Random Stuff, Part 22

* I received an mp3 player for review last week. It came loaded with a… chinese song and with the Downloader.Banload.GZH trojan. Apparently, the device had an autorun.inf file in there, and a usb2.0.exe file. The autorun.inf file was calling the execution of usb2.0.exe during the mounting of the player. So you end up getting the trojan without even having to execute the file yourself. The interesting thing is that the usb2.0.exe file was NOT visible by Windows Explorer, but it was visible under Mac OS X and Linux. Thankfully, my anti-virus seems to have caught the file and removed it, although this happened only the second time I mounted the device, so I wasn’t sure if I caught any spyware or not. I later ran the latest AVG anti-virus, Windows Defender and Ad-Aware, but none of the apps found anything suspicious on my system. I have emailed the sellers of the device and I expect them to remove the whole range of these devices from their shelves. If you have any of these devices (1, 2, 3, 4) you might be in danger (it doesn’t mean that all the batches have the trojan attached, but many might). Update: The shop says that they found no trojan on their side, so this might have been a false positive.

* Today we went for the second round of shopping for my brother in law’s wedding. JBQ got two beautiful suits, I got a nice business suit too among others. Oh, and two new bras…

* After shopping we went to eat out. We decided to go to Menlo Park’s “Chillies”. I started crying when we arrived, I couldn’t stop. Reason? The restaurant is just across where the Be, Inc. offices used to be (20 meters away, across the street). I only visited the Be offices 3 times I think in my life, but remembering the whole “hope” around BeOS at the time and the effort the community and engineers put back then, reduced me to tears. JBQ became annoyed which I interpreted it as “don’t remind me please, I am trying not to care, and I do a good job so far”.

6 Comments »

tOnGAs wrote on July 27th, 2008 at 4:33 AM PST:

Thinking about the good old BeOS times makes me sad, too. I remember buying BeOS 4.5 (not without struggling with UPS because of VAT issues) and surfing BeOS-related sites to find help and info. It was the first time I read your articles. I never stopped since then.


Jim wrote on July 27th, 2008 at 11:44 AM PST:

Eugenia:
I live right near where Twin Peaks was filmed, namely Fall City, WA and North Bend, WA. If you want I could take some photos of some of the locations no and send them to you.


biffuz wrote on July 28th, 2008 at 2:22 AM PST:

I disabled autoplay the very first time I run Windows 95, together with the option to hide known extensions. The two most destructive options in computers’ history.


mikesum32 wrote on July 28th, 2008 at 7:26 PM PST:

AFAIK, Windows (XP at least) doesn’t allow autorun for USB drives.


This is the admin speaking...
Eugenia wrote on July 28th, 2008 at 10:47 PM PST:

Well, this one did. XP tried to autorun the autorun.inf file each time the player was mounted. I have autorun already disabled for CD drives, but I never found any way to disable it for other kinds of drives. Of course, I have the latest XP.


biffuz wrote on July 29th, 2008 at 1:55 AM PST:

It can disabled with Tweak UI. It’s on the XP CD if I remember, but I guess you can find a newer version on the Microsoft website.


Comments are closed as this blog post is now archived.

Lines, paragraphs break automatically. HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

The URI to TrackBack this blog entry is this. And here is the RSS 2.0 for comments on this post.