Items filtered by date: December 2015

in the Joomla admin

• Extensions --> Language Manager
• Select the language you want to alter i.e. English (en-GB) (you might not need to do this but it does not harm)
• Click Overides
• Click New
• Change 'Search For' to search Constant
• paste or type JPAGETITLE
• Click on the JPAGETITLE highlighted area that appears below
• Replace '-' with '|'
• Click Save and Close

The '-' is now overided for '|' for that language only and with no core file alterations. This is also only for the Frontend.

Links

• joomla3.0 - Change Joomla 3 page title and site name separator from '-' to '|' - Stack Overflow

This is a single page for all of the basic Typography features of the Joomlashine templates. When a section gets big enought it will be moved to it's own page and that is why you might not see it here.

Table

This is a full and correct example of a Joomlashine table with a coloured header and odd rows coloured. There is an even class for rows but I prefer just to have the odd rows coloured and then I have centered the table to make it look nice. Joomlashine templates offer several table stylings that can be easily changed, this is but one of them but the basic cade apart from a few CSS classes is the same.

<table border="1" class="table-style style-colorheader" style="margin: auto auto;" cellspacing="0" cellpadding="0">
	<thead>
		<tr>
			<th style="text-align: center;" width="81">&nbsp;</th>
			<th style="text-align: center;" width="81">Monday</th>
			<th style="text-align: center;" width="81">Tuesday</th>
			<th style="text-align: center;" width="81">Wednesday</th>
			<th style="text-align: center;" width="81">Thursday</th>
			<th style="text-align: center;" width="81">Friday</th>
			<th style="text-align: center;" width="81">Sat - Sun</th>
		</tr>
	</thead>
	<tfoot>
		<tr>
			<th>Guide Only</th>
			<td colspan="7">All Prices in &pound;</td>
		</tr>
	</tfoot>
	<tbody>
		<tr>
			<th style="text-align: center;" width="81">Arwen</th>
			<td style="text-align: center;" width="81">280</td>
			<td style="text-align: center;" width="81">375</td>
			<td style="text-align: center;" width="81">240</td>
			<td style="text-align: center;" width="81">240</td>
			<td style="text-align: center;" width="81">460</td>
			<td style="text-align: center;" width="81">665</td>
		</tr>
		<tr class="odd">
			<th style="text-align: center;" width="81">Croglin</th>
			<td style="text-align: center;" width="81">270</td>
			<td style="text-align: center;" width="81">360</td>
			<td style="text-align: center;" width="81">230</td>
			<td style="text-align: center;" width="81">230</td>
			<td style="text-align: center;" width="81">430</td>
			<td style="text-align: center;" width="81">630</td>
		</tr>
		<tr>
			<th style="text-align: center;" width="81">Evelyn</th>
			<td style="text-align: center;" width="81">170</td>
			<td style="text-align: center;" width="81">225</td>
			<td style="text-align: center;" width="81">140</td>
			<td style="text-align: center;" width="81">140</td>
			<td style="text-align: center;" width="81">270</td>
			<td style="text-align: center;" width="81">420</td>
		</tr>
		<tr class="odd">
			<th style="text-align: center;" width="81">Gwendoline</th>
			<td style="text-align: center;" width="81">180</td>
			<td style="text-align: center;" width="81">240</td>
			<td style="text-align: center;" width="81">150</td>
			<td style="text-align: center;" width="81">150</td>
			<td style="text-align: center;" width="81">290</td>
			<td style="text-align: center;" width="81">455</td>
		</tr>
		<tr>
			<th style="text-align: center;" width="81">Ruby</th>
			<td style="text-align: center;" width="81">150</td>
			<td style="text-align: center;" width="81">195</td>
			<td style="text-align: center;" width="81">130</td>
			<td style="text-align: center;" width="81">130</td>
			<td style="text-align: center;" width="81">220</td>
			<td style="text-align: center;" width="81">350</td>
		</tr>
	</tbody>
</table>

Content Columns / Grid Colum Layout

This is the syntax for using Joomlashines inbuilt column system. You can set as many columns as you want.

<div class="grid-layout">
	<div>Text in column 1</div>
	<div>Text in column 2</div>
	<div>Text in column 3</div>
</div>

Blockquotes

Blockquote 1

This is a nice Blockquote from JSN Air

CSS

.testimonials {
	font-family:Georgia, "Times New Roman", Times, serif;
	font-style:italic;
	font-size:12px;
	color:#898989;
}

HTML

<div>
	<h4>Every company should be this way</h4>
	<blockquote>
		<p class="testimonials">Outstanding Products, Outstanding Support, Outstanding Business Ethics...Every company should follow these guys. WELL WORTH THE MONEY!</p>
		<p><strong>Bob Stevenson</strong></p>
	</blockquote>
</div>

Blockquote 2

HTML

<blockquote>
	<h4>Super Gallery</h4>
	<p>Super gallery! I really like it right from first few minutes when i download it. Excellent documentation with great visualisation. Didn't get a chance to contact to support bec. everything clear and working smooth! Thank you guys!</p>
	<p>samed1978,</p>
	<p><a href="http://quantumwarp.com/" target="_blank">Review from JED</a></p>
</blockquote>

There are 2 types of file caching implicit and explicit when talking about browsers but a 3rd type of caching, is proxying which is dealt with by external servers to reduce network load.

