Advantage Micro in Tucson

avast 7 downgrade to avast 6 issues and solutions

J.R. Guthrie — Sat, 03 Mar 2012 01:22:27 +0000

avast 7 has released as of February 23rd. It is new and there are many issues being posted daily on the avast forum in many threads. There are also many avast! 7 users that have no issues. However, the business community is NOT ready to deal with these issues, we just want our computers to work. So, staying with avast! 6 for a little while makes since, and let the product get some more debugging. This way you not introduce any undesired results from this upgrade. avast! 6 took about 2 months to be ready for commercial users. Also, there are confirmed cases of avast! 6 users being upgraded to avast! 7, even though they have the Program Update set to “Ask” If you are having avast! 7 issues, then I am recommending a temporary downgrade to avast! 6.

1) Download avast! 6 Pro from here and save to desktop and save to desktop

2) Find your avast! license file “license.avastlic” (needed for step

3) You must remove the old antivirus first! – so go to Control Panel, then Add / Remove programs (if XP) or Programs and Features (if Vista / 7)

4) uninstall the avast! 7 (sometimes this will require using the avast! removal tool)

5) remove the network cable so your computer CANNOT go online!

6) reboot system to finalize the removal process

7) now install avast! 6 by executing the file saved on the desktop “setup_av_pro_601367.exe ” (step 1)

go with defaults, select Yes to “Community IQ”, select “Supply a license file”, and browse to the saved “license.avastlic” (step 2)

9) reboot system (finalizes installation process)

10) Right click avast! icon in system tray, and choose “Open avast! user interface”

11) Choose settings (upper right of avast! window)

12) Choose Updates

13) Under update settings, PROGRAM, select “Manual update” and click OK

14) Close avast! window, and plug in network cable.

Here is my post to the avast Forums that got me blacklisted!

“As I read through the Forums about avast! 7 users being unhappy and bailing to other anti-virus products:
1) It took 2 months before avast! 6 was ready for commercial distribution
2) avast! 7 is only 1 week old now
3) Everything new is not fully debugged. This is all software companies, anybody remember Intuit QuickBooks 2000 (never was usable)
4) Those who adopt early get to reap the benefits of their actions.
5) I always take a “wait and see” attitude so I don’t “open a can of worms” This statement is NOT limited to avast! or anti-virus
6) avast! 6 is a great product, and all problem 7 users should go back to 6 for a month or so!
39 years as I failure analysis engineer, this advise on new software releases is the best advise you will ever get!
I have included the URL to avast! 6.0.1367: www.advantage77.com/Files/setup_av_pro_601367.exe”

How to clean an Infected Computer using “SCRAPE”

J.R. Guthrie — Thu, 16 Feb 2012 18:01:20 +0000

1)If you have been using avast!, this is most likely NOT a virus infection, but a spyware infection! The best antivirus programs in the world stop approximately 95% of virus’, and 70% of spyware. We have been relying on Microsoft Windows Defender for years now, but that program has become worthless, and all it does is slow your machine down. We actually remove Defender from all of our systems. We have found that some users will be re-infected until properly protected. The best protection that money can buy is avast! Pro and Malwarebytes Pro combined. Over 95% of systems, protected this way, do not come back.

2) You no longer have to browse maliciously to get infected. Every website can be compromised. The number 1 monetary fund for every organized crime syndicate and terrorist organization in the world is infections on our computers. Do NOT bank with an infected machine. They are downloading your browser cache and keylogging everything you do. Any password can now be compromised.

3) I work with the folks at Bleeping Computer. They are usually at the top of the heap with removal procedures. I always research the infection that is found and if I get a hit at Bleeping Computer, I always go there 1^st. Lawrence Abrams is a genius. He wrote “rkill”, which is usually a critical step in the infection removal process.
4) You will not be able to remove an infection that is memory resident. They have a self defense mode that enables them to stay even when the code is deleted from the hard disk. Hence “rkill” and the avast! boot-time scan!

5) Removal will require a combination of events / programs to be effective (rkill, Malwarebytes, SAS, ComboFix, etc.) J.R.’s infection “Scrape” document is a rough guideline when you do not know exactly what infection you are dealing with. This process can be modified after investigation and research into your infection. Most Rogueware infections have many hooks, and continue to phone home and download additional code and consistently morph right in front of your eyes. Therefore, we use “write protected” USB flash drives for the initial steps, like rkill and ComboFix, so the network cable can be removed to prevent phoning home.

