Search This Blog

Sunday, 23 November 2014

Customer Problem 2: Malware Overload


A while back I had a blog on Google+ linked to my freelance IT business and I started recording some case studies. I think I only did a few in the end but I thought I'd share them anyway.

The Problem:

Had a good one a few weeks ago. An Acer netbook that was failing to load Windows. It was inconsistent, as sometimes it would get as far as the desktop and sometimes it would just show a black screen and go no further.

The Investigation:

In the good old days, you could start Windows in 'safe mode', a special mode that would load a very basic version of Windows, without any additional software. This was a great way to diagnose big, vague problems like this. Windows 8, however, is odd. You can only enable safe mode within Windows itself. This is no help if Windows won't load, which is usually the reason you'd want safe mode in the first place! A face-palm is appropriate at this point.

The Solution:


Anyway, to cut a long story short (too late?) the owner of the laptop had allowed a house guest to use it. This person clearly had no idea how to browse the web safely and intelligently, and had downloaded about every piece of malware to be found. This stuff can be a nightmare to remove but there are a few tools out there that, when used in combination, can strip pretty much all of the nasties out. Part of the problem is the amount of superfluous software that PC manufacturers install on their own new computers from the factory. This is commonly known as 'crapware'. It's an idiotic strategy, comparable to fitting a Porsche with a 40mph speed limiter. If you can't clean out the nasties, the only option left is usually to wipe the hard disk and install Windows afresh. I do this with most of my computers every couple of years or so anyway because it's the only way to guarantee a smooth-running system. Unless a computer is physically broken, it's rare for a technical problem to necessitate buying a new one, despite what 'experts' will tell you. The fact is that any computer will always be as fast as it was when you bought it. Hardware does not 'get slower', but poor software can make hardware appear slow.

The Lesson:


Anti-malware software is great for removing malware, but avoiding getting infected by it in the first place is a much better idea. One way to do this is to use Google's Chrome web browser and install an extension called 'AdBlock' (the 'most popular' one). This will prevent the vast majority of unwanted popups appearing, the ones that encourage you to click them because you've 'won a prize' or 'your computer is infected' (the malware programmers seem to have a taste for irony). It may also block some popups that you want, but you can mark certain sites as 'trusted'. It is free, but you can donate if you think it's an awesome piece of software.The bottom line is to question everything that encourages you to click it, and to read all of the words before you click on anything. Clicking 'next' or 'OK' over and over without actually reading what's on screen is the worst thing you can do. Be suspicious and be cautious at all times!

Home Page

Sources:


Malwarebytes Anti-Malware (free): ain't what it used to be, which was a small, independent, neat utility that scanned your hard drives and got rid of a bunch of nasties. It has unfortunately grown into something else but, if you can avoid the 'helper' app it installs in the system tray, it still works.

ADW Cleaner (free): similar story to above and is now under the Malwarebytes brand but has, without fail, been the best tool I've ever used for getting rid of software nasties.

Crap Cleaner (aka CCleaner, free): also has a 'helper' tool you want to avoid, as it will pester you with updates and upgrades. This is a great program to run once the malware has gone, as it has options for cleaning the Windows registry and uninstalling stubborn crapware.

Saturday, 22 November 2014

Customer Problem 1: The Slow Laptop

Home Page

A while back I had a blog on Google+ linked to my freelance IT business and I started recording some case studies. I think I only did a few in the end but I thought I'd share them anyway.

The Problem:

I have just finished working on a laptop that was coming up with a lot of errors in Windows (e.g. explorer.exe crashing) and general very poor performance (e.g. Applications taking an eternity to load along with Windows itself). At first, it appeared that it was a performance issue such as a lack of memory, or that there might have been malware causing issues but resolving these made no difference. The weirdest thing about it was the inconsistency - sometimes it worked, sometimes it didn't. The first part of fixing a problem is seeing a pattern or, even better, knowing the exact circumstances under which a problem makes itself apparent (replicating the problem).

The Investigation:

The machine was relatively old (socket 775 Core 2 Duo) and had been upgraded to Windows 7 from Windows XP, yet it still had 1GB of RAM. No brainer - an upgrade to 2Gb (£15) was necessary, but didn't appear to make any difference at first. It was then I put my ear to the hard disk and heard the tell-tell sound of bad sectors. This is easy when you're working on a laptop - not so much with a desktop computer.

Bad sectors don't actually make any noise. Sectors are the physical, measurable areas on a hard disk where files are stored. Small files may only occupy a single sector but, more commonly, a file will be spread across a group of sectors. If any of these sectors become damaged, the hard drive will repeatedly attempt to access the data until it either succeeds or gives up (a bit like when a scratched CD skips). This can manifest as a repetitive 'clicking' sound, usually in a recognisable pattern. While it may appear like something taking forever to load it's actually because of the pauses during the retries.

Bad sectors usually happen when a hard drive receives some kind of physical shock or jolt when it's in the process of reading data from the disk platters. Data is read from the disk by a 'head' that floats micrometers above the magnetic disk (or platter). If the head touches the disk, physical damage can occur and this results in bad sectors. This usually occurs when a laptop is dropped or knocked. While most laptops have built-in protection to prevent this kind of damage, it can't completely quash the forces of physics. Fortunately, most hard disk manufacturers provide free software that can scan your disk and identify such damage. But, if there are too many, the program will say the disk is defective. Of course it will - they want you to buy a replacement, so the tolerance level is set very low.

This problem can occur with any laptop or computer using mechanical magnetic media such as a hard disk drive. SSDs are immune to this specific problem, but they have their own issues.

The Solution:

More fortunate still, there is free software that will 'remap' the bad sectors. It will mark the damaged parts of the disk as unusable, and attempt to relocate the data on that sector. Sometimes it works, sometimes it doesn't, and there is always a risk of data loss. If you have too many bad sectors, replacing the hard disk is usually a good idea, but if there are only a few, you might be lucky enough not to lose any data at all and continue using the drive. I use a program called ViVARD, which is on the Ultimate Boot CD (UBCD), a free collection of tools and utilities that boots from either a CD or a USB stick.

In this instance, the physical damage was not widespread and the remapping worked. I left it running all night and the client rebooted the computer in the morning. Windows immediately began running better - no crashes, no pauses, no lag, all aided by the RAM upgrade (Windows XP struggles with anything less than 2Gb).

The Lesson:

Don't move your laptop any distance when it's powered on. If you need to relocated, put it to sleep or shut it down. Most laptops go to sleep when you close the lid but make sure you check this is the case before you move it!