Citronix Tech Services – Houston Computer Repair

The old version of this guide was very complicated and convoluted. If you can boot into Windows, then you shouldn’t need to mess around with PLoP or any other nonsense, just change a flag in the ini file of the Windows flash program and you’re set.

I need to add the following disclaimer from my old post

NOTE: This guide is written for tech savvy people who know what they are doing. If you are uncomfortable with the command line, flashing BIOSes or getting your hands dirty, don’t attempt this process yourself. I cannot and will not hold your hand while you do this. I wrote this guide because I didn’t see anything like it online and I wanted to leave it here as a quick guide for other techs. I can’t offer support for this procedure. If you need computer repair in Houston, then please call me and I would be glad to do this for you.

From a commenter named Hilal, we have the following instructions:

You can also download the the windows version of the flasher, open the platform.ini file with notepad . In the ForceFlash section, set Password = 1 . It will force the flasher to reflash the password and thus removing it. Then open the flasher exe file and Flash! I tried it and it worked on my Acer Travelmate.

In sequential instruction form, here’s what you do.

1. Download the BIOS update from your computer manufacturer’s website
You should see the option to download a DOS version or Windows version, get the Windows version. This guide will only work with the Windows version of the flash tool.

2. Extract the archive
It doesn’t matter where, so you can throw it on your desktop if you want

3. Edit the platform.ini file
In this file, you’ll see a section called ForceFlash. In there, there’s a value called “Password”, set it equal to 1. If you don’t see “Password” in the ForceFlash section, then just copy and paste this line into that section

Password = 1

4. Run the Flash tool to flash your BIOS
Let the tool run and reboot your computer when it’s done. Hopefully, if all goes well, your BIOS should no longer be password protected.

Thanks, Hilal! I hope it works for everyone here.

Just a quick post on another tip that I figured out while solving a client’s problem.

If you have AutoCAD 2012 configured for standalone licensing, but then later set up a license server, you don’t need to uninstall AutoCAD to then reinstall it with network licensing.

All you need to do is change one registry key and you’re set. In recent versions (maybe 2010 and up), AutoDesk has changed the registry values, so similar guides for AutoCAD 2009 and older are now outdated.

Run regedit and find the following key

HKLM\SOFTWARE\Autodesk\AutoCAD\R18.x\ACAD-x:x\AdLM
"Type"=dword:00000019

The X values change from version to version

Change the value of key called “Type” from 2 to 1. It doesn’t matter if you have decimal or hex selected, as in this range, 1 in hex is the same as 1 in decimal. This key tells AutoCAD which licensing type to use.

1 = network
2 = standalone

Close out of regedit and run AutoCAD 2012. It will ask you where your license server is, so just enter the hostname of your license server and you should be good to go. It asked me twice for the license server, so it could ask you twice as well. I didn’t have to specify the license server on subsequent program launches.

This also works in reverse. If you’ve left the office but forgot to check out a license to your laptop copy, you can set it to standalone (change from 1 to 2) and it will run for 30 days in the trial mode.

Couldn’t be easier, right?

UPDATE: If you can boot into Windows, then try this updated Windows-only method

I had a customer drop off a laptop with a BIOS password locking the customer out of the BIOS settings. The laptop was an eMachines E527-2537 running Windows 7 x64. Normally, you can reset a BIOS password by removing the CMOS battery, but laptops typically don’t have CMOS batteries to remove, leaving you with having to either send the laptop in for service from the manufacturer, or trying to hack the BIOS password another way.

In the past, with AMI/Award/Phoenix BIOSes, there have been tools available to decrypt, reset, or otherwise mangle the BIOS settings into removing the password. Unfortunately, none of those tools work on EFI firmwares, which are the next generation of BIOS. Naturally, this laptop just has to have an Insyde H2O EFI firmware, making the old tools obsolete.

To add to the problem, this laptop was unable to boot from a CD because the boot option were hidden in, you guessed it, the password protected BIOS. So. Here’s what I did to get the laptop to boot from a USB stick and reset the bios password.

NOTE: This guide is written for tech savvy people who know what they are doing. If you are uncomfortable with the command line, flashing BIOSes or getting your hands dirty, don’t attempt this process yourself. I cannot and will not hold your hand while you do this. I wrote this guide because I didn’t see anything like it online and I wanted to leave it here as a quick guide for other techs. I can’t offer support for this procedure. If you need computer repair in Houston, then please call me and I would be glad to do this for you.

This guide will take you through a few steps. We will install a boot loader to get around our inability to select a boot device thanks to the BIOS password. If you can already boot from USB for whatever reason, then skip to step 4 and then to 6. We will then prepare a bootable USB stick and our BIOS flashing batch file. Finally, we’ll boot from the USB stick and flash our BIOS.

1) Install PLoP Boot Loader to boot from a USB stick
Since I was still able to boot into Windows 7, I used EasyBCD to install PLoP in the Windows Boot Manager. PLoP is a boot loader which will allow us to boot from other media like CD/DVD, network and USB sticks. If you are on XP or earlier, you can install PLoP via a different method. Google it.

