Monthly Archives: August 2016

Reverse Engineering the Enphase Installer Toolkit

If you are interested in other Enphase information the following other pages may also be of interest: Enphase Envoy-S “Data Scraping”. Enphase Envoy-S Open Ports! While on my quest to create my own logging and analytics for the Envoy-S Solar … Continue reading

Posted in Uncategorized | 8 Comments

Bulk Updating Office 365 Department for users via PowerShell

This has good applications in a school or college where you have cohorts moving up a year. It also is useful for enterprise where a department has been renamed. Remember to first delete all your Year 12 (aka. leavers) before … Continue reading

Posted in Uncategorized | Leave a comment

“AUSE099” Sage Accounts online update error.

I had a customer computer where Sage would prompt to upgrade to be able to open their company file. When it got to the stage where Sage should be downloading the file – I got the error code “AUSE099” and no … Continue reading

Posted in Uncategorized | Leave a comment

“0-800-098-8522” fake virus warning messages.

“ip5.ip-158-69-114.net” / “158.69.114.5” seems to be hosting several domains associated with fake virus warnings. The page I came across was: hxxp://upwardd.website/0508/E2/ error9/uk/800-098-8522/alert.html With the fake alert as follows…. Security Error There is a .net frame work file missing due to some … Continue reading

Posted in Uncategorized | Leave a comment

Enphase Envoy-S Open Ports!

If you are interested in other Enphase information the following other pages may also be of interest: Reverse Engineering the Enphase Installer Toolkit Enphase Envoy-S “Data Scraping”. Further to my last post about the Envoy-S JSON data that can be … Continue reading

Posted in Uncategorized | 2 Comments

Enphase Envoy-S “Data Scraping”.

If you are interested in other Enphase information the following other pages may also be of interest: Reverse Engineering the Enphase Installer Toolkit Enphase Envoy-S Open Ports! I’ve recently had to interface with an EnPhase Envoy Solar PV system. The … Continue reading

Posted in Uncategorized | 83 Comments

stoppblock.net proxy PAC malware and “50.7.182.141”

In a continuation to the previous post about a computer with “infected” DNS settings…. The same machine also had a Proxy PAC file set. In the specific computers instance it had this URL set in the automatic proxy settings section: http://stoppblock.net/wpad.dat?fb4c39d90b3dd1f76bda246b4a60839913671305Continue reading

Posted in Uncategorized | 1 Comment

“104.197.191.4” and “107.178.246.193” Google-Analytics DNS Intercept / Malware.

While trying to investigate a malware infection on a computer I discovered several changes. First.. LOTS of rootkits and advertising malware but also.. DNS for the network adaptor had been changed to “104.197.191.4”. This seems to be a virtual server … Continue reading

Posted in Uncategorized | 1 Comment