Due to some yet unknown issue, WordPress version 2.8.2 might be causing server errors.

Lunarpages, my “current” and might become “ex” webhosting company, shut down Gibni.com yesterday without any prior notice, saying they’ve taken an emergency action, as the “index.php” script in my wordpress root was using huge server resources, and could cause a server crash.

First problem is, not only they changed the “index.php” permissions to “000″  (no read permissions) but they took ownership of the file, so neither I could make any changes to the file, nor analyze it for troubleshooting.

Secondly, they made the domain return an “internal server error” to all visitors.

Third, they did not manage to put an “under maintenance” page at the root untill the issue is solved.

Anyway, thanks to my linux skills, I managed to put an “under maintenance” page for Gibni, and get the site back online very soon.

Until I figure out what caused wordpress to eat server resources, and was it really wordpress or Lunarpages’s poor servers and administration, was it the running theme which ran without any issue for months or even the plugins installed on wordpress a year ago; I’ve decided to switch back to wordpress default theme and upgrade to wordpress 2.8.4.

After all, I believe that you should now:

• Enjoy Gibni, Ad free!
• Always have a maintenance page and an emergency code, just in case!
• Be careful choosing your webhosting company!

This topic is researched, tested and written by Amir Hossein Moradi.

This is the third article on the Windows Delayed Write Failed error occurring with hard drives (mostly external ones with USB/Firewire/Network connections). On 28th December 2007, I wrote the Windows – Delayed Write Failed – Solved! article which had more than 190,000 views, and helped many users till date. On 9th June 2008, the second article on this topic – Windows Delayed Write Failed – Latest Solution – which had more than 34,000 views till date, was out and is still getting many users out of trouble.

Now, it’s time to write the 3rd article and sum up all possible solutions for the Windows Delayed Write Failed error.

About Delayed Write:

Windows uses a special subsystem for certain disk functions, which caches write operations and performs them when the system is idle. This can improve system performance, but it’s typically turned off by default. The term for this kind of operation is “delayed writing”.

You can see how write-caching is handled for a particular volume by right-clicking on the icon for the drive in the “Disk drives” subtree of the Device Manager and selecting the Policies tabs. The options typically are “Optimize for quick removal” (everything is written to the drive immediately) and “Optimize for performance” (writes are cached).

About the error:

“Windows Delayed Write Failed” error occurs usually when the caching process gets interrupted or the files to be cached get corrupted, either because of a drive failure, a cable failure, or a USB interface fail!

This error might happen to brand new drives as well as good working old ones.

Cause:

This error might be caused by several factors:

• Cache settings
• System Restore settings
• Device drivers
• Media error, drive failure
• USB/Firewire host controllers
• Drive overheating
• Mis-configured BIOS settings
• Ultra Direct Memory Access (UDMA) mis-configuration
• Unmatched cables
• Faulty cables
• Memory parity conflict
• Power management drivers

On the next page(s) I’ll discuss all the working and possible solutions to this issue.

]]> http://www.gibni.com/windows-delayed-write-failed-solutions/feed 18 http://www.gibni.com/making-money-online-how-to-avoid-scams http://www.gibni.com/making-money-online-how-to-avoid-scams#comments Tue, 05 May 2009 20:10:05 +0000 Gi http://www.gibni.com/?p=764 Continue reading →

]]> Making money online…

Making money online is one of the most researched topics for many of web developpers, bloggers and website owners. It takes a lot of efforts to produce quality content and get enough traffic, to be able to rank better in search results and improve your different ranking factors. After a while of being online, website owners will get advertising offers from different companies, which might be interesting at first.

Well, this is a good sign, as it means that your site is getting some interest and attention; but it’s also an alert, warning you to be cautious.

There are lots of scams out there, which try to fool you by offering great business opportunities and make you run some ads or malicious scripts on your website. They (the scammers) will try to get detailed information about you, your website, personal details and even your bank account(s).

You Should be carefull…

You would get an email, from an unknown party, who shows interest in your website and usually represents himself as an advertising company who wants to buy some ad space, or publish some content on your website (or blog) for one of his clients.

