Search Results

Search found 2368 results on 95 pages for 'jeff smith'.

Page 29/95 | < Previous Page | 25 26 27 28 29 30 31 32 33 34 35 36  | Next Page >

  • How do I create a calendar appointment from an e-mail in Outlook 2011?

    - by Jeff O
    How do I create a calendar appointment from an e-mail in Outlook 2011 for Mac? In Windows, the e-mail content and attachments are carried over just by dragging and dropping. Dragging and dropping on the Mac doesn't work. Is there any other function to take an e-mail and make it a calendar appointment? I'm trying to avoid emailing it to myself. Edit: Since someone went to the trouble to make email2task, is it safe to assume this feature is not available otherwise?

    Read the article

  • Cisco Configuration backup with Windows Script.

    - by Jeff
    We have a client with a lot of Cisco Devices and we would like to automate the backups of these devices through telnet. We have both 2003 and 2008 servers and ideally use tftp to back it up. I wrote this: Set WshShell = WScript.CreateObject("WScript.Shell") Dim fso Set fso = CreateObject("Scripting.FileSystemObject") Dim ciscoList ciscoList = "D:\Scripts\SwitchList.txt" Set theSwitchList = fso.OpenTextFile(ciscoList, 1) Do While theSwitchList.AtEndOfStream <> True cisco = theSwitchList.ReadLine Run "cmd.exe" SendKeys "telnet " SendKeys cisco SendKeys "{ENTER}" SendKeys "USERNAME" SendKeys "{ENTER}" SendKeys "PASSWORD" SendKeys "{ENTER}" SendKeys "en" SendKeys "{ENTER}" SendKeys "PASSWORD" SendKeys "{ENTER}" SendKeys "copy startup-config tftp{ENTER}" SendKeys "(TFTP IP){ENTER}" SendKeys "FileName.txt{ENTER}" SendKeys "exit{ENTER}" 'close telnet session' SendKeys "{ENTER}" 'get command prompt back SendKeys "{ENTER}" SendKeys "exit{ENTER}" 'close cmd.exe On Error Resume Next WScript.Sleep 3000 Loop Sub SendKeys(s) WshShell.SendKeys s WScript.Sleep 300 End Sub Sub Run(command) WshShell.Run command WScript.Sleep 100 WshShell.AppActivate command WScript.Sleep 300 End Sub But the problem with this is the sendkeys are sent to the console session, I'm trying to find a solution that would not require a user to be logged in. Does anyone have any ideas? I have some knowlage of VBS, PowerShell and a pretty good grasp on batching.

    Read the article

  • Laptop battery holds charge, but won't charge any more.

    - by Jeff
    Ok, I'm sure I will need to replace either my battery or my AC adapter, but would rather not buy one if the other is the problem. My problem is. I have a Sager laptop that gets quite a bit of use. The charging has always been a little bit odd. If I was in the process of using it, it would charge just fine and stay On AC power. If I left it alone, however(power settings to ONLY turn off the monitor) in either Ubuntu or Windows 7 it decides that it didn't want to use AC power anymore and would just start draining the battery until it died. Now, suddenly, it won't charge at all. The capacity was great up to this point which happened in an instant. It will recognize the battery but won't see the AC power if plugged in while the battery is in. I can power up the laptop without the battery and it works fine. If I plug in the battery while powered up it will claim it's charging it, but it stays at the same percentage. If I unplug the power, it will switch over to Battery fine, but I have to power down and unplug the battery to get it back on AC power. I've had dying/dead batteries before but they typically won't hold a full charge anymore but it still winds up to 100% then drops quickly when unplugged. This seems more like a chip problem in the battery to me, but I'm not sure. Any ideas?

    Read the article

  • Network access lags for Win7 when server network utilization is high

    - by Jeff Miles
    We have a Dell PE2950 file server running Windows 2008, hosting a DFS namespace of ~1.2 TB. This server has two Broadcom 1Gbps NICs teamed together. When there is high traffic going to the server across the network (greater than 200 Mbps), any Windows 7 client accessing a DFS share at the time experiences severe performance problems. For example: Computer A has an AutoCAD drawing opened directly from the DFS share. Performance is normal, not causing any issues. Computer B begins a file transfer, putting a 11GB file onto a different DFS namespace, on the same server Computer A immediately notices lag while using AutoCAD. The cursor momentarily freezes within AutoCAD every 10 seconds or so, and any browsing of the DFS share is extremely slow. Computer B completes file transfer, and performance resumes to normal for Computer A. This is only affecting Windows 7 clients, using a variety of hardware (desktop + laptop). All of our Windows XP clients see no performance impact during the file transfer. Things I have tried with no change: Had Computer A work from an entirely different RAID array from the file transfer destination Updated NIC drivers on clients and server Enabled TCP offload and receive side scaling on the server NIC (previously disabled when the issue began) Antivirus disabled during file transfer I am currently having a user test applications other than AutoCAD when the file transfer occurs, and will update the question with that result. Does anyone have any recommendations for resolution or additional troubleshooting steps?

