How to Unlock, Edit or Print a Protected PDF File

It's pretty simple to lock a PDF file from being printed, copied or altered. You can do it with most PDF editor programs like Adobe XI.

Unfortunately, these documents often are locked and the password is missplaced.  This prevents printing, editing or even copying the text from the document.

There is a simple trick that can unlock MOST password protected PDF files. 

For this reason, important documents should be encrypted, but I digress.

Here is a method for unlocking password protected PDF files by printing to the built in Windows XPS printer:

For this example, I used a Windows 7 64 bit system with the built-in XPS printer and viewer enabled.

• Open the PDF File with your PDF Viewer (I use Adobe XI in the example)
• Choose File

• Choose Print

• Choose the Microsoft XPS Writer.

• Rather than print to paper, this prints to file.  You will be prompted to save the file somewhere. I just saved it to my Windows Desktop.

• Now, convert the .XPS file back to a PDF. Right Click the file you saved to the desktop (or wherever you saved) and choose Convert to PDF.
• If you don't have that option, you may need to Print the File back to a PDF.  Similar to what you did converting it to an XPS file.  

The end result is a new PDF file that is unlocked.

Remove a Windows update via Windows Server Update Services

1. Open the Windows Server Update Services MMC console and connect to your server
2. Expand Update Services => Server Name => Updates
3. Right-click All Updates and select Search
   
4. Enter the kb number of the update you would like to remove and press Find Now
5. Right-click the update and select Approve - Then view the  Status Report   * This step is needed to see how many clients still have the unwanted update installed.
6. Now, Right Click either a specific group of computers or all computers and choose Approved for Removal then choose OK.
   

The Big Red X: Disconnected Network Drive Maps and Group Policy

For years, I have been running a very reliable Logon  batch file that mapped various network drives on our network.  If you have never created a Logon script all you need is a notepad. 

My script called  for the deletion of any current mapped drives and it replaced all of those with usually the exact same mapping.  It worked 99.9% of the time and if it didn't a quick restart usually resolved the issue. 

 Here is my old Script:


Then one morning all the peace and tranquility was lost.

My phone was ringing off the hook with network users complaining that they couldn't access various mapped drives or the software that ran from those drives just wasn't running.  Mapped drives just stopped working.

 

When I looked into it, all of their mapped drives had a an ugly red X on them.

 
While I am still uncertain of the cause, a recent change in DHCP lease time and DNS scavenging did coincide with the problem.
 

Symptoms: 

• I could ping the server to which they were mapping.
• I could navigate to it via the path.
• I could even click the Big Red X on the drive letter and see the content of the mapped drive.

 

 

  

Several things that didn't work

 

1. Praying to the Flying Spaghetti Monster for help
2. Re-writing my logon.bat script

3. Creating a batch file to run as script that delete all drives and then running my old script.

4. Changing my logon to a VBS logon script with fancy, fancy code that's twice as long.

5. Applying mapped drives to domain Computers (not users) via Group Policy

 

This is what worked for me.

 

Remove the Logon.bat from the users profile

 

1. Click AD -  users and computers

2. Go to your DOMAIN

3. Choose the user group in question.

4. Choose the trouble user (s)

5. Right click, choose properties

6. Go to the Profile Tab

7. Remove your former Logon script (make note of the drives you need mapped first)

 

 

 

Add the Mapped Drives through Group Policy Management

 

1. Open your Domain under Group Policy Management

2. Go to your Group Policy Objects

3. Right Click and create a new Policy.  Just call it "Mapped Drives"

4. Right Click the new GPO called Mapped Drives, and choose Edit

5. Expand the User Configuration

6. Expand Preferences

7. Expand Windows Settings

8.  Choose Drive Maps

 

 

 

9.  Create a mapped drive for all of the drives formerly mapped with the logon script.

10. Make sure to choose reconnect

11. Change the action to Update

12.  Make sure Show This drive is checked

13.  You won't need to give it a Label.

 

  

Update the Group Policy on the Domain controller and possibly on the end user.

