Was my data compromised?
No, the hacker was only able to exploit a php upload venerability that caused the server to write his file (htm only) in the web-root.  He could not read any secured files or other files that were not otherwise intended for public view.

Did the hacker delete your files or compromise any of your data?
No, again the hacker could only write a file that hadn’t already existed being the Unix file-system allows “READ-ONLY” permissions to be assigned to individual files (which is hard-coded).

Can this happen again or to my site?
To our site, yes, to our client’s sites, no.  We still allow upload of files via the public; however we have taken measures to ensure that an indexed paged (default page for the web-server) cannot be uploaded.  This cannot happen to clients as none of them have the upload ability outside of their control panels, which is locked down just for the client.

Simple solution is, restart the infected or locked PC in safemode (for those that don’t know, that is taping the F5 key during startup, just fractions of seconds before the windows logo screen comes up with the loading icon (or bar)).

You’ll notice the program does not run in safemode, but there isn’t anything else you can effectively do either. Here we go, click, start then run. Type: “msconfig” and hit enter. There in the services AND startup you’ll see the the ICPP scanner and “enforcer”.

Granted I only downloaded this software to see if it would pick up any of my software which it did not, so I am; no — I’m not downloading pirated materials just to test the scanner (lol). But I did create a few fake files that seemed to trip it a little, but seemed pretty easy to fake a payment code and disable.

If that doesn’t work, someone let me know; its been a while since I actually did any intense Microsoft clean-up work, so pardon me if I’m a bit rusty.

As of late there has been word that adobe has been doing some “out-back” testing on a 64bit Flash player but they warn that it will not or ever will be compatible with the shock-wave players.  This testing version is only available for the Linux Operating Systems currently.

If you’re ever in Ireland, feel free to drop by their office at 36 Canonbrook Park, Lucan, Co. Dublin and say hi!

Now here is the kicker, after I left, and everything was said and done with, he tried claiming “rights” to software my company had created during the time I had worked for him (this is in official legal documentation at Wayne Co. Clerk of Courts) that was created on MY OWN TIME.  He claimed “creative rights” which I found to be bogus as a dealership can’t claim ownership of a mechanic’s car whom built his car in his off-hours.

This part I hope really helps:

IF YOU ARE A CUSTOMER OR A FUTURE CUSTOMER OF EVANSPRESS

1. DO NOT PAY FOR ANYTHING UP-FRONT
2. DO NOT PAY FOR PARTIALLY COMPLETED WORK!!!!
3. NEVER, EVER, EVER, EVER PAY FOR A PROMISE!
4. ASK A 3RD PARTY TO CHECK HIS WORK FOR BUGS AND SECURITY EXPLOITS!

Remember that Mr Evans is not from this area, he pretends to be so you’re trust is open to him, and then he takes advantage of the openness and hospitality of our southern business owners.

IF YOU ARE AN EMPLOYEE OR PROSPECTIVE EMPLOYEE

1. LOG EVERYTHING AND EVERY CONVERSION — IF MR EVANS PROMISES A COMMISSION, SALARY ETC, FORCE HIM TO TYPE IT UP AND SIGN IT.  Else your salary will change on a weekly (sometimes daily) basis.
2. NEVER EVER ENGAGE IN ANY ACTIVITIES THAT HE CAN HOLD AGAINST YOU FOR PROFESSIONAL MEANS OR PERSONAL! I remember going to several bars with him in which he had a girl pose next to me after I was drunk — hell I didn’t care and still don’t, but he thought my wife might care so when I left, he sent me a blackmail letter that I STILL HAVE validated by Google Staff that his address sent it from their own servers.  Thankfully, my wife just laughed as she saw the picture and said, “Damn you were drunk!”.
3. NEVER EVER EVER ALLOW HIM TO BE LATE ON PAYING YOU!  IF YOU DO NOT CLAIM YOUR CHECK IMMEDIATELY HE HAS BEEN KNOWN TO SAY HE HAD ALREADY PAID YOU IN CASH!
4. CONTRACT CONTRACT CONTRACT!  GET A CONTRACT OR GET PAID BY THE HOUR SO THE NORTH CAROLINA DEPARTMENT OF LABOR CAN PROTECT YOU!

I do hope I have helped and be aware that many sites have rated TradeMarkMG.com as being very untrustworthy (from his former customers) so just be aware that EvansPress.com is run by the SAME PERSON.

Me: “I was wondering, how much does it cost for a new copy of MS Office 2009?”

MS: “$199.00″

Me: “I already bought the software once, do I really have to buy it again because of a compromised disk?”

MS: “Oh no sir!  We can just send you disks in the mail for $10.00 plus shipping and handling!”

Me: “Ok so if my neighbor has the disks I can use them and just plug in my CD Key and everything is legal?”

MS: “We don’t suggest it sir, because they might have a different version (professional, home etc), but if it is the same version, it is totally legal and does not violate any EULA”

Me: “Great thanks!”

So what does this mean?  It doesn’t matter how you acquire the software AS LONG AS YOU HAVE PURCHASED IT! So, thus my torrenting was born.  Though you have to be careful of the torrents you get!  Some torrents contain cracks and CD-Keys for the software, in such case this software is ILLEGAL to possess.

But today after reading this news article from ZD Net, I couldn’t help but to laugh.  Apparently, software companies have allied together and has created a gimmick to ensure that you pay for their software by placing a program on your PC that will check for certain torrents and then LOCK your PC and tell you that the ICPP Foundation has locked the PC and it can only be unlocked by paying for a license and a fee for pirating the software.  First of all the ICPP Foundation (International Copyright Publication Protection Foundation) does not engage in such acts — EVER, in fact placing this software on your PC without your knowing is simply more illegal than obtaining illegal software.  Secondly, they ask you to pay only a FRACTION of the fees that a legitimate ICPP notice would ask (usually about $10,000.00 is the norm).

This however is called “Scareware” or “Ransomware” the same software that was going around in the Y2K era that popped up a count-down timer on your PC saying “PC System WIPING MEMORY In…”.

Some of our subsidiaries will be having spring sales starting soon to welcome in the summer time spending sprees!  Make sure you do not miss the deals we will be offering!

We do expect that we will have all services back online (with some data-loss) by no later than January 5th, 2010. Fortunately, no client websites were affected by outage. We sincerely apologize for the inconvenience that this outage has caused.