Welcome to the “BLOT”

So, I was just surfing the net the other day, minding my own business and then, WHAM!  I started getting a McAfee warning on bootup that I had a BACKDOOR-CQN trojan.  No problem!  I made sure my McAfee was up to date, ran the full disk check and it didn’t find a blessed thing.  Grrrr, I updated my cleanboot definitions, burned a new CD and booted.  Ran the FULL check.. NOTHING!  What the F?  Maybe it was cleaned already?  NOPE!!!  My software is at least smart enough to keep coming up at boot saying that it found (and deleted) the virus SYSTEMS.SYS in the C:\WINDOWS\WINDOWS directory.  The WHAT directory???
Onto the NAI website to find out how to remove this sucker..  “Use the latest engine and def files”… NO KIDDING, REALLY?  No manual removal method listed and I couldn’t find squat on the Internet.  Damn I hate computers.

So, I rolled up my sleaves and dug in.  Doesn’t seem too hard.  There’s something in the STARTUP folder, under the RUN command in the registry and I’ve deleted the directory in Windows.  BAHM!  It’s back again..  AHHHHHH!!!!!!!

After picking up my laptop from the other side of the room, I’m back to figuring this out…  After a quick boot into safe mode and some searching around the system, THERE IT IS!!!!!  Last piece of the puzzle solved and it’s back to safe computing for me.

If YOU happen to get the wonderful little charm and your virus software sucked as much as mine in getting rid of it, here’s how I was able to eradicate this little son of a behive…

Boot into Safe Mode.
Open REGEDIT
In both HKLM and HKLU, go to the RUN listing and nuke the setting for C:\WINDOWS\WINDOWS\SYSTEMS.EXE
Of course, nuke the C:\WINDOWS\WINDOWS directory.  Should only contain the SYSTEMS.EXE file.
Kill the launch file in C:\DOCUMENTS AND SETTINGS\ALL USERS\STARTUP\SYSTEMS.EXE
Lastly, here was the file I missed the first time;
C:\WINDOWS\PREFETCH\SYSTEMS.EXE-2D5B743C.pf      NuKE IT!!!

Reboot your machine and you should be right as rain.  It’s easy peesy, lemon squeezy.

Good luck!

What is with all these problems?!?!  So I’m playing around with my new iMac and I naturally wanted to access the shared directory of my 2003 Server.  I mean really, what is a 23″ screen without streaming porn, a-hem, Educational Material!  On a more serious note, trying to access any of my Windows shares caused a failure where it said, the Alias could not be opened because the original item could not be found.  Doesn’t ANYTHING work with anything else?
The solution that worked for me was to disable a Windows 2003 security setting regarding digitally signed communications.

Log into the Domain Controller
Open the Domain Controller Security Policy
Navigate to SECURITY SETTINGS / LOCAL POLICIES / SECURITY OPTIONS
Find MICROSOFT NETWORK SERVER: DIGITALLY SIGN COMMUNICATIONS (ALWAYS)
*!*!*!*!*!  Ding Ding Ding Ding Ding *!*!*!*!*!*

DISABLE THAT SETTING ! ! !

Give it a few minutes to sync everything up and then try the mapping again, it should work.

One other thing that might help is instead of using the Server’s name, try using the syntax

SMB:\\X.X.X.X   and it will pop up with a list of shares to choose from.

Good luck!

The easiest solution to this problem is to disable the default server setting of always requiring “digitally signed communication”. To do this, log in to the domain controller and open the DC policy editor. Look for “Security Settings -> Local Policies -> Security Options” and change “Microsoft network server: Digitally sign communications (always)” from “Enabled” to “Disabled”. Leave everything else. This means that the server will digitally sign communications if the client is capable, but won’t reject a connection if your client is not.

Notice a relatively new problem when you click on a URL in your Outlook? Does it pop-up a window saying “locate link browser”? Pain in the ass? You bet!

Found this on the web and it worked like a charm!

Click START
Click RUN
Enter regsvr32 Urlmon.dll and hit ENTER

For those of you that own a Mac AND an HP Laserjet 1022 AND would like to use them together, you may run into the same problems I have. Perhaps my troubles and tribulations can benefit your plight. Or, maybe I’ll just give you the answers you seek. Yeah, that’s probably better…

First, let me explain the problems I ran into. I just purchased my brand new spankin iMac. (OS X 10.4.10)  Lo and behold it was a glorious site, all new and shiny. But alas, I tried to print to my HP 1022 and was rebuffed. I was thwarted. It tasked me!!! Kaaaaaaaaaaahn!

Ok, the problem. My 1022 is not connected directly to the iMac. It’s USB connected to an Ethernet Print Server. When I went into my printer setup, I could input the IP address of the print server but couldn’t see the HP 1022 driver. I downloaded the “new” driver from the HP website - didn’t work. I downloaded the “old” Hp drivers from the Net as suggested - didn’t work. I downloaded the drivers from the CD, zippo, bubkas, nada, zilch. I tried moving files into the root “laserjet” directory, restarts, and everything else people suggested on the net. Goose Eggs. HOWEVER, if I plugged the printer directly into the Mac via a USB cable, WHAMMO, the printer was recognized and everything worked perfectly. Back through the print server, same problem. Wow is me….

