Troubleshooting – Page 7 – 37'.news ¯\_(ツ)

June 3, 2012

TDSS Rootkit

A client called me because one of the office computer “was not working.”

Well, the problem was much severe than described. It suffered from multiple malware infections. As usual, I used numbers of applications to detect and remove the malware. I also noted that this computer is unable to download any Windows Update.

So, the system is infected with TDSS Rootkit.

The next step is to download Kaspersky Anti-rootkit utility TDSSKiller.

I made sure to “Change parameters” and select the option to detect TDSS file system.

After a reboot, Windows is able to download and install updates.

May 10, 2012

Upside Down Desktop

Got a call about an Windows Desktop suddenly turned upside down. It has Intel Graphics, so the solution is pretty simple. From runpcrun post:

If the display has been rotated, it can normally be corrected by pushing the key combination <Ctrl> + <Alt>+ <Up Arrow>.

Unfortunately the problem didn’t end there. The desktop was turned upside down by a malware. Time to clean it up.

April 25, 2012

SkyDrive: File Naming Convention

Microsoft SkyDrive has some restrictions with regards to file naming convention:

The file path cannot contain the following characters: / : * ? ” < > |

Dropbox definitely will not sync files or folder that contain any of the following characters: *

Google Drive allows all the characters limited by SkyDrive.

April 20, 2012

WordPress 3.3.2 is now available.

April 20, 2012

Spammer Alert: milkcheesedns.com

I have tried contacting eNom.com regarding domain names used for sending spam and I haven’t had any positive responses. eNom.com always passing the responsibility because eNom.com does not provide hosting for the offending domain names.

Every time I tried reporting the offending domain through eNom.com page (http://www.enom.com/terms/AbusePolicy.asp) it always returned an error.

Why wouldn’t Domain Registrar such as eNom.com take the reports seriously. For example the following domains are registered by the same individual based through eNom.com or namecheap.com:

plotladybugreward.net
teethgood-byelumber.net
spadesunmeasure.org
frogzephyrmint.com
cameraspadetoad.net
timehotwood.org
yardwristgoose.net
fatherbrakebushes.org

All the domains have similar whois info:

Registrant Contact:
1stinlinehost
Inline First ()

Fax:
1608 S. Ashland Ave.
Chicago, IL 60608
US

Administrative Contact:
1stinlinehost
Inline First (domains@1stinlinehosting.com)
+1.3128782798
Fax: +1.5555555555
1608 S. Ashland Ave.
Chicago, IL 60608
US

Technical Contact:
1stinlinehost
Inline First (domains@1stinlinehosting.com)
+1.3128782798
Fax: +1.5555555555
1608 S. Ashland Ave.
Chicago, IL 60608
US

Status: Locked

Name Servers:
ns1.milkcheesedns.com
ns2.milkcheesedns.com

Then there’s milkcheesedns.com:

Domain Name: MILKCHEESEDNS.COM
Registrar: ENOM, INC.
Whois Server: whois.enom.com
Referral URL: http://www.enom.com
Name Server: DNS1.REGISTRAR-SERVERS.COM
Name Server: DNS2.REGISTRAR-SERVERS.COM
Name Server: DNS3.REGISTRAR-SERVERS.COM
Name Server: DNS4.REGISTRAR-SERVERS.COM
Name Server: DNS5.REGISTRAR-SERVERS.COM
Status: clientTransferProhibited
Updated Date: 01-mar-2012
Creation Date: 27-feb-2012
Expiration Date: 27-feb-2013

Registration Service Provided By: Namecheap.com
Contact: support@namecheap.com
Visit: http://namecheap.com

Domain name: milkcheesedns.com

Registrant Contact:
5th AVE Hosting
Trev Itamar ()

Fax:
PO Box 96503
Washington, DC 20090
US

Administrative Contact:
5th AVE Hosting
Trev Itamar (domains@5thavehost.com)
+1.3235270448
Fax: +1.3235270448
PO Box 96503
Washington, DC 20090
US

Technical Contact:
5th AVE Hosting
Trev Itamar (domains@5thavehost.com)
+1.3235270448
Fax: +1.3235270448
PO Box 96503
Washington, DC 20090
US

Status: Locked

Name Servers:
dns1.registrar-servers.com
dns2.registrar-servers.com
dns3.registrar-servers.com
dns4.registrar-servers.com
dns5.registrar-servers.com

Creation date: 28 Feb 2012 00:07:00
Expiration date: 27 Feb 2013 16:07:00

Surprise, it is registered through namecheap.com/eNom.com.

April 17, 2012

Google is experiencing issues with Gmail service.

April 17th, 2012
10:00 A.M. Pacific Time

If you’re unable to login to your Gmail this morning, you’re not alone. Numbers of Gmail users were having trouble accessing their Gmail account.

Google is aware of the problem and currently investigating the issue.

www.google.com/appsstatus

4/17/12 9:42 AM
We’re investigating reports of an issue with Google Mail. We will provide more information shortly.

4/17/12 10:18 AM
Our team is continuing to investigate this issue. We will provide an update by 4/17/12 11:18 AM with more information about this problem. Thank you for your patience.
This issue is affecting less than 2% of the Google Mail user base. The affected users are unable to access Google Mail.

4/17/12 10:24 AM
Google Mail service has already been restored for some users, and we expect a resolution for all users in the near future. Please note this time frame is an estimate and may change.

4/17/12 10:46 AM
The problem with Google Mail should be resolved. We apologize for the inconvenience and thank you for your patience and continued support. Please rest assured that system reliability is a top priority at Google, and we are making continuous improvements to make our systems better.

April 14, 2012

Boiler Plate

I’m a little bit confused with the instruction:

Your software is being installed. Please connect the power cable and do not turn off your computer.

It is a desktop computer. It already has the power cable plugged in; without it this computer would have not turned on. The instruction makes sense for notebook computer.