Implicit

This is where a file might be read from the cache or not. this works by th use of the last-modified header. most browsers will ask the server if the file they seek is newer thant the version it has it its cache. if it does not have the file in the cache it will download the file and if it does have the file in its cache it will see, via a header request, if the file on the server is newer, if newer it will download, if not it will use the locally stored version. by default the las-modified header is always sent but can be disabled by removing the header which will force the files always to be downloaded if not other cache headers are set.

Explicit

This is set by using the 'expires' header. you can set a date on the server when you want this file to expire. what this does is tell the browser to use the locally stored file until the expiry date is passed, the browser will not even do a header look up, it just accepts that it should use the locally stored file witout question. using this metjhod reduces header lookups for files that it already has but has a downfall that if these files are updated on the webserver that they will not get updated until either the client empties their browser cache, presses CTRL+F5 for a hard refresh of the expiry date passes. it is also common when using this type of cachiing that you can unset the 'last-modified' header to reduce traffic from your webserver.

Proxies

This is a metjod of caching data between the webserver and the targeet client without anyone in the stream really noticing. these servers can be used to load balance traffic and off load the caching and serving of files to a specific machine where that is all it does. the proxy does not generate the code but just mearly keeps a copy of it and servers it to a client. A CDN is a type of proxy and probably one of the most recognisably uses of a proxy. A CDN is used to negate issues of a worldwide distrubutions of a single website. If a single website is loacted in america and someone in austrailia tries accessing this site they will find it a lot slower that someone in california trying to access this website becauser they are thousands of miles away so the traffic has to travel a lot further so if you have a copy of this american website on a proxy server in austrailia the site appears to run just as quick in austrailia as it is in america because the files are travelling from the proxy server located in austrailia and not amrica. Not only does this method save time but money aswell because transataltic traffic is expensive. Proxy servers are more complex than just blind file caching because of how websites work so they can sync data, load balance and much more which is all configurable but in the end they do what they say on the tin.

Dodgy RAM can caused by a bad connection between the socket and the DIMM other than failed cells.

Bad connections can be caused because the DIMM socket is damaged or there is oxidation on either the DIMM connectors or the sockets connectors. This can be remedied by cleaning the oxidation off the surfaces by using isopropanol to clean the areas.

Further Notes

If pins of a socket are damaged or missing on one side of the socket, you could use DIMMs with chips only on one side. The chips on that side of the DIMM are only accessed by that side of the socket.

Using the memory with chips on one side only might only half of the time. It will also only allow you to have half the maximum RAM of that socket.

The reason is because:

• A DIMM has 2 sides, A and B
• Side A is accessed before Side B
• Single sided DIMMs are populated on the A side
• If the damage is to the B side of the DIMM socket then putting in a single sided chip will work because the B side of the socket is never accessed.
• If the damage to the socket is to the A side, no matter whether you use a single or double sided DIMM then side A will always be accessed and will cause errors from that DIMM/Socket

Every so often on my dell laptop a command prompt opens with taskeng.exe being executed in it.

taskeng.exe runs supportassist.exe which is part of the Dell software package.

Links

• A major bug in the latest SupportAssist / Dell Diag Control Device - Microsoft OS Forum - Software & Operating Systems - Dell Community

One of the main area for issues with Windows 10 is the way it handles displays/monitors.

Setup

• Dell E6540 Laptop
• 2 x Dell U2414H connected by HDMI

My monitors were shown in device manager on my Dell e6540. For my dell U2414H I also updated the drivers instead of using the generic Microsoft ones (not sure htis would of made a difference though)

• Goto the intel HD Graphics Control Panel
• Multiple Displays Tab
• Goto the "Select One or More Active Displays" section
• You will find your missing monitor listed and set to none and save
• Set to match the name of your monitor andsave
• Done

Other fixes that you should try first

• Update drivers
• Update monitor drivers
• Reboot your PC with all the monitors turned on
• If using a laptop on a docking station, undock and then re-dock
• Try a different monitor
• Make sure windows 10 is all upto date
• Run intel driver update utility
• Make sure all drivers are present (ie SM Bus / Chipset drivers)

Sometimes for no apparent reason Windows 8 will only load so far and there will be a black screen sometimes with a cursor, this is also know as KSOD

Scenario

• You get a black screen when you boot normally
• you also get the blackscreen when you boot with safe-mode and the other variants of startup.
• The PC seems to load almost until the login screen
• Also, when you run system restore form the 'recovery console'/dart tools you get an error saying it caannot do a restore because a file is in use. I have tried several restore points.

