{"id":11,"date":"2010-04-27T19:48:00","date_gmt":"2010-04-27T18:48:00","guid":{"rendered":"https:\/\/dave.thealmondfamily.co.uk\/2010\/04\/27\/27-infections-in-3-seconds\/"},"modified":"2010-04-27T19:48:00","modified_gmt":"2010-04-27T18:48:00","slug":"27-infections-in-3-seconds","status":"publish","type":"post","link":"https:\/\/dave.thealmondfamily.co.uk\/?p=11","title":{"rendered":"27 Infections in 3 Seconds!"},"content":{"rendered":"<p>So there I am happily working away on my laptop at work, decided to google a technical\u00a0issue, opened a few websites, speed read them and closed them as normal &#8230; turned away from the screen for a couple of seconds &#8230; next thing I know, my fully up-to-date (checks for updates every 10 mins) very expensive Anti-Virus product is going mad and windows are opening all over the place running executables on my laptop, including a full\u00a0installation of a product called &#8216;wefi&#8217;!<\/p>\n<p>Wow!\u00a0 Of course I immediately removed the LAN cable, switched off WiFi and shutdown my pc, but checking the AV server logs shows that I had 27 infections detected in the space of 3 seconds.\u00a0 My guess is that these were downloaded by a piece of malware that the AV company haven&#8217;t issued a detection signature for yet.<\/p>\n<p>I&#8217;m currently running an AV scan in safe mode and watching all the infected files being listed one by one and have found a number of htm files that appear to be renamed executables with a fake XML footer appended to them.\u00a0 So I guess I&#8217;m the victim of a new IE security hole.<\/p>\n<p>The odd thing is, although I&#8217;m very annoyed, part of me actually wants to congratulate the writer of this evil malware for a well engineered piece of software.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>So there I am happily working away on my laptop at work, decided to google a technical\u00a0issue, opened a few websites, speed read them and closed them as normal &#8230; turned away from the screen for a couple of seconds &#8230; next thing I know, my fully up-to-date (checks for updates every 10 mins) very [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-11","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/11","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=11"}],"version-history":[{"count":0,"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=\/wp\/v2\/posts\/11\/revisions"}],"wp:attachment":[{"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=11"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=11"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dave.thealmondfamily.co.uk\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=11"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}