First thing to do is : DO NOT reply with your personal information and  DO NOT show that you’re very interested!

Second, start to gather some information about the company who sent you the email. See its WHOIS record (you can use InterNIC WHOIS ) to find out more about the website owner, registrar, their address, and phone numbers if any.

Use your favorite search engine to find out more about the company, visit their website, check their “About us” page, check their portfolio, recent clients, latest works…

Look for user reviews on the company, search to find out if ” {the company name} + scam ” returns anything in your search engine? Search and investigate a little bit to keep your website (blog) safe from advertisement scams.

Use SiteAdvisor form McAffee to check if the website is a safe website or not.

If you come across any types of scams, just DO NOT reply to their emails and ignore them. You would help other website owners and bloggers if you write a post on how to identify scams and spams and how to avoid scams.

You can share this post and link back to it from your website (given that you mention the source).

Recently I’ve came across a scam from Production-Time.com . They’ve sent me an email in French, in which they shown interest in Gibni.com and asked me to reply if I wanted some more information.

I’ve done a WHOIS research and some investigation and found out that the email, even if it was well personalised, has been sent to thousands of people and some website owners have already announced Promotion-Time.com as a scam. I’ve found a detailed article about this scam in EPN.dk, which I translated to English to be able to understand it.

Here’s the a part of the email they’ve sent me:

Bonjour,
J’aimerais vous faire part d’une proposition commerciale à propos de votre site Web, qui pourrait très fort vous intéresser.
En effet, ma société Promotion-Time, souhaiterait vous rémunérer pour la publication d’une petite publication textuelle sur votre site pour un de nos clients.
Il s’agit d’une annonce francophone ciblée qui convient à certaines pages de votre site.
N’hésitez pas à me contacter si vous avez besoin de plus amples informations.

Sincèrement,
Francq Petit
francqp@promotion-time.com

Si vous ne souhaitez plus recevoir d’emails de Promotion-Time, répondez à cet email avec comme sujet : STOP.
It is possible to continue this correspondence in English, if you prefer to do so.

Here in this post, you can help the community by letting other know about the scams you faced and also know about scams already running on the internet. Type in the information you have in the comments section (Be carefull not to spam the comments section) .

Making money online, avoiding the scams, aims to help you avoid scams, help spread the word and show your support.

If you ever heard about Microsoft (the maker of Windows and a full bundle of problems attached to it), and if you have already heard about Conficker, or also called Downup, Downadup or Kido, I suppose that you’ve already taken steps on protecting yourself and your friends from this computer worm (or computer virus as some may call it!).

I’m writing this urgent post to warn everyone and help my dear visitors protect themselves and repair their infected computers.

Please spread the word and get people to read this article so you can help and save them! (

Immediately)

Conficker was born in October 2008, and targets Microsoft Windows Operating systems, so if you run Windows on your computer, YOU ARE A TARGET FOR CONFICKER! So, let’s get straight to the point, that is how to know if you’re already infected and how to remove the worm and how to protect yourself from later infections.

Symptomes of infection according to Wikipedia are:

• Account lockout policies being reset automatically.
• Certain Microsoft Windows services such as Automatic Updates, Background Intelligent Transfer Service (BITS), Windows Defender and Error Reporting Services are automatically disabled.
• Domain controllers respond slowly to client requests.
• System network gets unusually congested. This can be checked with network traffic chart on Windows Task Manager.
• On websites related with antivirus software, Windows system updates cannot be accessed.
• Launches a brute force dictionary attack against administrator passwords to help it spread through ADMIN$ shares, making choice of sensible passwords advisable.

The worm spreads through movable drives (USB Flash drives, Memory cards, network drives, shared devices with storage memory and networks (the internet, your office’s LAN, your home’s network…) Conficker uses the Autorun feature (if you can call it a feature!! ) of Windows and a specially crafted RPC query to spread it self. more information and advanced technical details on how the worm operates is available on my other post: Conficker Worm, Advanced Technical Details (Coming Soon)

On the next page(s) I’ll discuss detailed solution to remove the Conficker virus and Patch your computer…

Remove and Patch:

Here’s how I did remove the virus for my friends and patched their computers so they won’t get infected again by this worm!