SCRAPE (use at your own risk, depending upon infection, some systems never work again!)

1)Disable system restore and page file (independently verify pagefile.sys is gone)

2)Disable system hibernation (independently verify hyberfil.sys is gone)

3)Run avast! Boottime Scan (Thorough) or avast! Rescue / Bart CD

Possible false positives can occur in Page file and Hibernation file, and is OK just to delete these. These false positives are normally due to remnants of virus / spyware definitions (DAT files) from programs such as Windows Defender, etc.

4)Run rkill.exe

If executable file type is disabled then

Download one of the available executable types from source

-Rkill.exe

-Rkill.com

-Rkill.scr

-eXplorer.exe

-iExplore.exe

#all are the same program renamed to bypass executable file restrictions

5) Run ComboFix.exe (XP and Vista and Seven 32-bit only) (look at files created on infection day! Many times this is the only way to find those pieces)

6) Run ATF Cleaner (Empty All)

7) Run CCleaner (Cleaner Only)

Run Malwarebytes (Full Scan)

9) Run SuperAntiSpyware (use the portable version, as Malwarebytes Pro and SuperAntiSpyware have been known to conflict with each other, much the same as multiple antivirus programs do!))

10) Run HijackThis (see’s things nothing else here does)

11) Run CCleaner if needed for booting with registry errors (Registry Only, repeat until clean)

12) Re-enable system restore and page file

13) May need to run a System File Checker – For XP open cmd (sfc /purgecache, sfc /scannow) and you may need to provide the Windows installation media – For Vista and 7 open cmd as admin (sfc /scannow) and does not use install DVD. Some technicians will do a repair install at this point, if needed, and not run the System File Checker.

Sincerely,

J.R. Guthrie

President

Advantage Micro Corporation

520-290-0595

JR@Advantage77.com

“avast! is the best antivirus bar none! We haven’t had a virus spread through an avast! protected network in 8 years!”

When all else fails, discovery and removal of antivirus leftovers!

J.R. Guthrie — Thu, 16 Feb 2012 03:09:29 +0000

Antivirus software is the most invasive application we will ever install on our systems. Even when the products are properly removed by “Add/Remove Programs”, pieces of code are ALWAYS left behind, and these leftovers can and do conflict with the current antivirus products installed in your system. This situation has occurred throughout my entire career, and is effected by most antivirus vendors (Symantec, Norton, and McAfee just to tag a few.) These symptoms range from no Internet access, system errors, revolving “boot looping”, and the dreaded Microsoft BSOD (blue screen of death) Windows XP appears to be much more susceptible to trouble when upgrading your antivirus. Where Windows 7 will let avast! 6 install over avast! 4 with almost never an issue (but highly NOT recommended)

Recovery from the A/V process gone awry:

It’s easy to know what antivirus software has been on your computer when you are the guy that loaded it. What about when you inherit system support on computers that you do not know what was installed prior. This is where the discovery and removal process for anti-virus leftovers will save you time and grief in getting systems back to par!

This particular process is specific to avast! 6 upgrading over an avast! 4 or avast! 5 installation, however it also applies to other antivirus vendors as well. I have been through this process, removing avast! 4.8, then removing avast! 6 with the uninstaller, and then having to use the removal tool for other A/V vendors that had previously been installed. If you look in your “Program Files” directory, you can find leftover directories of every antivirus / program that was loaded on the system. Microsoft leaves these directories in case you use the “system restore” function, where you go back in time to when one of these programs was still installed and functional. This prevents a system restore from crashing your system due to missing directories / programs. Once identified, I used those vendors uninstallers, and have had sporadic success. The last resort is: “WHEN ALL ELSE FAILS” procedure at the end of this article. Hopefully you won’t have to go there. Here is a most comprehensive list of uninstallers at SingularLabs. Almost every A/V is here:

http://singularlabs.com/uninstallers/security-software/

This REMOVAL process is specific to avast! 6 upgrading over an avast! 4 or avast! 5 installation (also use when upgrading avast! Free to avast! Pro)

1) Remove all avast! versions as well as any other A/V programs from add/remove programs in control panel.

2) Download the latest version of avast! Uninstall Utility (aswclear.exe) and save it on your desktop.

http://files.avast.com/files/eng/aswclear.exe

3) Start Windows in Safe Mode (F8 key before Windows splash screen on a reboot)

4) Open (execute) the uninstall utility aswclear.exe

5) Choose which version of avast! to uninstall. This process will be repeated for each avast! version (4, 5, and 6) So let’s assume we had all 3 versions of avast! installed at some point. So we choose version 4.8 and proceed.

