Weybridge Computer Services

WCS.Tony

Blog

WCS.Tony - Sat May 05, 2018 @ 10:48AM
Comments: 0

Well for some reason yesterday I decided to update a couple of my PCs.

The laptop sat there downloading 1803 for ages, then asked for a reboot. 

Another long wait while it updated and finally it loaded Windows 10 and asked me to select some options for adverts and what data I would allow - READ WHAT EACH SCREEN SAYS. Once I did all that everything seems OK and Windows is performing well.

SO - I decided to upgrade an old but trusty HP desktop. 

Once again it found the updates and downloaded them all. Then it started installing 1803 which took hours. When I checked again it seemed to have failed and was downloading and installing everything again. After several more hours that also failed with a different error code (0x8024200d and then 0xc0000005). I stopped everything defragmented my disk drive and scheduled a full disk scan at reboot. I found this simple procedure often helped with update failures in the past. After all that, I restarted the Windows Updates again and left the ****** thing to download and install ... and left it and left it.

Just before I was going to bed I realised that the PC was still on, it had installed 1803 and was asking for a reboot. Then it asked me to select the options as above and I was finally back into an updated 1803 PC. Everything seemed to work fine, and it had even fixed an annoying problem where left click on start would not let me select the shutdown options. The pop-up menu disappeared before I could click on any option. I had tried a few "fixes" but none of them had worked and to be honest I was thinking of doing a clean install. 

So I went to bed a happy man.

This morning I rebooted my PC to be presented with a blank screen, the monitor appears to be in standby, but I cannot wake it up. Tried a couple of reboots and much swearing, eventually Windows loaded and seemed to be working fine.

The next time I tried it the mouse pointer was not following the mouse movements properly, it was jerky and seemed to lag behind the my movements. I could hardly use the PC so I tried another mouse. This one was slightly better but I could not do anything. When I opened Word and tried to type I found that some key entries were ignored or auto-repeated for no apparent reason. 

I could not type and I could not use the mouse. THANK YOU MICROSOFT.

Looking on the Internet revealed that loads of other people had these and other issues after updating. I really should have looked more carefully before updating. After a rather laborious session I tried updating the mouse drivers via Device Manager to no effect. I walked away scratching my head and thinking I would have to download Windows 10 and do a clean install after all. A bit of a shame as I have collected loads of very useful free software over the years.

Then I had a brain wave, I had setup remote support to this PC using AnyDesk. So I rushed over to another laptop, opened AnyDesk and clicked on the link I had setup to the HP PC. It came in and the mouse and keyboard on the laptop worked fine on the remote session. I assume that this is because they are not using the device drivers on the PC.

With that I was able to open Drive Booster and do a scan.

That reported that the USB and SOUND drivers needed updating. I selected just the USB and updated – the mouse and keyboard worked. They were not 100% OK but usable. I decided to update the sound drivers as well before rebooting. After that and a reboot the mouse and keyboard are both working fine.

Thank God (or whatever deity you wish) I had AnyDesk and Drive Booster installed otherwise I cannot see how I would have gotten out of this Microsoft generated mess. You would think they would have updated my drivers before (or after) installing 1803?

I must admit that I am beginning to loathe Windows Updates, they take ages and more often than not fail with some error code or other. Then there are all these problems after they update. Personally I have stopped automatic updates on all my computers and run the updates when I decide. After all Mr. Microsoft they are MY PCs. Even then I usually have some problem or other.

I use http://www.thewindowsclub.com/win-update-stop-review to switch the Windows Updates on and off.

BUT be careful you NEED to keep Windows up to date for security. I usually update once a month, just before the new batch of untested updates are released. My hope is that all the “sheep” have found the bad problems and Microsoft have fixed them by then.


Comments: 0
WCS.Tony - Fri May 04, 2018 @ 07:33AM
Comments: 0

I always recommend that my customers and friends use LastPass (click to register) or another password database.

For one thing it REMEMBERS all your usernames and passwords, this means that you don't have to use one password for everything "to remember". The problem with that approach is that one leak, and there are many huge leaks every day, and hackers have your password and will try it on other accounts. It also saves people writing their passwords in a passwords.docx file or in a little book kept with the laptop etc.

