Friday, June 24, 2016

How to Unlock, Edit or Print a Protected PDF File

It's pretty simple to lock a PDF file from being printed, copied or altered. You can do it with most PDF editor programs like Adobe XI.
Unfortunately, these documents often are locked and the password is missplaced.  This prevents printing, editing or even copying the text from the document.

There is a simple trick that can unlock MOST password protected PDF files
For this reason, important documents should be encrypted, but I digress.

Here is a method for unlocking password protected PDF files by printing to the built in Windows XPS printer:

For this example, I used a Windows 7 64 bit system with the built-in XPS printer and viewer enabled.
  • Open the PDF File with your PDF Viewer (I use Adobe XI in the example)
  • Choose File
  • Choose Print

  • Choose the Microsoft XPS Writer.

  • Rather than print to paper, this prints to file.  You will be prompted to save the file somewhere. I just saved it to my Windows Desktop.

  • Now, convert the .XPS file back to a PDF. Right Click the file you saved to the desktop (or wherever you saved) and choose Convert to PDF.
  • If you don't have that option, you may need to Print the File back to a PDF.  Similar to what you did converting it to an XPS file.  
The end result is a new PDF file that is unlocked.

Monday, March 28, 2016

Remove a Windows update via Windows Server Update Services

  1. Open the Windows Server Update Services MMC console and connect to your server
  2. Expand Update Services => Server Name => Updates
  3. Right-click All Updates and select Search
  4. Enter the kb number of the update you would like to remove and press Find Now
  5. Right-click the update and select Approve - Then view the  Status Report   * This step is needed to see how many clients still have the unwanted update installed.
  6. Now, Right Click either a specific group of computers or all computers and choose Approved for Removal then choose OK.

Friday, August 23, 2013

The Big Red X: Disconnected Network Drive Maps and Group Policy

For years, I have been running a very reliable Logon  batch file that mapped various network drives on our network.  If you have never created a Logon script all you need is a notepad. 

My script called  for the deletion of any current mapped drives and it replaced all of those with usually the exact same mapping.  It worked 99.9% of the time and if it didn't a quick restart usually resolved the issue. 

 Here is my old Script:

Then one morning all the peace and tranquility was lost.
My phone was ringing off the hook with network users complaining that they couldn't access various mapped drives or the software that ran from those drives just wasn't running.  Mapped drives just stopped working.
When I looked into it, all of their mapped drives had a an ugly red X on them.
While I am still uncertain of the cause, a recent change in DHCP lease time and DNS scavenging did coincide with the problem.
  • I could ping the server to which they were mapping.
  • I could navigate to it via the path.
  • I could even click the Big Red X on the drive letter and see the content of the mapped drive.
Several things that didn't work
1. Praying to the Flying Spaghetti Monster for help
2. Re-writing my logon.bat script
3. Creating a batch file to run as script that delete all drives and then running my old script.
4. Changing my logon to a VBS logon script with fancy, fancy code that's twice as long.
5. Applying mapped drives to domain Computers (not users) via Group Policy
This is what worked for me.
Remove the Logon.bat from the users profile
1. Click AD -  users and computers
2. Go to your DOMAIN
3. Choose the user group in question.
4. Choose the trouble user (s)
5. Right click, choose properties
6. Go to the Profile Tab
7. Remove your former Logon script (make note of the drives you need mapped first)
Add the Mapped Drives through Group Policy Management
1. Open your Domain under Group Policy Management
2. Go to your Group Policy Objects
3. Right Click and create a new Policy.  Just call it "Mapped Drives"
4. Right Click the new GPO called Mapped Drives, and choose Edit
5. Expand the User Configuration
6. Expand Preferences
7. Expand Windows Settings
8.  Choose Drive Maps
9.  Create a mapped drive for all of the drives formerly mapped with the logon script.
10. Make sure to choose reconnect
11. Change the action to Update
12.  Make sure Show This drive is checked
13.  You won't need to give it a Label.
Update the Group Policy on the Domain controller and possibly on the end user.
1. Go to the Domain Controller
2. open a command prompt and run a gpupdate.exe /force
Now in theory this should force the policy the next time the user logs into your domain, so telling them to log off and back on SHOULD do the trick. 
However, I found on some users I needed to manually run a GPUPDATE.exe /force from a run command.   Then restart their computer.
After that, all drives appeared connected and seem to hold.

Monday, August 5, 2013

Print the Entire Contents of a File Folder

As I mentioned in my last post, a common task for most law firm's is to list or print the contents of a Windows folder.  

That task can be done through a command line, but remains very user "not-so-friendly".

There are a few really great third party applications that can do this and with relative ease.
One that I use is a great application called TreeSize by JAM software.   It's available from their site with both a personal use version and really useful professional version.

