Well, sort of…ok, here”s the deal: I”ve been having problems on my leg for several months now. After spending some time siting, I have lots of problems getting up…It”s as if the muscle won”t stretch….Initially, fibrosis was the most viable option, but it seems like that is not the problem…
It seems like it may be caused by some sort of back problem, so I was advised to avoid being sited at all costs (at least, until I get my next appointment with a specialist, which should only happen in a month or so). What this means is that until I have a definitive answer on what”s wrong with my leg (or should I say back?), I”ll have to take the advice and that means that this blog will suffer a bit. I will still be writing, but with much less frequency. I do want to finish my MVC series, bu,,t I guess it”ll take a little more time than I had though. Sorry about that
I’ve created a Google moderator page for the C# talk I’ll be giving in Copenhagen. I don’t know whether there will be internet access at the event itself (for people to create and vote up/down questions during the talk) but at least as there’s a month before the event, people can ask questions now and I’ll do my best to make sure I answer them.
If you haven’t looked at Google moderator yet, it’s a very handy way of keeping track of questions during lectures etc. It’s almost a shame that people don’t tend to have laptops and internet access in church – it would be very handy to be able to add questions for the preacher during the sermon
Continuing our look at Operating Systems – what about Service Pack information
Get-WmiObject -Class Win32_OperatingSystem | Format-List ServicePackMajorVersion, ServicePackMinorVersion
In this one I’m using Format-List to perform the selection as well as the display.Â We could make it simpler if we used the -property parameter on get-wmiobject but that also displays the WMI info such as class, genus etc, etc
Here we go… the other lucky recipients of Microsoft’s attentions in the “John Doe” (which I earlier called “Jane Doe”) lawsuits are:
Case No. 08-2-33382-5 SEA
Judge Suzanne Barnett
Case No. 08-2-33380-9 SEA
Judge Joan DeBuque
Case No. 08-2-33377-9 SEA
Judge Michael J. Fox
Case No. 08-2-33375-2 SEA
Judge Douglas McBroom
Case No. 08-2-33372-8 SEA
Judge Bruce Heller
Microsoft also amended two pre-existing complaints to name the parties behind SMP Soft LLC, a Delaware corporation that markets a scareware product called Scan & Repair Utilities.
According to my notes from the Press Conference, the potential end result of these lawsuits could be up to $2,000.00 per violation, plus attorney fees and restitution.
IP previously 188.8.131.52 (ThePlanet)
Registrar: Directi Internet Solutions Pvt. Ltd (WHOIS notes the registration service was provided by VIVIDS MEDIA GMBH)
Created: 3 October 2007
Previously shared IP address with Allforipod.net, Antispamsoft.net, Antispamsoft1.biz, Antispamsoft2.biz, Antispamsoft3.biz, Apple2iphone.net, Audio-convertors.com, Audio-editors.net, Backup-recovery.net, Bucksoft.info, Cddvdtools.com, Digitalphototools.net, Filemanagementtool.com, Filmsglobal.net, Fuckyourvirus.com, Go2cinema.net, Graphiceditors.net, Hatepopup.com, Hunt100.info, Imageconvertors.com, Iphone4ik.net, Iphonedreams.net, Justamovie.net, Keylogger007.com, Moviesworldonline.net, Playipod.net, Radio-tools.net, Screensaverino.com, Search100world.info, Sys-def-stat.com, Thefunsearch.info, Timeandclock.net, Upmovies.net, Virtualdvdsoft.com and yoursecuritysoft.com
IP: 184.108.40.206 (APS Telecom)
Registrar: Godaddy.com, Inc
WHOIS hidden behind Domains By Proxy, Inc
Created 11 March 2008
Shares IP address with winspywareprotects.com
IP: 220.127.116.11 (HostFresh)
Registrar: Tucows, Inc
WHOIS hidden behind Whois Anonymizer, Brazil
Created 9 January 2004
Shares IP address with antimalwaresuite2009.com, bestwindefence.com, championwindefence.com, cleaner2009pro.com, vixitsystems.com, win-defence.com, windefencesolution.com, windefencetool.com, windefenderpro2008.com and windefenders.com
IP previously 18.104.22.168 (UkrTeleGroup)
Registrar: Estdomains, Inc
WHOIS – Registrant “Herman Pulser”, who apparently owned about 74 other domains!
