Sunday, November 25, 2007

me and Moominpappa

"I cannot stress enough the perils of your friends marrying.. One day you are all a society of outlaws, adventurous comrades and companions who will be pushing off somewhere or other when things become tiresome; you have all the world to choose from, just by looking at the map...
... and then, suddenly, they're not interested any more. They want to keep warm. They're afraid of rain. They start collecting big things that can't fit in a rucksack. They talk only of small things. They don't like to make sudden decisions and do something contrariwise. Formerly they hoisted sail: now they carpenter little shelves for porcelain mugs. Oh, who can speak of such matters without shedding tears !"
Moominpappa's Memoirs, Tove Jansson.

And how much worse it is when you marry in fact your own self, carpentering quietly in a warm little house and wondering where it all went, what was all that ?

Monday, October 8, 2007

pretty colours

playing with the new digital camera, Canon A630 Powershot. It seems to be proof against at least my foolishness, though I am overwhelmed by its software. All I want is a manual focus with automatic exposure bracketing, but setting that up is beyond my capability. I have a postgraduate degree in computer science and decades of tinkering - what do the simple folk do when confronted with one of these 'simple' cameras ?
Oh well. At least I was able to turn the flash off. I like its viewfinder too, saves a bit of power and it's a lot easier to see than most LCDs.


Virginia creeper in rain. It's invasive in warmer climes.


V. creeper in sun


sugar maple alone

cosmos on its own


Gloria cosmos, sugar maple leaves

Friday, October 5, 2007

healthcare nonsense

I see via the reliably interesting Jon Udell that yet another 'health-care database' is being trumpeted abroad in the land. Apparently neither Google nor Microsoft has noticed (or perhaps they prefer not to acknowledge) that the technical problem has been comprehensively solved already, by the Veterans Affairs medical system. The remaining problems are not technical but political. As Jim Gray benevolently wished for us, "may all your problems be technical". The world is full of smart people who can solve technical problems: all the smart in the world can't solve politics.

We can talk about 'shoulds' and 'translucency' all we like, in the end the insurance business will find a way to use such a database punitively.

The real question is how to arrive at a health-care system that doesn't punish the sick. The answer is technically simple but politically difficult. It starts with acknowledging that health care isn't a market. More accurately, it is a market, but the good being traded is healthy individuals, not health care itself. Senator Edward's health-care proposal (or Sen. Clinton's, as it's much the same thing) is a good first step. Once we have a system where we need not fear the database, we can proceed to establish evidence-based medicine.

Until that time, I fervently oppose all attempts to establish a database of medical records. The incentives in our current system are so perverse, that the database will be very dangerous to our health.

A secondary issue is one of simple data gathering. According to the optimistic hurrahs of Microsoft,
"People want to be able to collect, and securely store, and share their private health care information which is today scattered all over the place, with doctor A and doctor B and hospital C, and wherever they were born."
Lovely. How do they propose to extract that information from doctors and hospitals ? For them, that data is part of their competitive advantage. Whenever I get tests or procedures done (and I've had a lot recently) the results are kept secret from me: sent only to my doctor and doubtless a variety of financially interested parties, insurance companies, and so on. On a few occasions kindly nurses or technicians have actually shared the information with me, but that's the exception. For the most part an inquiry as to obtaining the technical details is treated with a kind of amazed wondering contempt by the administrative staff.

Update 2011:
Via the New York Review of Books I see:
"this past April, the Supreme Court heard arguments in Sorrell v. IMS Health, in which IMS Health, in challenging Vermont’s statutory restriction on the sale of patients’ prescription information to data-mining companies, argued that harvesting and selling medical records data is a First Amendment right. "
I don't have much confidence this Court will decide for the patient: then our data will belong to everyone but us ourselves.
Update 2017: the Supreme Court decided that the companies' right to sell your data is more important than the individuals' right to privacy. As expected.

Another notable database effort is the Personal Genome Project. In the different world where this information wouldn't be used by insurance companies to deny care, I'd enthusiastically volunteer. Well, maybe not, given the involvement of the egregious Ms. Dyson.