 

1. Go to the Domain Controller

2. open a command prompt and run a gpupdate.exe /force

 

 

Now in theory this should force the policy the next time the user logs into your domain, so telling them to log off and back on SHOULD do the trick. 

 

However, I found on some users I needed to manually run a GPUPDATE.exe /force from a run command.   Then restart their computer.

 

 

 

 

 

 

 

 

 

After that, all drives appeared connected and seem to hold.

  

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Print the Entire Contents of a File Folder

As I mentioned in my last post, a common task for most law firm's is to list or print the contents of a Windows folder.  

That task can be done through a command line, but remains very user "not-so-friendly".

There are a few really great third party applications that can do this and with relative ease.
One that I use is a great application called TreeSize by JAM software.   It's available from their site with both a personal use version and really useful professional version.

This sort of reporting is very useful when migrating data into a Document Management System or to get a glance at data prior to building a backup structure.   It can also be helpful in Electronic Discovery and document productions in the legal field.


For my example,  I will be using the free version.

• Go to http://www.jam-software.com/treesize_free/ and install the application
• Once installed, choose the open button and point to the folder you need to scan (index).



I chose a folder on my desktop called "example"
 

After selecting the folder, TreeSize will begin scanning the directory and all sub-folders to list their contents.

Once it's done, expand all the subfolders and choose Print. 

My default printer is set to my PDF printer so I will save and name the file.

The end result is a very comprehensive report of the contents of any directory. 

 

Print the Contents of a Directory from Windows Command Prompt

Working with law firms, I often get tasked to list or index the contents of a Windows File Folder either from an external drive or a disk.  While Windows explorer makes this an easy task, they still do not make it simple for those needing to create a paper or even a simple text listing of the file and folder structure.  

While not likely that most end users will do it, you can complete a basic print out like this from a command prompt by doing the following.

• Open the folder tree in question with Windows Explorer

• Highlight the folders path and copy it to your clipboard.  In this case, the folder is on my desktop

• Click Start, Choose Run and type CMD to bring up the command line.



• Change the directory to the example folder.  Again this on my desktop so I used: cd\users\jsmith\desktop\example

• Run the directory command with the option to print the file names and any other files in the directories in the current directory.  The results will be placed in plain text file in the same directory.

 

Computers are calculators too

 I am baffled by the people that require a stand alone cheap calculator when they already have a very accurate one in their computer. 

 

In Windows 7 you can access your calculator it by going to Start Menu - > Accessories -> Calculator.

The calculator can be opened also by typing calculator or just calc in the Start Menu search box.

 Modes

The calculator has 4 main modes with which you can do calculations:

·         The Standard Mode.

·         The Scientific Mode.

·         The Programming Mode.

·         The Statistics Mode.

Some of the New Features of the Windows Calculator:

Unit Conversions - Offers different conversions units (angle, pressure, volume, time etc.) and it is really simple to use.

To calculate unites of time, select the type of transformation (example: Time), the From unit measurement (like Hour), and the To measurement unit (like Second).

Date calculation –

For reasons ranging to contract periods to calculating vacation time, it is great to see it implemented into the program.

• You can subtract between two days from the calendar or you can personally add or remove days, years , etc from the date that was set.

Select the dates (from and to) to see the difference between them. Or one can also manually type a number of days, months (etc.) to subtract (or add) from a date and to see the final result.

This is done by clicking on the 'Calculate the difference between two dates' and selecting the second given option.

4.       Worksheets - These are options offered for real life calculations.

Examples are to calculate mortgage, vehicle lease or car gas mileage.

 

Remove my mugshot or embarrassing photo scams

These are two targeted scams that are growing in popularity and victims.

 

SCAM 1

A number of websites are gathering, real mugshots out of public databases, and contacting the people who took them.
They are then extorting the people for hundreds of dollars to remove their photos and names from their public, database.   They then sell the photos to another company who repeats the same extortion scam over again.

