Archive for the ‘News’ Category

Posted on 23rd April, 2015 | No Comment

Take advantage of our Art for Referrals Program

How it works:

  • You refer us to your friends
  • For every successful conversion of a referral to a client,,
    you receive a piece of art from our inventory
  • Commercial clients earn you one signed and numbered limited edition framed or stretched print
    (value up to $400)
  • Residential clients earn you one non limited edition 16×20 matted print ready for framing
    (value $59)

Choose from our library of themes:
Texas, Tuscany, Route66,Ireland, NYC, abstracts and more.

See our current inventory here.

This is our way of showing appreciation for your confidence in our service.

Restrictions:  Referrals must be in our service area (Dallas, Plano, Frisco, Addison, Allen, McKinney, Little Elm, The Colony, Carrollton Lewisville or Denton.)

We provide a full array of on-site and in-shop computer services including networking, troubleshooting, WiFi, web / email hosting, SPAM filtering, virus protection, hardware and software configuration and more.

DFW Computer Integration
Dallas, Texas

16x20 Prints

16×20 Prints






Framed 24x36 Print

Framed 24×36 Print
















Posted on 21st April, 2015 | No Comment

What does this mean to you?

Lightning Strikes Your Computer

Lightning Strikes Your Computer

It means you need serious surge protection. More importantly it means to fully protect your valuable electronics, you should disconnect all cables that go to the “outside world”.
If you are at your home or office when a major electrical storm is coming, we recommend you unplug all power cords, USB cables and ethernet cables from your equipment until the storm passes.

Lightning bolts are at LEAST ONE MILLION volts and are hotter than the surface of the SUN. A lightning strike somewhere near you can sent high voltages right up ground wires and destroy your computer, entertainment equipment, etc. We have seen this happen more times than I can count.

NOTHING will protect you from a Direct Lightning Strike to your building, but having high quality surge protectors / battery backup will protect you from near-misses.

All surge protectors are NOT created equal. If you spent less than $30 on yours, it will NOT protect your equipment. Contact us for protection that actually works before it’s too late.

There are 3 brands and ONLY 3 brands we recommend for your protection:  APC. Panamax and Tripp Lite.  We use APC exclusively, as it has shown to have the best cost / benefit ratio.


Posted on 4th April, 2015 | No Comment

I was so fascinated by this email I had to share it.  This was snatched up by our mail server SPAM filter and it piqued my interest enough to open it up and read the whole thing (at the server level – not on my computer).

These are the kinds of things that can either cost you a lot of money or wreck your computer with a malicious attachment, so having server-based SPAM filtering is vital these days.

The big clues are the lack of legitimate reply-to address, Dallas / Fort Worth improperly spelled and various grammatical errors throughout.  Oh – and the word “Nigeria” anywhere in a message.  I have enhanced the obvious errors for your edification and amusement.

Malware Alert!

SCAM Alert!



Here it is in all its glory:


From: Agent Donald W. Freese <>
Date: Fri, 3 Apr 2015 17:24:27 +0100

                                    Federal Bureau of Investigation
                                    Intelligence Field Unit Dallas Fortworth
                                            International Airport, Texas.
I am Assistant Special Agent Incharge Donald W. Freese from the Federal Bureau of Investigation (FBI) Intelligence Field Unit, we Intercepted two consignment boxes at Dallas Fortworth International Airport, Texas, the boxes were scanned but found out that it contained large sum of money and also some backup documents which bears your name as the Beneficiary/Receiver of the money, Investigation carried out on the diplomat that accompanied the boxes into the United States, said that he was to deliver the fund to your residence as overdue payment owed to you by the Federal Government of Nigeria through the security company in the United Kingdom.
Meanwhile, we cross check all legal documents in the boxes but we found out that your consignment was lacking an important document and we cannot release the boxes to the diplomat until the document is found, right now we have no other choice than to confiscated your consignment.
According to Internal Revenue Code (IRC) in Title 26 also contain reporting requirement on a Form 8300, Report of Cash Payment Over $10,000 Received in a Trade or Business, money laundering activity may violate 18 USC 1956, 18 USC 1957, 18 USC 1960, and provision of Title 31, and 26 USC 6050I of the United States Code (USC), this section will discuss only those money laundering and currency violation under the jurisdiction of IRS, your consignment lacks proof of ownership certificate from the joint team of IRS and IRC, therefore you need to reply back immediately for direction on how to procure this certificate to enable us relieved the charge of evading the law on you, which is a punishable offense in the United States.
You are required to reply back within 72hours for normalization and release of your consignment boxes for onward delivery to your address, also you are instructed to desist from further contact with any bank(s) or person(s) in Nigeria or the United kingdom or any part of the world regarding your payment because your consignment has been confiscated by the Federal Bureau here in the United States.
Yours In Service,
Agent Donald W. Freese
Assistant Special Agent Incharge
FBI- Dallas Area Division
(I really should have highlighted the entirety of this message…)

Posted on 3rd April, 2015 | No Comment

Most people who know me are aware that I am not just a Computer Wizard, but also a Fine Art Photographer.