Update October 2007: turns out these databases aren't subject to the HIPAA privacy regulations. Microsoft's response ? "Trust us". Well, no, I believe I won't.


Update March 2008: ars technica has a decent overview of the situation. The takeaway: "many of the reasons for poor US health outcomes have much deeper structural roots related to a lack of preventative care versus emergency care, issues that are tied in to the lack of a universal healthcare system and the nature of insurance companies, that are outside the scope of medical records databases".

Update March 2010: The announcement of $20 billion in the stimulus bill for electronic health records (EHR) has started a gold rush. There's excellent coverage of the IT issues by Andy Oram on the O'Reilly Radar weblog. It elides the political question unfortunately - with single-payer many of the complexities of the IT implementations simply disappear. The problem of interoperability of competing systems vanishes, for one.

An IEEE Spectrum article covers some of the security implications. In particular my paranoia above is confirmed by Dr. Deborah Peel, who writes
"Today our [the patient's] lab test results are disclosed to insurance companies before we even know the results. Prescriptions are data-mined by pharmacies, pharmaceutical technology vendors, hospitals and are sold to insurers, drug companies, employers and others willing to pay for the information."
EHR will only expedite this process. I'd like to see a blunt rule in the HIT regulations that gives ownership of the medical record to the patient and his heirs and assigns. Currently the ownership is vested somewhere in the aether.

Update July 2010:
the HIT has released its "meaningful use" criteria for the adoption of EHR by doctors, etc. This offers a few thousand dollars (from the stimulus package) for implementation of an EHR. As Andy Oram observes,
"The catch is that they can't just install the electronic system, but have to demonstrate that they're using it in ways that will improve patient care, reduce costs, allow different providers to securely share data, and provide data to government researchers in order to find better ways to care for patients. That's what "meaningful use" means."

A few thousand isn't going to do it. The costs of EHR fall upon the doctor, the benefits accrue to society and the patient. The costs are much higher than a couple of thousand, especially considering the current wholly dysfunctional state of EHR. Many EHRs have no API at all, others have incompatible ones, and so depressingly on. Single-payer with a single EHR solves all these problems at once, but because it's politically impossible, we're left with hideous technical problems.

I am however happy to see that HIT has included the requirement that the EHR be available to the patient.

EHR update 2021, in conversation with an implementer: 
Connecting Epic instances across hospital systems is relatively involved

I said,
This is the same software, running in different places, and it can't manage the most basic of EHR requirements, interoperability. The whole point of EHRs was to be able to interchange health records between different software systems and healthcare systems.
The state of healthcare in the USA is always worse than can be believed..
He responded,

I had a conversation this morning about the best way to exchange a certain class of data, which there was a "standard" established over a decade around said exchange. Our conclusion was that flat files (basically giant CSV files) were likely to continue to be the best option here as every example we found/knew of was either flat files or places that had attempted to implement the standard and then went back to flat files. Maybe next decade the standard will be sufficiently ironed out...

Back to the original 2007 post..
Side rant on a related note, the faery realm of consumer-directed health care: how is it that society spends six to ten years training doctors to provide health care, then rewards them handsomely for their expertise: yet, once the market fairy appears, consumers (who may not have completed high school) are supposed to be able to 'direct' their own health care ?
For what value of 'direct' can this policy actually work ?
Airily assuming that the policy works, the next question arises - What is the market failure that makes doctors so expensive, when untrained consumers are able to effectively make the same decisions and determinations as said doctors, about their health care ?
Shadowfax makes this point much better than I, patients are not and cannot be consumers. From there, "HALF of all health care costs in the US is concentrated in only 5% of the population". It really doesn't matter how scrupulously the other 95% shop for cheaper bypasses, chemo medications, etc.

Update 2015: Apple now plunges enthusiastically into the swamps, with the HealthKit app(endage) to the Apple Watch, which itself requires an Apple Phone. I do not expect it to end any differently from the Microsoft, Google or Samsung projects. The IEEE provides a thoughtful analysis again.

