Posted on 7th May, 2015 | Tags : , , , , , , , , , , , , , | No Comment

A word of warning.
When your computer locks up and becomes unresponsive, try EVERYTHING first EXCEPT holding down the power button to force it to shut down. The laptop on the right is a new Toshiba to replace the 3 year old Lenovo where a client did exactly that.

The results were a Windows environment with a corrupt registry that was completely un-bootable. Upon removing the hard drive, it was unreadable in any other Windows machine. The MacBook on the left is retrieving 130+ Gigs of data from the hard drive to transfer to the new Toshiba.
Several files were corrupt and could not be recovered, as their internal data was scrambled during the forced power-down.

The bill for this little episode will not be small.

Laptop Data Recovery

Laptop Data Recovery




To avoid this:
On a Windows machine:

  1. Press Ctrl + Alt + Delete and select Task Manager. You may have to wait for awhile. You can also access Task Manager by pressing Ctrl+Shift+Esc.
  2. Select Programs
  3. Highlight any program that is not responding and click the button to close the program.
  4. Keep doing this for any non-responsive applications.
  5. Close Task Manager.
  6. See if you can now shut down the computer normally.

    On a Mac:

  7. Command+Tab to Finder.
  8. Click the Apple logo in the upper left corner of the screen.
  9. Select Force Quit on any unresponsive applications.
  10. Confirm your selection
  11. Close the Force Quit dialog.
  12. You should now be able to shut your computer down normally.

    Note: All computers like to be rebooted at least every few days to clear the junk processes that do not unload themselves from memory.

    These are the kind of problems I solve every day.

Call 214-232-9503 to schedule an appointment or send an email via our website

DM me on Twitter

Contact / Follow me on Facebook

Posted on 23rd April, 2015 | Tags : , , , , , , , , , | No Comment

Take advantage of our Art for Referrals Program

How it works:

  • You refer us to your friends
  • For every successful conversion of a referral to a client,,
    you receive a piece of art from our inventory
  • Commercial clients earn you one signed and numbered limited edition framed or stretched print
    (value up to $400)
  • Residential clients earn you one non limited edition 16×20 matted print ready for framing
    (value $59)

Choose from our library of themes:
Texas, Tuscany, Route66,Ireland, NYC, abstracts and more.

See our current inventory here.

This is our way of showing appreciation for your confidence in our service.

Restrictions:  Referrals must be in our service area (Dallas, Plano, Frisco, Addison, Allen, McKinney, Little Elm, The Colony, Carrollton Lewisville or Denton.)

We provide a full array of on-site and in-shop computer services including networking, troubleshooting, WiFi, web / email hosting, SPAM filtering, virus protection, hardware and software configuration and more.

DFW Computer Integration
Dallas, Texas

16x20 Prints

16×20 Prints






Framed 24x36 Print

Framed 24×36 Print
















Posted on 21st April, 2015 | Tags : , , , , , , , , , | No Comment

What does this mean to you?

Lightning Strikes Your Computer

Lightning Strikes Your Computer

It means you need serious surge protection. More importantly it means to fully protect your valuable electronics, you should disconnect all cables that go to the “outside world”.
If you are at your home or office when a major electrical storm is coming, we recommend you unplug all power cords, USB cables and ethernet cables from your equipment until the storm passes.

Lightning bolts are at LEAST ONE MILLION volts and are hotter than the surface of the SUN. A lightning strike somewhere near you can sent high voltages right up ground wires and destroy your computer, entertainment equipment, etc. We have seen this happen more times than I can count.

NOTHING will protect you from a Direct Lightning Strike to your building, but having high quality surge protectors / battery backup will protect you from near-misses.

All surge protectors are NOT created equal. If you spent less than $30 on yours, it will NOT protect your equipment. Contact us for protection that actually works before it’s too late.

There are 3 brands and ONLY 3 brands we recommend for your protection:  APC. Panamax and Tripp Lite.  We use APC exclusively, as it has shown to have the best cost / benefit ratio.


Posted on 7th April, 2015 | Tags : , , , , , , , | No Comment

So far I cannot gather enough information to declare this a wide-spread problem, but in one isolated case I found having iCloud Drive running was causing massive memory and resource usage on a Windows 7 computer.