I also advise them to make their passwords more robust than "3658" or "fred" adding upper lower case, special characters and numbers will make it harder to crack. As will the length of the password. Check your password in this web site and then add a "-" or a few more characters to see the difference that can make.

https://howsecureismypassword.net/

https://lastpass.com/howsecure.php

And finally register with the excellent (and FREE for private use) SPYCLOUD. it will monitor your accounts and report back if there has been a security breach and what has been leaked. If required you can then quickly change your passwords and update LastPass.


Comments: 0
WCS.Tony - Sun Jan 07, 2018 @ 08:50AM
Comments: 0

I have been using Feedspot for ages but a while ago a pop up window appeared offering me a free upgrade FOR FREE. The problem was that there is no means of turning this screen off, no "X" no "No thanks". As it covers the middle of the screen my free Feedspot was suddenly unusable. Other people were complaining about it but no solution, I even emailed Feedspot - NO REPLY.

So I stopped using Feedspot and went over to the excellent FEEDLY (I also tried INOREADER, G2READER and many more).

Then today I thought that I would just take the free month offer from Feedspot, but it asked me for my credit card number – NO.
And what was that FREE with PayPal or free to pay with PayPal?
Either way I was not giving away my “bank” details.

Suddenly my EUREKA moment. I right clicked on the pop up box and selected Block Element, make sure you have selected the entire popup box, then create on the bottom right and the annoying popup is GONE. I should add thanks to my FireFox add-on uBlock Origin.

I did post this tip on https://feedspot.uservoice.com/forums/169685-gener... but for some strange reason (Feedspot?) the way to get rid of their annoying nag screen did not get published.


UPDATE:

They finally answered my email.
Not by allowing me to close the pop-up.
Instead they have very kindly given me free lifetime membership.

THANKS!

But PLEASE allow free users to close the nag screen, even if it pops up each time you open the page. Otherwise you are just annoying all your free users and they will find alternatives. And once you loose a customer it is very hard to get them back!



Comments: 0
WCS.Tony - Tue Sep 26, 2017 @ 06:53AM
Comments: 2

I keep an old XP machine as some of my customers are still on XP, and over the years I have amassed loads of little utilities and free programs.

A few weeks ago I started to notice very high Disk I/O Reads for Firefox in XP's Task Manager. At first I thought that it was "just" Firefox, but it began impacting on my PC usage and to be honest I was getting concerned about how long my old disk drive would last. After an hour or two of browsing I was seeing 16,000,000,000 I/O reads or more. Yes 16 GB or more!

  • So I uninstalled a few suspect add-ons - same problem.
  • Run Firefox in safe mode - same problem.
  • Defragged and used FIREMIN to compact the Firefox database - seems faster but same problem.
  • Scouring several sites (#1) on the Internet came back with some changes to about:config parameters - same problem.
  • Whatever I did, Firefox would read and read and read.

So I user Sysinternal's excellent Process Monitor to look at FIREFOX.
Then selected one of the disk / file items and then go to Tools > File Summary

Sorting into Read Bytes soon showed the file that was causing all the reads.

It was the file with certificates file / database.
C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\xxxxx.Default1\cert8.db

I closed Firefox and renamed the file cert8.db.old and opened Firefox again, a new cert8.db was created. AND my disk I/O was back to normal, after several hours browsing 413,889,378 (a bit better than before?). 

Obviously if you have any certificates that you want to keep export them before changing the cert8.db name. In Firefox - to see certificates (or export them) go to Options->Advanced->Encryption->View Certificates.



(#1

Other things I found on the Internet before finding the problem with cert8:

https://www.servethehome.com/firefox-is-eating-your-ssd-here-is-how-to-fix-it/  about:config   browser.sessionstore.interval set it to 30K (it was 15K), then 300K.
Similar findings in:
https://www.reddit.com/r/firefox/comments/46qvfd/how_to_minimize_disk_writes_made_by_firefox_on/
https://www.wilderssecurity.com/.....-before-firefox-wears-down-your-ssd-drive.391018/, 
https://www.mahal.org/change-firefox-session-store-interval-to-save-your-ssd
     suggests “1500000” = 25 min.

Also changed browser.sessionstore.resume_from_crash to FALSE (it was true)
https://www.servethehome.com/firefox-is-eating-your-ssd-here-is-how-to-fix-it/

All of these reduced disk usage A BIT, but did not cure the actual problem.