Update 2016: John Quiggin in the Guardian, on market failures:
"Many of the same issues arise in healthcare. Obviously, if we knew what was wrong with our health and how to fix it, we wouldn’t need doctors to tell us. As it is, we need to rely on the judgment of our doctors to give us the right treatment and, equally importantly, to tell us when we will get better without treatment. The greater the role of profit in the system, the greater the incentive to provide unnecessary or overpriced services. The example of the United States, which spends more on healthcare than any other country, with worse results, is an illustration."

Update 2017: the market in healthcare turns out to be your data.  
“Data scientists can now circumvent Hipaa’s privacy protections by making very sophisticated guesses, marrying anonymized patient dossiers with named consumer profiles available elsewhere – with a surprising degree of accuracy”. 

Also in 2017, the state of EHR - still wholly dysfunctional, as predicted.
"
43 percent reported that outside patient information was available electronically when necessary, but more than one-third reported that they rarely or never used it. The most common barrier these hospitals reported to using outside information was that their clinicians could not see it embedded into their own system's electronic health record."

Update 2019: Facebook isn't making enough money, so they are also making a health-care play. As @emilymullin notes, of course none of this data is protected by HIPAA either. Facebook says, "trust us" but I think I do not.

Update January 2020: Google now has all your health care data, to do with as it will. So it goes.
" In just a few years, the company has achieved the ability to view or analyze tens of millions of patient health records in at least three-quarters of U.S. states, according to a Wall Street Journal analysis of contractual agreements.

In certain instances, the deals allow Google to access personally identifiable health information without the knowledge of patients or doctors. The company can review complete health records, including names, dates of birth, medications and other ailments, according to people familiar with the deals."

From that same WSJ article, this part is hilarious: 
"Cerner ultimately accepted a less generous offer from Amazon, in part because the company decided Amazon was more trustworthy on security." 
Jeff Bezos, who started Amazon as relentless.com, which he still owns and redirects to Amazon; the company that does this, and this, as we live in serfdom. Trustworthy ?  

Also this month, via @WolfieChristl,  
Experian announced that 'every person in the U.S. population, of an estimated 328 million Americans, have been assigned a unique Universal Patient Identifier'.
The ID is 'not intended' to be 'patient-facing' and is 'not known to the patient'.
'Each individual in the U.S. that has received medical care or utilized a pharmacy has been processed through the solution and assigned a UPI.'

A universal ID that is opaque to the individual, what could go wrong.
This solution comes to you from Experian, with its unparalleled expertise in losing sensitive data and walking away scatheless.
The patient behind the UPI of course might take some harm, but it's unlikely to harm Experian's profit margin, so that's all right then. 

Update 2021: A huge well-funded initiative to 'disrupt health care' run by the smartest guys in the room, just collapsed as we all expected. Helaine Olen has the rundown in the Washington Post. 
The reason our health-care system fails to work for so many is the same reason people were convinced three CEOs could solve the problem: our nation’s worship of the free market and business success. Instead of taking such common-sense steps as permitting the government to regulate the cost of pharmaceuticals or hospital charges for services, we leave it to a pastiche of insurance companies, hospitals, pharmacy benefit managers, corporations, private equity — you name it. The result is that no one is responsible, costs run rampant and the patient all too often gets stuck holding the bag.
...
Bezos, Buffett and Dimon could not successfully take on the U.S. medical system, because when it comes to health care, there is no substitute for systemic government action and overall reform. 
Those magical disruption market beans just aren't giving ROI anymore.