Computer specs:

Lenovo G560
Pentium P6100 2.0GHz
Win 7 Home Premium 64 bit SP1
4 Gigs RAM

4 Gigs of RAM is pretty low for a 64 bit OS, but that did not explain the frequent Out of Memory messages and extremely poor performance of this computer.  While running an AVG virus scan I opened the Task manager and CPU usage was at 79%.  The computer was essentially unresponsive.  Only after killing the iCloud Drive process did the CPU usage drop to an expected 23%.

Uninstalling iCloud from this computer had the effect of turning it back into a useful computer.

Posted on 4th April, 2015 | Tags : , , , , , , , , , , , , , , | No Comment

I was so fascinated by this email I had to share it.  This was snatched up by our mail server SPAM filter and it piqued my interest enough to open it up and read the whole thing (at the server level – not on my computer).

These are the kinds of things that can either cost you a lot of money or wreck your computer with a malicious attachment, so having server-based SPAM filtering is vital these days.

The big clues are the lack of legitimate reply-to address, Dallas / Fort Worth improperly spelled and various grammatical errors throughout.  Oh – and the word “Nigeria” anywhere in a message.  I have enhanced the obvious errors for your edification and amusement.

Malware Alert!

SCAM Alert!



Here it is in all its glory:


From: Agent Donald W. Freese <>
Date: Fri, 3 Apr 2015 17:24:27 +0100

                                    Federal Bureau of Investigation
                                    Intelligence Field Unit Dallas Fortworth
                                            International Airport, Texas.
I am Assistant Special Agent Incharge Donald W. Freese from the Federal Bureau of Investigation (FBI) Intelligence Field Unit, we Intercepted two consignment boxes at Dallas Fortworth International Airport, Texas, the boxes were scanned but found out that it contained large sum of money and also some backup documents which bears your name as the Beneficiary/Receiver of the money, Investigation carried out on the diplomat that accompanied the boxes into the United States, said that he was to deliver the fund to your residence as overdue payment owed to you by the Federal Government of Nigeria through the security company in the United Kingdom.
Meanwhile, we cross check all legal documents in the boxes but we found out that your consignment was lacking an important document and we cannot release the boxes to the diplomat until the document is found, right now we have no other choice than to confiscated your consignment.
According to Internal Revenue Code (IRC) in Title 26 also contain reporting requirement on a Form 8300, Report of Cash Payment Over $10,000 Received in a Trade or Business, money laundering activity may violate 18 USC 1956, 18 USC 1957, 18 USC 1960, and provision of Title 31, and 26 USC 6050I of the United States Code (USC), this section will discuss only those money laundering and currency violation under the jurisdiction of IRS, your consignment lacks proof of ownership certificate from the joint team of IRS and IRC, therefore you need to reply back immediately for direction on how to procure this certificate to enable us relieved the charge of evading the law on you, which is a punishable offense in the United States.
You are required to reply back within 72hours for normalization and release of your consignment boxes for onward delivery to your address, also you are instructed to desist from further contact with any bank(s) or person(s) in Nigeria or the United kingdom or any part of the world regarding your payment because your consignment has been confiscated by the Federal Bureau here in the United States.
Yours In Service,
Agent Donald W. Freese
Assistant Special Agent Incharge
FBI- Dallas Area Division
(I really should have highlighted the entirety of this message…)

Posted on 3rd April, 2015 | Tags : , , , , , , , , , , , , , | No Comment

Most people who know me are aware that I am not just a Computer Wizard, but also a Fine Art Photographer.

Unfortunately for me – but fortunately for y’all, I have a lot of inventory in a Frisco warehouse.

So here’s what we are doing.

For every residential client you refer to us that we convert to a paying customer, we will give you one 12×16 (roughly) print, matted to 16×20 and ready to frame and display.  It has to be something we have in inventory, not something we custom print for you.  We will give you a choice of themes and send you a preview so you can decide on a print.  It will be hand-delivered.  Wholesale value of these prints is $59.00

16x20 Matted Prints

16×20 Matted Prints






For every commercial business you refer that we convert to a paying customer, we will provide you with a large (typically 24″x36″ framed, signed and numbered Limited Edition print from our inventory.  The same conditions apply as above.  Prints with a value up to $400 are included in this offer.

Our collection includes images of Texas, Route 66, NYC, Ireland and Tuscany.  See our Inventory Sale page for the currently available framed prints.