1 – First of all you need to disable the Autorun “feature” of your computer so that it won’t run CDs, DVDs and USBs automatically.

To do that, Microsoft provides a well describe article that you may read and apply for your Windows. Click : http://support.microsoft.com/kb/967715/ But if you’re already infected, you may not be able to access the Microsoft’s download page to download the required files.
I provide you another workaround which was initally described on US-CERT website :

First, download the autorun_patch.reg file and run it. This file contains the following code and is applied to your Windows Registry:

REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf] @="@SYS:DoesNotExist"

• If you don’t want to download the file, then;

To import the above value to your registry, perform the following steps:

1. Copy the text above
2. Paste the text into Windows Notepad
3. Save the file as "autorun_patch.reg" Note: In certain circumstances, Notepad may automatically add a .txt extension to saved files. To ensure that the file is saved with the proper extension, select All Files in the “Save as type:” section of the “Save As” dialog.
4. Navigate to the file location
5. Double-click on the file to import it into the Windows registry

According to US-CERT website, Microsoft Windows also caches the AutoRun information from mounted devices in the MountPoints2 registry key. It’s recommended restarting Windows after making the registry change so that any cached mount points are reinitialized in a way that ignores the Autorun.inf file. Alternatively, the following registry key may be deleted:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2

Once these changes have been made, all of the AutoRun code execution scenarios described above will be mitigated because Windows will no longer parse Autorun.inf files to determine which actions to take. Further details are available in the CERT/CC Vulnerability Analysis blog. ^{[ref:US-CERT]}

2 – Disable System Restore:

Steps for Windows XP:

1. 1. Click Start.
   2. Right-click My Computer, and then click Properties.
   3. On the System Restore tab, check Turn off System Restore or Turn off System Restore on all drives.  If you do not see the System Restore tab, you are not logged on to Windows as an Administrator.
   4. Click Apply.
   5. When you see the confirmation message, click Yes.
   6. Click OK.

3 – Install Microsoft Security Update [KB958644] for your Operating System:

Go to this page and download the right update based on your Windows Operating System version: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx In case you cannot access Microsoft website for any reason, I provide you mirror downloads here on Gibni.com: For Windows XP SP2 and Windows Xp SP3 (English) : [Mirror on Gibni] For Windows Vista and Windows Vista SP1 (English): [Mirror on Gibni] Once downloaded, (open/double click/run/execute) the file and procceed with the installation.

4- Download the Conficker Removal Tool of your choice:

You should download a Removal Tool (listed bellow), then save it to a convenient location like your Windows Desktop.

There are free Conficker Removal tools provided by:

• Microsoft Malicious Software Removal Tool (En) : [Direct Download] or use the [Mirror on Gibni]
• ESET: [Direct Download] or use the [Mirror on Gibni]
• Symantec : [Direct Download] or use the [Mirror on Gibni]
• BitDefender : [Direct Download] or use the [Mirror on Gibni]

5 - Now, the next step is to check your computer for infection and clean it!

1. Once you have the Removal Tool file, (if neseccary save your work and) close ALL programs and running sotftware.
2. Disconnect your computer (PC) by PHYSICALLY disconnecting the network cable or switching OFF the Wi-Fi adapter you have.   (You may need to go to Control Panel>Network Connections then right-click on each network connection available and select “Disable”)
3. Then run (double-click/open/execute call it what you like!) the Conficker Removal Tool you have!
4. Then restart your computer once the Conficker Removal Tool’s job is done.

Follow all the instructions for the conficker removal process. The remaining steps are on the next page(s) …

6 - Install( or update) a good Security solution

I would personally recommend BitDefender Total Security 2009 (http://www.bitdefender.com)

7 - Turn System Restore back ON!

You may want to run the Conficker Removal Tool again to be sure your PC is clean. Keep your Windows and Antivirus UP-TO-DATE!!!! (Check once a month manually at least)

8 – Feel GREAT!

