Computer Tips -Tech Info

Category: Tech Support

The 2nd journey beginsâ€¦ Mandriva 2006 upgrade 2 – Part 5

Well, where are things? The gui installer did a good job, got the system up and running. The biggest initial problem is that it didn’t change the default boot entry in lilo, which meant the system tried to boot under the old kernel and things died (likely c++ incompatibilities?) So, on a REBOOT, I chose linux which I assumed pointed to the new kernel and everything went fine, booted to the gui login. The network upgrade took a while (several hours) to pull in 1400 or so packages.

(more…)

December 18, 2005
Disinfecting a PCâ€¦ part 5

OK, we’re moving on to BHOdemon to take care of the browser helper objects. Unfortunately it looks like BHODemon is not being currently maintained, the developer has had a housefire.

I am very sorry, but BHODemon is currently on hiatus, as I no longer have the time to devote to it (due to a house fire). You will not be able to download updates or upload reports, and I will no longer be answering emails. At some point, BHODemon may return. I would like to thank everyone for their support over the years.

(more…)

December 18, 2005
Adding swap space to a running linux system

There are acouple situations where my systems memory needs have exceeded the supply. The most likely cases are running virtual machines and building cd/dvd images. Those things realistically take LOT’s of memory. I have a swap partition – I don’t recall the size right off. I have about 512 MB on the desktop and probably for what I do could use to double that. Swap space, of course, is what the operating system uses when all the physical memory (RAM) is used.

(more…)

December 18, 2005
Disinfecting a PCâ€¦ part 4

So, AVG has been scanning away finding things we’ve really got a foothold on the system and the malware has a fight on it’s hands. It’s good to see progress. Up to this point we’ve had multiple Spool32 errors (printer related). These errors are what prompted the system to be brought in initially. There’s a lexmark system tray item that loads on boot. No time to investigate that yet. Here’s the log of the AVG antivirus scan…

(more…)

December 17, 2005
Sendmail mail queue backed up

Sendmail is not my favorite MTA. I really prefer Postfix, but… I have to use sendmail in a few situations. I’ve run a little script on the web server for a good while to monitor the mail queue. I was running into a problem where I had LOTS of messages backed up. I suspected I had been hit originally by a spam onslaught which had flooded the server and it had been throttled (VPS) to prevent causing problems for the other users and things got backed up.

(more…)

December 16, 2005
Disinfecting a PCâ€¦ part 3

Picking up from last time… AVG was failing to install with a peculiar registry error. (Which I didn’t see much reference to online.) OK, so here is another fruit of the online search (so many bugs to identify…)

jawa32.exe is listed as spyware.seekseek in sarc’s database.

OK – let’s see if we can kill of some of these suspects… it’s time for a couple cycles of ctrl-alt-del to remove running processes that look suspect, followed by msconfig – disabling of processes running at boot, reboot, repeat.

(more…)

December 16, 2005
If the cumulitive IE patch fails to install

This is related to MS05-054… According to Incidents.org it’s possible that this will not install (user submission of this). They also have a user submitted workaround…

(more…)

December 15, 2005
Disinfecting a PC… part 2

Ok, the last post got a bit long with the hijackthis log, but I wanted to include the whole picture. I put a few comments in, but thought it might be useful to include the notes I took at the time. For starters I leave it unplugged from the network. (There is no network card in this machine.) It’s important when working on an infested PC to leave it isolated so that it can’t continue to spread viruses or spam or whatever it may be doing. Assume if it’s infested with something that it could be spewing out bad stuff. If you must, isolated it and prevent it from routing to the outside world… the safest is usually to leave the cable unplugged for the initial look over.

(more…)

December 15, 2005
Windows desktop display upside down

I had someone call and start by saying she bet me a dollar I’d never heard of this before…. She said she was doing something (adjusting font size?) and all of a sudden everything on her screen went upside down and nothing will bring it back. I’ve actually heard this before, not too long ago and the last time I figured it had to be a key combination (the user said they were trying to do a combination of keys but couldn’t recall what they had hit.)

(more…)

December 14, 2005
Disinfecting a PC… part 1

This is the first in a several part series documenting the cleaning of an infected PC. The only real noteworthy item is that it was a dial-up only connection and was rather infested for that. (On par with some of the broadband connected pc’s I’ve seen. It’s also an interesting counterpoint to the network security series.)

(more…)

December 14, 2005