    Read the article

  • postfix takes 60-90ms to queue email -- normal?

    - by Jeff Atwood
    We're seeing some (maybe?) strange delays when submitting individual emails to our local Postfix server. To help diagnose the issue, I wrote a little test program which sends 5 emails: get smtp 1ms ( 1 ms) email 0 677ms (676 ms) email 1 802ms (125 ms) email 2 890ms ( 88 ms) email 3 973ms ( 83 ms) email 4 1088ms (115 ms) Discounting the handshaking in the first email, that's about 90ms per email. These timings have also been corroborated with another test app written by someone else using a different codepath, so it appears to be server related. I turned on detailed logging and I can see that the delay is between the end of message \r\n\r\n and the receive: [16:31:29.95] [SEND] \r\n.\r\n [16:31:30.05] [RECV] 250 2.0.0 Ok: queued as B128E1E063\r\n [16:31:30.08] [SEND] \r\n.\r\n [16:31:30.17] [RECV] 250 2.0.0 Ok: queued as 4A7DE1E06E\r\n [16:31:30.19] [SEND] \r\n.\r\n [16:31:30.27] [RECV] 250 2.0.0 Ok: queued as 68ACC1E072\r\n [16:31:30.28] [SEND] \r\n.\r\n [16:31:30.34] [RECV] 250 2.0.0 Ok: queued as 7EFFE1E079\r\n [16:31:30.39] [SEND] \r\n.\r\n [16:31:30.45] [RECV] 250 2.0.0 Ok: queued as 9793C1E07A\r\n The time intervals tell the story (discounting the handshaking required for the initial email) -- each email is waiting about 60-90 milliseconds for postfix to queue! This seems .. excessive .. to me. Is it "normal" for postfix to take 60-90 ms for every email you send it? Or do I just have unreasonable expectations? I would expect the local postfix server to queue the email in about 20ms, tops!

    Read the article

  • generate exchange CSR , exchange 2007 UCC. SSL CERT

    - by Jeff
    I want to make sure I am going this correctly. machine name: win2k8ex1. certificate: common name: owa.x.com subject alternative domains: autodiscover.x.com mail.x.com WIN2K8EX1 WIN2K8EX1.x.LOCAL when generating the CSR, i want to: New-ExchangeCertificate -GenerateRequest -SubjectName "c=US, o=x Inc., cn=owa.x.com" -DomainName mail.x.com,WIN2K8EX1,WIN2K8EX!.x.local,autodiscover.x.com -privatekeyexportable $true -Path c:\certificates\mcert.txt does this look correct? thanks!

    Read the article

  • How to install plug-in for Google Chrome

    - by Jeff
    Recently Google Chrome browser has been prompying me to install a plug-in everytime visit a web page. I always say Yes, install pulg-in, but that seems to have no effect. I tried following the "Trouble installing plug-ins" on the Chrome toolbar, but that seems to say Windows Media Player is the problem, but again, all my attempts at installing don't have any effect. As far as I know, I have not chnage anything, but Skype did recently upgrade itself. This is Windows 7 Professional 64-bit, and Chrome says it is up-to-date. I'm going to run a malware checker next, just in case - Thanks!

    Read the article

  • XP User account cannot write to USB

    - by Quick Joe Smith
    Is there a local security policy setting or somesuch to allow limited user accounts to modify the contents of USB drives? Currently I get an "Access denied" error, further saying "Make sure the disk is not full or write-protected and that the file is not currently in use." The Administrator account has no such obstacles. Update: The problem is at least solvable by altering NTFS permissions (granting Full Control to Users), and therefore I'm losing hope that there is a more global solution.

    Read the article

  • PS/2 vs USB keyboards: performance and energy consumption

    - by Mister Smith
    As far as I know, PS/2 keyboards are interrupt driven, while USB are polled. Typically a PS/2 keyboard was assigned IRQ_1 on Windows. I'm no hardware expert, but at a first glance seems like the PS/2 keyboards are more efficient. So here are my questions: On modern day computers, are PS/2 keyboard better (or faster), and if so, would it be noticeable at all? (e.g.: in gaming) Since they don't need polling, do PS/2 keyboards save energy compared to USB? (notice I'm not talking only about the peripheral here, but about the overall computer energy consumption). In case PS/2 had any advantage over USB, would adding a PS/2 adapter to my USB keyboard make the device as good as an actual PS/2 keyboard? Conversely, would adding a USB adapter to a PS/2 make it as bad as a USB KB? Thanks in advance.