Unfortunately for me – but fortunately for y’all, I have a lot of inventory in a Frisco warehouse.

So here’s what we are doing.

For every residential client you refer to us that we convert to a paying customer, we will give you one 12×16 (roughly) print, matted to 16×20 and ready to frame and display.  It has to be something we have in inventory, not something we custom print for you.  We will give you a choice of themes and send you a preview so you can decide on a print.  It will be hand-delivered.  Wholesale value of these prints is $59.00

16x20 Matted Prints

16×20 Matted Prints






For every commercial business you refer that we convert to a paying customer, we will provide you with a large (typically 24″x36″ framed, signed and numbered Limited Edition print from our inventory.  The same conditions apply as above.  Prints with a value up to $400 are included in this offer.

Our collection includes images of Texas, Route 66, NYC, Ireland and Tuscany.  See our Inventory Sale page for the currently available framed prints.

Posted on 3rd April, 2015 | No Comment

Recently one of my clients had his computer massively infected.  What seemed to trigger this situation was an automatic upgrade to his AVG Internet Security software.  It seems that during the “upgrade” process, the system was left vulnerable just long enough to hose the system rather badly.

After scrubbing it as clean as I could get it and sending in back home (5 hours worth of work) he had no printer installed anymore.  In the process of running the printer install he received a message to upgrade an out of date Flash Player.  This seemed reasonable at the time, as many installation CDs use Flash to make the interface pretty.  As soon as the Flash Player started running, the dreaded CryptoWall text message flashed on screen and he was toast.


I initially scrubbed the computer of the following infections:

  • Trojan.FakeMS.SVSGen2   (NativeHooks.dll)
  • Trojan.Agent.ED
  • Trojan.Clicker.FMS
  • Redirects to: heaho.tildeforge and searchnet.blinkxcore

I also found and deleted all references to the following in both the registry and file system + running processes:

  • ituj.exe  (this one kept relaunching until I simultaneously deleted the file, killed the process and deleted the registry key)
  • GuidingDepositor… (siwuko)
  • 2760167
  • 32C3
  • 5ae9167
  • 5ae91671
  • Eqztion

After manually deleting all Temp and Temporary Internet files as well as all traces of files and registry entries to the above referenced items, I found all but around 10 of the system Services were in a Disabled state.  I’ve only seen this a couple of times and both times it was due to an infection.  The symptoms are that the computer cannot communicate (all networking is non-functional) and the display looks like it’s in Safe Mode.  Manually setting all Services to Automatic or Manual (depending on the nature of the service) takes about an hour of time.  After this I was able to get updates for MalwareBytes and AVG and perform another set of scans.

After I finally had clean results, the system seemed stable and operated correctly.  At this point it went home and came down with the fatal ransomware – CryptoWall 3.0.

Luckily we disabled it in time and the only thing lost was photographs, which were backed up with Carbonite.  This is an actual workstation which has many years of crucial documentation, emails, and Act! database and much more that could have been lost.  Losing photos was no big deal and they were all encrypted.

During a fully updated AVG scan of the CryptoWall 3.0 infected OS, we removed:

  • FileCryptor.AWJ
  • Crypt4.HIT
  • Powelikc

a message that svcxdcl32.exe (bogus file) had stopped working flashed on the screen.  I located and deleted it.  At this point I removed the hard drive from the machine and connected it to a USB dock.  I installed a new hard drive in the machine and started a new system install.  Meanwhile I connected the infected drive to my MacBook and started siphoning off the data we needed to save.  In this was I ensured a clean capture of data, as the Mac OS is un-infectable.  After capturing all data I did a search for HELP_DECRYPT and removed over 300 entries.  The ransom demand files dropped by CryptoWall 3.0 in most directories of your hard drive will be:

  • HELP_DECRYPT.HTML: redirects your web browser to the CryptoWall server with information about the threat, encryption and payment options
  • HELP_DECRYPT.PNG: contains a message about CryptoWall 3.0 and demand for payment with instructions
  • HELP_DECRYPT.TXT: the same the png file, but in plain text
  • HELP_DECRYPT.URL: redirects your browser to the CryptoWall 3.0 server to accept your payment

Their cleverly crafted ransom message reads as follows:

“What happened to your files?
All of your files were protected by a strong encryption with RSA-2048 using CryptoWall 3.0.
More information about the encryption keys using RSA-2048 can be found here:

What does this mean?
This means that the structure and data within your files have been irrevocably changed, you will not be able to work with them, read them or see them, it is the same thing as losing them forever, but with our help, you can restore them.