If you have a criminal record, people are going to know.   Don't fuel these guys by giving into them. 

 

 

 

 

 

SCAM 2
Is a social engineering scam that is more likely to appear in your inbox than the mugshot scam.

In this attack, people that weren't arrested in the first place are being targeted with an email that claims their mugshot or embarrassing Facebook photo is easy to find on the Internet.   Another variation claims that someone just “tagged” a photo of them on Facebook or other social media.   The email claims they can click here to view the photo. The link leads them to a legitimate web site that has been compromised and infects their PC with malware or a Trojan horse virus.

Word 2010 and Track Changes Problems

 

When using Word 2010 with Track Changes, redlines or changes are marked in different colors by author and reviewer names.  

 

 

The problem some of our end users are having is upon saving the document, their changes are saved to the same color as the original Author and all the reviewers names including their own are removed.

In other words, your personal information is being removed and all reviewers are being called Author.  This happens when the remove personal information on save feature is checked under Words privacy settings. 

 

Here is how to fix it:

 

1. In Word 2010, click File
2. Choose Options
3. Choose Trust Center
4. UNCHECK Remove Personal information on save

 

 

 

 

Email Subject Lines Are Important.

Recently, I had an end user complain about email delivery problems to an intended recipient.  The recipient, couldn't find the message in her spam/junk email folder and we received no bounce back to the sender's domain.

 

 

I looked through his sent items and noticed, every time he claimed his recipient had not read the email, the subject line had been left blank.   Sure enough this seemed to be the cause of the problem.  

 

We use email so much in day-to-day life that structure sometimes is disregarded.   While I agree email isn't meant to be as formal as a true letter, certain characteristics can prevent email from working as planned.

 

The Subject line of an email notifies the recipient what the email is about and can be used to identify the email at a later date. 

Additionally the subject line is used by Spam filters to determine if your message should be delivered at all.

 

 If your message is designated as spam, it may be deleted  at the receiving end without your recipient seeing it and with no notification to you (the sender).

 

 

Here are some common subject line spam triggers:

• A blank subject line
• Abbreviated months (for example, Apr. for April)
• The word approved, or any derivation
• Words like at no cost, free, low cost, reduced price or any derivation
• Subject lines in all capital letters
• Dollar Signs
• Using words that attempt to create urgency:

  Access	Act Now!	Apply now
  Apply Online	Call free	Call now
  Can't live without	Do it today	Don't delete
  Don't hesitate	For instant access	For Only
  For you	Get it now	Get started now
  Great offer	Info you requested	Information you requested
  Instant	limited time	New customers only
  Now	Now only	Offer expires
  Once in lifetime	One time	Only
  Order now	Order today	Please read
  Special promotion	Supplies are limited	Take action now
  Time limited	Urgent	While supplies last

You should indicate urgency with the High Importance Button in your email client rather than placing it in the subject line.

• One word Subject lines.

The most useful Subject lines are formed as short and complete sentences.

 

Thanks to a post by HubSpot here are some additional words that MAY cause your message to be flagged:

 

Additional Income	Be your own boss	Compete for your business
Double your	Earn $	Earn extra cash
Earn per week	Expect to earn	Extra income
Home based	Home employment	Homebased business
Income from home	Make $	Make money
Money making	Online biz opportunity	Online degree
Opportunity	Potential earnings	University diplomas
While you sleep	Work at home	Work from home

$$$	Affordable	Bargain
Beneficiary	Best price	Big bucks
Cash	Cash bonus	Cashcashcash
Cents on the dollar	Cheap	Check
Claims	Collect	Compare rates
Cost	Credit	Credit bureaus
Discount	Earn	Easy terms
F r e e	Fast cash	For just $XXX
Hidden assets	hidden charges	Income
Incredible deal	Insurance	Investment
Loans	Lowest price	Million dollars
Money	Money back	Mortgage
Mortgage rates	No cost	No fees
One hundred percent free	Only $	Pennies a day
Price	Profits	Pure profit
Quote	Refinance	Save $
Save big money	Save up to	Serious cash
Subject to credit	They keep your money -- no refund!	Unsecured credit
Unsecured debt	US dollars	Why pay more?