    Read the article

  • Ubuntu server loses exactly 5 minutes once in a while

    - by Harold Smith
    I noticed that my server, an Ubuntu server 12.04, was losing time. I figured the hardware clock was off or maybe dying due to a faulty CMOS battery. I installed NTP to ensure the drift would be corrected, but to no avail. During a day it would lose 20 minutes or so. To debug, I created a small cron job to check against a remote servers time, which I knew to be correct. The script calculates the difference in seconds between local and remote time. The result was interesting. It seems to be losing exactly 5 minutes several times during the day. Look at this log (difference from remote server noted in seconds): Tue Oct 23 03:30:02 CEST 2012: 284 Tue Oct 23 03:35:02 CEST 2012: 284 Tue Oct 23 03:40:01 CEST 2012: 285 Tue Oct 23 03:45:02 CEST 2012: 285 Tue Oct 23 03:50:02 CEST 2012: 285 Tue Oct 23 03:55:02 CEST 2012: 284 Tue Oct 23 04:00:02 CEST 2012: 284 Tue Oct 23 04:05:01 CEST 2012: 285 Tue Oct 23 04:10:01 CEST 2012: 285 Tue Oct 23 04:15:02 CEST 2012: 585 Tue Oct 23 04:20:02 CEST 2012: 584 Tue Oct 23 04:25:02 CEST 2012: 584 Tue Oct 23 04:30:02 CEST 2012: 584 Tue Oct 23 04:35:01 CEST 2012: 585 Tue Oct 23 04:40:01 CEST 2012: 585 Tue Oct 23 04:45:02 CEST 2012: 585 Tue Oct 23 04:50:02 CEST 2012: 584 Tue Oct 23 04:55:02 CEST 2012: 584 Tue Oct 23 05:00:02 CEST 2012: 584 Tue Oct 23 05:05:01 CEST 2012: 585 Tue Oct 23 05:10:01 CEST 2012: 585 Tue Oct 23 05:15:02 CEST 2012: 585 Tue Oct 23 05:20:02 CEST 2012: 584 Tue Oct 23 05:25:02 CEST 2012: 584 Tue Oct 23 05:30:02 CEST 2012: 584 Tue Oct 23 05:35:01 CEST 2012: 585 Tue Oct 23 05:40:01 CEST 2012: 585 Tue Oct 23 05:45:02 CEST 2012: 584 Tue Oct 23 05:50:02 CEST 2012: 584 Tue Oct 23 05:55:02 CEST 2012: 584 Tue Oct 23 06:00:02 CEST 2012: 584 Tue Oct 23 06:05:03 CEST 2012: 584 Tue Oct 23 06:10:02 CEST 2012: 584 Tue Oct 23 06:15:01 CEST 2012: 585 Tue Oct 23 06:20:02 CEST 2012: 584 Tue Oct 23 06:25:02 CEST 2012: 584 Tue Oct 23 06:30:02 CEST 2012: 584 Tue Oct 23 06:35:02 CEST 2012: 584 Tue Oct 23 06:40:02 CEST 2012: 584 Tue Oct 23 06:45:01 CEST 2012: 585 Tue Oct 23 06:50:02 CEST 2012: 584 Tue Oct 23 06:55:01 CEST 2012: 585 Tue Oct 23 07:00:02 CEST 2012: 584 Tue Oct 23 07:05:02 CEST 2012: 584 Tue Oct 23 07:10:02 CEST 2012: 584 Tue Oct 23 07:15:02 CEST 2012: 584 Tue Oct 23 07:20:02 CEST 2012: 584 Tue Oct 23 07:25:02 CEST 2012: 584 Tue Oct 23 07:30:01 CEST 2012: 585 Tue Oct 23 07:35:02 CEST 2012: 584 Tue Oct 23 07:40:02 CEST 2012: 584 Tue Oct 23 07:45:02 CEST 2012: 584 Tue Oct 23 07:50:02 CEST 2012: 584 Tue Oct 23 07:55:02 CEST 2012: 584 Tue Oct 23 08:00:01 CEST 2012: 585 Tue Oct 23 08:05:02 CEST 2012: 584 Tue Oct 23 08:10:02 CEST 2012: 584 Tue Oct 23 08:15:02 CEST 2012: 584 Tue Oct 23 08:20:02 CEST 2012: 584 Tue Oct 23 08:25:02 CEST 2012: 584 Tue Oct 23 08:30:01 CEST 2012: 585 Tue Oct 23 08:35:02 CEST 2012: 584 Tue Oct 23 08:40:02 CEST 2012: 584 Tue Oct 23 08:45:02 CEST 2012: 584 Tue Oct 23 08:50:02 CEST 2012: 584 Tue Oct 23 08:55:02 CEST 2012: 584 Tue Oct 23 09:00:02 CEST 2012: 584 Tue Oct 23 09:05:03 CEST 2012: 584 Tue Oct 23 09:10:02 CEST 2012: 584 Tue Oct 23 09:15:02 CEST 2012: 584 Tue Oct 23 09:20:02 CEST 2012: 584 Tue Oct 23 09:25:02 CEST 2012: 584 Tue Oct 23 09:30:01 CEST 2012: 584 Tue Oct 23 09:35:02 CEST 2012: 584 Tue Oct 23 09:40:02 CEST 2012: 584 Tue Oct 23 09:45:02 CEST 2012: 584 Tue Oct 23 09:50:02 CEST 2012: 584 Tue Oct 23 09:55:02 CEST 2012: 584 Tue Oct 23 10:00:01 CEST 2012: 584 Tue Oct 23 10:05:02 CEST 2012: 584 Tue Oct 23 10:10:07 CEST 2012: 584 Tue Oct 23 10:15:02 CEST 2012: 584 Tue Oct 23 10:20:02 CEST 2012: 884 Tue Oct 23 10:25:02 CEST 2012: 884 Tue Oct 23 10:30:02 CEST 2012: 883 Tue Oct 23 10:35:01 CEST 2012: 884 Tue Oct 23 10:40:02 CEST 2012: 884 Tue Oct 23 10:45:02 CEST 2012: 884 Tue Oct 23 10:50:02 CEST 2012: 884 Tue Oct 23 10:55:02 CEST 2012: 1184 Tue Oct 23 11:00:02 CEST 2012: 1183 Tue Oct 23 11:05:01 CEST 2012: 1184 Tue Oct 23 11:10:02 CEST 2012: 1184 Tue Oct 23 11:15:02 CEST 2012: 1184 Tue Oct 23 11:20:02 CEST 2012: 1184 This does not seem to be faulty CMOS battery in my opinion. But what do you think?