How did this happen?
Especially for you, on our server was generated the secret key pair RSA-2048 – public and private.
All your files were encrypted with the public key, which has been transferred to your computer via the Internet.
Decrypting of your files is only possible with the help of the private key and decrypt program, which is on our secret server.
What do I do?
Alas, if you do not take the necessary measures for the specified time then the conditions for obtaining the private key will be changed.
If you really value your data, then we suggest you do not waste valuable time searching for other solutions because they do not exist.”

Once the file-encryption process is over, the original files are deleted. In case you do not have a backup of your files, you could use reliable software to restore them or part of them from the Windows shadow copies. Below you will find detailed instructions on how to do so.

As my client put it when I explained the seriousness of this situation: “Why would I trust the people who just infected my computer to give me back my data after I pay them?”

This is a legitimate concern.  Stories exist of victims paying the ransom, only have even more money demanded after the payment.  Other stories indicate the data decryption key was never received after paying the ransom.  In other words, there is no guarantee.  What you can be sure of, is that the longer you wait to pay these people, the higher the ransom amount will be.

What to do if you receive the dreaded ransom message on your computer:

  1. Shut down the system immediately!  Time is of the essence.  The longer it runs on your system, the more files it encrypts.
  2. Take it to someone who actually knows what they are doing.
  3. Get the infection neutralized before trying anything else.
  4. Try using PhotoRec to recover your image files.  This is the only known functional tool at this time.

What can you do to protect yourself?

  1. Run the CryptoPrevent Tool to lock down your system’s security.
  2. More resources from BleepingComputer.
  3. Be extremely vigilant about where you go on the Internet and what emails you open.
  4. Be very suspicious of all emails – even from people you know.
  5. Consider the way in which a message is written.  Would the real sender craft a message in this manner or is it bogus?
  6. Never open any attachments unless you verify the contents by phone first.  Seriously.
  7. Before clicking on a link in an email, hover your mouse over it and look at the status bar (bottom of the window) to see where it actually goes.  If the destination is a bunch of gobbledygook letters and numbers, delete the message immediately and inform the sender.
  8. Let us install CloudCare on your system to protect it.  Nothing does as good a job of securing your system.
  9. Contact us about our Cloud-based Backup plan that will secure your data.
  10. Buy a Mac.  They are immune to this threat.

Posted on 20th March, 2015 | No Comment

Airplane Ticket SCAM is Coming Around Again!

If you are invited by a friend to participate in this SCAM — DON’T DO IT! Follow the report link below for the details. This scam comes around every year with more people falling for it and reaping the “rewards” of believing they will actually get something for nothing.

Remember — There is NO Free Lunch. There is no Free Beer Tomorrow. Don’t fall for these scams. By following their rules to “invite at least 100 friends” to like this BS campaign, you risk exposing your friends to having their identities stolen.

Just say NO to these SCAMS!

Let’s all be safe out there, OK?


The Facebook page (today) is titled “Get 2 Southwest Tickets”  The “event” on Facebook is SW Rewards.

The Facebook Page Address

Read the Snopes write-up on this SCAM


Southwest Airlines Ticket SCAM

Southwest Airlines Ticket SCAM

Posted on 11th March, 2015 | No Comment

Today’s PSA

While working on a decent sized network yesterday, one of the users mentioned some nasty little program added into the applications that would not uninstall.

Malware Alert!

Malware Alert!

Binkiland Search is the culprit. This is MALWARE and takes over your search function.

Even Revo Uninstaller couldn’t see / remove this pest, so I had to manually extract it from the registry.

The interesting part is that all workstations are locked down with no ability to install applications unless logged in as Administrator – or provided with temporary Admin credentials. Another interesting note is that AVG did not see this thing sliding in the back door.

The user was attempting to install the Google Chrome browser. I suspect the site she chose to download it from was not legit.  Our security settings would not allow Chrome to be installed, but somehow BinkiLand bypassed the security.  We are investigating this.


