It’s a beautiful day in the virushood, it’s a beautiful day for a virus, would you be my, could you be my…
Yes, today we hunted down and killed a couple of live Nimda specimens. I actually didn’t find any viruses whatsoever, but I found a number of PCs that I really liked. I kept trying to bet one of my coworkers they would float. Of course, that’s just my diabolical scheme, usually reserved for cantankerous Macintoshes. You get someone to bet you 10 bucks the thing doesn’t float, then throw it in the pond and see what happens. If it sinks, you’re out a problem. And if it floats? Well, that’s just proof that it’s a witch. And what do we do with witches? We build a bridge out of them! No, wait. That’s something else. Burn them!
Victim #1 was a P166 built by a local outfit called Intek. Intek is one of those clone shops that builds PCs out of the cheapest parts you can buy (including stuff even Packard Bell wouldn’t have touched) then sells for the price of a Dell or a Micron. But since it has an Intel processor in it and the place promises same-day service (which doesn’t always happen), CIOs fall for it. Anyway, I’ve seen 486DX2-66s that outperform this P166. And when I put the current version of Norton AntiVirus on it, it quit booting.
Personally, I think it’s time to just take the machine, slap a second NIC in it, and install a minimal Linux on it and make it a network bridge to keep a chatty Mac segment from killing the rest of the network, because that’s about all that PC is ever going to be good for in this day and age. But it’s not my decision.
We had one PC infected with PrettyPark. Of course, NAV deleted Files32.vxd but left all the registry entries behind, so the PC would no longer run any .exe files. I downloaded Symantec’s PrettyPark fix, but it looked, found no Files32.vxd, and pronounced the system clean. But thanks to the registry entries pointing to files32.vxd, no executable would run. So I faked it out. copy con: c:winntsystemfiles32.vxd, type some gobbledygook, then hit ctrl-z. Then, copy con: c:winntsystem32files32.vxd, type more gobbledygook, then hit ctrl-z. Run the fix again. Aha! We’re infected. Shall I clean you up? Why, thank you for asking, please do, kind sir.
Seeing as this PC sits on the desk of the head of the accounting department, I figured it’d be best to have it in working order for him this morning.
So. I’ve now worked something like 51 hours this week. And it’s Thursday. I have no social life. But once that paycheck comes in, I’ll be able to afford to have a very nice social life for a little while…
So I came home about 10:15, after stopping off at a gas station for a tank of gas (I was on E) and a beer. I very rarely drink, but I’ve been so tightly wound this week I figured I could use a little help unwinding. I threw in a microwave pizza, popped a beer, sat down, and wrote this. Now the pizza’s gone and the beer’s empty, and I’m not just tired, I’m also a little drowsy. That’s good. Hopefully that means I’m in for a good night, for the first time this week since Sunday.
And that was the last building that needed scanning. So now I can concentrate on my job. Currently I have about 25 trouble tickets open. Normally I have about four open at once. On any given day, four new ones should come in. On a good day I can close between five and eight. So now that the virus scanning’s done, I think the tickets will stop coming in faster than I can close them, but I’ve got a long road ahead to get caught up. Next week won’t be a 60-hour week, but it won’t be a 40 either.