Created 25 January 2008
Previously shared IP address with psehole.org, fuckteencunt.com, magic-landing.com, microsoftpublic.com, mssetup.net, supereasygo.net, thefuckteen.com, forbposter.com, allmeddrugs.com, allmedicalpills.com, emeddrugs.com, justmeddrugs.com, medpillssite.com and medpillsworld.com (Quite a variety, yes? The domain microsoftpublic.com deserves closer attention)
Antivirus 2009 (antivirus2009.com, .net, .org and .info have all been registered – .org and .info are “on hold”, .net apparently does not have a web site – I don’t know yet which site the lawsuit is against)
antivirus2009.net – Registrar Estdomains.
IP previously 22.214.171.124 (Intercage)
antivirus2009.info – Registrar Afilias Limited
IP previously 126.96.36.199 and 188.8.131.52 (GoDaddy and Leaseweb)
antivirus2009.com – Registrar 1&1 Internet
antivirus2009.org – Registrar Estdomains
IP previously 184.108.40.206 (Intercage)
The other area we have to dig into when inventorying systems is the OS.Â WMI has a class just for this
PS> Get-WmiObject -Class Win32_OperatingSystem
SystemDirectory : C:Windowssystem32
OrganizationÂ Â Â :
BuildNumberÂ Â Â Â : 6001
RegisteredUserÂ : admin
SerialNumberÂ Â Â : 55041-037-8508545-71489
VersionÂ Â Â Â Â Â Â Â : 6.0.6001
This doesn’t give us everything we might wish for.Â The default formatter is a play here in that it decides what should be displayed if you don’t choose.Â To see what is available try
Get-WmiObject -Class Win32_OperatingSystem | Select *
which will display all properties.Â If we want to be a bit more selective lets try
Get-WmiObject -Class Win32_OperatingSystem | Select BootDevice, BuildNumber,BuildType, Caption, Codeset, CountryCode, Debug, InstallDate, NumberofLicensedUsers, Organization, OSLanguage, OSProductSuite, OSType, Primary, RegisteredUser, SerialNumber, Version
These scripts illustrate one of the most difficult aspects of WMI – knowing what is available.
Most of the hardware connected to your system has a matching WMI class – cd, sound, keyboard, network adapter, printers and usb for example.Â To find the appropriate WMI classes use
Get-WmiObject -List *networkadapter
If you want to investigate the pointing devices try
Get-WmiObject -Class Win32_PointingDevice | Select HardwareType, NumberofButtons, Status, PNPDeviceId | Format-List
Oddly enough all the different devices report 0 butons!
It was pointed out on an earlier script that I could have effectively combined the select and format-list by changing the script to
Get-WmiObject -Class Win32_PointingDevice | Format-List HardwareType, NumberofButtons, Status, PNPDeviceId
The reason I don’t do this automatically is that I usually leave the formatting until the end when I see what the default formatter produces and I find is easier (lazier ) to just add format-list on the end.Â Also if I want to put the script into PowerGUI not having the format-list makes life easier.
Edited to update documentary links..
Washington Attorney General, Rob McKenna (whose work has been featured on this blog several times) and Richard Boscovich, Senior Attorney for Microsoft’s Internet Safety Enforcement Team, unveiled several lawsuits against malware (what they call “scareware”) pushers today. The lawsuits are the first to be filed under the State’s recently amended Computer Spyware Act. Note that there have been earlier lawsuits, but they were *before* the Computer Sypware Act was amended.
The news conference was attended by Attorney General Rob McKenna, Richard Boscovich and Paula Selis, Senior Counsel at the Attorney General’s Office, Consumer Protection Division.
I am listening to the Press Conference as I type, so I apologize if this entry is a bit disjointed. The Press Release includes a visual demonstration of scareware, which will give me a chance to catch up on typing this article while the reporters watch a video demonstrating what we are so familiar with.
I do have one complaint though – is it really so hard for the apparently professional reporters to use the god-damned mute button on their telephones so that we don’t have to listen to their hands squelching on their phone handsets, papers rustling or their sighs/heavy breathing except for during question????????? Yes, I used my mute button.
The official Press Release says:
SEATTLE â Attorney General Rob McKenna stood at the frontlines with Microsoft Corp. in the war against spyware in 2006. Now armed with tougher legislation, the stateâs top law enforcement officer, with the worldâs largest software company, is charging forward with new lawsuits targeting scareware purveyors.
âThe Attorney Generalâs Office along with Microsoft has yanked the fear factor dial out of the hands of businesses that use scareware as a marketing tool and have spun it toward them,â McKenna said.
