Search this Blog
Wednesday, July 31, 2013
Sunday, July 28, 2013
Sunday, July 21, 2013
Sunday, July 14, 2013
Saturday, July 13, 2013
Roots of the field
Here are two new items from the farm: red beets and garlic. I always thought beets were harvested in autumn.
ICE Ransomware
Today I had the fun of working on a computer that was infected with Ransomware. It looked like this:
The ICE Ransomware |
It would not boot up to Windows, it would only boot to this screen. Ctrl-Alt-del would bring up task manager, but everything useful in task manager was disabled. The laptop would not boot in to safe mode, no matter what. The boot routine somehow disabled the safe mode boot menu.
It was essentially a big brick. The user said she was downloading TV shows or movies when it happened.
The Ransomware claims the user was doing something illegal and needs to pay a fine. It instructs the owner to buy a MoneyPak from CVS or Walmart in the amount of $300, and key in the voucher number to unlock the computer. The scary message claims you only have 48 hours to get this done. I wonder if that works? I imagine the bad guys get the $300, but then scurry away without fixing the PC. Why would they give a hoot about someones' computer who is dumb enough to pay them ransom?
I tried quite a few things to get rid of it, but nothing seemed to work. I tried Hitman Pro, and various flavors of Linux with AV tools. I also tried manual removal, but never got all the files deleted. The nasty ICE thing kept coming back.
ICE Ransomware |
1. I used Rufus to make a bootable USB. http://rufus.akeo.ie/
2. Then I downloaded the Kapersky Rescue CD iso, and the USB installer, and installed this on my USB. http://support.kaspersky.com/8092
3. I booted the infected machine with this USB and did a scan. Stuff was found and deleted, but unfortunately the malware was not totally removed. One time the machine did boot up correctly, but as I started to download some anti malware tools on it, the infection came back and took over again. Argh! Success seemed so close!
Also, on a couple of restarts the laptop came up to a blank screen, and I needed to do Ctrl-Alt-del to bring up task manager, and then start explorer.exe. The desktop would appear, and then: BAM, the Ransomware would reappear.
Scanning with Kapersky. Oops! Looks like I scanned the USB stick this time! |
4. Finally, with the computer booted normally in to Windows, I downloaded Combofix and ran a complete scan, and it found a bunch of bad stuff. http://www.combofix.org/download.php. If you download Combofix, be aware that the process has about a million links that try to download all kinds of other programs. It's a bit of a trick to find the actual Combofix program.
After all that, I updated all the programs on the computer (ie, WindowsXP, Adobe, Java), uninstalled a bunch of weird looking programs and toolbars, and added Microsoft Security Essentials (I know - it has a reputation for not flagging anything, but it's better that nothing, I think).
Microsoft Security Essentials DID actually flag Zango Search Assistant, and delete it. No doubt that must be a competitor to the tracking technology Microsoft uses in Bing. Only guessing.
It was a bit like I killed Godzilla, and then MSE found a mosquito.
MSE Captures a potential threat! |
So far so good.
Just for fun I put the Kapersky Rescue USB in a trusty old iBook G4, but the boot menu only recognized the Hard Drive, not the bootable USB.
iBook G4 Boot Menu |
The Hero that saved the day! |
Blueberries
It's blueberry picking time at the CSA. I remember my summers at Uncle Raymond's farm picking blueberries. It takes FOREVER to fill a pint.
Thursday, July 11, 2013
Wednesday, July 10, 2013
Sunday, July 07, 2013
Running the Mason Dixon Line
Today Sharon and I ran the York Heritage trail in to Maryland where it becomes the Northern Central Railroad trail. We took two cars so we could park one at the end, and not need to run an out and back route.
We discovered an actual operating steam engine train in New Freedom!
We discovered an actual operating steam engine train in New Freedom!
Friday, July 05, 2013
Thursday, July 04, 2013
Ephrata Firecracker 5 Mile Run
We ran the Ephrata Firecracker 5 Mile race this morning. Kind of hilly, and a bad finish that goes on to the grass and then gets claustrophobic in the finishing chute. Sharon's first mile was 9:03.
Tuesday, July 02, 2013
Mailboxes
Today I took photos of mailboxes during my jog. Very slow Jog. Some owners make extravagant garden displays around their mailboxes.
Some owners use plastic picket fences and plastic flowers
Others shun all natural setting, and simply go with the unadorned plastic uni-box.
Some owners make seasonal displays. This is for July 4th.
Here a huge garden is the foundation for the mailbox.
This timid mailbox is hiding in the pine trees.
This one didn't make it.
Some mailboxes have inviting paved pull-offs
Others announce "Stay Out" with security system notices.
This one is in front of a farm that has Lamas. Doesn't it look like a sitttng Lama?
Some mailboxes are sadly getting new owners.
Often, the mail carrier drives only on one side of the road, so mailboxes for neighbors on both sides are paired up. Sometimes they seem to match.
Sometimes the numbers make it easy for the mail carrier.
Other pairs create more of a challenge.
Here's a nice trio with individual personality.
These nieghbors might not get along.
Flowers are common.
Mulch is acceptable.
Round-Up is a more utilitarian choice.
What? All the fixins of a mailbox, but no mailbox!
An Pennsylvania apartment
Another possibility for apartments. Less pleasing to the eye?
This one may have been hit one too many times at night.
Some owners go to great lengths to create an appropriate backdrop.
Skip. Nuff said.
And other various interpretations of the mailbox.
Subscribe to:
Posts (Atom)