Comments: 2
WCS.Tony - Tue Sep 12, 2017 @ 06:35PM
Comments: 0

A few months ago I tried out ZEMANA ANTIMALWARE. When I had finished playing with it I uninstalled and forgot all about it. Today I was doing a defrag when I noticed a file called ZAM_Guard.krnl.trace and, when I looked in C:\Windows, ZAM.krnl.trace as well. I thought the ZAM bit looked familiar and when I looked online I realised that they belong to Zemana Antimalware.

I was a bit surprised as usually I uninstall using IOBit or Ashampoo uninstallers and they are ususally pretty good. Then I realise that both those files have TODAY's date, I quickly check my installed apps, and no Zemana. So I run good old AUTORUNS and search for Zemana, sure enough I find the files there and I un-tick them and reboot.

Once rebooted I went back and deleted both the files and much to my surprise they were immediately recreated. The files just contain log files so nothing dangerous there, but what is putting them back? Zemana must still be running on my PC, but nothing in Autoruns, services or Task Manager.

A quick search with the brilliant Search Everything finds two more file in C:\Windows\System32\drivers\zam64.sys and zamguard64.sys. When I try to delete them I get a warning to say they are in use - So RUNNING on my PC?

I searched the registry and found some entries there for Zemana, but please be VERY careful if you use REGEDIT.

Instead of that I used and old trick, go back to C:\Windows\System32\drivers and RENAME both zam files by adding .WCS to the end of each file name after the .SYS. I just use .WCS (notice the DOT . ) as it reminds me that I changed them on customer's PCs - Weybridge Computer Services. After renaming both files close down everything and reboot Windows 10.

Obviously the registry entries that are loading these programs try and load zam64,sys which is no longer there as it is now call zam64.sys.WCS (and the same for zamguard64). So they cannot be loaded and running. Sure enough I was now able to delete the trace files and the programs - Zemana Antimalware is FINALLY dead on my PC.

THANK YOU ZEMANA!


Comments: 0
WCS.Tony - Sat May 13, 2017 @ 10:56AM
Comments: 0

Whatever you do - DO NOT PAY THE CROOKS

1. Turn off the PC
2. Report it to the police
3. Call a reputable PC support company.

I've had some experience with these attacks and they usually encrypt all your data, then pop up a message saying PAY ME TO GET YOUR DATA BACK.
Now if you have kept your PC updates as Microsoft suggest and have a current reputable antivirus running you should be OK.
Obviously you still have to be careful when you click on email links or run / open attached files (save should not do any harm).
The best defence is not to load the virus in the first place!

Your second line of defence is to take regular backups of your data, I can always reinstall Windows (even if we have to buy a copy) but YOUR data is unique to YOU. All your photos of the kids, friend’s addresses, typed letters to the solicitor etc. For the sake of £50 buy an external USB drive and use it to backup at regular intervals - once a week, a month, whatever. I would also recommend that you backup to different files or folder – not just overwrite the only copy each time. For example what would happen if you backed up your encrypted files to you only backup copy? You could have Backup-Jan, Backup-Feb etc., or Monday, Tuesday.... you get the idea.If you are really concerned or careful – each back up could be on a different USB drive. Work out what you want / need for your data and DO IT.

Obviously you will need to unplug the drive from the PC afterwards; otherwise the ransom ware will also encrypt your backup.
Personally I back up to an external USB drive and make regular secondary backups to DVDs that I store away from the PC.

Now back to "help I've lost all my data and they want £300".

Killing the nasty virus is not usually a problem to an experienced PC support technician.

This must be done before anything else as otherwise any files you attach (like trying to restore from your backups) will also get encrypted before you get a chance to copy them back. Once the virus has been stopped you can recover your old files from the backup just by copying them back.

If backups are not available, or very old, I have usually managed to crack the encryption key(s) but and here is the big BUT I need an encrypted file and the same file before it was encrypted. Usually one key un-encrypts all the user files, but quite often I had to get the key on several different files and keep un-encrypting until they are all back. Usually this is just restricted to user files but I've had instances where several system / software files that had also been encrypted.

A few customers who did not have ANY backups on USB drives, sticks or DVDs. Not even any files in OneDrive, Google Docs (both FREE) or Dropbox / Carbonite / Crash Plan etc. Luckily for them they were old customers and I always put a document detailing what I have done on their PC and any log files I created. This is stored as a DOC(x) or RTF file on their PC and I keep a copy for reference. I was able to use those files to hack the encryption keys, and restore all their data.