6) If you installed avast! in a different folder than the default, browse for it. (Note: Be careful! The content of any folder you choose will be deleted!)

7) Click REMOVE

8) Restart your computer

9) Start Windows in Safe Mode again

10) Open the avast! uninstall utility a second time

11) Choose version 5 of avast!

12) If you installed avast! in a different folder than the default, browse for it.

13) Click REMOVE

14) Restart your computer

15) Start Windows in Safe Mode again

16) Open the uninstall utility again

17) Choose version 6 of avast!

18) If you installed avast! in a different folder than the default, browse for it.

19) Click REMOVE

20) Restart your computer

21) Now install avast! version 6.0 Pro (must be 1367 version): www.advantage77.com/Files/setup_av_pro_601367.exe

The “WHEN ALL ELSE FAILS” procedure to “scrape” all of avast! remnants from a computer system (AKA Pete Scrape) using the avast! example:

1) Add remove programs, remove avast!, restart.

2) Go to safe mode, use avast! removal tool, select avast! version #, restart, and repeat for every avast version ever loaded on that system

3) In Local disk C:, ProgramFiles, delete “avast” and “Alwil” directories if there.

4) In C:\Windows\temp, remove all.

5) Start, run, type “%temp%” and remove all.

6) Do a Windows search on all hard disks for instances of “avast” and “Alwil” and delete all.

7) Start, run, type “regedit” (Windows key + R). Under Hkey, current user, software, and remove “avast” and “Alwil”, then under Hkey, local machine, software, and remove “avast” and “Alwil” (This is specific to Windows XP)

Use CCleaner to remove the rest of any avast! orphaned registry remnants, and restart.

9) Install avast! and reboot!

10) Usually, good luck at this point. And you can substitute other manufacturers products into this script. Remember, registry hacking is always risky, so always have a backup before you proceed. It’s kinda like the acknowledgement checkbox in LSPfix, “I know what I’m doing, or, I like to reinstall my operating system”

J.R. Guthrie

“avast! is the best antivirus bar none! We haven’t had a virus spread through an avast! protected network in 8 years!”

Solar Event 2012 Exposed, what are the real risks to your computer?

J.R. Guthrie — Sat, 11 Feb 2012 23:29:19 +0000

This solar flare article’s contents are copied directly from my blog article on 15 Causes of Hard Disk Corruption.

http://advantage77.com/blog/2012/02/03/15-causes-of-hard-disk-corruption/

Solar Event 2012 – (1.8 years still to go according to NASA) “Scientists believe it could damage everything from emergency services’ systems, hospital equipment, banking systems and air traffic control devices, through to “everyday” items such as home computers, iPods and Sat Navs.” J.R. Guthrie

Joe M on 02-08-2012 at 10:01 pm (Edit)

J.R., towards the end of your response to the post I made on your Blog, you had a quote, “Scientists believe it could damage everything from emergency services’ systems, hospital equipment, banking systems and air traffic control devices, through to “everyday” items such as home computers, iPods and Sat Navs.” I found the quote made by Andrew Hough, writer for The Telegraph, a UK paper. He attributes his information to NASA but does not say who or where at NASA the information came from. For all I know he made it up. I checked the NASA website and could not find any such quote made by any NASA Solar Scientist, but did find the following regarding the January 22 storm:

http://www.nasa.gov/multimedia/podcasting/TWAN_01_27_12.html “Antti Pulkkinen, NASA Solar Scientist: “We’re expecting to reach the solar maximum in terms of activity, sometime around next year. So we’re expecting to have more of these kinds of solar eruptions in the coming two or three years.”

Closely monitored by NASA scientists, the storm caused no major disruptions to operating technological systems in space or on the ground, such as satellite communications or high voltage power transmission.”

The higher an object is from the surface of the earth, the greater chance it has to be affected by a solar flare or by “solar wind”. Like the article below explains, the radiation does not get much below 100 kilometers above the surface of the earth. One hundred kilometers equates to about 62 miles! That’s pretty far up. Steve at Seagate told me the same thing today but did not use the 100 km height.