    Read the article

  • Numbering grouped data in Excel

    - by Jeff
    I have an Excel spreadsheet (2010) with data similar to this: Dogs Brown Nice Dogs White Nice Dogs White Moody Cats Black Nice Cats Black Mean Cats White Nice Cats White Mean I want to group these animals but I only care about species and color. I don't care about disposition. I want to assign group numbers to the set as shown here. 1 Dogs Brown Nice 2 Dogs White Nice 2 Dogs White Moody 3 Cats Black Nice 3 Cats Black Mean 4 Cats White Nice 4 Cats White Mean I was able to select all the species and colors, then from the data tab select 'advanced', then 'unique records only'. This collapsed the data so that I could number the visible rows. Then when I 'cleared' the filter I could easily just fill the blank areas under the numbers with the number above. The problem is that my real data has far too many rows for this to be practical. Also, the trick about entering 1 in the first cell, 2 in the cell below, selecting both then dragging the corner down to 'auto-number' doesn't seem to work when you're viewing filtered rows. Any way to do this?

    Read the article

  • What is good usage scenario for Rackspace Cloud Files CDN (powered by AKAMAI) [closed]

    - by Andrew Smith
    I have just setup my website as static page via Rackspace CDN / Akamai. www.example.co.uk is an alias for d9771e6f24423091aebc-345678991111238fabcdef6114258d0e1.r61.cf3.rackcdn.com. d9771e6f24423091aebc-345678991111238fabcdef6114258d0e1.r61.cf3.rackcdn.com is an alias for a61.rackcdn.com. a61.rackcdn.com is an alias for a61.rackcdn.com.mdc.edgesuite.net. a61.rackcdn.com.mdc.edgesuite.net is an alias for a63.dscg10.akamai.net. a63.dscg10.akamai.net has address 63.166.98.41 a63.dscg10.akamai.net has address 63.166.98.40 a63.dscg10.akamai.net has IPv6 address 2001:428:4c02::cda8:ecb9 a63.dscg10.akamai.net has IPv6 address 2001:428:4c02::cda8:ed09 The HTTP header: HTTP/1.0 200 OK Last-Modified: Fri, 19 Oct 2012 23:27:41 GMT ETag: fdf9e14b77def799e09e8ce815a521da X-Timestamp: 1350689261.23382 Content-Type: text/html X-Trans-Id: tx457979be3bd746c2b4e5403a1189cdbc Cache-Control: public, max-age=900 Expires: Sat, 27 Oct 2012 22:18:56 GMT Date: Sat, 27 Oct 2012 22:03:56 GMT Content-Length: 7124 Connection: keep-alive I am wondering, if it's really the fastest solution to power the website? By investigating it thru http://www.just-ping.com/ it seems, that from many places the ping is very high, and during quick investigation I found that they use GeoIP to resolve addresses based on WHOIS, which is not accurate and because of that from many places the ping is above 300ms (for example, if ISP is in balgladore and request is routed to bangladore even if it's 300ms, for period of 1 month), while by just using Amazon Web Services and Route 53 Anycast DNS servers and only 4 EC2 instances it seems that for example India is always below 100ms, while using Akamai it goes above 300ms in some cases, and this is because Route 53 is using BGP. By quickly checking the Akamai, it seems that they are not getting feedback from the traffic - the high ping stays constant even if I keep downloading large files and videos, which is opposite to what they say on their website. They state, that they optimize the performance by taking feedback from the requests, while it seems they just use GeoIP with per City resolution (which are mostly big cities). Because of this, AWS with Route 53 / Anycast DNS seems to be much more reliable, as well EdgeCast which is using