Update 2024: now with AI ! 
Today Sam Altman and I published a piece in TIME sharing our vision for how AI-driven personalized behavior change can transform healthcare and announcing the launch of Thrive AI Health, a new company funded by the OpenAI Startup Fund and Thrive Global, which will be devoted to building an AI health coach. The company’s mission is to use AI to democratize access to expert-level health coaching to improve health outcomes and address growing health inequities. 
This is the Sam Altman that said,
“I probably trust the answers that come out of ChatGPT the least of anybody on Earth,” Altman told the crowd at Bagler’s university, to laughter.
He doesn't trust his product, but I guess it's good enough for the rest of us in the Altman calculus. 
"Compel the poor to live upon a crust of bread, by soft mild arts
when a man looks pale
With labour and abstinence, say he looks healthy and happy"

The fine print shows this coach will give you helpful advice like, sleep more, eat better, exercise more. These are choices that are available only to the wealthy like Sam Altman and Arianna Huffington, and to the upper middle class which has stable employment, predictable work hours, and health care. For the other 80% of the world this coach does nothing. Not to mention that it does absolutely nothing to address inequities. Who is buying this nonsense ? 
"Wisdom is sold in the desolate market where none come to buy"



Thursday, September 20, 2007

Discussing Avatar

I'm like Sokka - don't have superpowers, but a good analytical mind, also I'm kinda goofy-looking; I'm like Uncle Iroh, in that I am not wholly convinced that a good cup of tea may not be the most important thing in any given day. It's a controllable happiness. If you base your happiness upon conquering Ba Sing Se, or winning back the love of a father whose love is not worth the winning, misery is likely your lot. I am further like Iroh, in thinking kindness is the primary virtue: though he does a better job of living up to his ideals.
There you have it, apothegms to live by. Some of them may even be not entirely false. Your homework, should you choose to accept it: which parts are true ?

Those are the thoughts that remained after a five-mile run following a discussion with the kids. The other thoughts on the way were mostly sun, wind, and intimations of age. The wind and sun don't write down very well, the intimations are old news that does not improve with the re-telling.

Tuesday, September 11, 2007

down a muddy river



The map gives a flavour of the expedition - high dramatic redrock canyon walls, vast perspectives whenever the walls opened up. We put in near the ghost town of Cisco, UT, some thirty miles upstream of the map. Actually not wholly a ghost town, there is a general store, five miles off the interstate. The story goes some football player came from Cisco, made his pot, and retired back home with a gregarious wife, who opened the store in an attempt to get some company. Buying an icecream there after the trip is apparently hazardous, the chat will take an hour or more.

Blazing heat at the put-in, I labored for an hour or more packing the barge while H ran shuttle. The boys swam until their lips turned blue, sat in the sun until they were hot again, then swam some more. Mud pies filled in the vacant minutes between these activities. After the loading, tossed out a fishing line with some Powerbait (blood flavour, mmm) which attracted a 1lb catfish in about 30 seconds. More casts brought more fish, but all small. Off down river after a bit more than two hours' wait, with a flotilla of 9 boats. There were many years of paddling experience floating down the river, including Jerry Nolan who wrote the book - well, maybe not the book, but the web page at least - on this stretch of river. What this translates to is a loose assemblage of at least 9 eccentrics, the spouses or spousal equivalents who put up with them, and our two kids. Luckily since we all canoe, we're all eccentric in much the same ways, so within the group we appear perfectly normal to each other. This is occasionally quite comforting.

Fish Ford BLM campsite is very attractive, but is road-accessible. This means at any moment drunken rednecks in 4x4s may descend and render the site uninhabitable, so we skipped it, and went on down to another site. It too had a rough road in, so there was an old sofa above the river next to a 10 foot diameter fire ring mounded high with beer cans. Ah well. The hinterlands were clean, flat, and cottonwood-shaded, so we took it. As we were coming downriver, there was a incessant hum filling the air. At first I thought powerlines, but no. Next theory was the tamarisk beetles, specially imported to kill the alien tamarisks sucking the rivers dry, but this was mere speculation. Upon landing the true source was revealed: vast formations of mosquitoes wheeled and dove down upon our shrinking flesh. We can report that the Repel Lemon Eucalyptus (non-DEET) formulation does work well, but we didn't get 6 hours of protection, only about 3 or so.

More labor, unpacking boat to set up tent, kitchen, snacks, etcetera. Oy. I need an easier tent or a smaller family. Money can solve only one of these problems, so I guess it's retail therapy for me this fall, when I'd rather be camping I'll be tent shopping.