After reading up on the subject of solar flares today, and until I see more convincing evidence, I’m not going to believe solar flares will affect computer memory (RAM) or hard disks. At this point in time, it just doesn’t make sense to me, unless the information contained on the computer is somehow put there by a satellite. I value your knowledge of computers but am not buying solar flares as an explanation as a possible reason for what went wrong with my HDD this past Saturday. I attribute to something I cannot explain at this point but will keep a close eye on the drive. If it happens to be bad sectors, as you said it could have been, it will occur again in the future. Personally I do not believe it was bad sectors, as Apple’s Disk Utility is normally pretty good at pointing those out. I didn’t even get that far when I ran Disk Verify.

The disk is a Seagate and is less than 8 months old. It’s under warranty with Seagate until April 4, 2014, according to Steve at seagate tech support. He would have replaced it today but I opted to hang on and try it for a while before giving it up. If I have another issue with the drive I will RMA it ASAP and replace with a new drive.

I found the article below from The Journal. It was pretty comprehensive and good information.

Explainer: Can a solar storm cause any damage?

http://www.thejournal.ie/explainer-can-a-solar-storm-cause-any-damage-336803-Jan2012/

J.R. Guthrie on 02-09-2012 at 10:43 am (Edit)

I remember speaking with Dave Graham (one of my subcontractors who is an Electrical Engineer) Dave says, a large flare is emminent (similar to 1859 that burned the Telegraph system down) “If the USA is in the way, the last guy will be without power for 5 years. That time is calculated by how many transformers are in inventory, plus how fast they can make them.” http://science.nasa.gov/science-news/science-at-nasa/2008/06may_carringtonflare/

Dave Graham, I know we always ask you the hard ones like Fukushima, but what is the real risk here?

I have read this issue before, Gamma particles, Neutron particles, and highly charged Proton particles can, and do modify contents of RAM. I will find that IBM article, but it was well over 20 years ago when I read it. I found this article below while looking for the IBM article. Http://www.usenix.org/event/fast10/tech/full_papers/zhang.pdf

Errors in the memory chip are one source of memory corruptions. Memory errors can be classified as soft errors which randomly flip bits in RAM without leaving any permanent damage, and hard errors which corrupt bits in a repeatable manner due to physical damage. Researchers have discovered radiation mechanisms that cause errors in semiconductor devices at terrestrial altitudes. Nearly three decades ago, May and Woods found that if an alpha particle penetrates the die surface, it can cause a random, single-bit error [35]. Zeigler and Lanford found that cosmic rays can also disrupt electronic circuits [62]. More recent studies and measurements confirm the effect of atmospheric neutrons causing single event upsets (SEU) in memories [40, 41].

Reply
Dave Graham on 02-09-2012 at 10:38 pm (Edit)

JR et All…

The risk is real. Our defenses are limited.

Don’t sweat the telegraphs, but it IS the same thing that took out most of the eastern Canada power grid in 1989. See the Aussie govt. (one of the more reliable sources) at http://www.ips.gov.au/Educational/1/3/12 Google for more.

The politics are our most vulnerable problem. It takes a LOT of guts to be the power administrator who needs to say “Disconnect every power utility from all others, and let them run on their own (or fail).” The main problem is our grid is almost completely inter-connected, resulting in single-conductor spans running thousands of miles long. That’s a juicy target for a solar flare or a CME. If our lines are much shorter (100 miles, max) – read disconnected from each other- we will have far less damage.

If we take a major CME hit and the grid is linked, we WILL lose a LOT of HV transformers and switchgear. The manufacturing lead time to replace the transformers needed is 4-5 years to put us back to square-today.

Most of the DOD satellites are fairly well hardened (atomic war expected), and can be shut down and faced for least damage. Much of the commercial telcom birds are not so strong, and again the politics of turning off the phones and MSNBC feeds from Democratic National Headquarters will be a tough call for some administrator.

We will have a few hours warning from SOHO on the first wave of high-energy particles with enough mass to blast comms into oblivion, and 10-20 hours warning to get the power grid into best-defense (lots of people without power) posture.

If we DO have the guts to make the hard decisions, we can weather a bad CME with moderate damage. Some places will be out of power for 1-30 days in the best case.

-Look up — It is not a question of IF, it is WHEN. Our Star can be a fickle friend.

Dave Graham

Reply
Dave Graham on 02-09-2012 at 10:46 pm (Edit)

JR,Joe -

IBM is correct, but in practice it doesn’t matter. Unless the particle is VERY high energy, it’s not going to make through the metal case of the computer.

I suppose it could sneak through a perforated or slotted vent, and make it in, but we are talking about individual quanta going about their business, and the ODDS of a hit are so rare that you would rack it up to another kind of transient error, unless the RAM was damaged and would not pass the next check on boot.

