Phishing Attempts From Cheapfixerproperties.com

We had a customer complaining about emails stuck in the spam filter. They were getting an email with the subject line “(3) Incoming messages failed to sync”. In the email was a button to “Restore Messages”; however, when we hovered over the link the web address was for “https://cheapfixerproperties.com/…”.

We told the customer this was a Phishing attempt, and to not click on that button. They are ready had. We ran a full Vipre scan on their machine.

The URL takes you to a site that Google has already flagged.

Let us know if this helped you…

 

Recovering / Reset MS SQL 2008 SA Password

We recently dealt with an issue where the customer lost their MS SQL database “SA” password, and the “SA” account was disabled. They were unable to alter the structure of any of their databases.

We found this link which helped us reset the SA password.

https://www.mssqltips.com/sqlservertip/2682/recover-access-to-a-sql-server-instance/

Here are the steps we took.

  1. Logged onto the server and downloaded “PSexec”. We used this link to download it. Download
  2. Unzip the files and copy them to your “C:\windows\system32” folder. There will be a number of files and we needed more than just “psexec.exe” to perform this action, so we copied all the files from the download to that directory.

    We used this video to learn to us PSExec properly.
    https://www.youtube.com/watch?v=MaAL3C-DuHQ

  3. Stop the database. We went into the MSSQL Server Manager and right-clicked on the top item and selected “stop”.
  4. We right-clicked and opened the command prompt as an administrator.
  5. We typed in the following command.
    PsExec -s -i ” C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\ssms.exe”

    I had to search for “ssms.exe” to find the path I needed. The path in the first article was different than ours.

    This will launch MS SQL Server Manager as “System”, so you are above SA.

  6. Once MS SQL Server Manager was launched we were able to go to the “Security” tab, enable SA’s account, and change the password.
  7. We logged back in a SA and everything was working.

Let us know if this helped you…

 

 

#550 4.4.7 QUEUE Exchange Unable To Send To Comcast

We recently had a customer get a ISP change and on the same day were moving their DNS to Godaddy.  A few weeks later they noticed a bunch of emails bouncing back with a lot of the email addresses being for Comcast. We weren’t sure if this was a Godaddy,DNS, Exchange, or ISP issue.

It turned out to be the ISP needed to a PTR (pointer record) to the IP address.

This link helped us know that the PTR record is set by the ISP.

https://community.spiceworks.com/topic/1212792-ptr-record-in-godaddy-not-working

Here are some of the other things we had tried.

  • Adding the static IP to their SPF record.
  • Adding a Reverse Zone Record in the exchange server.
  • Turned off Spam Filtering in their email account

Let us know if this helped you…

 

Word 2016 Not Using My Default Printer – Print To PDF Instead

We got a call from a customer that was unable to print a document out of Word. We could use the “Printer Properties” in the “Control Panel” and print a test page. I could print out of Notepad just fine. When we tried to print from Word it was selecting “Print To PDF” when the default printer was a HP 3015.

We found advice on the Web for just plan re-installing the printer.

https://answers.microsoft.com/en-us/msoffice/forum/msoffice_word-mso_other-mso_365hp/default-printer-ignored/b1c16858-62a1-456a-8659-0ab1c0bd20d1

We reinstalled the printer driver and this resolved the issue.

Let us know if this helped you…

 

Godaddy Cpanel Email Can Send But Not Receive

We recently set up a new Godady CPanel hosting and set up the main email account for this domain. We didn’t want to miss any emails so the email account was set up just like the old hosting CPanel email. We were hoping for a quick switch.

We were able to send from this new email account, but couldn’t receive email. We used the website http://www.mailtester.com and it was showing an error that the email address didn’t exist.

Back in the CPanel account I clicked on MX Entry and we could see it was set for “Remote Exchanger” we changed this to “Local Exchanger” and everything was working.

Let us know if this helped you…

 

Godaddy CPanel Vs. Managed WordPress

Setting up a customer on new hosting I choose CPanel because that is what I was use to, but given the option of Managed WordPress I decided to go with the managed. Managed WordPress will take care of the core updates which will keep the customer’s site safer.  Godaddy was easy to work with and allowed me to switch plans since the CPanel was just purchased a few days before.

They refunded and re-issued new managed WordPress hosting. I ran the install for the site even though the site was build and I really needed to install my full copy of the site. What i discovered was with the Managed WordPress you get the WP101 video library preinstalled. This is $17.00 yearly value.

The issue I ran into was there is no email with this basic account. This was an issue since I had priced the site to come with some basic email. I called Godaddy and was able to get the CPanel product added back and refund the Managed WordPress product.

Managed WordPress is awesome unless you need cheap email.

Let us know if this helped you…

 

 

 

Email Scam – I do know, XXXXXXXX, is your password.

We received an email from a old customer who got an email with the following message.

I do know, xxxxxxx, is your password. You don’t know me and you are probably wondering why you are getting this e-mail, correct?

actually, I actually installed a malware on the adult vids (sexually graphic) site and do you know what, you visited this web site to have fun (you know what I mean). While you were watching video clips, your web browser started out functioning as a RDP (Remote Desktop) having a key logger which provided me access to your display screen as well as cam. after that, my software obtained all of your contacts from your Messenger, FB, as well as email.

What exactly did I do?

I created a double-screen video. 1st part displays the video you were watching (you’ve got a nice taste lol . . .), and 2nd part shows the recording of your web camera.

exactly what should you do?

Well, in my opinion, $2900 is a fair price for our little secret. You will make the payment through Bitcoin (if you do not know this, search “how to buy bitcoin” in Google).

BTC Address: 149EV7BbQSuJTS8mHJ5kdjGBvSKMFu7tob
(It is cAsE sensitive, so copy and paste it)

There was more to the email. The point is this email is a SCAM.

The biggest question was it was a password the customer had used in the past. Our best guess is someone gained access to an account they had and was able to capture name, email address and password. With this information they were able to get the scam started.

A Google search lead me to others that have received this email, and they all confirmed it was a scam.

Let us know if this helped you…

 

Microsoft – This website has been reported as unsafe

While working on a DIVI WordPress site I wanted to check to see how the site looked in Internet Explorer. I know the client uses this browser primarily. Everything was fine in Firefox and Chrome, but in IE I get the following screen.

I choose “Report that this site does not contain threats” option since I knew the site was up-to-date and safe.

On the next screen I got the following page.

It appears the site is possibly being blocked because of the weather plug-in I am using.

I completed this form and submitted it. I got the following message.

Basically telling me Microsoft will consider my recommendation, but it is up to them to determine if the site is safe or not. This doesn’t re-assure me that my client will be able to view the site in Internet Explorer.

I sent the link to a co-worker and they had no issue. A search on the web lead me to this page.

https://www.2-spyware.com/remove-this-website-has-been-reported-as-unsafe-browser-warning.html

They talk about malware possibly being installed. I searched my IE extensions and went into the Control Panel to see if any Possibly-Unwanted-Programs (PUPs) were installed; however, I didn’t see anything out of the ordinary.

I ended up resetting my Internet Explorer by going to Tools >> Internet Options >> Advanced >> Reset. After this the warning didn’t come back. My IE must have gotten a little hi-jacked.

Let us know if this helped you…

 

Translate »