Thursday, April 22, 2010

AGAIN!

You may have already heard about this one.

McAfee DAT update 5958 causes a false positive on svchost.exe and under the default configuration DELETES IT!

We got the bulletin this morning and checked our PCs. Looked like we'd dodged a bullet! They were all on 5959 so we'd skipped over the dodgy update. - YES!

Then we got the email from a remote site. 8 PCs wont boot! - NO!

There's a fix but it's very manual as it requires booting each PC and replacing svchost.exe. It could have been so much worse though. Better to repair 8 PCs than hundreds!

Twice in a week we've been owned by our AV product!

Monday, April 19, 2010

Finally! Something interesting!

OK here’s a fun one! I just got back from lunch to discover an outage on one of our exchange servers.

To be more specific an outage on a particular mail store. All other stores on that server were fine. The boys had kicked the server over but that didn’t resolve anything. All five databases in the store were dismounted when the server came back online.

Finally! Something interesting!

We got the stores back online by forcing them to ignore missing log files (we could always bring back lost mail from the archiving server, yes we do send every piece of email we receive to an archive server doesn’t everyone?). Then we began collating data on the outage and pretty quickly a picture started forming.

I’ll list these in reverse chronological order so as to build the suspense!


Event ID 104 – 4/19/2010 12:26
MSExchangeIS (3240) Mail P-T: The database engine stopped the instance (3) with error (-1090).

For more information, click ....

Event ID 486 – 4/19/2010 12:26
MSExchangeIS (3240) Mail P-T: An attempt to move the file "C:\EXCHANGE LOGS\Mail P-T\E02.log" to "C:\EXCHANGE LOGS\Mail P-T\E020005DC2D.log" failed with system error 2 (0x00000002): "The system cannot find the file specified. ". The move file operation will fail with error -1811 (0xfffff8ed).

For more information, click ....


Event ID 259 – 4/19/2010 12:21
The file C:\EXCHANGE LOGS\Mail P-T\E02.log contains the Malformed Archive Trojan. No cleaner available, file deleted successfully. Detected using Scan engine version 5400.1158 DAT version 5955.0000.

This looks to me like our Anti Virus product found what it thought was an infected file E02.LOG and deleted it; as a result exchange lost the plot! As would I if someone removed one of my transaction logs midflight.

So yeah new policy, exclude your exchange transaction logs from your Anti Virus scans!

Thursday, April 8, 2010

I has da powa!

Love it or hate the iPhone is a popular piece of kit. It’s got a lot of great features including a super friendly UI, disturbingly friendly at times. Like going to dinner at an undiscovered serial killers home, everything is shiny on the surface just don’t go down to the basement.

Aside from the suspect practices of its creator one of my big gripes with the hardware itself is battery life. I struggle to get 24 hours use out of a full charge. Of course I could charge it every night but where does that leave me when I forget? Those that know me know that forgetting stuff is one of my more adorable or onerous personality traits depending on how long you’ve known me.

So after a couple of weeks of experimentation I’ve come up with a few battery saving tips that may extend your devices operational hours.

• Turn off Bluetooth
• Turn off Wi-Fi

Obvious enough really these two saved me some power... But hold onto your undies it's going to get more obvious;

• Turn down Backlight Brightness

This change gave me the most visible improvement to battery life. With the backlight on the minimum setting I got 3 days out of a charge! Admittedly I couldn’t use the phone outside during the day... But that was a sacrifice I was willing to make for the sake of science.

I’ve set the backlight brightness to about 10% and that seems to be a happy medium for me.