If the flux density was high enough to be causing general errors – read you are in the path of a strong stream of particles- you will be dead before you realize the RAM has failed, and you won’t care.

I know the IBM statement you are talking about. The main practical concern was hardening satellites so they could continue spying while the solar storm was in progress.

The National Security Folks predict that the next war (if it comes) will begin with an all-out computer attack just as the main stream of a CME gets here. We might not realize an attack was in progress for a while… The other side of that coin is that the bad guys will have to wait for an opportunity to start the attack. They will likely have somewhere between 10 and 20 hours to load their guns. The gammas arrive in about eight minutes, the neutrinos and electrons take 10-30 minutes, the fastest betas (and heavier) start getting here in about 8 hours, depending on how strong the CME was that sent them on their way.

BTW – vett check time. Remember Fukushima daiichi? While the anti-nukes still try to exploit the accident, the only humans who received dangerous levels of exposure are the firemen who waded into the “hot” water under reactor #3. They got sick, but have recovered. They are being monitored for cancer and cataracts. One cataract case, no cancers yet. They are lucky. I had thought them to be dead men walking when they got out of there. As for the media hype, I rest my case.

DG

Reply
J.R. Guthrie on 02-11-2012 at 10:57 pm (Edit)

Joe, based upon this very current data and expert analysis, I can clearly see this possibility. You stated updates had occured. Doing an update during a solar flare, can interfere with communications, which can corrupt the downloaded update, which when applied, corrupts the operating system! Now that’s a real risk of Solar Flare and corruption that noone can ignore. You answered it yourself!

Static electricity complications in modern computer systems

J.R. Guthrie — Fri, 10 Feb 2012 04:01:59 +0000

Static electricity is known to cause system corruption and premature hardware failure, not to mention that ALL computer suppliers will VOID all warranties from static failure. Part of this issue is due to the carpet and chairs. Most carpet is manufactured using polyester, which has a natural static tendency. Treatment is most effective by misting your carpet or chair with Staticide spray ($15 per quart). It is 1000 times more potent that Downey, at removing static. Downey starts to leave a gummy residue after regular use and therefore is undesirable. When replacing carpet, use a nylon based carpet such as “Olefin” Nylon has 100 times less static generating tendencies than polyester. It’s the same price as regular carpet, you just have to know what to ask for. I like to use grounded keyboard mats in addition to Staticide when carpet becomes an issue.

The most severe source of static electricity the “standard” chair mat. Most chair mats are made from Plexiglas, which can have a surface charge of 10,000 volts. The human user stores these excess electrons in their body, much the same way a Capacitor works. The static electricity remains in the user until they touch ground, which is usually their computer, keyboard or mouse. This slowly and methodically weakens the system until “Hyper Sensitivity” occurs, and these computers will no longer operate correctly. I use the analogy of whittling a stick. Every static discharge removes another sliver of wood. Eventually, the stick is completely whittled away and breaks. Static electricity slowly and methodically weakens the system until “Hyper Sensitivity” occurs, and then will no longer operate correctly.

Static initially manifests itself as flakiness, like refusing network connections, corrupted OS, stopping at the BIOS screen, corrupted data; and negatively always ending in failing hardware. I high recommend that this issue be dealt with correctly. Antistatic chair mats for computers are not inexpensive; however I have searched the world ever for the best price possible. Least expensive single mat that is computer compatible (anti-static) is $140. In quantities of 10 or more, I have seen pricing closer to $100. Most antistatic chair mats are much more expensive than this. I recommend immediately removing all standard chair mats immediately, even before you have antistatic replacements. I have personally carried out 100s of mats in my 39 years as a failure analysis engineer.

Static electricity will persist and damage / corrupt systems until properly dealt with. I purchased a $500 3M Static Meter which we use to determine all sources of static in an office environment. I own a 4000 volt chair myself. I love that chair, so I “Staticide it!”

