{"id":600,"date":"2006-04-28T18:08:37","date_gmt":"2006-04-28T10:08:37","guid":{"rendered":"http:\/\/foxpro.ntsl119.com\/scr\/?p=600"},"modified":"2007-10-09T03:57:09","modified_gmt":"2007-10-08T19:57:09","slug":"vircrashpart00220060426","status":"publish","type":"post","link":"https:\/\/foxpro.ntsl119.com\/scr\/archives\/600","title":{"rendered":"VirCrash.Part.002.2006.0426"},"content":{"rendered":"<p>VirCrash.Part.<span class=\"style1\">002.2006.0426<\/span><\/p>\n<p>Ah&#8230; CATALYST (TheOffice.PC.<span class=\"style1\">02<\/span>) was infected, my laptop as well. Qsez two computers are clean even if her virus definitions are months late&#8230; ah.. talk about a fair life. <\/p>\n<p>(A woman&#8217;s intution is indeed far more powerful than the arsenal of tools I have.)<\/p>\n<p>The info I have gathered online is not that accurate, or probably I am holding a mutated\/evolved copy of that virus. It infects .exe and .scr files, but it also seems to have a target-list-of-to-be-infected-exe-files in its code since some .exe files that I haven&#8217;t run nor touched for quite some time (and I&#8217;m pretty sure these are not system files) were infected too.  Something online virus encylopedias from av sites are not stating.<\/p>\n<p>It also hides its code in running processes which makes it hard to detect and manually remove when active. Process explorer tools are useless at this point. <\/p>\n<p>But just because this was my major virus hit for quite some time means I don&#8217;t deal with them regularly. In fact we see them during every client visit we have&#8230; to the extent that our first routine on site is to backup and scan files before installing our updates.<\/p>\n<p>Add the fact that one of my bosses in my &#8216;regular job&#8217; has this eternal fascination for porn sites. Even brought a couple of friends for some porn-fest, probably, months ago that produced the <span class=\"style1\">10092<\/span> pop-ups the following day. <\/p>\n<p>I hold him and them responsible for my constantly improving anti-spyware\/virus\/worm removal commando like skills&#8230; : ) <\/p>\n<p>Now off to clean this PC.  I am now hearing the linux users cheering in the background.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>VirCrash.Part.002.2006.0426 Ah&#8230; CATALYST (TheOffice.PC.02) was infected, my laptop as well. Qsez two computers are clean even if her virus definitions are months late&#8230; ah.. talk about a fair life. (A woman&#8217;s intution is indeed far more powerful than the arsenal of tools I have.) The info I have gathered online is not that accurate, or [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[10],"tags":[],"class_list":["post-600","post","type-post","status-publish","format-standard","hentry","category-workblog"],"_links":{"self":[{"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/posts\/600","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/comments?post=600"}],"version-history":[{"count":0,"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/posts\/600\/revisions"}],"wp:attachment":[{"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/media?parent=600"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/categories?post=600"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/foxpro.ntsl119.com\/scr\/wp-json\/wp\/v2\/tags?post=600"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}