Archive for the 'Support Calls' Category

Locky

Posted in Support Calls on April 1st, 2016

I didn’t know what this was until earlier this week when a friend called and asked if I could come and take a look at his machine ( he mentioned something about ransomeware but little ). I’ve been hearing more of ransomeware in the news attacking hospitals and the like but I personally have not had direct contact with one of these so figured I’d jump in with 2 feet and see what it was all about.

Basically I came in and looked at the machine and saw a bunch of files renamed to hex with the extension of .locky. These are files that are encrypted and contained his important information. There was also a text file that directed me to a web site asking us to pay money and we were given a key to input into the web site. See this web site for WAY more info then you might want but, great info nonetheless.

https://www.pcrisk.com/removal-guides/9807-locky-ransomware

In short, to recover, I performed a system restore to a date before the attack occurred and I used shadow explorer to locate files that had been impacted and luckily they were still present so using shadow explorer I exported them to a new directory and we were good . We went to each of the directories that contained locky files and exported the saved files out ( I had him validate that the files contents was unaltered and he said they looked fine). He was thankful and I was happy for him because he looked pretty stressed as you can imagine. BitDefeneder and Hitman Pro were on the machine but did nothing to protect it from this variant. I used avast and mcafee stinger to try and detect anything else wrong with the system but they came back clean. I would have thought that maybe the av products might give some sort of warning when they saw the .locky files (ex: locky files have been detected on your system — its possible you are impacted with ransomeware, insert suggestions here). Instead they were silent and passed their scans. I was happy to see them pass and that his machine was not further impacted but kind of surprised, in a way.

I sure hope none of you are hit by this (or any) ransomeware. These things are downright nasty.

Recently, CERT released this warning on ransomware

https://www.us-cert.gov/ncas/alerts/TA16-091A

Chuck

Android automatic updates via wi-fi

Posted in Android, Support Calls on March 27th, 2016

I hate it when my android phone starts madly updating apps when I turn on my wifi – so much so that the best way to do anything else on the phone is to turn off wifi. I checked into my google play store settings and they were set to not perform any updates (I like to do them manually) but for some reason the phone was ignoring my setting. Why? Hmm… so I experimented a few more times – turned off wifi and no more updates. Ok, confirmed its a setting but where. After trying a few things, the winning combo was to clear cache and disable the google play store in my application settings. Bingo. I turned on wifi and no more updates. Ah! I feel much better. I’ll update the apps at my pace and now enjoy wifi and not getting sprayed on the screen with all sorts of non-sense (I know you can turn those notifications off too but had i not left those on i probably would have been troubleshooting a slow wifi connection on my phone and spent lots of time on it, glad i didn’t and glad that this is over). On to the next problem…

Oh by the way, Happy Easter!

Extract Zip files in bulk

Posted in Site of Interest, Software Reviews, Support Calls on March 13th, 2016

Today I also had the need to extract 12,000 plus zip files. I was using zipware for another project but when each zip file contained a similar file (ex file.txt) zipware would prompt me for what to do with the file (overwite, yes or no or replace). I did not want to supply this information 12,000 plus times. I think it might be a bug because they did give me the option of yes(all), no(all), etc. which I selected but it didn’t make a difference. But I think since each individual zip is considered a different job (within zipware) it wanted me to make the choice across all the jobs – which is more then 12,000 times. I don’t think so – not for me anyway. Would be nice if the program (zipware) had a preference – overwrite file across multiple jobs (y/n). That option would probably save me but I did not see that option.

So… I researched and found that 7z, while it also prompts me to overwrite (just as zipware did) – it only does it once and allowed me to choose to overwrite that file each time (and no prompt me anymore). It appears to organize its work differently then zipware. 7z also has a nice console window (similar to zipware) that keeps me informed of progress and presents me with errors along the way (ex: cannot open file). I like that too.

Link:

http://www.7-zip.org/

Convert 7z to zip

Posted in Site of Interest, Software Reviews, Support Calls on March 13th, 2016

Recently I had the need to convert a bunch of 7z files to zip on my windows machine. I spent way too much time on this but what I did, did end up working so I hope this tip saves you time and in case I forget, saves me time in the future if I need to do this again.

I found this great piece of software called zipware. Once installed, the right click menu is all you need. Select all your 7z files and select extract to this folder plus filename. Basically it will extract all files into their respective folders. The operation is performed in a nice console window that keeps you informed of progress throughout.

Then once its completed, right click all the folders (the originated from the 7z files) and select Add to separate archives and select zip. Once again, a console window will open keeping you informed of the progress throughout.

Link:

http://www.zipware.org/

Blue Screen Help

Posted in Support Calls on February 27th, 2016

My Asus Laptop has been crashing on me for the last 3 weeks or so and with the little time i have to troubleshoot its been a piecemeal effort at best but today I think I finally got it. The blue screen errors generated seem to be all over the place (completely inconsistent).

Various troubleshooting steps taken:

– Blew out dust.

– Swapped memory (b0 to b1 and b1 to b0)

– Also tried 1 memory stick out.

– chkdsk / sfc (both came back clean)

– memtest86 (ran many tests)

All of the above did not help.

Today, I added to the list

– BlueScreen by NirSoft

– http://www.osronline.com/page.cfm?name=Analyze for analysis of the dmp file.

The bluescreen software provided good information but it didn’t take it to the next level like the OSR online web site did. The web site gave me an actual executable i could go after (thankfully) and I did, it was related to this utility: ASUS-Splendid-Video-Enhancement-Technology. I uninstalled this utility and the laptop appears to be more stable but.. I will give a few more days before i call it a win.

Given all the crashes that i have had, I went ahead and ran another chkdsk and sfc for good measure. Came back clean.

I also used SlimClean to clean up junk (dmp files, logs, etc) to start out clean in case issues continue, sure hope not.

Thankful to have these resources to help solve issues such as the infamous blue screen ;)


© 2010-2016 GoFiXit All Rights Reserved