Monthly Archives: November 2014

Similar to yesterday – another round of these bits of crap. This time there is a random subject of “Fax message#<RANDOM> ” With the content of Fax Message [Caller-ID: 1-407-194-7216] You have received a 5 page fax at Wed, 26 … Continue reading →

Message looks like this: Fax Message [Caller-ID: 1-407-454-1519] hxxp://hans-juergen-urban.de/inbox/get_message.php You have received a 3 page fax at Tue, 25 Nov 2014 13:48:11 +0000. * The reference number for this fax is chd_did11-10520192747-10397814691-268. View this fax using your PDF reader. Thank … Continue reading →

Update – 15/12/2014: A court document reveals just how large this call center was and how much money was involved. In relation to delayed pay after the retraining order… “non-payment of the Employee Payroll for the Pay Period affects approximately 800 … Continue reading →

More junk sent to one of my customers today similar to the previous junk. SHA256: 2d3de68d213a53c74e1f3180fd74bdc495c28d77924066aee27f26808ab10f66 This time they have got wise and have password protected the macro so I can’t tell the exact URL it is downloading from. Luckily … Continue reading →

While I was trying to get in touch with BT over a line fault update (for a fault that had been open about 3 weeks) they told me I had to call a dedicated team on 02075550985. I couldn’t find … Continue reading →

The information and pictures on this page are not to be copied or used elsewhere without permission. This is a copy of the original information on the BE Usergroup wiki but as Sky have shut down BE and the Usergroup … Continue reading →

The Active Directory Users and Computers search / find function doesn’t allow you to search for partial user names. For example in a school AD setup I wanted to find my test user but I’d forgotten which year I had … Continue reading →

If you run ZeroShell on a laptop and want to read battery status the following command reveals a lot of battery data: grep ” /sys/class/power_supply/BAT1/* or this file contains most of the above information in a single file… cat /sys/class/power_supply/BAT1/uevent … Continue reading →

Cleaned a computer today that had many bits of malware. One of the bits of junk had changed the DNS entries on the Windows 7 computer to: 81.218.119.15 (“bzq-218-119-15.red.bezeqint.net”) inetnum: 81.218.0.0 – 81.218.255.255 org: ORG-IL9-RIPE admin-c: BNT1-RIPE netname: IL-BEZEQ-INTERNATIONAL-20021018 descr: … Continue reading →

A family member had an email today titled “Your Amazon.co.uk order has dispatched (#203-2083868-0173124)” with attachment ORDER-203-2083868-0173124.doc Upon opening it requires Macros to be enabled (Macro is here), once enabled it contacts http://garfield67.de/1.exe – Virustotal Report // Malwr Report And downloads the … Continue reading →