This sort of reporting is very useful when migrating data into a Document Management System or to get a glance at data prior to building a backup structure.   It can also be helpful in Electronic Discovery and document productions in the legal field.

For my example,  I will be using the free version.

I chose a folder on my desktop called "example"

After selecting the folder, TreeSize will begin scanning the directory and all sub-folders to list their contents.
Once it's done, expand all the subfolders and choose Print. 

My default printer is set to my PDF printer so I will save and name the file.

The end result is a very comprehensive report of the contents of any directory. 


Print the Contents of a Directory from Windows Command Prompt

Working with law firms, I often get tasked to list or index the contents of a Windows File Folder either from an external drive or a disk.  While Windows explorer makes this an easy task, they still do not make it simple for those needing to create a paper or even a simple text listing of the file and folder structure.  

While not likely that most end users will do it, you can complete a basic print out like this from a command prompt by doing the following.

  • Open the folder tree in question with Windows Explorer

  • Highlight the folders path and copy it to your clipboard.  In this case, the folder is on my desktop

  • Click Start, Choose Run and type CMD to bring up the command line.

  • Change the directory to the example folder.  Again this on my desktop so I used: cd\users\jsmith\desktop\example
  • Run the directory command with the option to print the file names and any other files in the directories in the current directory.  The results will be placed in plain text file in the same directory.

Thursday, August 1, 2013

Computers are calculators too

 I am baffled by the people that require a stand alone cheap calculator when they already have a very accurate one in their computer. 


In Windows 7 you can access your calculator it by going to Start Menu - > Accessories -> Calculator.

The calculator can be opened also by typing calculator or just calc in the Start Menu search box.


The calculator has 4 main modes with which you can do calculations:

·         The Standard Mode.

·         The Scientific Mode.

·         The Programming Mode.

·         The Statistics Mode.

Some of the New Features of the Windows Calculator:

Unit Conversions - Offers different conversions units (angle, pressure, volume, time etc.) and it is really simple to use.

To calculate unites of time, select the type of transformation (example: Time), the From unit measurement (like Hour), and the To measurement unit (like Second).

Date calculation

For reasons ranging to contract periods to calculating vacation time, it is great to see it implemented into the program.

  • You can subtract between two days from the calendar or you can personally add or remove days, years , etc from the date that was set.

Select the dates (from and to) to see the difference between them. Or one can also manually type a number of days, months (etc.) to subtract (or add) from a date and to see the final result.

This is done by clicking on the 'Calculate the difference between two dates' and selecting the second given option.

4.       Worksheets - These are options offered for real life calculations.

Examples are to calculate mortgage, vehicle lease or car gas mileage.


Tuesday, July 16, 2013

Remove my mugshot or embarrassing photo scams

These are two targeted scams that are growing in popularity and victims.
A number of websites are gathering, real mugshots out of public databases, and contacting the people who took them.
They are then extorting the people for hundreds of dollars to remove their photos and names from their public, database.   They then sell the photos to another company who repeats the same extortion scam over again.
If you have a criminal record, people are going to know.   Don't fuel these guys by giving into them. 


Is a social engineering scam that is more likely to appear in your inbox than the mugshot scam.
In this attack, people that weren't arrested in the first place are being targeted with an email that claims their mugshot or embarrassing Facebook photo is easy to find on the Internet.   Another variation claims that someone just “tagged” a photo of them on Facebook or other social media.   The email claims they can click here to view the photo. The link leads them to a legitimate web site that has been compromised and infects their PC with malware or a Trojan horse virus.

Monday, July 8, 2013

Word 2010 and Track Changes Problems

When using Word 2010 with Track Changes, redlines or changes are marked in different colors by author and reviewer names.  
The problem some of our end users are having is upon saving the document, their changes are saved to the same color as the original Author and all the reviewers names including their own are removed.

In other words, your personal information is being removed and all reviewers are being called Author.  This happens when the remove personal information on save feature is checked under Words privacy settings. 
Here is how to fix it:

  1. In Word 2010, click File
  2. Choose Options
  3. Choose Trust Center
  4. UNCHECK Remove Personal information on save




Tuesday, June 25, 2013

Email Subject Lines Are Important.