That’s it. Digg this article by using the “ShareThis” button or the Digg It button either below the post, or at the beginning of the post, to help others stay safe. Please spread the word and get people to read this article so you can help and save them! (

Immediately)

You can send it by email to your friends and familly by using the ShareThis button too.

-Read More here:

http://en.wikipedia.org/wiki/Conficker

http://www.symantec.com/security_response/writeup.jsp?docid=2008-112203-2408-99&tabid=1

http://www.eset.com/threat-center/blog/?p=511

http://www.bitdefender.com/VIRUS-1000462-en–Win32.Worm.Downadup.Gen.html

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039?OpenDocument&src=sec_doc_nam

On October 23, 2008, Microsoft released a critical security update, MS08-067, to resolve a vulnerability in the Server service of Windows that, at the time of release, was facing targeted, limited attack. The vulnerability could allow an anonymous attacker to successfully take full control of a vulnerable system through a network-based attack, the sort of vectors typically associated with network “worms.” Since the release of MS08-067, the Microsoft Malware Protection Center (MMPC) has identified two variants of Win32/Conficker in the wild to date:

• Worm:Win32/Conficker.A: identified by the MMPC on November 21, 2008
• Worm:Win32/Conficker.B: identified by the MMPC on December 29, 2008

(Source: http://technet.microsoft.com/en-us/security/dd452420.aspx )

For detailed “How to remove Conficker worm” instructions, visit this post: How to Remove Conficker (On Gibni)

If you ever heard about Microsoft (the maker of Windows and a full bundle of problems attached to it), and if you have already heard about Conficker, or also called Downup, Downadup or Kido, I suppose that you’ve already taken steps on protecting yourself and your friends from this computer worm (or virus as some may call it!).

On February 12, 2009, Microsoft announced a U.S. $250,000 reward for information that results in the arrest and conviction of those responsible for illegally launching the Conficker malicious code on the Internet. Microsoft’s reward offer stems from the company’s recognition that the Conficker worm is a criminal attack. Microsoft wants to help the authorities catch the criminals responsible for it. Residents of any country are eligible for the reward, according to the laws of that country, because Internet viruses affect the Internet community worldwide. ( http://technet.microsoft.com/en-us/security/dd452420.aspx )

According to Yahoo Tech news:

“The criminals behind the widespread Conficker worm have released a new version of the malware that could signal a major shift in the way the worm operates.

The new variant, dubbed Conficker B++, was spotted three days ago by SRI International researchers, who published details of the new code on Thursday. To the untrained eye, the new variant looks almost identical to the previous version of the worm, Conficker B. But the B++ variant uses new techniques to download software, giving its creators more flexibility in what they can do with infected machines.

The new B++ variant uses the same algorithm to look for rendezvous points, but it also gives the creators two new techniques that skip them altogether. That means that the Cabal’s most successful technique could be bypassed.”

Also known as Downadup, Conficker spreads using a variety of techniques. It exploits a dangerous Windows bug to attack computers on a local area network, and it can also spread via USB devices such as cameras or storage devices. All variants of Conficker have now infected about 10.5 million computers, according to SRI.

Here’re some statistics according to SRI:  ( http://mtc.sri.com/Conficker/ )

Total IP Addresses: 10,512,451
Total Conficker A  IPs:    4,743,658
Total Conficker B  IPs:     6,767,602
Total Conficker AB IPs:   1,022,062OS Breakdown:
WinNT=0, 2000=163395, WinXP=10189556, 2003 Srv=75361, Vista=82495, Win98=44, Win95=32, WinCE=3, Other=1565Browser Breakdown:
IE5=26,525, IE6=7,494,466, IE7=2,988,039, FireFox=893, Opera=150, Safari=166, Netscape=12

SRI says that China is the most infected country by Conficker, and follow Brazil and Russia.

I’ve noticed that Indonesia, Thailand and India are some of the most infected countries today and people are actively searching about this virus/worm.

To note that more than 9 million computers are infected worldwide till date!

For detailed “How to remove Conficker worm” instructions, visit this post: How to Remove Conficker (On Gibni)