I know I previously said that I’d only be doing a Public Newsletter fortnightly, but I decided to write this one as an extra in light of circumstances.

This week has been fraught with frights: Viruses have been the main bane of the week, as I’ve been plagued with infection. (My apologies to anyone who received spam from the email worm.) Yesterday, Thursday 8th October, I designated as malware day on kkomp.com, and published a couple of posts related to malware and its removal.

The first one of these was Is 64-bit Windows Less Prone to Malware Than 32-Bit?; an important question for those seeking extra security.

The second; Microsoft Security Essentials – Excellent Free Antivirus Solution,  tells my recent story with regard to a great piece of free software that is new, just out of beta, and totally effective. – With this guarding your Windows PC, malware has very little chance.

PC Mech:

As I write this newsletter, another great tech site; PC Mech, is having problems, and is temporarily unavailable. The problem appears to be linked to the site’s database from what little I can glean. Owner David Risley is frantically working to restore the prominent tech-site to its former glory by getting it back online.

The site’s server at Pair Networks responds to a ping, as does the database server; so it appears to be a php problem with WordPress installation itself.

This must come as a severe blow to David Risley himself, as he relies on PC Mech for a large proportion of his and his family’s livelihood. Every second the site’s not online is costing him money both in terms of lost income and time taken up in restoring the site or attempting to do so.

This situation is one of a blogger’s worst nightmares, particularly as far as an eminent problogger such as Risley himself is concerned. This site, the one you’re looking at right now, has also been down before; for the reason that the hosting company put the domain on a backroom scripting server because it was taking up too many resources on the shared-platform server that it was on until fairly recently, and following that there were a number of teething troubles following the move to a dedicated server, resulting in around 6 days downtime in total.

Unlike David Risley, I don’t rely totally on my online activities for my income and livelihood at this point in time; although that may one day change.

All I can do is express my hopes that PC Mech is up and running again as soon as possible, and that David and his family, which include his pregnant wife Malika, due to give birth to a boy in January, plus his little daughter Elyana, don’t suffer as a result of the issue.

Added later on: PC Mech is now back online.

Virus:

As I mentioned, I’ve spent the last few days cleaning my system repeatedly after two Trojan downloaders found their way onto a hard-drive. If you ever pick up a virus, a Trojan downloader or two is one of the last types you want: If your anti-malware programs fail to see the downloader then it makes no difference how many pieces of malware they remove; the downloader itself will simply replace them and add more.

I was using F-secure 2009 Internet Security Suite beta version, of which I hold a licence until later this month, as my anti-malware program on my 3-core Windows 7 64-bit box, on the hard-drive of which the downloaders resided. F-Secure didn’t see them, and Avast! free edition failed to spot a backdoor Trojan, an email worm, and a keylogger, on the networked dual-cored box running XP professional 32-bit. Microsoft’s new anti-malware solution did though, fortunately, and it cleaned the system totally.

Other Issues:

On Wednesday 3rd June 2009 I noticed a page about this site, kkomp.com, on browserdefender.com. On this page it says that there’s an unsafe download on this site; a file called gpu-z.exe.

I’ve never put gpu-z.exe on the site; so I tried to download it myself, and sure enough it’s downloadable from the site’s root directory. Despite this it doesn’t appear on the ftp server, and I can find no trace of it other than the fact that it can be downloaded from this site.

I advised the hosts; fasthosts.co.uk, (I was going to change the hosting after their last act of customer-unfriendliness; but it never happened.) of the situation, and they said that they’ve never had this situation before, that they’d put an engineer straight on the case, and that they’d get back to me by email. What they actually seem to have done is absolutely nothing: Sweet F.A.

I thought I’d have a look at this file myself; and downloaded it. First things first; I scanned it.

A scan by AdAware came up negative:

A scan by Malwarebytes came up negative: -

A scan by Avast! antivirus also came up negative… So now I’m wondering – more than I’m wondering why a file that doesn’t exist according to ftp is available for download from the server, more than I’m wondering how Fasthosts have the nerve to charge more than some other hosts, yet do almost sod-all; Where is the freaking risk?

According to Malwarebytes, AdAware, and Avast! (Which is a good antivirus at coming up with false positives incidentally.) there’s no infection. – So have browserdefender.com come up with a false positive themselves? Having said that; the ftp server at fasthosts.co.uk says that the subject file doesn’t exist; yet I’m able, nevertheless, to download it. (I’m not even going to think about running the risk of actually running the file just in case.)

So WTF is going on here?