Accept Credit Cards	Cards accepted	Check or money order
Credit card offers	Explode your business	Full refund
Investment decision	No credit check	No hidden Costs
No investment	Requires initial investment	Sent in compliance
Stock alert	Stock disclaimer statement	Stock pick

Avoid bankruptcy	Calling creditors	Collect child support
Consolidate debt and credit	Consolidate your debt	Eliminate bad credit
Eliminate debt	Financially independent	Get out of debt
Get paid	Lower interest rate	Lower monthly payment
Lower your mortgage rate	Lowest insurance rates	Pre-approved
Refinance home	Social security number	Your income

Acceptance	Accordingly	Avoid
Chance	Dormant	Freedom
Here	Hidden	Home
Leave	Lifetime	Lose
Maintained	Medium	Miracle
Never	Passwords	Problem
Remove	Reverses	Sample
Satisfaction	Solution	Stop
Success	Teen	Wife

Dear [email/friend/somebody]

Friend

Hello

Ad	Auto email removal	Bulk email
Click	Click below	Click here
Click to remove	Direct email	Direct marketing
Email harvest	Email marketing	Form
Increase sales	Increase traffic	Increase your sales
Internet market	Internet marketing	Marketing
Marketing solutions	Mass email	Member
Month trial offer	More Internet Traffic	Multi level marketing
Notspam	One time mailing	Online marketing
Open	Opt in	Performance
Removal instructions	Sale	Sales
Search engine listings	Search engines	Subscribe
The following form	This isn't junk	This isn't spam
Undisclosed recipient	Unsubscribe	Visit our website
We hate spam	Web traffic	Will not believe your eyes

Cures baldness	Diagnostics	Fast Viagra delivery
Human growth hormone	Life Insurance	Lose weight
Lose weight spam	Medicine	No medical exams
Online pharmacy	Removes wrinkles	Reverses aging
Stop snoring	Valium	Viagra
Vicodin	Weight loss	Xanax

#1	100% free	100% Satisfied
4U	50% off	Billion
Billion dollars	Join millions	Join millions of Americans
Million	One hundred percent guaranteed	Thousands

Being a member	Billing address	Call
Cannot be combined with any other offer	Confidentially on all orders	Deal
Financial freedom	Gift certificate	Giving away
Guarantee	Have you been turned down?	If only it were that easy
Important information regarding	In accordance with laws	Long distance phone offer
Mail in order form	Message contains	Name brand
Nigerian	No age restrictions	No catch
No claim forms	No disappointment	No experience
No gimmick	No inventory	No middleman
No obligation	No purchase necessary	No questions asked
No selling	No strings attached	No-obligation
Not intended	Obligation	Off shore
Offer	Per day	Per week
Priority mail	Prize	Prizes
Produced and sent out	Reserves the right	Shopping spree
Stuff on sale	Terms and conditions	The best rates
They’re just giving it away	Trial	unlimited
Unsolicited	Vacation	Vacation offers
Warranty	We honor all	Weekend getaway
What are you waiting for?	Who really wins?	Win
Winner	Winning	won
You are a winner!	You have been selected	You’re a Winner!

Cancel at any time	Compare	Copy accurately
Get	Give it away	Print form signature
Print out and fax	See for yourself	Sign up free today

Free	Free access	Free cell phone
Free consultation	Free DVD	Free gift
Free grant money	Free hosting	Free installation
Free Instant	Free investment	Free leads
Free membership	Free money	Free offer
Free preview	Free priority mail	Free quote
Free sample	Free trial	Free website

All natural	All new	Amazing
Certified	Congratulations	Drastically reduced
Fantastic deal	For free	Guaranteed
It’s effective	Outstanding values	Promise you
Real thing	Risk free	Satisfaction guaranteed

Thanks to HubSpot for the list of common Subject line Triggers.