Posted on 3rd April, 2015 | Tags : , , , , , , , , , , , , , , , , , , , , , , , , , , , | No Comment

Recently one of my clients had his computer massively infected.  What seemed to trigger this situation was an automatic upgrade to his AVG Internet Security software.  It seems that during the “upgrade” process, the system was left vulnerable just long enough to hose the system rather badly.

After scrubbing it as clean as I could get it and sending in back home (5 hours worth of work) he had no printer installed anymore.  In the process of running the printer install he received a message to upgrade an out of date Flash Player.  This seemed reasonable at the time, as many installation CDs use Flash to make the interface pretty.  As soon as the Flash Player started running, the dreaded CryptoWall text message flashed on screen and he was toast.


I initially scrubbed the computer of the following infections:

  • Trojan.FakeMS.SVSGen2   (NativeHooks.dll)
  • Trojan.Agent.ED
  • Trojan.Clicker.FMS
  • Redirects to: heaho.tildeforge and searchnet.blinkxcore

I also found and deleted all references to the following in both the registry and file system + running processes:

  • ituj.exe  (this one kept relaunching until I simultaneously deleted the file, killed the process and deleted the registry key)
  • GuidingDepositor… (siwuko)
  • 2760167
  • 32C3
  • 5ae9167
  • 5ae91671
  • Eqztion

After manually deleting all Temp and Temporary Internet files as well as all traces of files and registry entries to the above referenced items, I found all but around 10 of the system Services were in a Disabled state.  I’ve only seen this a couple of times and both times it was due to an infection.  The symptoms are that the computer cannot communicate (all networking is non-functional) and the display looks like it’s in Safe Mode.  Manually setting all Services to Automatic or Manual (depending on the nature of the service) takes about an hour of time.  After this I was able to get updates for MalwareBytes and AVG and perform another set of scans.

After I finally had clean results, the system seemed stable and operated correctly.  At this point it went home and came down with the fatal ransomware – CryptoWall 3.0.

Luckily we disabled it in time and the only thing lost was photographs, which were backed up with Carbonite.  This is an actual workstation which has many years of crucial documentation, emails, and Act! database and much more that could have been lost.  Losing photos was no big deal and they were all encrypted.

During a fully updated AVG scan of the CryptoWall 3.0 infected OS, we removed:

  • FileCryptor.AWJ
  • Crypt4.HIT
  • Powelikc

a message that svcxdcl32.exe (bogus file) had stopped working flashed on the screen.  I located and deleted it.  At this point I removed the hard drive from the machine and connected it to a USB dock.  I installed a new hard drive in the machine and started a new system install.  Meanwhile I connected the infected drive to my MacBook and started siphoning off the data we needed to save.  In this was I ensured a clean capture of data, as the Mac OS is un-infectable.  After capturing all data I did a search for HELP_DECRYPT and removed over 300 entries.  The ransom demand files dropped by CryptoWall 3.0 in most directories of your hard drive will be:

  • HELP_DECRYPT.HTML: redirects your web browser to the CryptoWall server with information about the threat, encryption and payment options
  • HELP_DECRYPT.PNG: contains a message about CryptoWall 3.0 and demand for payment with instructions
  • HELP_DECRYPT.TXT: the same the png file, but in plain text
  • HELP_DECRYPT.URL: redirects your browser to the CryptoWall 3.0 server to accept your payment

Their cleverly crafted ransom message reads as follows:

“What happened to your files?
All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 3.0.
More information about the encryption keys using RSA-2048 can be found here:

What does this mean?
This means that the structure and data within your files have been irrevocably changed, you will not be able to work with them, read them or see them, it is the same thing as losing them forever, but with our help, you can restore them.

How did this happen?
Especially for you, on our server was generated the secret key pair RSA-2048 – public and private.
All your files were encrypted with the public key, which has been transferred to your computer via the Internet.
Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server.
What do I do?
Alas, if you do not take the necessary measures for the specified time then the conditions for obtaining the private key will be changed.
If you really value your data, then we suggest you do not waste valuable time searching for other solutions because they do not exist.”

Once the file-encryption process is over, the original files are deleted. In case you do not have a backup of your files, you could use reliable software to restore them or part of them from the Windows shadow copies. Below you will find detailed instructions on how to do so.

As my client put it when I explained the seriousness of this situation: “Why would I trust the people who just infected my computer to give me back my data after I pay them?”