I remember using static electricity to as a kid. You’d sneak around shuffling your feet, scraping up a big static charge to discharge into friends and family. 3000 volts is at the point you first get a spark, and that spark increases to 10,000 volts at 1 inch. The logic circuits of current computer systems are now 1.15 volts. Since static is not physically detectible under 3000 volts, it is possible to have static failure without your knowledge. So, if you FEEL it, then DEAL with it! J.R. Guthrie

IT Security Policy

J.R. Guthrie — Sat, 04 Feb 2012 00:14:28 +0000

Security Tools, Templates, Policies

10 things IT pros do that lead to burnout

J.R. Guthrie — Fri, 03 Feb 2012 23:08:23 +0000

I found that I was in default of these many factors of burnout and have changed my actions. Many of us are guilty here!

http://www.techrepublic.com/blog/10things/10-things-it-pros-do-that-lead-to-burnout/3018?tag=nl.e101

Risks of Online Banking as a Business Exposed

J.R. Guthrie — Fri, 03 Feb 2012 12:15:30 +0000

The banking laws/regulations have changed and are continuing to change. Federal banking regulations provide broad protections to consumers (personal bank accounts are liable for only $50 from online fraud). But consumers who are unaware of their rights might end up unnecessarily footing the bill.

Banks are no longer required to carry insurance on business/corporate bank accounts, and they have not been informing their business customers of the change. This means if your business does any type of online banking, bill payment, online statements (which we all are being pushed to); you will most likely need to sue the bank if your bank accounts are hacked into and your business’s funds are stolen. Many major insurance underwriters/agents/brokers have specific policies to insure business accounts against online data breaches and fraud. You may want to check with your insurance agent and see what levels of coverage (if any) your BOP or General Liability Insurance will cover. You need to make sure that it will cover Electronic Fraud/Forgery, and not just Written Fraud/Forgery (some insurers use this wording as a loop hole to not pay claims).

There is a slight chance that your bank has retained their insurance coverage on business bank accounts, and will cover your business accounts against electronic fraud and forgeries, but I am unaware of any bank that still has the coverage in place. Over 90% of small businesses are forced into bankruptsy after all funds from their “online” bank account have been erased.

Every organized crime and terrorist group has a cyber crime division dedicated to take your money. They usually obtain your login data from spyware infections from computer systems. These “Bankers Trojans” hide in you computer, waiting for you to start banking. They also download your browser cache for later analysis. We have found that a combination of avast! Pro antivirus, and Malwarebytes Pro antispyware, is the most effective approach at stopping this type of activity. However, nothing is perfect. My company does NOT do online banking for this very reason. We are forced to call the bank for transfers. We are forced to write the checks and mail them. And, we will never lose any money because of this! J.R. Guthrie

15 causes of Hard Disk Corruption

J.R. Guthrie — Fri, 03 Feb 2012 11:13:54 +0000

Everybody hates to lose data. Many of the issues proven to cause hard disk corruption can be avoided, if you know what they are. I have writen articles on almost every aspect of this list. Most are avoidable, some are not and we are just taking chances, such as Solar flare activity. We are in a hightened Solar storm now for the next 1.8 years. About the only thing we can do is to reboot our computers daily. So here they are, in no particular order:

1)Bugs in O.S. (Vista is the worst, but can be fixed)
2)Solar Flares (corrupts data in RAM, this is why IBM always used parity RAM in banks)
3)Static Electricity (worst culprit is chair mats that are NOT antistatic)
4)power Surge and Sag (UPS works wonders here, but turn off during lightening storms if possible)
5)failing hardware (lots of bad capacitors in the world, and you can physically see them)
6)leftovers from previous security applications (they hate each other and go to war)
7)Windows just decomposes with age anyways (Windows is a love/hate relationship)
8)Victim of the billionth bit (all hard disk have an acceptable error rate we are willing to put up with)
9)decomposing magnetic media in the hard disk (progressively creates bad sectors that won’t read)
10)add/remove programs (excessive use accelerates Windows corruption)
11)registry cleaners (just say no, unless absolutely necessary)
12)infections (avast! antivirus and Malwarebytes are the best protection money can buy)
13)dirty power (overloaded neutrals & bad grounds slowly eat away at data integrity)
14)heat (Seagate warranties require air flow, I prefer my hard disks at room temperature)
15)insufficient RAM (your hard disk must compensate and seeks constantly – thrashing)

Contact me if you wish to see the article on any specific issue. J.R. Guthrie

avast! Mobile Security FREE on your Kindle

J.R. Guthrie — Thu, 02 Feb 2012 00:13:15 +0000

Here is a document on How to install avast! Mobile Security FREE on your Kindle Fire. Thanks to all the work by Jaime Hernandez!

Business Protect clients are ignoring URL site blockings when deployed by the SBC.

J.R. Guthrie — Fri, 27 Jan 2012 19:56:15 +0000

We found avast! Business Protection clients are ignoring URL site blockings when deployed by the SBC. Here’s how I solved this issue!

