Blogs

Covering all things tech, from general how to’s to complex software integrations

Blog

Don’t Overlook Scheduled Tasks / AT when cleaning malware…

One of our clients picked up some sort of infection over the weekend. The sucker was persistent, and after running the usual battery of utilities -- RootkitRevealer, SDFix, ComboFix, Stinger running inside a WinXP PE shell -- we got rid of the thing.

When I checked the post-infection System Event Viewer log, however, I got an interesting message:

Event Type:Error
Event Source:Schedule
Event Category:None
Event ID:7901
Date:1/31/2009
Time:9:00:00 PM
User:N/A
Computer:XXX03
Description:
The At46.job command failed to start due to the following error:
The system cannot find the file specified.

Beware of New Linksys Layout and Port (Range) Forwarding

Got an email from a client this morning complaining that he could not access his SBS 2003 Remote Web Workplace.

He was getting a 403.6 error -- IP Address rejected.

This didn't make any sense, since we want every IP address to be able to access the site and access to the site was fine earlier in the week.

Read more 4 Comments

Installing VMWare Server on Windows 2003 R2

Ran into a couple snags trying to install VMWare Server 2.0 onto Windows Server 2003 R2 today, and figured I'd share in the workarounds:

First issue was an error when trying to launch the setup program: "The System Administrator has set policies to prevent this installation.

Read more 3 Comments

Programs We Like: Artweaver

I'm a HUGE fan of Photoshop, but when I have lot of programs open and am running low on memory, it's sometimes tough to justify the long startup time to do a quick edit or convert something to JPG.

I stumbled upon Artweaver as a freeware equivalent of Photoshop.

Importing and Exporting Mail and User Accounts in Outlook 2007

Outlook 2007 did away with the export account information that was present in earlier editions. So, if a user with one account moves machines, it's often faster to just recreate the account on the new machine. However, if a user has 8 accounts (like one did today) it's time to find a better way.

Read more 66 Comments

Fixing Logon Failure errors in XP Home

A client running XP Home today had an issue with a machine running slowly, and in the (ab)normal course of troubleshooting, we came across some errors in the event viewer that caused us to reset the security descriptors back to their defaults... and in doing so, we broke his printer sharing.

Brothers In Arms – ExchangeRecovery.org

I was working for a client late last night, applying the usual slew of patches Microsoft had given us on Tuesday. I rebooted the server, and when it came back up, it didn't bring Exchange with it.

Much gnashing of ensued. I€™ve recovered my fair share of Exchange stores, but this one just wasn€™t coming back.

Virtual Appliances’ LAMP, WordPress and mod_rewrite

I've been a big fan of VirtualAppliances' virtual machines for awhile now and have used its LAMP appliance for a variety of low-power applications, but I've wondered why it doesn't ship with mod_rewrite enabled, and why there's always a step missing from turning it on.

How To Clean Up After a SQL Injection Attack

NEW AND IMPROVED UPDATE: Cleaning Up After a SQL Injection Attack, Part 2

[UPDATE: Added code to deal with replacing text in the ntext fields of SQL Server 2000.]

One of our clients got hit with a web attack a week or so ago. We're still not quite sure how this particular attack was carried out -- we're thinking an unpatched web server at the hosting facility -- but it did cause me to look at the log file of the web site to see who might have been able to overwrite index.

Read more 6 Comments