Computer woes

[tahnan]

I spent five hours running anti-virus and anti-malware programs from a clean boot CD, running at least three different programs, none of which found anything much more interesting than some stray browser cookies. (And a virus in a zip file in a temp directory, so I don't know if it was even doing anything.) After all that: the damned thing is still here, intercepting all the links from Google searches. Plus my inverter died again, so I'm hooked up to a somewhat blurry external monitor. This is not my day.

Unrelatedly: I've seen a number of different people, in different LJ posts, post *leaves a pebble* as a comment (with no further text). What the deuce is that? I have to admit it bugs me, not because I don't know what it is, but because the Jewish tradition is to leave a pebble when visiting a gravesite, so unless all these people are saying "I saw your post and recognize that you're now dead", it seems very strange. And a little bit co-opting of one of my traditions, as if I posted *makes the sign of a cross* to mean "the letter t, short for 'thank you'".

Comments

[jordanwillow.livejournal.com]

dude, everyone knows *makes the sign of the cross* is to ward against posters you now recognize are vampires.

i've been puzzled by the pebble, thing, too, for the same reason, so i was pleased to read this and discover i'm not crazy. ?

sorry about the computer woes :(

[tahnan.livejournal.com]

Oddly, my cat—who's been sitting just behind my neck for half an hour or so—just bared her fangs at me. Well, yawned, but the effect is similar. Fortunately in her case, the sign of the cat treat is enough to ward off her hunger.

[lilisonna.livejournal.com]

I can only assume that the pebble leaving is a "hey, I've been here?" sort of thing? Google is utterly unhelpful in this particular instance, alas.

[tahnan.livejournal.com]

It's possible. But again, it has a very specific "I've been here" meaning in my world, which makes it disconcerting at the least, and even a little upsetting.

[lilisonna.livejournal.com]

I can see how it would be, yes.

[jordanwillow.livejournal.com]

i'm feeling a bit peckish myself and wish someone would make the sign of the trader joe's flame-broiled turkey meatballs.

i guess i'm just going to have to go do it myself.

[devjoe.livejournal.com]

If the only effect you are noticing is hijacking of Google results, and the virus scanners can't find anything, it is possible that some trojan modified DNS settings and then didn't leave any other traces behind. A few ways this might work:

1. Hosts file. Decent anti-malware programs should catch suspicious entries like this if they are in the hosts file. Normally this is located at Windows\system32\drivers\etc\hosts (which is a text file despite the lack of extension) but the location is actually specified in the registry key \HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath
This file should normally have some comment lines starting with # at the top, and a couple of lines defining localhost, and that is it. If there are lines defining google or other popular sites and you did not put them there, this is wrong. And if the registry key is pointing somewhere else, this is again almost certainly wrong and should have been caught by your anti-malware program.

2. DNS settings. This is harder to since it can legitimately be set different ways, but the point of the attack is to redirect your DNS to a malicious server which provides mostly correct responses, but redirects google and whichever other sites they target to sites that imitate them. This varies slightly on different Windows versions, but it should be something like Control Panel -> Network -> (the network connection you use) -> Properties -> Internet Protocol (TCP/IP) -> Properties. After all this digging, you should reach a screen that shows how you obtain an IP address and DNS servers. For most internet providers, these should both be set to obtain them automatically. If the DNS is set to use specified addresses, try to verify with your internet provider how this is supposed to be set. Assuming that your internet provider's pages are still properly accessible, they should have web pages about configuring your computer that show the correct settings; you may also have other materials from them showing the correct settings.

3. DNS settings in the broadband router. I have heard of such attacks, but never witnessed one. They exploit default passwords, no passwords, or your browser already being "logged in" with access to configure the DSL/Cable router to change the DNS settings there. These modified settings are subsequently provided to computers on your network that are configured to obtain DNS servers automatically. The result is like attack 2, but will affect all computers on your local network, will affect you even booting from a clean CD, etc. If this is occurring, you'll need to reconfigure the router to proper settings per your internet provider.

Of course, if you find and fix any of these, and the problem seems fixed but subsequently comes back, then you still have some other problem to deal with which is configuring the malicious settings.

[tahnan.livejournal.com]

Thanks for the thorough response!

Unfortunately, I seem to be clear on #1--the "hosts" file is indeed as you describe, and that is where the registry entry points. I had thought of #2; in fact, I tried it before even running anti-malware things. But I do get DNS addresses automatically, and in fact I tried setting them manually to Google's DNS servers and the same behavior continued. As for #3, since my wife's computer hasn't had any of these problems, it doesn't sound like that's what's going on here.

Alas!

[42itous.livejournal.com]

The pebble-at-gravesite tradition was also my first association, but it didn't bother me -- I guess I interpreted it as an acknowledgment of hardship.

But now I'm making another connection: hikers sometimes leave cairns made of pebbles along their paths, the message being not exactly "I was here," but "someone was here." The specific hiker isn't the important part of the scenario, the fact that humans have been here and seen this breath-taking mountain view is, so that future hikers can feel camaraderie with unknown fellows who came before.