BGP, but I dont know how much does it cost to deploy static website. Actually, I dont know if EdgeCast is not a lie, because from isolated places there are many errors - so their performance is at the cost of quality of delivery, because of BGP switching the routes during transfer of large files. So I was wondering, what is really Akamai good for, because they dont seem to pose any strength in any field in what I do understand now, except they offer some software based WAF on their website, but what I really care about is the core distribiution, so the question is? Is really Akamai good for Videos? For static websites? ??? I found so far AWS most usable with most consistent ping and stable transfers.

    Read the article

  • Unable to browse to apache service, Service is running

    - by Jeff
    Summary I have a very peculiar problem. I am not able to open the "It Works!" page after installing a fresh server with apache. I am able to ssh to the box (from outside the network). Apache seems to be running on my Centos6.4x86_64 box just fine. Nothing useful in /var/logs/httpd/*. What am I missing? The setup I am outside the network right now. The "server" is a VM on my home computer running bridged mode. public ip: A.B.C.D Host: 192.168.1.5 VM: 192.168.1.8 I have a verizon fios router that is forwarding ports 22, 80, and 8888 to the VM. I am able to ssh over port 22, but I am not able to browse to the public URL over port 80. so A.B.C.D:22 is working, but http://A.B.C.D:80 is not. What I've tried nmap to see if it is listening: nmap -sT -O localhost Starting Nmap 5.51 ( http://nmap.org ) at 2013-10-25 11:10 EDT Nmap scan report for localhost (127.0.0.1) Host is up (0.000040s latency). Other addresses for localhost (not scanned): 127.0.0.1 Not shown: 996 closed ports PORT STATE SERVICE 22/tcp open ssh 25/tcp open smtp 80/tcp open http 3306/tcp open mysql I tried going to it locally (lynx) and it does work. So, is the problem in my ports?

    Read the article

  • Windows authentication to SQL Server via IIS and PHP

    - by Jeff
    We're running a PHP 5.4 application on Server 2008 R2. We would like to connect to a SQL Server 2008 database, on a separate server, using Windows authentication (must be Windows authentication--the DB admins won't let us connect any other way). I have downloaded the SQL Server drivers for PHP and installed them. IIS is configured for Windows authentication, and anonymous authentication has been disabled. $_SERVER['AUTH_USER'] reports our currently logged on Windows account. In php.ini, we have set fastcgi.impersonate = 1. When we setup a connection using the following code from Microsoft: $serverName = "sqlserver\sqlserver"; $connectionInfo = array( "Database"=>"some_db"); /* Connect using Windows Authentication. */ $conn = sqlsrv_connect( $serverName, $connectionInfo); if( $conn === false ) { echo "Unable to connect.</br>"; die( print_r( sqlsrv_errors(), true)); } We are presented with the following error message: Unable to connect. Array ( [0] => Array ( [0] => 28000 [SQLSTATE] => 28000 [1] => 18456 [code] => 18456 [2] => [Microsoft][SQL Server Native Client 11.0][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. [message] => [Microsoft][SQL Server Native Client 11.0][SQL Server]Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. ) Is it possible to connect to SQL Server 2008 via PHP using Windows authentication? Are there any additional required settings we need to make on IIS, SQL Server, or any other component (like a domain controller)?