Well, in short, it seems to be something of nothing. (Literally in some ways.) The best advice I can give you on this is: -

Don’t download gpu-z.exe from this site’s root directory. If you do download it then bear the following points in mind: A) The file has nothing to do with me: I did not put it on the server. B) You download it at your own risk, and I am not responsible for any consequences of your doing so. (If you need someone to blame; fasthosts.co.uk would be a good place to start.)

I could have said nothing about this matter unless someone emailed in and made a fuss: In some ways that may have been an equally good option. – But I prefer the pre-emptive strike tactic; hence this article.

Strangely, browserdefender.com also have pcmech.com; a site that’s just gained BBB Accreditation in the USA, that has a much higher search-engine, Quantcast, etc, rating than this site, and has over 10,000 visitors a day, marked as an unsafe site too. I bet David Risley, the owner, won’t be too amused!

I get the uneasy feeling that I may be overlooking some glaring fact that’s obvious to some others. If this is indeed the case; and you know more than I do, then please comment: There’s a comment form below, so someone may as well make use of it.

Onwards and upwards: Enjoy the coming week. I’m going to spend the rest of today (Sunday June 7th 2009) mainly watching TV I think.

During 2007, Computer Shopper magazine tested a number of free and paid-for antivirus solutions. NOD 32 came second to Kaspersky. By the time I tried Kaspersky for myself they’d released a new version which was so bloated I thought of Norton. I’d tried NOD 32 previous to this on a single-cored Pentium 4-driven system, however, and was quite impressed by its functionality, ease of use, and small footprint.

During this month; November 2008, I got the chance to try out the full version of Smart Security from ESET, the makers of NOD 32. As a rule I always try out anything new on my second machine, which happens to be currently fitted with a 2.2GHz single-cored Athlon 64 processor.

I installed the product: Installation was quick and painless and I soon had it up and running properly after it had updated itself with all the latest files.

The firewall isn’t intrusive. It keeps track of what’s going in and out; but unlike some it doesn’t continually ask you whether you’d prefer to allow or deny every single connection. It accepts everything acceptable that’s flowing from trusted software which is already installed and does its job silently.

The antivirus scan is well hot: It even informs you if files are corrupted, incomplete, or don’t have a valid checksum, in addition to telling you if any files are infected with spyware or a virus.

The anti-spam I didn’t really try out so I won’t present any data on that.

My overall verdict is that it’s a very good security suite; but the problem is that it has a large footprint: If it almost occupies an entire core; even on a single-cored 64-bit processor, then it’s too big for my liking. On a quad or six-core processor-driven machine things might not be so bad; but certainly I’d say it used far too much CPU for a single or dual-cored machine.

A strange twist to this article occurred whilst I was writing it: I heard a loud click from my second machine, which was right next to me, and a metallic noise. Then nothing appeared to happen out of the ordinary for about a minute, when suddenly that machine stopped, switched off without shutting down.

I hoped that the fault wasn’t as I expected; but on opening the machine my worst fears were confirmed:

The Shuttle motherboard used in its construction, like most other socket AM2 motherboards, keeps the cooler attached to the socket AM2 CPU by means of a fixing where a metal loop attached to a lever is hooked over one of two lugs on the enclosure around processor socket. This lever appears on the other side of the cooler with a similar metal loop attached to it. This other loop is hooked over the other lug and tension is applied to it by means of another lever; therefore the processor and cooler stay in close contact while the cooler is tensioned downwards onto the face of the processor so that heat transfer is maximised with the help of some heat-conductive grease.

The model of Shuttle motherboard used (Now discontinued.) uses a rather brittle material to make the CPU surroundings including these lugs that the cooler depends on to stay in contact with the processor: Not a noticeably brittle material, but nevertheless to brittle for the purpose. I’ve had one or two of these machines returned under warranty with the lugs snapping off after a number of months, rendering the entire motherboard worthless and inoperative. That’s exactly what had happened to my machine (Kustom Komputa Exel model A101-s) which was one of the original machines built by Kustom Komputa in the days when a single-core Athlon was incorporated in them rather than a dual-core. This syndrome I’ve affectionately christened "lug-rot".

So what to do? Suddenly I was reduced to a single machine. Of course I can get by quite easily with only one computer; but it’s always better to have two: I use both at once occasionally, and I always have a spare if one breaks down, as had happened recently when the hard disk died on the other one.

I was planning to publish the article about ESET SS that day; but needs must, I had no backup, and if the other machine went down, as Sod’s law would make sure that it did if I had no backup, then I’d be totally stuffed.