From the Recovery Console

• chkdsk - issues found
• sfc /scannow - issues found
• I ran the system restore again which still did not work
• subinacl does not run in the console

Followup

All the information points to it being an issue with anitvirus and that you should disable this or remove it. This would be ok but i cannot even access windows in safe mode to disable/remove the AV. I will considering manually deleting/moving the av folder in program files.

I am convinced it is a KSOD style issue and is a permmissions thing.

Resetting Permissions

icacls

icacls * /T /Q /C /RESET   (this is present in the windows 8 recovery console)

• 1/3 were processed but 2/3 failed, kept on saying file not found or access denied
• windows will not boot
• this wipes the system restore points

secedit

Try restoring the permissions using:

secedit /configure /cfg %windir%\inf\defltbase.inf /db

does not exist in the recovery console

Try this !!

Dism /Online /Cleanup-Image /RestoreHealth
pause
sfc /scannow
pause

You can apparently use DSIM to restore system files when SFC will not work. I have not used it.

Search the KB for 'Issue with Dism/Online/Cleanup-Image/RestoreHealth (instead of sfc)'

Process Overview

So far I have not found a resolution to this issue.

You need this feature if you have selected the wrong network type and do not want to manually change all the settings which can be numerous.

This will wipe all of the rules attached to the netwrok you are deleting.

1. Goto network zones and delete the work#1 and home#1 etc... networks
2. Stop and start your ethernet adpater or pull the cable.
3. If needed delete all the rules for applications and the relevant networks ie #home1, #work#2
4. Comodo CIS should now redetect your network

Backup the combofix folder before doing anything

CFDQ-UsrPrf.exe

Running CFDQ-UsrPrf.exe restored all the missing files.

1. The cfscrpit method starts combofix again.
2. I did not let it run to the end to see if it completed the de-quaratining as per instructions. This needs looking at.
3. The combofix said stage1 and stage 2 when i cancelled it because i thought it was going to run again. It could of been this that restored the files because a text file appeared showing de-quaratine success.

I need to check this on a vmmachine with the clients hdd on it. and really play

ComboFix Notes

• when it deletes a file it puts it in the quaratine. this should be renamed to quaratining the file not delteing.
• when you run combo fix a secondtime there is a possibility it appends to the quaratine

Links

• Restore files from ComboFix quarantine - General Security

This article will help you deal with Cryptolocker, and hopefully prevent you getting it. If you are heere because you are already infected I have also givend some things you can try to get rid of the infection and hopefully recover some of your data.

Clean List

This does not unencrypt your files but cleans the infection. If your files are encrypted I would recommend buying a new hard drive and starting again on that drive while you wait to see if you can recover your files. Do not pay the ransom, there are no guarantees you will get your files back either. If you try an decrypt your files I would recommend performing that on an image of your drive, ye that’s right you could end up with 3 hard drives.

Recommended list of things to do to remove the Cryptolocker infection

1. Image PC hard drive to another HDD
2. Comodo Rescue - Boot from DVD, update and scan
3. Hitman Pro Kickstart- Boot from DVD, update and scan
4. Comodo CIS, install update and scan
5. Malwarebytes, install update and scan
6. sfc /scannow
7. Netsh winsock reset
8. Combofix
9. Hitman Pro Alerts, install update and scan alerts
10. Check for infections manually
11. Scan with other Antivirus software (Avast/AVG....)

Prevent List

These are things you can do to reduce your chance of getting infected by Cryptolocker in the first place.

• Foolishit CyrptoPrevent - Modifies Registry and Group Ploicies
• Hitman Pro Alerts, install update and scan alerts
• Use Comodo CIS as your security solution and enable:
  
  • HIPS
  • Behaviour Analysis
  • Virus Scope
  • Auto Sandbox
  • Comodo Secure DNS (or Your prefered secure DNS)
• Firefox - Use only this browser and:
  
