A new breed of virus - phishvirus ?

Dec 9, 2005 | | 0 comments |

I've discovered a new technique being used by virus writers and fallen prey to it. A phish-type email, but for software. I'll explain ...

The problem started when I got an email telling me the latest version of Winzip was available. Turns out to have been a phish-type email. I clicked the link and it took me to a website that looked just like the Winzip site, I downloaded the software and installed it. The site was in fact a spoof and the software packaged did nothing other than riddled my system with virii and trojans as well as install the free trial version of winzip. Interestingly none of AdAware, AdWatch, Microsoft Antispyware, Norton and McAffee detected anything being installed. I kept getting winlogon.exe application errors and eventually traced it to a file called msupdate32.dll, and then when I went looking, the can was open and the worms were everywhere. Literally.

I had manually remove these files, sometimes with the aid of a program called moveonboot, and manually search for and remove entries to them from the registry. Trend Micro's "Housecall" kept finding them but couldn't delete them, and the same was true for Microsoft Antispyware.

(all in windows/system32)

mdms.exe
msupdate32.dll - this was the one causing the winlogon.exe application failure
mstool.exe
mspostsp.exe
winsub.xml
svcp.csv
outpstd.exe
ll.exe
zlbw.dll
~update.exe
dh9012.exe
hdmbcnaj.exe
sporder.dll
mswsck2.dll

The killer was the last one - along with plonking that file on to my system, the trojan rewired my winsock LSP values to use it so when I deleted it and rebooted, I had no network or internet. Running a freeware app called lspfix.exe solved that problem and when I rebooted again, all was well.

So be warned - if you get emails with promotional links in them for new software, type the URL in to your browser yourself. The virus-writers are employing new tactics.

Microfuckingsoft Word

| | 2 comments |

Day after day after day I have to put up with nothing but crap from Microsoft. Today I've spent over half an hour trying to insert a numbered chapter into a document. I can't do it. Every time I refresh all the fields in the document, it thinks the body text of the new paragraph is part of the table of contents, and it thinks that heading number 40 comes between heading numbers 41 and 43. I don't get it. MS Word is so fucking counterintuitive and unproductive it's a miracle anyone ever gets anything done in it.
How do I simply get the fucking thing to count from 41 to 42 and not include the text as a heading?
Why do I have to waste my time with this shit?

Could it get any worse for Sony?

Dec 7, 2005 | | 0 comments |

After all the bad publicity for Sony in the last couple of weeks with XCP, would you believe they've been caught red-handed again?
Now they're recalling 5.7million CDs which they published with MediaMax5 on them - another piece of spyware, which although not as malicious, still leaves PCs wide open with gaping security holes.
The obvious question then is this: given that these things have been found on a number of different Somy BMG CDs, just how many technologies have they tried to employ, and how many other CDs are out there with stuff on that we've not discovered yet?

The googlepenny drops.

| | 0 comments |

I just checked my gmail and saw a new notifier on the side of my screen for something they're now testing called GoogleTalk. The penny dropped. That's why Google have been buying up dark lines all over the country. They're going to start their own network and go into VOIP telephony! Clever. Very clever.

Bang bang, you're dead.

| | 0 comments |

Some guy learned an important lesson about joking about bombs on aircraft today - don't. He used threatening language on an American Airlines 757 and then claimed he had a bomb. When confronted by the onboard air marshall, he refused to comply, ran down the aisle of the plane and reached into his bag. These are not the actions of someone wanting to live long. The air marshall shot him and he died at the scene. No explosives were found. Someone travelling with him said he was mentally ill and hadn't taken his medication. Okay fine, how was anyone else supposed to know that? And even then, you simply do not joke about shit like that in an aircraft, mentally ill or not. And frankly, having made that "joke" you don't run away from a gun-wielding air marshall who is instructing you to get down.
I'm sure the facts surrounding what happened will come to light in the next week, but on initial inspection I say "well done air marshall" and "tough luck dead guy".

The Google 767

| | 0 comments |

Instead of settling for a much smaller jet like Gulfstream as personal airplane, the Google founders Sergey Brin and Larry Page have bought a used Boeing 767 from Qantas for about $15m (much less than a new Gulfstream). The plane is now undergoing refurbishment in Texas somewhere to carry 50 passengers as a bizjet.
As much as I'd like to believe this is the actual plane, it's got to be a photoshop. It's a good one but it's let down by the "O" around each window. The Boeing 767-200 has a lot more windows than that in real life. Besides which this looks more like a 767-400 - it's too long. Close but no cigar.

Deep Freeze

| | 1 comments |

Ready for this? It's -14.7°C this morning. With a minus. Apparently that's warm compared to how cold its going to get tonight ....

It snowed like a sonofabitch last night though. The snow was drifting most of the afternoon but at about 15:00 it came on hard, right in time for the evening commute. I was installing my new hard drive and discovered the "gotcha" which is that they included everything except the SATA power cable so I had to go out and get one. By the time I went out it was mor(m)ons on ice big-time. There were SUVs up on the kerb, on their sides, on their roofs, ploughed into concrete pillars, in the sides of trucks - it was SUV carnage. Notably I didn't see one car-related accident - they were all SUVs. But then if people are stupid enough to buy and drive one, then they're stupid enough to believe an SUV is a safe vehicle in the snow. Makes me laugh.

Anyhoo, this morning, the crisp -14°C air has given us a fantastic view across the valley from the orifice.

Good deal from CompUSA

Dec 6, 2005 | | 0 comments |

I ran out of hard drive space on my PC at home this weekend so went looking for a new drive to add in to it. CompUSA had a killer offer but none in, until today. A 200Gb Maxtor serial ATA drive with a Maxtor interface card in the box for $99 after rebates. The kit was $149 with $20 off in-store and another $30 in rebates. And they've made the rebate process easier than ever. You can now go to their e-rebates website and put in all the info off the register receipt, then they match up their inventory and till receipts with your data, process the rebate and send a cheque. You don't even need to cut out the UPC any more and send it in the mail. Suh-weet.