Not-So-Cute PDF Writer

One more piece of interesting information: CutePDF Writer contains a Trojan. AVG will NOT allow you to install this thing on your computer. Your clue should be when a vendor redirects your computer to a site named DownULoad to get their software. This product is not free. It is reprehensible that they install this crap along with their product – and piggyback on a toolbar with invasive characteristics.

Foxit makes a free PDF reader that we’ve been recommending for about 10 years.  They also have a very affordable writer (lets you make your own PDF documents out of anything you can get your hands on) and it’s malware-free.

We implement AVG CloudCare for our clients, which includes Malware Protection, Content Filtering and Remote IT so we can administer your computer remotely.  If you are interested in this very affordable service, contact us today.

We also offer a very cost-effective and efficient Cloud-based Backup to protect you against data loss.  Remember – not everything is recoverable – at least not without robbing your kids’ college fund.  With our system you can back up to an external drive at the same time you are backing up to the cloud.  You are very thoroughly protected.

Let’s all be careful what we click on out there, OK?

Posted on 12th February, 2015 | No Comment

Malware protection news:

Contrary to popular belief, all malware (viruses, trojans, etc.) are not created equal.  Some are simply much better than others and we routinely find computers “protected” by competing products to be badly infected.  Also, no commercial anti-malware product is configured “out-of-the-box” for optimal protection.  They all need to be optimized by someone who actually knows what they are doing.  We have been using AVG for many years, with over 3,000 (THREE THOUSAND) installations and a very successful protection record.  We settled on this product after trying everything else on the market and finding them all lacking.

We are now offering a cloud-based AVG installation which includes Remote IT.  This allows us to remotely administer your protection, start scans and even troubleshoot your computer remotely if you so desire.  This results in big savings for technical support, as we don’t have to physically come to your location for most issues.  We can connect remotely for a lower hourly rate.

Optionally we can include content filtering, which protects your browser from connecting to known hazardous sites (highly recommended).

We also have SPAM filtering available as an option.  See the document below for an explanation and contact us if you would like to simplify – and improve your computer security.

These services are available for stand-alone computers, laptops, networks of all sizes and Windows Servers.  Get the best protection and service for your home computer or office network right here!


The price for all this peace of mind?

  • A paltry $5/month for Malware protection or:
  • $8/month with content filtering included. *
  • (remote administration included with either – or both options)
  • Add Anti-spam for another $12/month per account. **prices are per computer.  Setup and initial configuration not included.


Posted on 11th February, 2015 | No Comment

February 10, 2015


DFW Computer Investigations Partners with AVG

For many years, DFWCI has recommended AVG products for virus / malware removal and protection. In an effort to offer a more convenient and thorough computer security solution, DFWCI has recently partenered with AVG to offer their suite of CloudCare products to their clients.

AVG Authorized Reseller CCThe CloudCare suite includes anti-malware, remote administration, content filtering, SPAM protection and online storage. The core components of anti-malware and content filtering are part of the primary suite recommended by DFWCI. Client computers are protected and monitored via remote cloud console so the DFWCI is alerted the moment any intrusion is detected on the remote system. With this proactive approach, infestations can be correctd remotely, reducting costs of containment.


DFW Computer Investigations
Dallas, TX 75248




Posted on 30th January, 2015 | No Comment

You do have an off-site backup, right? A local external hard drive backup is a very good idea, but only if you take it off-site weekly and swap it out with another drive so that your most recent backup is somewhere else.


Because disasters happen every day where both your computer and backup drive are inaccessible:

  • Fire (obviously)
  • Tornado (your computer and data could be mile apart with drives that no longer spin)
  • Flood (you may never see your drives again)
  • Theft (we’ve had this happen to our clients)Disaster recovery can become a critical necessity in the blink of an eye.
    A cloud backup is your best defense against total loss of data.

It seems like everyone and their dog is offering a cloud backup these days, right,  How do you make a decision between all these offerings?  Well, we have done some research on this topic and have actually used several of the products out there.  Our sister business, Warren Paul Harris Photography, stores over 5 Terabytes of data and backing up all this data is absolutely crucial.  Also, some of our network clients have struggled with finding a solid and manageable backup solution as well.

All backups are not created equal.  Some are not capable of backing up Windows servers, as they cannot handle the permissions at a kernel level.  Our backup seamlessly integrates with both workstations and servers.

With some products, your cloud storage is managed from a local client application, but if you also want local backups to an external drive, you need an add-on application and another account (more $$$) to accomplish this task.  Not with our solution.

One application and a single, affordable monthly fee takes care of all your data protection at once.

Our recommendation is: 

iBackup cloud storage

IBackup Cloud storage

«« Older Entries

Data Recovery / Network Integration / Performance Tuning