IT Mamak

Exploit.PDF-9669 was detected on older version of ClamAV.
Most HTML encoded email received seems to be matching on older version of ClamAV.
It seems to be a false positives matching on this signature.

Here is a temporary solution:

edit daily.hdb file
vi /usr/share/clamav/daily.inc/daily.hdb

comment this line as below
#d41d8cd98f00b204e9800998ecf8427e:0:Exploit.PDF-9669

and then restart the service

This problem will be solved for temporary.

I get this solution from this thread:
http://www.gossamer-threads.com/lists/clamav/users/37880

The permanant solution is

update your ClamAV to 0.95.3 and update your daily.inc or daily.cvd.

My Dell XPS M1330’s screen go blank after installing VGA driver.

Dell XPS M1330

The details:-
Machine: Notebook
Brand/Model: Dell XPS M1330
O/S: MS. Windows Vista Business

My user complain that he faced display problem on his notebook. (The screen is blank.)
He requested to reformat it.

After reformatting the notebook the screen is still blank.

Then, I reported to Dell then the problem was solved by following their instructions.

Here I shared my experience with you all but I am not sure whether this solution work to you or not.

This was caused by the sequence of drivers installation.

IMPORTANT: To avoid this happen, you must install the driver by follow below sequence.

1. Install “Notebook System Software” (Under System Utilities).

2. Install “Intel – Mobile Chipset” (Under Chipset).

3. Then,you can install any others drivers without follow the sequence.

Get Dell latest driver here.

I just bought a netbook for my sister.
For a system I always concern on the security part especially in antimalware.
I am looking for a suitable antivirus for netbooks.

After googling, I found that there are few antivirus special for netbook use only.

Analyst firm DisplaySearch has done a study into the notebook market, and from that study they conclude that in 2009, netbook shipments will grow to 20% of total notebook shipments.

I wonder why there are still a lots antivirus company not release their antivirus for netbooks yet? We know most of the antivirus for notebook or desktop is not suitable for netbook due to it is too heavy for a netbook.

Are you same with me looking for a better antivirus for your netbook?

The antivirus for netbooks only that I found for the moment are as below:-
I hope my study can help you. If you found any others supported antivirus please don’t hesitate to inform me.

Panda – Panda Antivirus for Netbooks

Anti-Malware Engine – Automatically detects and eliminates viruses, spyware, Trojans, rootkits, bots and other malware before they infect your computer.

Advanced Proactive Protection (HIPS) – Technologies from Panda Security are widely recognized as the most effective against new and unknown malware.

Personal Firewall -  Protects you against Internet-borne worms and hacker attacks.
Anti-Rootkit Technology – Detects and removes silently-installed rootkits used by malware or hackers to evade traditional antivirus products.

Anti-Phishing Filter – Recognizes fraudulent email and protects you from scams while you shop, bank or pay bills online.

Anti-Banking Trojan Engine -Detects the most dangerous identity theft malware used by cyber-criminals to steal banking credentials. Specialized heuristics and generic detection techniques ensure maximum protection for online transactions.

Karpersky – Kaspersky Internet Security For Ultra Portables
Essential Protection – Protects from all types of malware and spyware

Extended Protection – Two-way personal firewall, Safe Wi-Fi and VPN connections and Intrusion prevention system.

Preventive Protection – Intelligent application management and control, Proactive protection from unknown threats, Scans OS and applications for vulnerabilities and Disables links to malware sites

Identity Theft Protection – Disables links to phishing websites, Virtual keyboard for safe entry of logins and passwords, Prevents theft of data via secure connections (HTTPS/SSL), Blocks unauthorized dial-up connections.

Content Filtering – Parental control and Antispam protection.

ESET – ESET NOD32 Antivirus
Smarter Scanner — Threats don’t always enter your network in ways you expect. ESET NOD32 Antivirus inspects SSL-encrypted communication channels like HTTPS and POP3S and intelligently scans compressed files to find hidden threats other products miss. Proactive protection begins at the earliest point in system startup to ensure your computer is always secure.

Clean and Safe Email — Email scanning for Microsoft Outlook, Outlook Express, Mozilla Thunderbird, Windows Live Mail, Windows Mail, and other POP3/IMAP mail clients, ensuring your email is free of viruses and other threats.

Removable Media Security — Threats can enter your PC from removable media such as USB thumb drives. For self-running media, ESET NOD32 Antivirus scans autorun.inf and associated files when the medium is inserted, in addition to scanning any file on any removable device when it is accessed, or during a full-scan of the media. Power users can adjust ESET NOD32 Antivirus to perform additional levels of scanning on removable media.

System Tools — ESET SysInspector and ESET SysRescue simplify diagnosing and cleaning of infected systems by allowing deep scans of system processes to find hidden threats, and creating bootable rescue CD/DVD or USB drives to help you repair an infected computer.

Self Defense — ESET NOD32 Antivirus has built-in technology to prevent malicious software from corrupting or disabling it, so you can rest assured your system is always protected.

Many Usability Improvements — ESET NOD32 Antivirus has numerous speed, security and usability upgrades.

Alternative Solution

Besides above netbooks antivirus, I found an alternative choice that is Panda Cloud Antivirus.

Panda Clould Antivirus – is a “thin client” service that you install on your PC that is dependent on the Panda’s internet (cloud) based services for its’ processing activities (Aka: cloud computing). As result of the processing services being managed at the cloud (internet) level; maintenance, updates, configuration changes and system resources are minimized to the point that it becomes a maintenance free product.