Shattered in mind and body, I went to bed early. The boys stayed up at the campfire, half an artificial log in the world's smallest firepan, while Jeff and Jean played guitar and everyone sang. We all lay on top of our sleeping bags sweating for an hour or two before it cooled enough to sleep. Poor C woke up a few hours later, retching. Poor H took care of him, the five times he woke to throw up. I think he had some bad river water from all that swimming. Of course all these excursions into the mosquito zone allowed the tent to fill up with ravenous bloodsuckers. In the morning the roof of the tent was covered in swollen bugs, too full of blood to fly. Ech. We left C to sleep in the tent while we staggered around packing up camp. This turned out to be a mistake. There were enough hungry mosq's left in the tent that he got devoured alive. On Tuesday at school, they refused to let him in without a doctor's certificate to prove that he did not have some infectious disease rash, obtaining which of course consumed all of H's Tuesday morning.

After cleaning up the puddles of sick on the sleeping bags, sleeping pads, tent floor, groundsheet and shoes, I was ready to start the packing of the dry bags preparatory to starting the packing of the boat. I couldn't see us finishing all this before the launch time, but we had so many helping hands, we were packed before some of the other boats, a first for me in family canoe camping. Thanks Jeff.

On down the river, C perfectly frisky and chirpy, H and I drooping rather. This is a good kid trip, when they get bored we just throw them overboard and let them swim for a bit. After this flat water stretch, there's a day of significant named rapids, which keeps everyone's attention for the most part: though the boys were chatting about Lego in the middle of Ida's Gulch while we had to stare doom in the face, a half-mile of rock spotting and dodging in the equivalent of a loaded 18-wheeler. The Old Town Penobscot 18'6" is a fine boat, but no-one would accuse it of nimbleness, particularly when loaded with 800-odd pounds of people and gear. Momentum, ah we have all the momentum we need to blast through anything, but a turn has to be put on the calendar well in advance, and co-ordinated between bow and stern. "I'm not yelling at you dear, I'm just communicating the turn" sometimes works to patch things up.

Flat water to Dewey Bridge, then a few miles to the first named rapid, Onion Creek: a two-stage rapid with an easy entrance of substantial waves lulling you into complacency, then a sudden boulder garden riddled with holes and pourovers. We took a poor line, I didn't see a rock in time, H was able to get her end of the canoe around it but my end of the barge bounced off. Luckily Ian knows enough to highside, plus that momentum took us past the rock before it could react and grab us (yes, rocks in whitewater have both animas and animus).

Campsites below Onion were almost filled with rafters, but we got the last good site with cottonwoods. Magnificent views across Professor Valley to the Fisher Towers, could not be better. Much too hot to do anything except drink beer in the shade and swim, so that's what we did. Children got bored and fought, a hazard of single-family trips, with not enough playmates to keep the interest up. I think they were also tired and ratty, late night Fri getting to the hotel (we are weenies, yes, but I'm not prepared to try and camp with kids and a 10:30pm arrival), followed by late night and broken sleep on Sat. They needed lots of attention, but we needed to cook dinner and make camp, so it all got a bit fractious. Eventually simmered down with kids fed and tent up. Someone's washing up at the river added a few spaghetti fragments to the mud load of the mighty Colorado, and brought several fat carp in to forage. I plopped a lump of blood-flavour Powerbait upstream of one of them, which charged in with its back showing to gobble it down. Ian pulled it in, about a 3-pounder leaping and flapping in the mud. A handsome fish, though carp get no respect in the USA.

Breathlessly hot again in the night. One tent was pitched in a fine-looking site, below a red cliff, under a cottonwood. That red cliff acted as a radiator, releasing the heat of the day gently throughout the night, and blocking the cooling breezes. We were camped in a much less attractive site, but the winds came through beautifully. Hah. H's ambition for the night was not to be thrown up upon, and have no-one peeing in her shoe. This was a low bar, but it was in fact achieved, hooray.

