Wednesday
Jan042017

Sophos EndPoint Protection - Bug

I've used Sophos EndPoint Protection for several of my customers. It's detection capabilities are terrific and it's been a great antivirus for them. However, I've recently found a little bug in it.

After installing Sophos EP it can disable your DVD drive(s) with this error appearing in the device manager: "Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. To fix this problem you should uninstall and then reinstall the hardware device. (Code 19)". A short term fix is to uninstall the drive, then do a "Scan for hardware changes". The drive will work again... until you restart the computer.

The most common other solution I've found is removing the uppperfilters and/or lowerfilters for the DVD drive's registery key (which also doesn't help in this case).

The solution to fix the Sophos problem is this:

  1. Uninstall the DVD drive in the device manager.
  2. Scan for hardware changes (the drive should be redetected and will work again).
  3. Browse to: C:\ProgramData\Sophos\AutoUpdate\Cache\decoded\savxp\
  4. Search for the file sdcfilter.inf (you'll find it in a subfolder somewhere, possibly multiple copies of the same file).
  5. Right click on the file and choose Install.
  6. Restart the computer.
  7. The drive will still work.

I found this solution at community.sophos.com (see references for the link). The post appears to be closed to comments so I figured it should be duplicated here. I spent hours trying to fix this problem on two new Windows 10 Pro computers and I hope I save someone else a little time.

As of today I still sell Sophos EndPoint Protection and Sophos UTM, SG, and XG products.

Friday
Feb262016

Solution - GPO Folder Redirection Not Being Applied

Well, I haven't posted anything in a while so here's somehting for all my fellow techs:

If you've done everything you can think of to a GPO that's applying folder redirection but just can't get it to work for some users, check this:

Click Start button, right-click on "Documents", choose "Properties":

If it's been customized, the GP won't override it. Revert to defaults and ta-da, it works!

(obviously, the above documents folder is not directed to a server - I didn't want to show the customer's info publicly so I screen captured mine for the example).

In my situation I was moving a customer's profiles from one server to another and this user's folder (135 GB) moved automatically (mostly - 8.5 GB was left behind) but his computer was still referencing the old server location. From the user's perspective, his files were missing (only the 8.5 GB was visible to him). Once I hit the "Restore Defaults" button, and I manually moved the remaining files, everything worked perfectly.

Could I have manually configured this to solve my problem? Yes, but then it would have bit me next time too. This should solve it for good.

I couldn't easily find a solution to this on Google so I've posted it here.

 

Monday
Mar102014

Loose Micro HDMI

My Asus UX31A laptop/ultrabook has an extremely loose Micro HDMI port.  It's so loose that I could barely get it to work and even when I could, it provided a horrible video signal and would usually disconnect after a few minutes. I guess this is a common problem on this laptop but two others I know with the same laptop don't have this problem.

The solution I found is item #7603 at monoprice.com. It's a "portsaver" that supposedly has a "very snug fit". In my laptop, it feels like a normal cable should. The best part is that it only costs $4.08.

I haven't tried item #7703, but from the description, I'd guess it would work too, and it only costs $3.74.

So if you have a loose micro HDMI port, you now have two possible solutions.

Wednesday
Feb192014

Remove IE 11?

I've been seeing a quite a few customers having trouble with Internet Explorer 11. Most are people that have to use sites that haven't been updated to current standards, often for the past 5 to 10 years.  In one case, an insurance agent needed to access insurance company websites and couldn't once Internet Explorer (IE) updated to version 11. Of course Firefox and Chrome didn't work either.

So, if you run into this problem, what do you do?

Well, if Internet Explorer was recently upgraded (automatically) to version 11, maybe you'd like to go back to your previous version, which (I presume) was working well for you.  Here's how:

Go to Windows Updates (among other locations, you can find it in Control Panel).
  1. In the lower left corner, click on Installed Updates.
  2. Look for internet Explorer 11.
  3. Click on Internet Explorer 11 then click “Uninstall” (up above the list).
  4. It should lead you through removing it.
When it’s removed, restart the computer.
 
Once the computer is restarted, open Internet Explorer.
  1. Click the little gear near the top right corner.
  2. Choose About Internet Explorer.
  3. It will show you here what version you have now.
  4. If you have version 10, Uncheck the box for “Install new versions automatically” then click “Close” and you’re done.
If you have version 9, there is no check box for installing new versions. Just click “Close” and continue…
  1. Go back to Windows Updates.
  2. Click on the “__ important updates are available”.
  3. In the list of available updates, find Internet Explorer 11.
  4. Right click on Internet Explorer 11, then choose “Hide Update”.
  5. Close Windows Update and now you're done.

So now that that's out of the way, what caused this problem?

Well, once Microsoft considered IE 11 an important update they pushed it out via Windows Update. The problem is that some backwards compatibility was removed in IE  11 as it was considered to no longer be necesssary. Although to us it looks like IE 11 is the problem, the real problem is that some websites haven't been updated to support moderns web browsers. Many of the sites that can't be used with the latest IE state that they require IE 7, 6, or even 5.5! Those old browsers can't even be run on Windows Vista, 7, 8, or 8.1, aren't updated anymore and really shouldn't be used by anybody! These same sites usually don't support Firefox or Google Chrome.

If a company's site is so old that they need you to use old insecure software to access them, the real question becomes, "should you really trust them with your data?"  If they haven't spent any time or money updating their website in 5 years, how much do you think they spend on security? The answer is probably $0 and so you might want to take your business elsewhere.

 

Wednesday
Oct232013

Hoax?

A customer received an email recently that went like this:

(I replaced several items with "xxxxxxxx" because I don't want to identify my customer here)

From: Bess Ni [mailto:bess.ni@pcdomainname.net] 
Sent: Tuesday, October 22, 2013 6:30 AM
Subject: Confirm: "xxxxxxxx" Registration
 
(Please forward to the President or Brand Owner, thanks)
 
Dear Brand Holder,
Sorry to bother you inexplicably. We are a China's domain name registration supplier, and there is one thing we would like to confirm with your company.  On October 22, 2013,  we received an application form online from a company called "Zong Yang trading co.,ltd"  who wants to apply for some domain names and brand name related to "xxxxxxxx" . In order to avoid confusion and  adverse impact on your company, we need to verify whether this company is a subsidiary of you or did you authorize them to register the related brand name and domain names? Currently, we have not formally accepted the application of that company, we need to get your company's confirmation. Please give us a timely response within 7 work days. So that we can better deal with this case. Thank you
 
Best Regards,
Bess Ni 
Registration Department
Office:0086-551-65120117       
Fax:0086-551-65123308
 
I think it's a hoax. On Google I found only ONE other post about this email. That person replied and received an almost immediate email back that contained domain registration forms and of course, registrations cost. The company that sent this email is an actual domain registrar called PC Internet Data Center (pcdomainname.net) in China but I suspect these emails are just a way to trick unknowing people into registering their brand with Chinese top level domains (TLDs). Normal TLDs would be .com, .net, .org but they'd try to get you to register .ch, .asia, .hk, etc. I've posted this here in the hope that it helps people make a decision regarding this company.