Zero / Love

• Cuil vs Google… not yet!
  (tags: Search Engine Review)
• Know Your Stuff Home Inventory Software
  (tags: backup finance howto money organization insurance)

In the last week I’ve seen this hit in the wild several time and at several locations. At one location this virus infecting over 200 computers. The email arrives as follows

From: United Parcel Service [user@not_ups.com]

Subject: UPS Paket N473133142

Unfortunately we were not able to deliver postal package you sent on July the 1st in time because the recipient’s address is not correct.

Please print out the invoice copy attached and collect the package at our office

Your UPS

Attachment: UPS_Invoice.zip

There is a variant of this from FedEx and from United States Customs. They have even posted this response to the email at http://www.customs.gov/xp/cgov/newsroom/alerts/email_virus.xml

Good afternoon,

We have received a parcel for you, sent from France on July 9. Please fill out the customs declaration attached to this message and send it to us by mail or fax. The address and the fax number are at the bottom of the declaration form.

Kind regards,

Rolland Hanna

Your Customs Service

The ones I have seen install a Trojan that then begins sending out Spam. They have all been part of the Cutwail Botnet. This botnet includes around 150,000 computers, sending over 16 Billion Spam emails a day.

None of the Virus scanners I had could clean this, and all the information is about older version of the cutwail virus. I always recommend if you get infected with any type of trojan/virus like this to just do a reinstall, never ever trust an infected machine again. I had this cleaned or so I thought on one computer until I rebooted and it was found again by Trend. Trend could not clean or quarantine this virus.

This version created a file in c:\windows\system32\drivers\tcpsr.sys and c:\windows\system32\drivers\Win32x.sys, there was also several registry keys created I did not copy these down before the reinstall.

Side note:

Let me just point this out also. None of the systems that where infected are protected by the Spam and Virus protection provided by my employer. I have checked the logs on all of our spam/virus gateway systems and this virus has been stopped all along. If you own your own domain, and want Spam and Virus protection, you can contact me for pricing.

Tags: alert virus

• Cuil
  (tags: google online search tools)

Cuil is a new search engine that will be a good competitor against Google. If it is not purchased first. I tried several searches and the results are just not there, yet. I understand they have “indexed” more pages than Google, but if the results are not there then what difference does it make. I could with enough disk space index as many if not more pages then Google, but to search and find something relevant is what matters.

Several of the links from the home page where not found. “ACK 404!” This is not how you launch a new site and claim you are going to go and compete against Google. This is not even how you launch and compete against Microsoft.

Google %61.5 Yahoo %20.9 and Microsoft %9.2
New York Times

This would be something I could over look, but come on these are seasoned professionals. I mean look at the “Power Group” former Google peeps even. Its hard to believe they are serious when they allow simple things like this to happen.

I have not written the final chapter on Cuil which is prounounced “Cool”. I like the results and the layout of the pages. It has pottential, but lets see what the next phase is going to be.

The least they could have done, is called it Beta!

see more pwn and owned pictures

Now that is an idea…