Thanks to this post by Yanto.Chiang:

http://forum.avast.com/index.php?topic=82234.msg671729#msg671729

“Dear All, Ok, finally we successfully found how to set URL blocking with SBC.

1. SBC >> Network >> Group View >> Choose the group that administrator would like to set a different policies (click Edit Group Settings)
2. Go to Expert Settings and clicked >> Then you can choose avastcfg://WebShield//WebScanner/BlockedURLs (define the site that administrator would like to blocked and use semicolon as separator
3. To enabled Site Blocking please go to avastcfg://WebShield//WebScanner/URLBlocking and set the value become “1″

After that you may see your each clients on the group that you changes the policies that Site Blocking configuration has been changed. Site Blocking can run smoothly.”

This post from avast! tech support:

You can add a list of URLs you want to block from the Console this way:

- Open the Console -> NETWORK -> Edit Group settings -> Expert Settings -> Click the button “I will take the risk, show expert settings”

-> look for the line “avastcfg://WebShield/WebSacnner/URLBlocking” ->
-> change the value to 1 look for the line “avastcfg://WebShield/WebScanner/BlockedURLs” -> in the Value field, add the list this way:

Url1;Url2;Url3;so on…
Please not that the URL should contain “http://” ”

I decipher this to mean:

“http://www.myspace.com;http://www.facebook.com;http://www.youtube.com”

however, when pushed to the client, does not match the required client settings, which are “*facebook.com*” This DOES not work at all!

So I tried this: “*myspace.com*;*facebook.com*;*youtube.com*” to match what avast! stand alone settings. This works intermittantly, or not at all. Seams to change depending upon number of entries. This has got to be a BUG!

So, http://www.facebook.com* works in a stand alone avast! So I tried this:

“http://www.myspace.com*;http://www.facebook.com*;http://www.youtube.com*” THIS WORKS!

NOTE: Webshield must be STOPPED and STARTED at client to guaranteed that you are using these new setting!

J.R. Guthrie

HP’s expiring ink cartridges EXPOSED

J.R. Guthrie — Wed, 25 Jan 2012 07:53:36 +0000

What is ink expiration and will it make my HP inkjet printer stop working? Why does it exist?

There is a computer chip that is built into HP ink supplies that can make them stop working on a certain date. There are also computer chips built into all of HP’s laser toner catridges.

According to HP, “Basically ink expiration is a built-in date on which certain HP ink cartridges will stop working. Air ingestion and water evaporation can cause ink to change over time. In printing systems where the printhead and ink supply are separate, older ink can adversely impact the printhead and the ink delivery components within the printer. With ink expiration, however, HP can prevent this from happening.” “If the cartridge still has ink on that date, it either stops operating or displays a warning message ..”

According to my HP customers, “It was just working, and that $*%# catridge is full” “It’s planned obsolesence to make us buy more ink.”

HP printers WITH ink overide procedure:

Printers HP Officejet Pro 8000, 8500, K550, K5300, K5400, K8600, L7400, L7500, L7600, and L7700 Series, HP Photosmart 3110, 3210, 3310, 8250, C5180, C6180, C6200, C7180, C7200, C8100, D6160, D7160, D7200, D7360, and D7400 series, HP Photosmart Pro B8800, B9180, HP Designjet 510, 5100, 8000, 9000, 10000, L25500, L65500, LX600, LX800, T610, T1100, Z2100, Z3100, Z3200, Z6100 series, HP CM8050 and CM8060.

HP printers with NO ink overide procedure

HP Officejet Pro K850, HP digital Copier Printer 610, all HP Business Inkjet, HP Officejet D series, HP Officejet 7100 series, HP Officejet 9100 series, HP Professional series (2000 and 2500), and HP Color Inkjet cp1160 and cp1700 All other HP printers.

Some cartridges cease to function 12 months after the “Warranty Ends” date, or 18 months after the ink cartridge is installed, whichever comes first.

Other cartridges cease to function 24 months after the “Warranty Ends” date, or 30 months after the ink cartridge is installed, whichever comes first. Do not expire.

Ink cartridge Override is performed by following instructions on the printer, in the user manual, or in the ink cartridge expiration message that comes up on the computer screen.