 

 

Spear Phishing, Malware and too much information

Phishing attacks are a deceptive form of social engineering that exploits current web, network and email security technologies. The goal of a phishing attack is to obtain access to someone’s username, password, financial account information or access to confidential information that can be sold on a black market.

In the past, most of these came in as very easy to spot emails, but that’s changing.   Now the emails are very well hidden and extremely convincing.   They are also targeted or SPEAR PHISHED to their intended targets.   Phishing attacks use a combination of data obtained from Social Media sites, websites all to create specific deceptive communications to their targets.

This his how these COULD BE DONE

Example:  

 

Your friend’s [insert popular social media here] account password is compromised.   The person with that access now sees that you are fan of Bank of America and you post to your [insert popular social media here] using an iPhone.  I’m not picking on iPhones this is just an example

 They also see that your mobile phone and email address are shared with your friends through [insert popular social media here].

 

"the Bad Guys" now have the following:

1. Your email account
2. The fact that you own an iTunes account (99.9% of all iPhone users do)
3. They know what bank you use and what fake email to send
4. They have your cell phone to send you fake notices about your bank account, iTunes account or email account.
5. You may be currently out of town on vacation (bonus for them)

 

Now "the Bad Guys" are going to masquerade as trustworthy source.  They may choose the source from the information they obtained from the hacked social media account. 

Occasionally banks will verify that you are using your credit card outside of the normal area.   So you don’t think anything of it when you get a text, email or even a phone call from your bank asking you to answer a few questions to verify your card is authorized to be used away from your home.

EMAIL SCAM

You get an email that appears to arrive from your bank.   You click the link on your laptop. You have just installed something called a Blackhole Exploit Kit or “Man-in-the-Browser” attack. 

The banking link doesn’t do anything to the laptop.  It may actually just freeze up or restart your browser.   So you decide to go to your bank the traditional way.  What you don’t see is that the bank site is redirected and masked by this malware.   So you are really entering information inot an infected or spoofed site controlled by “the Bad guys”.  

 

The site looks legitimate, but it may ask for more user credentials than you usually provide.  It might say something like “Your request can’t be processed.  Please verify the following information.” 

 

 

Above a Non-infected BOA account Message
This image from LMG Security

 

 

 

 

 

 

 

 

 

 

 

 



Above: Infected BOA account asking too much information
This image from LMG Security
 



 

 

 

 

 

 

 

 

 

The site will ask for an unusal amount of information for verification.  Be familiar with your banks HELP tab about what information they may require.  If you are ever prompted for more than they state, then something is wrong.

 

TEXT MESSAGE

Most are less likely to fall for this, but it apparently works.

You aren’t at your computer and you get a quick text message from a strange number.  It appears or claims to be your bank or even your email account.  It says your account has been compromised, follow this link to verify your information and change your password.

Some even ask you to text back your password.   I hope you see the problem.  Your bank isn’t going to do this.

 

Phone Call

This one takes marbles.   As I mentioned earlier our bad guys know you are out of town.   They also have your cell number.   They assume that you will be using your credit card.   They have a very professionally sounding (usually female) caller call your cell and ask you if you are using your card out of town.  They explain they just want to make sure it hasn’t been stolen.  This makes you feel great that they are watching out for you.   They then claim that in-order to avoid your card being declined they would like you to verify a few things.   They ask your username, your password, a secrete question, the card number, etc. 

If you suspect this is baloney and it is, you should knowingly give them some false information.   They will accept it as the real thing and the call.

 

There is a reason all the security in the world can’t prevent this.   That’s because we humans are often times very careless.   We love to share and are encouraged to share our personal information on blogs (I'm guilty), social media, and others sites.   Phishing attacks have been around prior to the internet and they will continue to exist.   Use caution.

 

To learn out more about Banking Malware, see this very informative post from LGM Security.