    Read the article

  • A quick hello to the Western Kentucky .NET User Group

    - by Muljadi Budiman
    A few days back, I got a chance to speak at the Western Kentucky .NET User Group meeting in Murray, Kentucky.  The opportunity came up because the original speaker, Jeff Blankenburg, had another obligation and was thus unable to come to this meeting.  I volunteered to deliver his presentation, which is an overview of MIX10 conference. It was a great experience for me; got to drive around and do a little bit of sight-seeing – can’t say I’ve ever been to Kentucky before, so first trip ever there.  I got to meet the user group’s current lead, Tom Turner and got to chat and discuss about all kinds of stuff with the other members.  Cheers to Matt Gawarecki and Brandon Sharp! The presentation itself mostly covers new features in Visual Studio 2010, which was recently released on April 12 – got to demonstrate Historical Debugging in IntelliTrace, Parallel Stacks, View Call Hierarchy and show some Extensions.  We also covered some of the new functionalities in Silverlight 4 (using webcams, drag & drop support among others) and I got to show off Scott Guthrie’s Windows Phone 7 Twitter app.  Altogether, it was quite a bit to cover in 70 minutes or so, but I think everyone enjoyed it. Jeff provided me with the presentation slides (which I modify a bit) and demo applications; so I’m putting it up here for those that may be interested in downloading them.  Please keep in mind that all the demos were made with VS2010 RC, so there may be slight tweaks to get it to work on the RTM version.

    Read the article

  • Setting up phpMemCacheAdmin on CentOS 5.5

    - by Bill Smith
    I have been able to setup phpMemCacheAdmin (http://code.google.com/p/phpmemcacheadmin/) on CentOS and am able to view the localhost MemCache statistics however whenever I add other MemCached nodes the config is never changed. I am fairly certain it has something to do with permissions however I am unable to track down what exactly needs to be done, or how to do it. The install was pretty straightforward: wget http://phpmemcacheadmin.googlecode.com/files/phpMemCacheAdmin-1.1.3r161.tar.gz tar xvzf phpMemCacheAdmin-1.1.3r161.tar.gz chmod +w Config/Memcache.ini But, it also states that Apache has rw right in the temp file folder (default : Temp/) and the entire config directory (Config/) -- that is the part I am unsure of. Help!