Recently, I had an end user complain about email delivery problems to an intended recipient.  The recipient, couldn't find the message in her spam/junk email folder and we received no bounce back to the sender's domain.
I looked through his sent items and noticed, every time he claimed his recipient had not read the email, the subject line had been left blank.   Sure enough this seemed to be the cause of the problem.  
We use email so much in day-to-day life that structure sometimes is disregarded.   While I agree email isn't meant to be as formal as a true letter, certain characteristics can prevent email from working as planned.
The Subject line of an email notifies the recipient what the email is about and can be used to identify the email at a later date. 
Additionally the subject line is used by Spam filters to determine if your message should be delivered at all.
 If your message is designated as spam, it may be deleted  at the receiving end without your recipient seeing it and with no notification to you (the sender).
Here are some common subject line spam triggers:
  • A blank subject line
  • Abbreviated months (for example, Apr. for April)
  • The word approved, or any derivation
  • Words like at no cost, free, low cost, reduced price or any derivation
  • Subject lines in all capital letters
  • Dollar Signs
  • Using words that attempt to create urgency:
    AccessAct Now!Apply now
    Apply Online Call free Call now 
    Can't live withoutDo it todayDon't delete 
    Don't hesitateFor instant access For Only
    For youGet it nowGet started now 
    Great offer Info you requestedInformation you requested
    Instantlimited timeNew customers only 
    NowNow onlyOffer expires 
    Once in lifetime One timeOnly
    Order nowOrder todayPlease read 
    Special promotion Supplies are limitedTake action now
    Time limitedUrgentWhile supplies last 
You should indicate urgency with the High Importance Button in your email client rather than placing it in the subject line.
  • One word Subject lines.
The most useful Subject lines are formed as short and complete sentences.
Thanks to a post by HubSpot here are some additional words that MAY cause your message to be flagged:
Additional IncomeBe your own bossCompete for your business
Double yourEarn $Earn extra cash
Earn per week Expect to earn Extra income
Home basedHome employmentHomebased business
Income from homeMake $Make money
Money makingOnline biz opportunityOnline degree
Opportunity Potential earnings University diplomas
While you sleep Work at home Work from home

BeneficiaryBest priceBig bucks 
CashCash bonus Cashcashcash
Cents on the dollar CheapCheck
ClaimsCollectCompare rates
CostCreditCredit bureaus 
DiscountEarnEasy terms 
F r e eFast cashFor just $XXX
Hidden assets hidden chargesIncome
Incredible dealInsurance Investment
LoansLowest price Million dollars
MoneyMoney backMortgage
Mortgage rates No costNo fees 
One hundred percent free Only $ Pennies a day 
PriceProfits Pure profit
QuoteRefinanceSave $
Save big moneySave up toSerious cash
Subject to creditThey keep your money -- no refund! Unsecured credit
Unsecured debtUS dollarsWhy pay more? 

Accept Credit CardsCards acceptedCheck or money order 
Credit card offers Explode your businessFull refund 
Investment decision No credit check No hidden Costs
No investmentRequires initial investmentSent in compliance
Stock alert Stock disclaimer statement Stock pick 

Avoid bankruptcyCalling creditorsCollect child support
Consolidate debt and creditConsolidate your debtEliminate bad credit 
Eliminate debtFinancially independentGet out of debt
Get paid Lower interest rateLower monthly payment 
Lower your mortgage rateLowest insurance ratesPre-approved
Refinance home Social security number Your income


Dear [email/friend/somebody] FriendHello

AdAuto email removal Bulk email
ClickClick belowClick here
Click to remove Direct email Direct marketing 
Email harvest Email marketing Form
Increase sales Increase traffic Increase your sales
Internet marketInternet marketingMarketing
Marketing solutions Mass email Member
Month trial offerMore Internet TrafficMulti level marketing
NotspamOne time mailing Online marketing
OpenOpt inPerformance
Removal instructionsSaleSales
Search engine listingsSearch enginesSubscribe
The following formThis isn't junk This isn't spam 
Undisclosed recipientUnsubscribeVisit our website
We hate spam Web trafficWill not believe your eyes 

Cures baldness DiagnosticsFast Viagra delivery
Human growth hormoneLife InsuranceLose weight
Lose weight spam MedicineNo medical exams
Online pharmacy Removes wrinklesReverses aging
Stop snoring ValiumViagra
VicodinWeight lossXanax

#1100% free100% Satisfied
4U50% offBillion
Billion dollars Join millionsJoin millions of Americans 
MillionOne hundred percent guaranteed Thousands

Being a memberBilling address Call
Cannot be combined with any other offer Confidentially on all orders Deal
Financial freedom Gift certificateGiving away
Guarantee Have you been turned down? If only it were that easy
Important information regardingIn accordance with lawsLong distance phone offer
Mail in order form Message containsName brand 
Nigerian No age restrictions No catch 
No claim forms No disappointment No experience 
No gimmick No inventory No middleman
No obligationNo purchase necessaryNo questions asked
No sellingNo strings attachedNo-obligation
Not intended ObligationOff shore
OfferPer dayPer week
Priority mailPrizePrizes
Produced and sent out Reserves the rightShopping spree 
Stuff on saleTerms and conditionsThe best rates
They’re just giving it awayTrialunlimited
UnsolicitedVacationVacation offers
WarrantyWe honor all Weekend getaway 
What are you waiting for? Who really wins? Win
Winner Winning won
You are a winner!You have been selected You’re a Winner!

