Gruntled – Page 2 – Getting Gruntled

Wed 16 Sep, 2009

Wrangling Another Gremlin (WAG)

Being someone who “works with computers,” Family and friends quite often fling random personal hardware into my lap to “fix when you have some spare time.”

This is one of those spare times.

I’ve seen the patient (a late model Dell Inspiron, well apportioned with several hardware options, no signs of abuse or even heavy use) several time now for systems issues.

First it wasn’t showing local drives and had some permissions issues installing any new software, even if you logged in as an admin. There was a small trojan that had dropped a reg key to keep itself from getting uninstalled. I corrected the reg key, put some basic adware/junk filters in place, installed the software in question and returned it, advising a full backup of personal data and a dirty install of windows.

When the patient returned with complaints involving spyware blocking prompts, I thought that the basic crap filter had been left a bit sensitive. Signing on, I found a huge mess.

Starting with the usual review of startup processes, killing off of regular user clutter, I found the gremlin…

The now-famous trojan, Antivirus Home 2009 has been updated, and the patient is singing the Fake AV Blues. Loudly. From the back fence.

Our botnet buddies have included some familiar features, but have ramped things up. The install has become very worm-like. It has the usual home base, but any CPL “uninstall” or use of any of the usual removal tools in your tool belt will make it very defensive.

Even after killing off all of its processes, renaming its executables, and cleaning the tempspace, it sees mbam, spybot, and the stinger, kills them off, puts its OWN fly-by installer in place of the exe of the tool, and hides another install of itself using what looks like randomized names.

I ended up doing a manual kill, very similar to the list found at syschat, but with several new ones added to the list, including:

A load of registry entries that I should have logged, as they were all serial based.
_scui.cpl in a secondary location
lots of copies of a binary batch file, with names like asox, avaxo, tufija
reg files named ylifat, etc
inf files named like xehiger
and lots of copies of the same .dat file in all of the locations mentioned at syschat, but with names like jabocixevu, jihomuri, sevotif

After getting the polyps knocked down, I did a restart, then removed the installs and stubs of all the detect and protect tools because they are all suspect at this point.

Rebooting again, things look much better. For the first couple of minutes. Then a notifier bubble shows up from the task tray with a fake “malware detection” notification. Downloading and installing a fresh mbam install and running it kicks off a new install of antivirus 2010.

Back to square one.

Tue 18 Aug, 2009Mon 30 Dec, 2013

tibet

http://www.boston.com/news/world/asia/articles/2009/03/10/china_on_alert_for_unrest_on_key_tibet_anniversary/?page=full

http://www.theatlantic.com/issues/99feb/tibet.htm

Wars and Conflicts Between Tibet and China

http://www.tibet.com/Status/history.html

Fri 3 Jul, 2009

boarding basics

It’s just a pet peeve, but when I hear people in media verbally giving out links, they make a couple of mistakes. These mistakes bleed over into the habits of non-media people,and it’s a really big mess after a few years.
Number one is the nomenclature of the symbols on the keyboard. The slash and backslash are completely different buttons. A slash (/) leans forward. You are reading this text from left to right, as you would in the vast majority of languages in use on this planet (left-to-right-reading languages like Hebrew and Arabic would likely have a completely different nomenclature for the slashes). It’s leaning forward, toward the rest of the line. A BACKslash (\), therefore, leans backward. The slash is generally next to the right-side shift key with the question mark. The backslash is usually above the enter button with the pipe(|) symbol. Since the backslash and pipe are rarely used, the button is generally ignored. In web addresses used in a browser to get to a website, the slashes are just slashes. Any mention of a “backslash” by someone in media to the general public wastes a syllable and confuses anyone who is paying attention. The character that you get when you hold the shift key and press the number 8 is an asterisk (*). Not “asterik”, not swastika.

Tue 7 Apr, 2009Tue 25 Feb, 2014

ASMW — Alexa Ray Joel

I completely stumbled onto Alexa Ray Joel, and liked what I was hearing, before it started to dawn on me exactly *who* I was hearing. I have a feeling that this is the kind of thing she would prefer from new fans.

This is the first single from her second album, her first featured her own artwork, and sampled herwide range from folk/country to alt-pop, and into jazz. This track would sit gingerly in the pop-jazz area. Reminiscient of Corrine Bailey Rae and Billie Holiday, The writing has strong hooks and the arrangements are balanced.

As stated above, I got into the track for a while before finding out more about who she is. The tipoff to some of you would have been the Joel surname. She’s the daughter of Billy Joel and Christie Brinkley.

Wed 25 Mar, 2009Tue 25 Feb, 2014

ASMW — Pulsion

This week, I was listening to a lot of tracks in the “world” section of AmieStreet, and wanted to spotlight Pulsion. The tonality and composition is almost dreamlike in the guitars. This reminds me of some of the masters of guitar intros. Check it out!

Wed 18 Mar, 2009Tue 25 Feb, 2014

ASMW – Jets Overhead

Brought to you by: ASMW Uber Tracker

This week, I was listening to a band called Jets Overhead, who have a phychedelic, contemplative sound that combines current alt-rock with a strong nod toward the heavily folk-inspired seventies period of rock.

Wed 11 Mar, 2009Tue 25 Feb, 2014

ASMW is revived – Archetecture in Helsinki

The plugin and meme for Amie Street Music Wednesday has been revived! This meme had been garnering players for quite some time, and its growth was stopped in its tracks when Amie Street did a site redesign that stopped the embedded player from working. Mouseclone has been working with their developers to create a slick new player, and the code has been released today.

My first post with the new player is by an Australian indie-pop band called Archetecture in Helsinki. The song “That Beep” is pretty popular in Oz, and there are several mixes and dubs already.

Brought to you by: ASMW Uber Trackerмебели стара загора

The beginning bit where they say “Hey kid can you wake up” seemed apropos for the revival post.

I called your doctor up
And he promised me shameless fun
Tried a little bit of moving on
It lasts for way too long
Dressed up as bubblegum
I’m stuck to your shoe lets run
Can you give me that
beep, beep, beep, beep, beep

Sat 21 Feb, 2009

SISAB One

I ran into this meme when reading Juliafish‘s blog, and thought that the result was uncanny when thinking of album covers I’ve seen over the past (ahem, many) years.

This was quick to put together, and was entertaining. You should do one, just to see what randoms you get.

The meme goes as follows:
Create your own band and debut album cover randomly

To Do This:

1 – Go to Wikipedia. Hit “random” or click Wikipedia Random
The first random Wikipedia article that comes up is the name of your band.

2 – Go to Quotations Page and select “random quotations” or click Quotations Random – The last four or five words of the very LAST quote on the page is the title of your first album.

3 – Go to Flickr and click on “explore the last seven days” or click Flickr 7day random – The third picture in the top row, no matter what it is, will be your album cover.

4 – Use Photoshop/GIMP or similar graphics program to put it all together.

5 – Post it to your preferred online outlet with this text in the “caption” or “comment” and TAG the friends you want to join in.

Here’s the first release from my new band.