I checked the junk cupboard: I had an old wrecked machine from about 4 years ago which the PSU had burnt out on. It had been checked since and the motherboard was still working. It was an Asrock board, still in a case, and the processor and cooler were still attached. I’d removed and dumped the burnt-out PSU, also I’d used the DDR RAM sticks and the hard drive from it. – Otherwise it was complete except for DDR RAM, PSU, and SATA leads: There was even a SATA DVD-RAM drive fitted but unconnected.

The processor was a 1.8GB AMD Sempron, which was a bit weak for my liking, as well as being only 32-bit, despite the motherboard being 64-bit capable. Seeing I didn’t have any socket 754 single-cored Athlon 64s in stock, which was the only other processor the board would take, the existing 32-bit Sempron would have to do. I had a brand new 300 Watt PSU and a 250 MB stick of DDR2 in stock. That would at least work; although rather weakly. I could use the hard drive from the failed computer…In fact I might be able to simply pop it in and boot up just as before without any problems.

I’m trying to keep this from taking on the proportions of a novel; in other words keep it short: So to cut a long story short I built it as planned and powered up: Rattle rattle rattle. – The hard-drive was having a fit. When it eventually booted it was unbelievably slow and the hard-drive was still thrashing. I had a driver CD for the board, which I managed to install eventually, but the performance didn’t improve to a level which I was anywhere near happy with.

I ended up taking note of everything that I had installed on the system partition C: on that disk and reformatting the partition, reinstalling, optimising, finalising… And now I have a second machine again that works well. I found another 250MB stick of DDR which I installed, and that made the performance so much better. Surprisingly, after reinstalling the Windows XP Home OS and activating it with just the 250MB RAM installed, it told me that I needed to activate it again after installing another 250MB stick!: A notice appeared at boot saying that the hardware specs had changed significantly and that I must reactivate this copy of Windows. – That’s the first time I’ve ever had to reactivate after installing just another single stick of RAM!

So usual scenario: A few hours building it (2 in fact.) and a whole day plus some installing, verifying, optimising the software. It was fun, but it delayed my posting to my blog.

Have you ever built a computer? What was your experience?

Have you ever tried ESET Smart Security? Do you agree with my findings?

Leave a comment below why not? Come on, don’t be shy, don’t leave it to the spammers to make the only comments. – Which I delete if the Akismet anti-spam software doesn’t get there first. Your comment probably won’t be deleted, even if it’s a negative comment. I have a good comment system set up: Use it why not?

I was checking my email earlier when I saw an interesting article on a new type of social-network worm:

“Security company ESET’s analysis of Win32/Inject.NBL reveals it to be an interesting piece of malware.” “This instant messaging-based bot has the following functions built into it:

• download
• update
• rm
• msn.msg
• msn.stop
• aim.msg
• aim.stop
• triton.msg
• triton.stop

In other words, it can download files, update itself, remove itself, and send messages through MSN Messenger, AIM and Triton, spreading itself on those networks. This is a nice chunk of functionality.”

What next – A virus that decides whether it likes you or not? Are viruses becoming more intelligent? The first viruses were more an annoyance than anything else; soon to be followed by the destructive type of virus that lurks on your system undetected until its clock reaches zero-hour and it delivers harmful payloads that wreak havoc with your machine. Around the same time they were equipped with their own SMTP engines, enabling them to mail themselves as an attachment to a bogus email-message on the internet to any email addresses that they could find on the host machine…You know the story.

Not long ago appeared the network-aware variety of virus that actively sought out unprotected paths in cyberspace to infest anything from individual computers to entire networks: The first signs of intelligence.

Nowadays worms are infecting individual machines and adding them to a collective, using those collectives as botnets to launch mass DDOS attacks, send and relay spam and [illegal] porn.

As computers develop in sophistication, will we one day see independent malevolent data-entities roaming the web, looking for a computer to possess and set up home in, like some form of information-based AI? In my opinion it’s not that far off being a future reality given the right circumstances. Could our computers eventually at a future date become a separate living collective entity – Life; but not as we know it? Maybe it’s already starting to happen?
Is “Skynet” only a piece of science fiction from the Terminator series; or will some similar lifeform eventually evolve? Will that lifeform be malevolent? In my estimation, if it actually did happen, probably not; given that it would have access to nearly all of human knowledge and be able to devise intelligent and productive concepts for itself from that information. Without doubt it would probably be hard to live with; particularly initially, but I feel that soon certain people would befriend it and it would learn from them as well as they from it. Could such an entity become a new “god” that lives in cyberspace? Would there be a Cyber-Fundamentalist cult? What are your thoughts on this?