Local printer - drivers work.

Network printer - drivers don’t appear at all.

After much searching, here’s what worked for me, immediately, without issue, no muss, no fuss, it diced, it chopped, it even julianed and I didn’t have to call before midnight. It was better than the bass-o-matic.

http://www.linux-foundation.org/en/OpenPrinting/MacOSX/foo2zjs

Three file downloads, several mouse clicks and when I went to select my printer model, I choose HP and then the (HP Laserjet 1022 Foomatic / foo2zjs ) Perfect!!!

For some of the printers there is of course a small caveat. Do not pass go, do not collect the $200, mileage may vary, limited to the vehicles on the lot. Some the HP printers require a firmware download every time they’re powered off/on.

Oh, and this process also supports the following printers:

• Generic-OAKT_Printer
• Generic ZjStream Printer
• HP Color LaserJet 1500
• HP Color LaserJet 1600
• HP Color LaserJet 2600n
• HP LaserJet 1000
• HP LaserJet 1005
• HP LaserJet 1018
• HP LaserJet 1020
• HP LaserJet 1022
• HP LaserJet M1005 MFP
• KonicaMinolta magicolor 2480 MF
• KonicaMinolta magicolor 2490 MF
• KonicaMinolta magicolor 2530 DL
• Minolta Color PageWorks/Pro L
• Minolta magicolor 2200 DL
• Minolta magicolor 2300 DL
• Minolta magicolor 2430 DL
• Samsung CLP-300
• Samsung CLP-600
• Samsung CLX-3160
• Xerox Phaser 6110
• Xerox Phaser 6115MFP

Good luck!!

SPAM - Can’t live with it, can’ find the FU@$ERS to kill them!

Everyone who’s ever used Email in their life has had to deal with SPAM. Some more than others. We’ve all learned that giving our Email address to unscrupulous online merchants can leave you showered with Penis Enlarger Ads or requests to launder some money for an ousted Dictator. What can you do????

In the long run, for now, the best you could possibly hope for is to minimize your exposure because NO MATTER HOW HARD YOU TRY, someone you know, someone who had YOU in THEIR contacts list is going to open someone else’s SPAM message, infect their machine with a virus and have EVERY SINGLE CONTACT STRIPPED OUT like my Aunt Ruth sucking the marrow from bone. Sluuuuuuuuuuuurp, done!

MAYBE use a SPAM filter. Good for some, bad for others. None are perfect and many take up more of your time that just killing the SPAM messages in your inbox. Just remember though, not everyone uses their Email in the same way so some of these may be the perfect match for you, a godsend you might say. Me personally? I have yet to find one that isn’t more of a pain than what it’s trying to cure but I’m a bit more odd than others.

DO use free 3rd party Email programs (Yahoo, Hotmail, Google) to communicate with cataloges, merchants and any online transactions.

DON”T give out your primary Email address to any commercial entity. Yes Virginia, even the “scrupulous” vendors find the profit of reselling your addresses too hard to resist.

DON’T ever, EVER (No, really EVER!!!) respond to a SPAM message which offers to “take you off the list”. If you do I bet you could hear them sporting wood if you listen carefully enough! By doing this you’ve taken your name off of the “could still be a good address” list and immediately moved it to “VALID, VALID, HIT ‘EM NOW” list which trades for more money and trades much more often. You might as well paint glow-in-the-dark Bull’s Eye on your forhead.

Funny Story.  I once took it upon myself to try and go after SPAMMers by targeting the ISP’s and Companies they used as senders.  After about a year of very diligent work, tracking addresses, checking open relays, and rooting around to find responsible parties I’d have to say that about 0.001% of it worked.  Even when (this was a few years back) the content was HIGHLY objectionable, no one gave two sh#@s.  I even tried to get my Local, State, Federal officials (You know, the people who we elected to work for “us”) to get involved.  I was completely ignored.  I even had several cases involving what appear to be SPAM featuring child pornography and I couldn’t get ANY legal authority to give me the time of day.  And, after all of this work, what did I get?  I was put on EVERY G@D DAMNED SPAM list in existence.  Holly Hanna did I get SPAMed.  I still keep that account active today just to peek at it from time to time as a reminder.

DO (yes, this is the biggest pain in the ass) change your Email address from time to time. Nothing works better than changing your address. DO NOT CHANGE IT AND THEN FORWARD ALL YOU EMAIL! This will accomplish nothing. However, that being said, you can do this for a short period of time to make sure you let all your friends know but you really need to kill it sooner than later.

The absolute, 100%, never get SPAM, only get the Email you want method? Yeah, I thought that was a hoot too!