    Read the article

  • Need help identiying a nasty rootkit in Windows

    - by goofrider
    I have a nasty rootkit that not tools seem to be able to idenity. I know for sure it's a rootkit, but I can figure out which rootkit it is. Here's what I gathered so far: It creates multiple copies of itself in %HOME%\Local Settings\Temp with names like Q.EXE, IAJARZ.exe, etc., and install them as hidden services. These EXE have SysInternals identifiers in them so they're definitely rootkits. It hooked very deep in the system, including file read/write, security policies, registry read/write, and possibly WinSock/TCP/IP. When going to Sophos.com to download their software, the rootkit inject something called Microsoft Ajax Tootkit into the page, which injects code into the email submission form in order to redirect it. (EDIT: I might have panicked. Looks like Sophos does use an AJAZ email form, their form is just broken on Chrome so it looked like a mail form injection attack, the link is http://www.sophos.com/en-us/products/free-tools/virus-removal-tool/download.aspx ) Super-Antispyware found a lot of spyware cookies, in the name of .kaspersky.2o7.net, etc. (just chedk 2o7.net, looks like it's a legit ad company) I tried comparing DNS lookup from the infected systems and from system in other physical locations, no DNS redirections it seems. I used dd to copy the MBR and compared it with the MBR provided by ms-sys package, no differences so it's not infecting MBR. No antivirus or rootkit scanner be able to identify it. Most of them can't even find it. I tried scanning, in-situ (normal mode), in safe mode, and boot to linux live CD. Scanners used: Avast, Sophos anti rootkit, Kasersky TDSSKiller, GMER, RootkitRevealer, and many others. Kaspersky reported some unsigned system files that ought to be signed (e.g. tcpip.sys), and reported a number of MD5 mismatches. But otherwise couldn't identify anything based on signature. When running Sysinternal RootkitRevealer and Sophos AntiRootkit, CPU usage goes up to 100% and gets stucked. The Rootkit is blocking them. When trying running/installing HiJackThis, RootkitRevealer and some other scanners, it tells me system security policy prevent running/installing it. The list of malicious acitivities go on and on. here's a sample of logs from all my scans. In particular, aswSnx.SYS, apnenfno.sys and PROCMON20.SYS has a huge number of hooks. It's hard to tell if the rootkit replaced legit program files like aswSnx.SYS (from Avast) and PROCMON20.SYS (from Sysinternal Process Monitor). I can't find whether apnenfno.sys is from a legit program. Help to identify it is appreciated. Trend Micro RootkitBuster ------ [HIDDEN_REGISTRY][Hidden Reg Value]: KeyPath : HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg Root : 586bfc0 SubKey : Cfg ValueName : g0 Data : 38 23 E8 D0 BF F2 2D 6F ... ValueType : 3 AccessType: 0 FullLength: 61 DataSize : 32 [HOOKED_SERVICE_API]: Service API : ZwCreateMutant Image Path : C:\WINDOWS\System32\Drivers\aswSnx.SYS OriginalHandler : 0x8061758e CurrentHandler : 0xaa66cce8 ServiceNumber : 0x2b ModuleName : aswSnx.SYS SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwCreateThread Image Path : c:\windows\system32\drivers\apnenfno.sys OriginalHandler : 0x805d1038 CurrentHandler : 0xaa5f118c ServiceNumber : 0x35 ModuleName : apnenfno.sys SDTType : 0x0 [HOOKED_SERVICE_API]: Service API : ZwDeleteKey Image Path : C:\WINDOWS\system32\Drivers\PROCMON20.SYS OriginalHandler : 0x80624472 CurrentHandler : 0xa709b0f8 ServiceNumber : 0x3f ModuleName : PROCMON20.SYS SDTType : 0x0 HiJackThis ------ O23 - Service: JWAHQAGZ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\JWAHQAGZ.exe O23 - Service: LHIJ - Sysinternals - www.sysinternals.com - C:\DOCUME~1\jeff\LOCALS~1\Temp\LHIJ.exe Kaspersky TDSSKiller ------ 21:05:58.0375 3936 C:\WINDOWS\system32\ati2sgag.exe - copied to quarantine 21:05:59.0217 3936 ATI Smart ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0342 3936 C:\WINDOWS\system32\BUFADPT.SYS - copied to quarantine 21:05:59.0856 3936 BUFADPT ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:05:59.0965 3936 C:\Program Files\CrashPlan\CrashPlanService.exe - copied to quarantine 21:06:00.0152 3936 CrashPlanService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0246 3936 C:\WINDOWS\system32\epmntdrv.sys - copied to quarantine 21:06:00.0433 3936 epmntdrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0464 3936 C:\WINDOWS\system32\EuGdiDrv.sys - copied to quarantine 21:06:00.0526 3936 EuGdiDrv ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:00.0604 3936 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - copied to quarantine 21:06:01.0181 3936 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0321 3936 C:\Program Files\AddinForUNCFAT\UNCFATDMS.exe - copied to quarantine 21:06:01.0430 3936 OTFSDMS ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0492 3936 C:\WINDOWS\system32\DRIVERS\tcpip.sys - copied to quarantine 21:06:01.0539 3936 Tcpip ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0601 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - copied to quarantine 21:06:01.0664 3936 HKLM\SYSTEM\ControlSet003\services\TULPUWOX - will be deleted on reboot 21:06:01.0664 3936 C:\DOCUME~1\jeff\LOCALS~1\Temp\TULPUWOX.exe - will be deleted on reboot 21:06:01.0664 3936 TULPUWOX ( UnsignedFile.Multi.Generic ) - User select action: Delete 21:06:01.0757 3936 C:\WINDOWS\system32\Drivers\usbaapl.sys - copied to quarantine 21:06:01.0866 3936 USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:01.0913 3936 C:\Program Files\VMware\VMware Player\vmware-authd.exe - copied to quarantine 21:06:02.0443 3936 VMAuthdService ( UnsignedFile.Multi.Generic ) - User select action: Quarantine 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0443 3936 vmount2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - skipped by user 21:06:02.0459 3936 vstor2 ( UnsignedFile.Multi.Generic ) - User select action: Skip

    Read the article

  • Wacom tablet or Evoluvent Vertical Mouse

    - by Bob Smith
    Having tried a number of mice that didn't help with wrist pain, I am contemplating buying a Wacom tablet or Evoluvent Vertical Mouse. I have heard great things about both of them. What do you recommend for someone with wrist pain in both hands that seems to be getting worse by the day? PS: I work mostly in Windows and Visual Studio environment. I currently have the MS natural ergonomic keyboard. I have started taking regular breaks and am also planning to see a doctor.