Next day a variety of rapids. Mostly the obvious route was the correct one, slightly L or R of center, ride out the big waves with a bit of back paddling. Ida's Gulch is on the USGS map as Rocky Rapids, and is the rapid I remember as White's. We ran this twice in the Old Town Discovery 158: the first time on our 1991 wanderjahr, quite alone on the river doing a day trip, filled up and tipped over in the recovery pool at the bottom; the second time in 1996 with Rich Ruehlen, boat loaded for camping, filled up again but did not tip.

The pictures above show C doing his 'see/hear no evil' imitation near the bottom of IG rapid (I never knew he was doing that, was looking somewhere else at the time ;-) When I asked him, he said he finds the bigger rapids scary, but he still enjoys canoeing, just not some rapids. Ian on the other hand laughs all the way down, the bigger the rapid the more laughs. The pictures are by Moab Action Shots. They have photographers camped out on the river, taking pictures of everything that passes. I didn’t know who the photogs under the umbrellas were at the time, but on the way into Moab to Kaleido-Scoops (ice cream shop) we passed their store, and I figured it had to be online. This suggests a new way of rating rapids - those with a photographer camped next to them, must be something significant. Class II rapid, or a Class Photo rapid, hm.

The real White's rapid wasn't anything much, some very big waves and one pour-over that really should be missed, but a straightforward line through it. We had lunch below the rapid, on the first actually sandy beach of the trip. All the other beaches looked like sand, but turned rapidly into a viscous grey mud below the waterline. I'd slipped in said mud and torn the toenail from RMNP (see earlier this month) half off. This was quite painful, plus the fine murky waters infected the wound. When I took the bandaid off on Tuesday night, I could see and smell rotting flesh below the nail, yech. How does a doctor remove a toenail ? with anesthetic, large forceps, and a burly nurse. How.. interesting.

Took off the river at Sandy Beach, yes it was. Unpacked boat, humped gear up the sandy hill to pack it into the car, to take it home and unpack it again (a pattern is emerging). Back to Moab for aforementioned ice cream, very nice, and trundle on home for six hours. The boys went to school on Tuesday without having had a bath since Thursday night. Luckily they'd swum a lot, and boys are supposed to be muddy, so it wasn't too noticeable.

Many thanks to Dave Allured, who put the whole trip together with his usual calm efficiency.

Wednesday, September 5, 2007

extirpating Think-Adz

The self-styled winantiviruspro2007 has a cute little install pop-up that says 'Click OK to cancel this install'. This fooled number-one-son into clicking 'Cancel', which of course double-negatives into actually installing the winantiviruspro2007. Removing this lying thieving bastard was straightforward, between Scotty and Clamwin, no troubles.

However it brings Think-Adz along with it. That has a cunning trick whereby it re-installs itself every thirty seconds or so. None of the usual helpmeets could touch this - Scotty disabled its startup tasks and marked the dll files for deletion at startup, but after startup, the pox just re-installs; Clamwin didn't find anything, Ad-Aware and Spyware Blaster failed too. I went through the registry and pulled each key out, but before I could restart, it had re-installed. Hm.

Google failed me too: lots of references to Think-Adz, but all the 'solutions' involved buying someone's dodgy-looking software, or helpful 'tips' like "use Add/Remove programs to uninstall". Of course Think-Adz does not list itself in Add/Remove, and if it did, I'm certain the Remove would install something else noxious, plus keep T-A itself.

When in disgrace with fortune and men's eyes, not to say Windows, I trouble not deaf heaven with my bootless cries, but instead go to Sysinternals. Process Explorer (PE) and Autoruns are the essential tools. The Sysinternals tools overlap with Scotty's functionality - Scotty is usually more readable, the tools have useful extras. Since I didn't find this anywhere else, here's a step-by-step for rooting out Think-Adz, and mutatis mutandis, similar infections.

Scotty will show the rogue processes, using tab 'active processes'. This step involves knowing what's usually running on the system, so the skellums can be identified. If the usually running processes are not known, unsigned processes (no Company Name or Version information) are a good place to start. Google the process names for more information, and read with a jaundiced eye. Often infections will give their processes the same names as real Windows executables, and install them in C:\WINNT\system32\, so they look legit. In this case, the rascals were owinpmdt.exe and dwdsrngt.exe, running indeed from \system32.