So basically:

  • Keep your system and antivirus software up to date.
  • Take regular backups and keep the copies (more than one) safe and away from your PC.
  • Google how to spot SPAM and what to do with email links and attachments, or how to avoid ransomware. No matter how good your system is at protecting itself it’s far better if you don’t do anything silly and let the attack in. Knowledge is power!
  • Finally there are many free (and paid) dedicated anti ransomware programs out there, you may wish to try one.

I should add that currently (13/05/2017) there is no decryptor available for the Wannacry attack that hit the NHS. Unless you have backed up your data you are in trouble. It may be possible to recover the original / deleted files using specialist recovery software but apparently the virus tries to stop that as well. Even if the old deleted files were on the disk after the infection every time you boot, every time you use your PC it will write data to the disk and there is a greater and greater chance that your old files will be completelly overwritten by new files.

If you have not been infected BACK UP NOW!

Comments: 0
WCS.Tony - Tue Mar 29, 2016 @ 12:54PM
Comments: 0

Has anyone manage to use one of these on Windows 10 64 bit?

Basically I bought this years ago when FREEVIEW (Digital TV) was staring, to be honest it was more of a toy just to get TV on my old PC and I recorded a few programs and then forgot all about it. Well last week my friend's huge LCD TV packed up and I though he could borrow my USB dongle so that he could at least see TV on his PC.

It quickly became apparent that the drivers that came with this device would not install on Windows 10 and it comes in as UNKNOWN.
When I try to update the drivers using Windows 10 it fails
                  "Windows could not find driver software for your device"
I downloaded various drivers from the web (take care loads of odd downloads / viruses and driver checking software) and manually pointed the driver update to those folders and / or run the setup programs.
So far none of them have worked.

I can run the original BlazeVideo and SichboPVR software but, without the drivers, I cannot find a TV device.

USBDeView shows the dongle

DVBT AF9005 BDA Device Vendor Specific Yes Yes No No 16/05/2010 15:31:36 29/03/2016 13:50:00 15a4 9020 1.00 ff ff ff Hub 1, Port 3 Afatech Technologies, Inc. AF05BDA AF9005 BDA Device AF05BDA.sys MEDIA AfaTech 500 mA 1.10 AF9005 BDA Device 6.3.2.1 AF05BDA oem39.inf USB\Vid_15a4&Pid_9020\5&34a681e0&0&3 Removable, SurpriseRemovalOK

Device instance: USB\VID_15A4&PID_9020\6&30663d42&0&2
Hardware Id: USB\VID_15A4&PID_9020&REV_0100

Yes I know!
I have already set him up to look at catch up TV through the Internet.
But surely there must be a working driver for this dongle?
Or a means of getting the old driver to work in Windows 10?
Would Driver Signature Enforcement Overrider  be any use?

HELP?

Comments: 0
WCS.Tony - Thu Mar 24, 2016 @ 12:17PM
Comments: 0

It really is about time that our police and BT did something about these scams.

Hardly a month goes by when I don't get a call from someone AFTER they had a call from Microsoft.
My usual reply is "How do you know it was Microsoft?" - because they said so.
Just to be clear Microsoft do not call up users at random, hang up and report it to the police and BT.

The other similar issue is when people search for help online, quite often the entry at the top of the search page is "fake" and pretend to be from Apple or Microsoft of whoever. Once again "How do you know who they are?". I had people sign up for 3 years worth of "excellent" help from "Apple" or with free 24 hour support from a "Microsoft company". BE CAREFUL!

The standard "I'm from Microsoft and you have a problem with your computer" does not in itself cause you any problems. The problems come when you allow then access to your computer or give them your bank / credit card details. Usually they add some programs to your PC so that they have access to it, sends them your username and passwords or even lock it up unless you pay them. And rest assured they WILL want payment to "fix" the computer that was working fine before they call.

One young chap (it is usually the more elderly ones that get caught by these evil people) assured me that he had allowed them into his laptop, but had refused to pay them. I was rather surprised that he got off without paying but removed all the various malware and viruses that were now slowing down his laptop. There were also some proxy settings and remote monitoring programs that I removed and installed Avast FREE for him as his Norton has expired years ago and he had never renewed the contract. There are several good FREE antiviruses that you can use.