  • No Script
  • Disble Flash by default
  • Block all Adds (UBlock Origin)
  • Run in a sandbox (Comodo CIS has this feature)
• Google Chrome
  • Block all Adds (UBlock Origin)
  • Run in a sandbox (Comodo CIS has this feature)
  • Anythinthing else that is in the Firefox List
• Malwarebytes Anti-Exploit (Pro version is better)
• Malwarebytes Pro - Has a real time scanner
• User Account Rights
  • Create an administrator account with a password on it
  • Downgrade all accounts to Non-admin rights (Standard User)
• Software
  • Use software whitelisting methods rather than blacklisting
  • Update Windows (set to automatic updates)
  • Update in particular
    • Adobe PDF - better to completely remove
    • Adobe Flash - better to completely remove
    • Java - better to completely remove
  • Update all software
  • Remove unneeded software
• Network / Network Shares / Mapped Drives
  
  • Secure DNS (Comodo/OpenDNS/Norton DNS etc..)
  • Restrict what sites staff/computers can visit on a network level
  • Disable public network settings in network sharing (advanced settings)
  • make all shares read only or disable them, inluding c$, d$
  • Dont use mapped drives
  • Hardware SPI Firewall that scans the traffic on a hardware basis
  • Always use a NAT router and never expose a computer to the internet witha real IP
  • Disable all unneeded ports
  • Point DMZ to a non-existant internal IP
• Email
  • Spam filters on your email server
  • Secure email to prevent credential capturing
  • Antivirus Email scanning - A specific scanner that checks all incoming and outgoing mail for virus and then cleans the mail
  • block all .exe in outlook or whatever email client you are using.
• HardCore (only if you really can)
  • Remove internet access
  • Disable all usb ports
  • Remove all Web Browsers
  • Use Group Policy and cripple the computer except for what is required of it.

* These measures could go in my security document

Mitigation

Backup Your Data

This is bar for one of the most importatn things you can do, but there are a few rules you must follow depending on your backup solution

• Backups should be created for all of the following reasons
  • Restore from cryptolocker infection
  • Prior version of files
  • Hardware failure
• All backups must be stored off the machine with the data on
• Air-gapped backups are an excellent defence against cryptocloker but requires manual intervention
• When using shared folder to store backup
  • Do not connect to backup shares with mapped drives
  • Backup shares should be a unc path not a mapped drive. If there is no mapped drive, cryptolocker cannot see it.
  • The share should have password protection on which is not the same as the logged on user. If cryptolocker does find the share, it is unable to logon because the user's account does not have permission.
  • The username and password for the share will be stored within the backup software only preventing it being exposed to cryptolocker.
• Incremental backups
  • Even if your files get encrypted you will have a prior version of ll your files.
  • If you use just a backup and replace policy if your dont notice that your files are encrypted your backedup files will also get replaced with encrypted versions.
• Cloud Based backup
  • These can be an excellent method of keeping your files safe as they tend to have incremental file backups in place.
  • These systems will have massive hardware redundancy so you do not have to worry about this eithere
  • The downside to these is there are a paid service so once you started to use them you have to keep paying them

Data Recovery Options

Image the affected Hard Drive before you do anything and make sure youo do not boot of the infected drive.

• Volume Shadow Copy / System Restore - Use these programs to browse SystemRestore Points
  
  • ShadowExplorer.com - ShadowExplorer allows you to browse the Shadow Copies created by the Windows Vista / 7 / 8 Volume Shadow Copy Service. It's especially thought for users of the home editions, who don't have access to the shadow copies by default, but it's also useful for users of the other editions.
  • System Restore Explorer - System Restore Explorer is a tool which allows you to browse system restore points on your computer and select individual ones for deletion should you wish to free up some disk space. It also allows you to mount the contents of a restore point into a folder so that you can browse and copy individual files, without the need to perform a full system restore.
• Previous Versions - Some folders store old versions of files using the System Restore technology. The Desktop fodlerdoes but i do not know what others do by default. You can acces these versions by
  • Boot off the infected drive in to windows
  • Navigate to the the Desktop folder via 'My computer' C:\Users\{User Account}\
  • Right click on the Desktop folder
  • Click on the 'Previous Versions' tab
  • Restore files as needed.
• Browse the hard drive offline - In another computer and manually Copy off unaffected files.

Recommend Cleaning Software

• Comodo Rescue DVD
• Hitman Pro Kickstart DVD
• Comodo CIS
• Malwarebytes
• Hitman Pro Alerts
• Additional AV
  • AVG
  • Avast

Links

• http://www.bleepingcomputer.com/virus-removal/cryptolocker-ransomware-information
• http://www.surfright.nl/en/kickstart
• http://www.surfright.nl/en/cryptoguard
• https://www.youtube.com/watch?v=Gz2kmmsMpMI
• http://www.thewindowsclub.com/hitman-pro-alert-review-free
• http://www.surfright.nl/en/hitmanpro/
• How To Avoid CryptoLocker Ransomware — Krebs on Security
• CryptoLocker Virus – Best Practices to Ensure 100% Immunity | Comodo