This is a legitimate concern.  Stories exist of victims paying the ransom, only have even more money demanded after the payment.  Other stories indicate the data decryption key was never received after paying the ransom.  In other words, there is no guarantee.  What you can be sure of, is that the longer you wait to pay these people, the higher the ransom amount will be.

What to do if you receive the dreaded ransom message on your computer:

  1. Shut down the system immediately!  Time is of the essence.  The longer it runs on your system, the more files it encrypts.
  2. Take it to someone who actually knows what they are doing.
  3. Get the infection neutralized before trying anything else.
  4. Try using PhotoRec to recover your image files.  This is the only known functional tool at this time.

What can you do to protect yourself?

  1. Run the CryptoPrevent Tool to lock down your system’s security.
  2. More resources from BleepingComputer.
  3. Be extremely vigilant about where you go on the Internet and what emails you open.
  4. Be very suspicious of all emails – even from people you know.
  5. Consider the way in which a message is written.  Would the real sender craft a message in this manner or is it bogus?
  6. Never open any attachments unless you verify the contents by phone first.  Seriously.
  7. Before clicking on a link in an email, hover your mouse over it and look at the status bar (bottom of the window) to see where it actually goes.  If the destination is a bunch of gobbledygook letters and numbers, delete the message immediately and inform the sender.
  8. Let us install CloudCare on your system to protect it.  Nothing does as good a job of securing your system.
  9. Contact us about our Cloud-based Backup plan that will secure your data.
  10. Buy a Mac.  They are immune to this threat.

Posted on 20th March, 2015 | Tags : , , , , , , , , , | No Comment

Airplane Ticket SCAM is Coming Around Again!

If you are invited by a friend to participate in this SCAM — DON’T DO IT! Follow the report link below for the details. This scam comes around every year with more people falling for it and reaping the “rewards” of believing they will actually get something for nothing.

Remember — There is NO Free Lunch. There is no Free Beer Tomorrow. Don’t fall for these scams. By following their rules to “invite at least 100 friends” to like this BS campaign, you risk exposing your friends to having their identities stolen.

Just say NO to these SCAMS!

Let’s all be safe out there, OK?


The Facebook page (today) is titled “Get 2 Southwest Tickets”  The “event” on Facebook is SW Rewards.

The Facebook Page Address

Read the Snopes write-up on this SCAM


Southwest Airlines Ticket SCAM

Southwest Airlines Ticket SCAM

Posted on 17th March, 2015 | | No Comment

Repaired Computer

Review Us on



Posted on 11th March, 2015 | Tags : , , , , , , , , , , , , , , , | No Comment

Today’s PSA

While working on a decent sized network yesterday, one of the users mentioned some nasty little program added into the applications that would not uninstall.

Malware Alert!

Malware Alert!

Binkiland Search is the culprit. This is MALWARE and takes over your search function.

Even Revo Uninstaller couldn’t see / remove this pest, so I had to manually extract it from the registry.

The interesting part is that all workstations are locked down with no ability to install applications unless logged in as Administrator – or provided with temporary Admin credentials. Another interesting note is that AVG did not see this thing sliding in the back door.

The user was attempting to install the Google Chrome browser. I suspect the site she chose to download it from was not legit.  Our security settings would not allow Chrome to be installed, but somehow BinkiLand bypassed the security.  We are investigating this.


Not-So-Cute PDF Writer

One more piece of interesting information: CutePDF Writer contains a Trojan. AVG will NOT allow you to install this thing on your computer. Your clue should be when a vendor redirects your computer to a site named DownULoad to get their software. This product is not free. It is reprehensible that they install this crap along with their product – and piggyback on a toolbar with invasive characteristics.

Foxit makes a free PDF reader that we’ve been recommending for about 10 years.  They also have a very affordable writer (lets you make your own PDF documents out of anything you can get your hands on) and it’s malware-free.

We implement AVG CloudCare for our clients, which includes Malware Protection, Content Filtering and Remote IT so we can administer your computer remotely.  If you are interested in this very affordable service, contact us today.

We also offer a very cost-effective and efficient Cloud-based Backup to protect you against data loss.  Remember – not everything is recoverable – at least not without robbing your kids’ college fund.  With our system you can back up to an external drive at the same time you are backing up to the cloud.  You are very thoroughly protected.

Let’s all be careful what we click on out there, OK?

«« Older Entries

Data Recovery / Network Integration / Performance Tuning