âWe wonât tolerate the use of alarmist warnings or deceptive âfree scansâ to trick consumers into buying software to fix a problem that doesnât even exist,â McKenna continued. âWeâve repeatedly proven that Internet companies that prey on consumersâ anxieties are within our reach.â
The Attorney Generalâs Office along with Microsoft announced the filing of new cases under Washingtonâs recently improved Computer Spyware Act during a joint press conference today in Seattle.
âMicrosoft is honored to assist Washington Attorney General McKenna in helping to protect consumers from online threats,â said Richard Boscovich, Senior Attorney for Microsoft’s Internet Safety Enforcement Team. âCybercrime continues to evolve, but with public/private collaboration such as this, we can work to champion tougher laws, greater public awareness and, ultimately, stronger protections for online consumers.â
In 2005, Washington became one of the first states to adopt a law explicitly prohibiting spyware activities and imposing serious penalties on violators. The statute doesnât stop at outlawing programs that collect personal information, but uses a broader definition of âspywareâ and punishes those who mislead users into believing software is necessary for security. The law was updated last session to create additional liability for third-parties that permit the transmission of spyware and to address new types of deceptive behaviors, such as misrepresenting the need for computer repairs.
As of today, the Attorney Generalâs Office has filed seven suits under the statute.
The Attorney Generalâs Office filed its latest case today in King County Superior Court against the marketers of a program called Registry Cleaner XP. The civil suit brings five causes of action against James Reed McCreary IV, of The Woodlands, Texas, and two businesses: Branch Software, of The Woodlands, Texas, doing business as Registry Cleaner XP, and Alpha Red, Inc., of Houston, Texas. McCreary is the sole director of Branch Software and CEO of Alpha Red.
McKenna said Microsoft referred the case to the Attorney Generalâs Consumer Protection High-Tech Unit and has been helpful in assisting the office with enforcement issues.
According to the stateâs complaint, the defendants sent incessant pop-ups resembling system warnings to consumersâ personal computers. The messages read âCRITICAL ERROR MESSAGE! â REGISTRY DAMAGED AND CORRUPTED,â and instructed users to visit a Web site to download Registry Cleaner XP.
Computers capable of receiving Windows Messenger Service pop-ups, also known as Net Send messages, were vulnerable to the attacks. Windows Messenger Service, not to be confused with the instant-messaging program Windows Live Messenger, is primarily designed for use on a network and allows administrators to send notices to users.
âConsumers who visited the Web site were offered a free scan to check their computer â but the program found âcriticalâ errors every time,â said Senior Counsel Paula Selis, who leads the Attorney Generalâs Consumer Protection High-Tech Unit. âUsers were then told to pay $39.95 to repair these dubious problems.â
The filings today bring the number of civil spyware actions brought by Microsoft since the Computer Spyware Act was first enacted in 2005 to 17. In 2006, Microsoft and the Attorney General each brought lawsuits against the same group of defendants under the Washington Computer Spyware Act, obtaining permanent injunctions and settlements. Additionally, Microsoft has routinely worked with the FTC and other state and federal law enforcement agencies in the battle against spyware.
Spyware has arguably become the biggest online threat to consumers and businesses since the advent of the Internet. Microsoft has said that 50 percent of its customer-support calls related to computer crashes can be blamed on spyware.
Registry Cleaner XP demo:
The Attorney General said that the thing that bothered him most was the “blatant rip-off” that is scareware. It was also mentioned that 50% of support calls to Microsoft were related to scareware – yes, 50%. So far, as I listen to the demonstration, I have heard no mention of the double-dipping on credit cards that scareware is so notorious for – regular readers will know that Bucksbill is notorious for charging $70 or so instead of $35 or so.
Hang on, Richard Boscovich of Microsoft is speaking now…
Ok, Richard says that of the 7 lawsuits mentioned, five are apparently “Jane Doe” type lawsuits, where some parties are not yet identified.
The primary focus of the reporters, and Paula/Richard, was discussing *how* the scareware alerts get on to a user’s system – the primary, nay the only, cause mentioned was Net Send (aka Windows Messenger, which should not be confused with Windows Live Messenger (the online chat software). Windows Messenger Service is, of course, disabled by default as of XP SP2 and only works if there is no firewall interfering. Disappointingly, no mention was made of malvertizing!
Details of the other lawsuits are not available at time of writing. I am sure that information will eventually appear on microsoft.com but for now, all we have is the PDF complaint mentioned in the Washington Attorney General’s Press Release.