Cancel at any time CompareCopy accurately 
GetGive it awayPrint form signature
Print out and fax See for yourselfSign up free today 

FreeFree access Free cell phone 
Free consultation Free DVD Free gift
Free grant moneyFree hostingFree installation 
Free InstantFree investment Free leads 
Free membership Free money Free offer 
Free preview Free priority mail Free quote 
Free sample Free trial Free website 

All naturalAll newAmazing 
CertifiedCongratulations Drastically reduced 
Fantastic deal For free Guaranteed
It’s effectiveOutstanding values Promise you
Real thingRisk freeSatisfaction guaranteed 

Thanks to HubSpot for the list of common Subject line Triggers.


Tuesday, June 4, 2013

Spear Phishing, Malware and too much information

Phishing attacks are a deceptive form of social engineering that exploits current web, network and email security technologies. The goal of a phishing attack is to obtain access to someone’s username, password, financial account information or access to confidential information that can be sold on a black market.

In the past, most of these came in as very easy to spot emails, but that’s changing.   Now the emails are very well hidden and extremely convincing.   They are also targeted or SPEAR PHISHED to their intended targets.   Phishing attacks use a combination of data obtained from Social Media sites, websites all to create specific deceptive communications to their targets.

This his how these COULD BE DONE

Your friend’s [insert popular social media here] account password is compromised.   The person with that access now sees that you are fan of Bank of America and you post to your [insert popular social media here] using an iPhone.  I’m not picking on iPhones this is just an example

 They also see that your mobile phone and email address are shared with your friends through [insert popular social media here].
"the Bad Guys" now have the following:
  1. Your email account
  2. The fact that you own an iTunes account (99.9% of all iPhone users do)
  3. They know what bank you use and what fake email to send
  4. They have your cell phone to send you fake notices about your bank account, iTunes account or email account.
  5. You may be currently out of town on vacation (bonus for them)
Now "the Bad Guys" are going to masquerade as trustworthy source.  They may choose the source from the information they obtained from the hacked social media account. 

Occasionally banks will verify that you are using your credit card outside of the normal area.   So you don’t think anything of it when you get a text, email or even a phone call from your bank asking you to answer a few questions to verify your card is authorized to be used away from your home.


You get an email that appears to arrive from your bank.   You click the link on your laptop. You have just installed something called a Blackhole Exploit Kit or “Man-in-the-Browser” attack. 

The banking link doesn’t do anything to the laptop.  It may actually just freeze up or restart your browser.   So you decide to go to your bank the traditional way.  What you don’t see is that the bank site is redirected and masked by this malware.   So you are really entering information inot an infected or spoofed site controlled by “the Bad guys”.  
The site looks legitimate, but it may ask for more user credentials than you usually provide.  It might say something like “Your request can’t be processed.  Please verify the following information.” 
Above a Non-infected BOA account Message
This image from LMG Security


Above: Infected BOA account asking too much information
This image from LMG Security


The site will ask for an unusal amount of information for verification.  Be familiar with your banks HELP tab about what information they may require.  If you are ever prompted for more than they state, then something is wrong.


Most are less likely to fall for this, but it apparently works.

You aren’t at your computer and you get a quick text message from a strange number.  It appears or claims to be your bank or even your email account.  It says your account has been compromised, follow this link to verify your information and change your password.

Some even ask you to text back your password.   I hope you see the problem.  Your bank isn’t going to do this.

Phone Call

This one takes marbles.   As I mentioned earlier our bad guys know you are out of town.   They also have your cell number.   They assume that you will be using your credit card.   They have a very professionally sounding (usually female) caller call your cell and ask you if you are using your card out of town.  They explain they just want to make sure it hasn’t been stolen.  This makes you feel great that they are watching out for you.   They then claim that in-order to avoid your card being declined they would like you to verify a few things.   They ask your username, your password, a secrete question, the card number, etc. 

If you suspect this is baloney and it is, you should knowingly give them some false information.   They will accept it as the real thing and the call.

There is a reason all the security in the world can’t prevent this.   That’s because we humans are often times very careless.   We love to share and are encouraged to share our personal information on blogs (I'm guilty), social media, and others sites.   Phishing attacks have been around prior to the internet and they will continue to exist.   Use caution.
To learn out more about Banking Malware, see this very informative post from LGM Security.