Anyhow after all that I returned his laptop and he asked me if I would taker a cheque from his wife. I was a bit surprised so I enquired and apparently his bank account seems to be empty - must be a mistake. I assured him it was probably NOT and to call his bank at once. They had got hold of his bank details even though he assured me that he had not given it out.

SO TAKE CARE.

If you get a phone call from someone claiming to be from Microsoft - HANG UP.
If you get a phone call from anyone claiming to be from company-x - how do you know they are who they say they are.
If you are not sure hang up and find out, call the company using a number from a letter you had from them or the phone book.
And even this is not 100% safe as they could have stayed on the line, when you hang up.
When you dial again, they are still there and can put another person on the phone to vouch that they were who they said.
To get over that call someone you know and you know the line is clear if THEY reply, or their answerphone replies.
Only then can you call the real company number and check if they are really calling you.

AGAIN - WHY CAN'T BT FIX THIS PROBLEM?

If you have allowed "Microsoft", a free "support company" or ANYONE access to your PC - my advice...
TURN IT OFF and CALL ME.

Comments: 0
WCS.Tony - Wed Sep 02, 2015 @ 03:30PM
Comments: 0

A huge thanks to Philby E McGee at http://www.bleepingcomputer.com/forums/t/581470/ba...

My Windows Updates began failing about 10 days ago and I've tried just about everything on the web including various Microsoft Fix Its, SFC, SCFix, register / unregister various services, batch files, registry files - nothing would allow me to start BITS or get new updates.

Never mind I will update my Windows 7 to the amazing new Windows 10
But I could not do that either!
Windows seemed to be using the update service to do the upgrade.
Or rather failing to, on my laptop.

I contacted the Microsoft online help (saying that Windows Update was the problem) and after over an hour of fiddling about on my computer he updated the BIOS (without asking me). Once again I mentioned that I thought it was my Windows Update problem.
NO - He then proclaimed that I had a "driver issue" - "Contact ACER".
Which driver I asked - no reply.
Could we not just update to Windows 10 from scratch and replace ALL drivers?
NO!

:deadhorse:

I gave up and after cooling down I tried several very complicated and time consuming repairs - or rather NOT repairs.
Then I saw this simple solution all I did was create a new registry key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\BackupRestore\FilesNotToBackup
Straight away I was able to start BITS, the first time in nearly two weeks.
I started Windows Updates and applied 23 of them.

Now I am waiting for my Windows 10.
"We'll let you know when this upgrade is ready to be installed on this PC".
I can hardly wait.

Once again a great big THANK YOU :bananas::thumbsup::bananas:


By the ways BITS is Background Intelligent Transfer Service.

Update:
Windows 10 became available soon after and installed with no problem.

Comments: 0
WCS.Tony - Sun Mar 29, 2015 @ 10:37AM
Comments: 0

This seems like a nasty trick from Logitech.
I am talking about my Logitech Cordless Desktop LX 700 but it may also apply to other models.

A few weeks ago a customer gave me an old wireless keyboard and mouse.
"It does not work and I have bough a new one".

Soon afterwards my keyboard began sticking on certain keys. Pouring a large mug of tea over it and then cleaning it did not help and no amount of silicon spray seemed to stop the sticking. Then I remembered the Logitech mouse and keyboard.

The keyboard just needed new batteries and the ones on the mouse were dead. As they are rechargeable I removed them and charged them on my battery charger. After that the mouse worked fine as well.

But after a few days the mouse suddenly stopped, as I keep forgetting to put it back on the charging cradle when I finish I was not too surprised. After this happened a few times (and now I was putting the mouse back in the cradle) I decided to swap out the existing batteries (AA) for two rechargeable ones. The Logitech batteries seemed to be glued together with a piece of plastic in the middle. I put in the two new AA batteries and everything was fine. But a few days latter the mouse stopped again - had I put it back in the charger?

So I blamed myself and charged the batteries externally again, and again.
Today I checked the batteries - OK, the contacts in the cradle - OK, the joints inside of the mouse - OK, the power supply - OK. WHAT COULD IT BE?

Then I noticed the a little switch right between the batteries.


A switch that would be depressed by that strange plastic between the two original batteries. I cut a small piece of plastic to the right size and made sure it was held in by the batteries. Put the mouse back on the cradle and, for the first time, I noticed a little green LED on the mouse. IT CHARGES.

What a nasty trick!

Comments: 0
powered by Doodlekit™ Free Website Builder