Saturday, 14 August 2010

"A Virus Day"

Once again I'm writing this blog from a train, the baker street fast service from moor park. Which is really bumpy today! Not that it's actually a baker street service today, theres no service between aldgate and uxbridge... Grrrr. Today however I am armed with my Razer bluetooth mouse which at ~£20 is awesome, works brilliantly and connects in about 3 seconds from being turned on.

At work today it was distinctly a "virus day." The whole time was spent playing with virus removal software. I Had one particularly impressive "security suite" that really dug itself into the computer. It effectively disabled internet explorer, only letting you access a few of its own webpages, and a Viagra advert. It then stopped you from running most .exe files, crucially, things like mbam.exe, hijackthis.exe etc etc.This also included security software like Bullguard which was already instaled on the system. Even that simply wouldn't run. I plugged in my pendrive with the intention of installing malwarebytes and to my surprise found that mbam-setup-1.46.exe executed fine! Result. So the installer ran all the way through and then went to run mbam.exe itself. No such luck. mbam.exe was on it's "list" and I got presented with a "mbam.exe is infected, do you want to activate your Security Suite?" clicking yes took you to the website where they asked for $69.99 for a "lifetime" subscription. One of the most entertaining things was the way they threw in random words under features like "Remote Administrator" "Deep Mesh Scanning." etc. Shows just how much they want to catch out the unwary / uneducated user.
So at this Point I ventured into Program Files (which would you believe I was told was infected!) and then headed over to the Malwarebytes folder (which was infected by the way) and then renamed the mbam.exe to mbam-setup-1.46.exe which was the only .exe that I had known to run. It worked and from then on I had a fully operational, and soon after updated, Malwarebytes Anti-Malware. I started a Full system scan and left that running, because the fingers of this virus looked like they spread deep into the system. And decided then to focus on how I could get back functionality of the browser afterwards (as experience told me that these things often have a certain "aftermath" in the browser department. Hijack this was infected (of course) so a quick moment of genius later :) Hijackthis.exe became mbam-setup-1.46.exe and hey presto I had Hijackthis Fully operational.
While the Malwarebytes scan was running, I did a Hijackthis scan and saw there was a lot of entries that in any normal system, simply shouldn't be there. the best tell for these is the Randomly generated names that they use. The advantage for the virus writers is that by randomly creating the names, if you google it, you get no results. the downside is that to an experienced user they stand out like a sore thumb. So having selected about 15 different entries (which ranged from BHO's to Startup apps) I hit fix and prayed. In that one fell swoop, bang, it was all gone. the false security centre, the "security suite", the Browser redirects and blocks, the loopback proxy server setup, the disallowed .exe's and all the popups about how every single peice of the system was infected. All gone. Malwarebytes by this point was a good 10 minutes into its scan and had still found nothing. Bad Malwarebytes.
So I ran the Bullguard Installer again to get it going and let that do its scan. Both it and Malwarebytes found no other infected files. I'd got them all with Hijackthis. Humans 1 : Computers 0

At the end of the day it was just a simple victory in a computer workshop over a quite invasive virus but it felt good. A nice little victory for me. And it's taught me a lesson. Since Windows 7 was released I think it's caused a few people to get lazy when it comes to setting up and maintaining the system. It does almost everything for you! It installs your drivers for you, updates itself for you, defragments and indexes itself for you, suggests solutions to problems for you, almost everything. And that's the moral of this story. There's still no substitute for getting your hands dirty and doing it manually.

The shame about Saturdays is there often isn't a great deal going on in the tech world. I've borrowed a couple of old P4's to try to get my Folding@Home Machine back to life tonight. The New XFX PSU is waiting to go in, and I'm going to take pictures of the whole process for my AQA Bacc A level project. Really hoping I can get hold of a Q6600 soon otherwise I might just get a different dual core chip cheap. Something like an E6300 or an E2160. Something that will work nicely in the folding machine and be fast enough to hold up 4 gpu clients. Also I should be able to get a nice little overclock out of those chips, which I've been afraid to do to my E1400 because chances are it'll just brick again.

Really looking forward to the new IE9 and it's GPU accelerated Bretherin. The latest Chrome 5 works really well though and I love how Chrome Updates completely unobtrusively. Adobe (Flash) and Sun (Java) Could learn a thing or two from Google in that regard.

I was thinking today what my perfect laptop would be. And frustratingly I knew exactly what it is and it does exist. It would be a fully kitted out Alienware M11x but with a newer gen graphics card, based on the GF 104 or 106 die. About 240 SP's would fit the bill nicely. Preferably without the Alienware badge (but I wouldn't say no to the lights :) The price tag of course would be astronomical but what can you do.

The new 11" Macbook Air sounds interesting. Perfect screen dimensions obviously, and it's effectively going to be a netbook, but with the inevitable £1000+ price tag, I;m guessing it'll be CULV rather than Atom. Probably one of the new CULV i3 chips. Given the way Apple like to chuck in a GPU we could hope that It'll also have a Geforce9300M/Ion But i'm not holding my breath with the sort of dimensions were talking about. At this point, I'm still not convinced their not going to use an External Battery! It's interesting that from a design point of view what you get from Apple hardware *is* A more "expensive" design for better or worse. There are not however many full sized 15" laptops that can get a solid 10 hours out of the battery. So even if you bought it and bootcamped it straight away it would have a feature that you'd have to work hard to get with any other notebook, Especially given most of the laptops in their price range are either 17" or Gaming Notebooks or Both. That's not to say I'd ever buy one, I Love my Mini 311 and I especially love that It's cheap but well designed. It's cheap and there's no real comprimise. Yes it's an Atom and that wont be fast enough for some people but actually, if you set up the system properly, it is enough. And I'm adamant the 11" Form Factor is pretty much the best when it comes to combining Screen size/resolution, performance, keyboard size, and battery life. I think the M11x is a great design and I really look forward to equivalent designs from other Laptop manufacturers. I have to say though I hate the Idea of these 11" netbooks with the scrawny little 1.2Ghz Atom and intel graphics. What's the point of that! they're not even any cheaper than the 311! Grrrrr

In work today we also had a lovely Acer laptop that was completely dead... and 1 year and 15 days old. Sickening isn't it. Cmon Acer get your act together you CAN make things that last! I know it! Please! My girlfriends laptop is an Acer (I didn't tell them what to buy) but her's is now pushing on for 2 years old. I put windows 7 on there for her (one of my own legit licenses) and it's not a bad machine all round.

Video of the day has to be this one. For many raisins. It's a Tune any F1 followers will revel in, It's Glastonbury and thats cool, It's Florence and the Machine who alot of people like and did I mention its available in HD (which is of course important) and the Bass Solo is EPIC!!!!!!!!!!

So that's all for today. This is me, Saying it like it is in IT. And the Weather is Really Rather Awesome!

No comments:

Post a Comment