    Read the article

  • 2d & 3d CAD software on the MAC [closed]

    - by Mark Smith
    Hey I was wondering what 2d & 3d CAD softwares people use on the mac? There are a couple of other questions like this on the site but they're over a year old and knowing how fast paced the software game is I thought i'd repost! I use MacDraft for my 2d drafting and the same companies Interiors Pro for my 3d work, have done for a while. I used Rhino 4.0 at uni but being a student I had to find software that wasn't thousands of £$£$!! thus stumbling onto the Microspot products. Anybody using the software or found any other bargains out there?

    Read the article

  • Losing partitions after every reboot

    - by Winston Smith
    I have an Acer laptop with one hard disk, which up until yesterday had 4 partitions: Recovery Partition (13GB) C: (140GB) D: (130GB) OEM Partition (10GB) I read that the OEM partition has all the stuff needed to restore the laptop to the factory settings, but since I'd already created restore disks and I needed the space, I wanted to get rid of it. Yesterday, I used diskpart to do that. In diskpart, I selected the OEM partition and issued the delete partition override command which removed it. Then I extended the D: partition into the unused space using windows disk management. Everything worked fine, until I rebooted my laptop, at which point the D: drive vanished. Looking in windows disk management again, I can see that there's an OEM partition of 140GB, which is obviously my D: drive. So I used EASEUS Partition Master and assigned a drive letter to the 'OEM' partition and I was able to access my files again. However, every time I reboot, it reverts back. How do I fix this permanently?

    Read the article

  • How do I create an ISO image from a directory structure on CentOS?

    - by tom smith
    I'm trying to figure out the exact mkisofs cmd to create the ISO with the following directory and file structure. I've tried different commands, but when I mount the ISO that is created the directory tree has not been reproduced. The initial directory tree is: master.iso:: mount -o loop /apps/vmware/master.iso /mnt/vmtest ls /mnt/vmtest isolinux ks.cfg upgra32 upgra64 upgrade.sh ls /mnt/vmtest/isolinux boot.cat initrd.img isolinux.bin isolinux.cfg vmlinuz I've used different variations of the following mkisofs command without success: mkisofs -o '/foo/test.iso' -b 'isolinux.bin' -c 'boot.cat' -no-emul-boot -boot-load-size 4 -boot-info-table 'isolinux' How do I make an ISO that captures a directory's exact structure?

    Read the article

  • What is causing sudden freezing during running real-time program?

    - by Trevor Boyd Smith
    So I run a high intensive (CPU/GPU) real-time program. During normal execution suddenly everything freezes for 1-4 seconds. I opened "Process Explorer" in the background to help gain insight and maybe identify something. Here is what the CPU/GPU graphs looks like when I align them in time: Notice the 4 distinct drops in both the CPU/GPU. You can see that it goes from some sort of positive CPU/GPU usage to almost zero. These drops in the graph align with when the real-time program suddenly freezes. How do I find what is causing these sudden drops? NOTE: When you put your mouse over the graph it tells you the time, accurate to the second, for where your cursor is. Maybe this mouse over feature could be helpful in some way (e.g. what if you had a log of all processes every 100ms). EDIT: The real-time program is a video game and so I can't watch some sort of instrumentation while the video game is running. I need a solution that let's you look back in time somehow to see what was happening when the slow down occurred. EDIT: RE - Recording Data vs using real-time monitor: So the windows performance recorder is for some reason not recording what I expect it to record. So I switched to using "perfmon" and then opening it's "resource monitor". RE - Setting it up so I can view real-time monitor: In the video game I set it to spectate and then put the video game in "windowed" mode so that I can view the real time display that Resource Monitor has. Now that I can get semi-real time (only once per second... how do you get more than once per second?) I started looking at the various real time data readouts. Getting to the cause: I noticed a strong correlation in high disk IO and low CPU usage (which is also seen by having in-game freezing). How do you use resource monitor to find out who is doing all this offending disk IO?

    Read the article

  • Create Virtual Image of Laptop before Formatting

    - by Simon Mark Smith
    I have a 3 year old laptop running Windows XP that I used for business. Although I have not used the laptop in over a year, I now want to re-commission it with Windows 7 and a fresh install. Before I do the fresh install I want to create a Virtual Image of the laptop that I can keep and potentially run on my desktop machine should I ever need to access any of the old files/projects that it contains currently. I know that most people will say just copy the files over to your desktop, but my concern is the configuration of the laptop. I used to use it for development and it has older versions of Visual Studio, SQL Server, Active X controls etc, etc than I currently use so I really want to preserve the environment not just the files. So really I am asking what is the best tool-set/method to achieve this? I understand there are free VM tools available but I have never done this before and would appreciate any help.

    Read the article

< Previous Page | 25 26 27 28 29 30 31 32 33 34 35 36  | Next Page >