The first time I encountered the hiking/cairn tradition, it reminded me of the Jewish/gravesite tradition, so I think the two got melded a bit in my mind.

[jadelennox]

From google, it looks like it's mostly drwex doing it. Might be one person and others have picked up on it? (Answer: yes.)

[lapak.livejournal.com]

The first thing that the pebble business brings to mind is Hansel and Gretel following the trail of pebbles back home the first time they get abandoned. Other than that, I've got nothing.

[tahnan.livejournal.com]

I'm in no position to dictate the behavior of others. But from where I'm sitting, drwex can Bloody Well Stop Any Time Now.

[surrealestate.livejournal.com]

Wex uses it to basically say "I read this and want you to know but have nothing else to express," but in that link, C. actually *did* have something else to say. I wonder if while typing, she felt it would just be too weird to leave it at just that. :)

Personally, I find it annoying but I'm not sure if it as annoying as *hugs*. I suppose if they were done equally often, I'd find it worse, since I'd end up being buried alive under lots of little rocks.


[PS: Hi OP, I don't know you but this was actually linked from another friend's post in response to Wex leaving a pebble. :]

[tactical-grace.livejournal.com]

The thinking behind 'leaves a pebble' is indeed derived from leaving a pebble at a gravesite, but it doesn't have the negative connotations you seem to be associating with it.

The idea is 'I've visited, want to leave a token of my visit'. A quiet acknowledgment of your post. Think of it as a more ambiguous version of Facebook's 'like' function.

[jadelennox]

Hmm. Caring for the dead in Judaism is all about how the dead can't acknowledge or thank you. Preparing a body for burial, for example, is chesed shel emet, kindness of truth, the greatest mitzvah because it is done with no hope of repayment. The origin of stones on a grave is unclear, but it's at a minimum a sign of respect and love for someone who is dead and missed.

I have to admit I'm with Tahnan that repurposing that to a variant on Facebook's "like" function is ... well, I am trying to say something diplomatic such as "troubling" but I'm finding it difficult. I've left a lot of stones of graves this year, and I've left a lot of brief acknowledgment for thoughtful blog posts. They do not mean the same thing, they do not come from the same place in my heart, they do not carry the same emotional resonance, and they should not be conflated.

[tahnan.livejournal.com]

"Negative connotations"? It's not about "negative connotations", it's about taking a culture's sign of mourning and solemnity and turning it into "hey, I read your post!". Screw, as they say, that.

How about, I don't know, "leaves a wreath"? "wears black and has people bring over ham"? "sets self on fire"? Take someone else's damned mourning rituals and leave mine out of it. Or how about, say, "I hear you", or, hell, the all-purpose Internetty "*hugs*"? The way my culture (our culture? I forget) pays respect to the dead is not available to mean "I wanted you to know I read your post". Comma damn it.

[tactical-grace.livejournal.com]

Well, the 'negative connotation' I was referring to was considering you to be dead. Which is not really what it seems to be about. (I say 'seems to be' only because I don't do it, so can't actually comment for the motivations of those who do.)

I never really thought of the pebble on the grave as a mourning ritual, though -- more of a 'someone was here and wished to show respect'.

And to the best of my knowledge, those doing the 'pebble leaving' are also Jews, so it's not exactly like someone is coming in from outside and misappropriating a tradition of yours. Doesn't mean you have to like it, though...

[chrysoula.livejournal.com]

Just as a point of reference, I had no idea about the Jewish mourning ritual and if I saw such a post, I'd think of hikers in trails. And that it was a bit pretentious, but I'm not really a fan of *hugs* either.

[tahnan.livejournal.com]

When it comes down to it, I'm not much of a fan of "*hugs*" either. But at least it's sensible.

[wesleyjenn.livejournal.com]

Huh. If I were to see "leaves a pebble" (which I haven't by the way) I would think of Fraggles.

But it's likely that I'm the only person in the world who would do so.

[sensational.livejournal.com]

I had that same problem with google redirection crap, and I went through a lot of virus scanning and malware removal stuff and eventually figured out that it was some setting that some thing had changed in my browser that was doing that specific thing. I can't remember what that setting WAS, unfortunately, so this is a very unhelpful post. However, I also eventually had to reformat my computer because my WoW account was hacked so there was clearly some kind of keylogger in place, and I'm convinced the two things were related.

I hadn't seen the "leaves a pebble" thing now I rather hope I don't.

[sensational.livejournal.com]

Okay, for me, it was some thing having to do with the proxy settings in the "Options-->Advanced" menu. Maybe take a look?

[foggyb.livejournal.com]

*scares away the tigers*

[jadelennox]

+1

[sylvanstargazer.livejournal.com]

Mmmm, cultural appropriation.

I thought I'd remembered it being old appropriation, though, by Christian pilgrims, where the idea was each person left a pebble and together it became a giant monument, but that could be from some bad historical fiction too.