For more information about Panda Clould Antivirus you may visit to
1. Panda Cloud Antivirus – Official Site
2. Panda Cloud Antivirus – Is it netbook ready?
3. Bill Mullins’ Weblog – Panda Cloud Antivirus – Free Cloud Protection

This morning end user complaint that she failed to access to her folder.
After checking I found that my machine didn’t mount to the file server.
Then I try to remount again but it give me “Could not resolve mount point” error message.

[root@ftp ~]#mount -t smbfs -o username=username%password //MyFileServer/SharedFolder /mnt/MountedFolder

Could not resolve mount point /mnt/MountedFolder

After googling I still failed to get a solution.

Then, I listed my /mnt and found that my MountedFolder got problem as below.

[root@ftp mnt]# ls -l /mnt
total 1
?——— 1 root root 4096 Jul 10 11:13 MountedFolder

There was a question mark for the folder mod.
Solution:
reboot the machine then list again the folder

[root@ftp mnt]#ls -l /mnt
total 1
drwxrwxrwx 1 root root 4096 Jul 10 11:13 MountedFolder

Now it was back to normal.
Remount again the folder and can access to the mounted folder now.

It could me many reason you get a “Could not resolve mount point”.
You may googling the solution and mine is one of the solution.
If you had try others solution and can’t work and your mount folder have a “question mark” aslo.
You should try it.

Have a nice day.

How to delete windows shared folder connection by using DOS command?

To view current windows shared folder connections.

Command:

net use

Output:
C:\Documents and Settings\user>net use

New connections will not be remembered.
Status    Local     Remote Network

——————————————————————————-
OK               Z:          \\sharedhostname\sharedfoldername\
Microsoft Windows Network
The command completed successfully.

To delete CERTAIN windows shared folder connection.

Command:

net user z: /d

Remark : where z: is the mapping drive letter.

To delete ALL windows shared folder connection.

Command:

net use * /d

I am a network administrator.

There always a lot end users or my friends who have a modem or router which they don’t know their password because the setting was set by ISP’s technician.
Once the Internet service is down, I always is the first person they ask for.
Fortunately, they always keep the default username and password.

A modem/router default password list is important to a network administrator/engineer.

It’s good to list down all the default username and password in my own blog.

I hope this default username and password list is helpful for you.

Below is the list of the default IP, username and password for TMnet Streamyx supported modem/router.

Streamyx (Malaysia) still have the major market share so I just only list down the modem/router supported Streamyx.
If you can’t find your modem  or router’s default username and password above.
You may find yours at the below sites

1. Default Password List – http://www.phenoelit-us.org/dpl/dpl.html
2. Router Passwords – http://www.routerpasswords.com/index.asp
3. Virus.Org Default Password Database – http://www.virus.org/default-password

*ISP : Internet Service Provider

Chinese New Year is coming.

It’s totally FREE.
Hurry up, get your own domain name with $0.
Is that your free blog provider address is too long?
Just sign up for a free and shorter domain name.
You can redirect this domain name to your current blog without move your blog.I just found a FREE domain name – co.cc.

For instance,
I am using http://goupimao.blogspot.com
I just register http://goupimao.co.cc

Is that hard to remember or to long for the address like
mydomainname.wordpress.com or mydomainname.blogspot.com and so on?
You may change it to mydomainname.co.cc.

Click the button below to GET a FREE domain name.
A Chinese New Year Gift to you!

or using this link –> http://www.co.cc/?id=160636

I have a FACT Accounting for Windows in my environment which is our old accounting system.

We are going to write off all the WinNT and migrate to linux in our environment and it is at the final stage of the migration.
We turn off all the power for power maintenance during last Christmas day.

One of the machine which work as the FACT license server said bye bye to us (failed to power on).
All the clients failed to access to the FACT Accounting for Windows system due to failed to find the license server as below.

What a headache for me, this license server is not setup by me and the person who setup it is not here anymore.
I have no idea at all with this license server so Google always is my good guru.

After googling I found several solutions.

Below is my successful solution.

I am using samba file server.
One day, a user told me that he failed to open a shared folder.
Every time he open the shared folder authentication will be prompt.
He still failed to open the shared folder even though he key in the correct user name and password.

After diagnosis I found this error in my /var/log/samba/winbindd.log

more /var/log/samba/winbindd.log
show me this:
idmap Fatal Error: UID range full!! (max: 20000)

Then I googling and finally find the solution. Google always is my GURU. Thanks Google.

Below are the step to fix this problem.

Stop your samba and winbind services

service winbind stop
service smb stop

Delete secrets.tdb and smbpasswd

rm /etc/samba/secrets.tdb
rm /etc/samba/smbpasswd
rm /var/cache/samba/winbindd_idmap.tdb

Ensure “winbind trusted domains only = no” if not just modified it in smb.conf

testparm -v | grep winbind
or
vi /etc/samba/smb.conf

Rejoin the domain

net rpc join -S SERVERNAME -U ADMINISTRATOR%ADMINPASSWORD

Restart winbind service

service winbind start

Ensure can get the user list from domain

wbinfo -u

Fetch list of user accounts and group accounts

getent passwd
getent group

Test the login from another workstation.
Solved!
Job Done!

When I try to renew an IP address I get this message

C:\>ipconfig /renew

Windows IP Configuration

An error occurred while renewing interface Local Area Connection : The RPC server is unavailable.

How can I solve this problem?

After googling I found that is caused by a file named iKernel.exe is missing.
This problem can be solved by just copy back this execute file to the path.

Solution:
1. Copy a iKernel.exe file from any computer and then paste to below location
C:\Program Files\Common Files\InstallShield\Engine\6\Intel 32\
2. Reboot your computer.
3. Done.