For this case, look in \system32 using Windows Explorer (WE) or similar, sort by 'Modified Date', and check the files that were installed at a similar time to the known rogues. In this case the files all had recent timestamps from the install, so they all sorted to the top of the heap. Apart from the .exes, there were also two dll files installed in system32, xxyaaxu.dll and awvtt.dll.

These dll's and .exe's can't be deleted from WE, since they are marked 'in use'. Scotty can delete the .exe files - rightclick on the process in Scotty, and select 'delete file on reboot'. The dll's can be removed similarly using another Sysinternals tool, PendMoves, but I prefer to first find out what's using the dll's, to make sure I didn't miss some process.

To do this, start the Process Explorer, then use Find to enter a dll name and see which processes are using it. This revealed the xxyaaxu and awvtt were used by the known rogues, but also by Winlogon.exe, which is a legitimate Windows process. The Winlogon turned out to be where the reinstalls were coming from. Killing Winlogon also terminates Windows very rudely, so there's no simple way to stop the reinstallations. Luckily PE has another option: rightclick on the process in PE and select 'Suspend'. Obviously some bits on Windows won't work right while this is suspended, so complete the T-A removal as a priority.

Now use Scotty and Autoruns to see what new horrors have been scheduled to run at startup. As for the processes, it's good to know what is legitimately started, so the rogues can be identified. If not known, proceed as before to check the signatures and Google the unknowns. As for processes, use Scotty to rightclick on the task and select 'delete file on reboot' for the known bad guys, and 'disable' for the suspected bad guys. Check with Autoruns that Scotty found everything.

I found
C:\WINNT\system32\advpack.dll,DelNodeRunDLL32 C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\IXP000.TMP\
and
streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
in my setup. Neither of these looked legitimate, so deleted them both as well.

Reboot. After reboot, verify that the dlls and exes were deleted from their locations. In my case the dll's still existed, but weren't in use anymore, so that WE could delete them.

For completeness' sake, run a registry edit and search to look for other traces of the beast. If the process above doesn't get rid of it, this will be required. First re-do the steps of the above process up to but not including the reboot. Then, Start/Run or open a command prompt, and run regedit. Read the awful warnings from Microsoft about editing the registry, take a deep breath, and proceed. Backup the registry first if you are feeling timid, but I usually don't bother. Note that in XP and Vista, there will be automatic System Restore points created by Windows, which can be used to restore the registry if need be. If doing this, select a date before the system was infected ;-)

Select 'My Computer' in the left-hand pane of regedit, then use the Edit menu to find all mentions of the known bads, owinpmdt, dwdsrngt, xxyaaxu and awvtt. Delete all keys containing references to these, unless they belong to BillP Studios, which is Scotty. BillP Studios will have references to the bad 'uns, which allow Scotty to delete the files upon reboot. To delete the keys, note that the find will show the reference in the right-hand pane. It's not immediately obvious which key is involved, but look at the bottom of the window, which will list the full key name. Select this key in the left-hand tab, then rightclick and select 'Delete'.

Also search the registry for Think-Adz, and any related data. For example Google turned up ExploreUpdSched, BrowserUpdateSched, kwinkrex.exe, ljdsrngk.exe and twinkmdt.exe as being related to Think-Adz. I didn't see these on my infection, but check and make sure.

After a mere three to four hours' work, you'll be back to an undiseased state. Hooray. Maybe it's time to upgrade to Ubuntu Linux.

Tuesday, September 4, 2007

strolling

The traffic is busy under an uncomprehending sky of wide and varied clouds. In the open space between office blocks, the harvest is ready: green leaves below the straw-yellow stalks and grain. There's no-one who knows what the grains are, nor will the harvest happen. Our food comes more easily, from China or the other side of the world. Blackbirds in the sky do not care.

When I can't workout at lunch time, due to increasing frailty, I walk with a book. At the end of the walk some fragments collect at the bottom of my consciousness. Often the fragments are the same as last years', both the walk and the thoughts are out and back again.