QuickBooks multiuser network connection & speed issues

J.R. Guthrie — Wed, 25 Jan 2012 06:40:26 +0000

These issues are the most common QuickBooks network connection and speed issues when working with a QuickBooks Multiuser network configuration

1) In multiuser mode, the QuickBooks Database Server Manager must be installed on the server, and activated to scan the data directory of the server. I recommend that this directory be named “QBData”

2) The server should have a fixed IP address, and all workstations should have a network drive mapping to using the server IP address, with directory QBData to drive Q:

3) The QuickBooks Connection Diagnostic Tool should be run on all workstations, to have the required ports open. http://support.quickbooks.intuit.com/support/Networking/Nettool.aspx

4) QuickBooks should be run on a Gigabit network (all NICs and switches)

5) Current versions of QuickBooks run really well on systems with at least 2 CPUs and enough RAM (2GB for XP, 3GB for Windows 7) If the system is out of RAM, then the hard disk becomes the additional RAM. RAM is measured in nanoseconds, hard disks are measured in milliseconds. There is a 1 million times factor difference here!

6) Firewall issues have been known to rear their ugly headc creating QuickBooks network issues, so during testing we will turn off all firewalls if required for testing.

7) DNS issues can cause all types of weird anomalies. Verify the DNS settings. Usually action #2 above will aleviate DNS issues with your QuickBooks server.

Reboot all switches and routers to clear corrupted router tables.

9) All versions of QuickBooks must be exactly the same revision. It is possible to corrupt the QuickBooks data file if this is not followed to the tee. In a network environment, we have found that not all workstations will update at the same time. When the first user gets an update notification, we will notify all users to update the next moring before opening any QuickBooks company data files.

The IT manager should have QuickBooks set to automatically backup everytime QuickBooks is closed. It is recommended to backup to their local hard disk “C:\QBBU” in addition to some type of an offsite backup, like Carbonite. Always have current backups before the update process occurs.

These issues above are the most common QuickBooks network connection and speed issues. However, we have assumed good hardware, no static electricity (such as those generic chair mats) and bad power. Dirty computer power has a tendency to bleed down the ground circuit in the network cabling, and will cause intermittant network connectivity and corrupted QuickBooks database. See J.R. for more information on detection and correction of these types of issues.

avast Pro 6 conversion from avast! Pro 4 (and stopping avast 7 auto installation)

J.R. Guthrie — Thu, 05 Jan 2012 21:22:03 +0000

During an avast program update, many time a new version will go over the top of a previous version. And other times this type of upgrade will cause “undesirable results” This process is designed to overcome those issues. The newest version of avast 7 is still quite new and somewhat buggy, so we prefer to stay at avast version 6 for the moment.

1) Download avast! 6 Pro here and save to desktop (must be the 1367 version, or you will get avast! 7 anyways)

2) Save the new avast! license file on the desktop: “license.avastlic”

3) You must remove the old antivirus first! – from Control Panel, then Add / Remove programs (XP) or Programs and Features (Vista / 7)

4) uninstall the old antivirus first: avast! 4

5) reboot system (finalizes removal process)

6) now install avast! 6 by executing the file saved on the desktop “setup_av_pro.exe” (from step 1)

7) go with defaults, select Yes to “Community IQ”, select “Supply a license file”, and browse to the saved “license.avastlic”

reboot system (finalizes installation process)

I would advise changing the default Update Settings. Settings (in top right corner), Updates, ”PROGRAM” is set to “Ask when update is available” by default. I recommend changing this to “Manual Update” because there are known cases of an avast 7 auto installation at the “Ask” setting. I recommend waiting until we have done some more debugging of the avast! 7 engine.

Hard Disk Warranty Changes effective NOW (January 1, 2012)

J.R. Guthrie — Thu, 05 Jan 2012 20:38:47 +0000

Please note that effective Jan 2. 2012, Western Digital will have warranty change too. Basically, warranty on Desktop & Mobile (Blue and Green family lines) will be changed from 3 years to 2 years.

As to other lines such as Black family line, WD AV, WD RE and WD branded/Retail products warranty terms and return structure remain unchanged.

Please note that effective Dec 31st 2011, Seagate will be changing their warranty again. In the nutshell, Desktop & Mobile will be changed from 2 years to 1 year; Enterprise from 5 years to 3 years. This will occur even though Seagate corporate profit increased by 60%.

Product Line Limited Warranty Period
(as of December 31, 2011)
Constellation®.2 and Constellation® ES.2 3 years
Barracuda® and Barracuda® Green 3.5” Drives 1 year
Barracuda® XT 3 years
Momentus® 2.5” Drives (5400 RPM & 7200 RPM) 1 year
Momentus® XT 3 years
SV35 Series™ – Video Surveillance 2 years
Pipeline HD® Mini, Pipeline HD® 2 years