improving anti-spyware/virus/worm removal commando like skills... : )
Now off to clean this PC. I am now hearing the linux users cheering in the background.
Disclaimers are for castrated EARTHLINGS.
Powered: GREYMatter | GM-RSS