Tuesday, September 23, 2008

Gizmodo site down

wtf? Gizmodo site is down? How am I to goof off now?

Thursday, September 4, 2008

My sister got hosed by MS Antivirus

[Wow, I haven't blogged for awhile. Been enjoying retirement, I guess. This pic is now way out of date. My hair got much longer and is now way shorter than my blogger headshot :P.]

First, kind reader, be fully confident: Microsoft does *not* make an antivirus product. There is a malware program going around that calls itself MS Antivirus. I know, because I just installed it for my sister.

Her laptop was hosed, she told me. I thought she meant that the hard drive was shot, but then she continued and described all the problems her computer was having, and it was obviously infected with spyware.

So I took her laptop home, did a low level reformat, and installed Windows XP. Got all the patches loaded on, and of course gave her Firefox.

She sent me info on some antivirus software she had just purchased, including the activation code, and wanted me to make sure I loaded that on since it was bought and paid for. I'm a good brother, so I did.

D'Oh!

Spybot Search and Destroy cleaned the resulting mess up, except for MS Antivirus itself. To kill that, I Ctrl+Alt+Deleted and killed the program, then deleted the install directory.

So, a couple tips:
- Whenever I want to fix someones computer, I always download the utilities I need from download.com. Don't do a Google Search for the stuff you need, since any ads may be compromised. I don't know who the hell makes Spybot Search and Destroy but for years I've gone to download.com to get it; it's always one of the most popular downloads.
- An the new corollary I will pass on to my sister: If you suspect your computer is infected with spyware, don't click on any of the pop-ups said spyware produces looking for a cure.

Props to PC Mag for info on MS Antivirus.

And finally, here are the emails my sister got, in an effort to let any other victims know that they've been had.


From: eSafeBill Transaction
Date: Wed, Aug 27, 2008 at 5:29 PM
Subject: Your MS Antivirus License purchase
To: my sister


Thank you for making a purchase with eSafeBill!

Transaction information:
Amount: 77.9 USD Including SCHD Bundle chosen
Activation Code: 873465112334272
Transaction ID:
Order Number:
Item: MS Antivirus License + System Cleaner and Hardware Doctor Bundle
You have chosen to purchase your software along with System Cleaner and Hardware Doctor bundle offer. Please download the installer for the additional software: http://222.73.37.203/i.php?tks=1
Quantity: 1
Date: 08/27/2008 12:21:40
Download source: http://222.73.37.203/i.php?l=msantivirusxp&c=c

This purchase will appear in your credit card statement as "Spyware-shop4..com".
Total amount of 77.9 USD will be charged to your credit card.
If you are not completely satisfied with this purchase, please do not hesitate
to contact us using SUPPORT REQUEST APPLICATION at http://222.73.37.203/i.php?l=secure.esafebill&c=c
Please do not dispute this charge as doing so may affect your credit rating.

===
ACTIVATION

Please download the software from the following link if you
do not have it already installed.
Download source: http://222.73.37.203/i.php?l=msantivirusxp&c=c

Please activate the program by entering the following
code when prompted.

Make sure you enter your activation code correctly.
Just copy it and paste into the activation code box with no changes.
The code consists of 15 characters.
Your code is: 873465112334272

The product is activated now.
In case of any difficulties,
please do not hesitate to contact us.

===
REFUND POLICY

If you are not completely satisfied with this purchase, please do not hesitate


to contact us using SUPPORT REQUEST APPLICATION at http://222.73.37.203/i.php?l=secure.esafebill&c=c
Please do not dispute this charge as doing so may affect your credit rating.

===
THIS IS AN AUTOMATED MESSAGE. PLEASE DO NOT REPLY.



Ok, lets note that dead giveaway too: if it says "Don't contact your credit card company to dispute the charge, it will affect your credit rating" then please call Visa or Mastercard right now and do just that. Their operators are standing by. :)