Install EasyBCD and install PLoP as the BIOS Extender, as shown in this image.

2) Prepare a bootable USB stick
There are many guides on how to create a USB stick that is bootable into DOS. Here is one that you might like.

3) Place the BIOS files on the USB stick
Go to your computer manufacturer’s website and download the latest version of the BIOS for your computer. It will likely come in two versions, one to flash from Windows and another to flash from DOS. We want the one to flash from DOS. There will be a few files in the archive, one called flashit.exe (the BIOS flashing program), another with a name like pawf5106.fd (your file might be named differently, this is the filename for the laptop I was working on), and a batch file with some parameters set for flashing.

Create a folder on your USB stick and place these files in it. The name doesn’t really matter.

4) Edit the batch file to reset the bios password
This is the important bit. If you look at the batch file included with the DOS flashing kit, it might look like this

flashit PAWF5106.fd /fe /b /dc

add the flags /C and /FP to the end of the line, so it looks like this

flashit PAWF5106.fd /fe /b /dc /C /FP

the C flag will clear the CMOS memory and the FP flag will flash your bios without a password. Without that flag, any bios update will retain the old password. The bios file (PAWF5106.fd) will likely be different for you.

5) Use PLoP to boot from your USB stick
Plug your USB stick in and turn the computer on. On the Windows Boot Manager screen, select the BIOS Extender and then select USB from the boot options.

6) Flash the new password-less BIOS
From the DOS prompt, navigate to the folder that contains flashit, the BIOS file, and the batch file. Make sure the computer is plugged into AC power and fully charged. Run your edited batch file and wait for the flashing process to finish. Once it is done, it will reboot automatically.

7) Get into the BIOS to verify that the password has been removed
Hit F2 as the computer boots to get into setup. Look at that! No password prompt! Congratulations! Now you can tun on the F12 Temporary Boot Menu and change the boot order all you want.

I hope this helps you out and saves you some time. Lord knows I wasted plenty of mine. If any parts of this guide are overly vague, leave a comment and I’ll see if I can’t clean it up. I’ve also been up all night working on this laptop, so I might be a little funny.

I did an interview with KHOU the other day for a piece on the lawsuit mentioned earlier and how it was progressing. They were at my lab for an hour or so and ended up using about 15 seconds of footage.

Like the video says, computer repair work isn’t the most glamorous work, but it’s what I love to do. Give me a call and I’ll show you!

Link to the news article: New law may require computer techs to be private investigators
Link to the video footage: KHOU Video

Here’s another quick picture someone at IJ snapped of me outside the Austin courthouse. I felt bad for everyone out there in wool suits, the linen was very nice to me that day.

I was in Austin last week with Mike Rife of AustinPCTech and Thane Hayhurst of iTalent Consulting Group and we filed a lawsuit, with the help of the Institute for Justice (IJ), against the State of Texas for a law they recently passed requiring computer repair technicians to hold private investigator’s licenses for a lot of the computer work we do. I wrote about the law a month ago and will spare you the details here.

In short, the state of Texas passed a law that would computer repair technicians to have a private investigator’s license to perform many kinds of computer work. The license requires a criminal justice degree or a 3 year apprenticeship, and failure to comply carries a penalty of up to one year in prison and $14,000 in fines for both the repair tech and the customer. Requiring computer repair technicians to hold these licenses would put many smaller repair shops out of business.

With the help of IJ, Rife, Hayhurst, a PC repair customer, and I are suing the state of Texas to have the law repealed or have its scope restricted.

Here are some links to news and articles about this case on TV and around the web:

• The Institute for Justice’s original press release
• News 8 Austin with Video
• PostProcess, an E-Discovery and ESI issues blog
• CW33 Dallas News at Nine
• KVUE Austin with Video – get a load of yours truly standing in the back. Bigger video here.

If you find any other coverage of this on the web, please post it in the comments. I’d love to see it. As always, I’ll be updating this blog with news as it happens, so check back regularly, or subscribe to the RSS feed!

“Magnum PI? More like Magnum PC, get my lawyer on the phone!”

I wrote a few weeks ago about a new law that would require Texas computer repair shops to get private investigator’s licenses in order to do many types of computer work. While no one has been prosecuted under this new rule, the first “victim” of the Texas Private Security Bureau might come sooner than we think.

Professional locksmiths also require licenses from the Texas Private Security Bureau (a division of the Texas Department of Public Safety). There are still many unlicensed locksmiths out there, and the DPS is having none of it. They are proud to have been running sting operations against locksmiths to find, arrest, and fine unlicensed locksmiths.

The DPS will call out a locksmith for a spurious claim, have them perform the work, then ask to see their license. If the locksmith cannot produce his license, then he is arrested and fined by the DPS officers standing by. A local paper has an article about such a sting operation here, towards the bottom of the page. Similar stings have been occurring in California as well.

The Texas Locksmiths Association put out this PDF newsletter with the following feathers in its hat.

In Houston this past May, the DPS put together a sting operation targeting locksmiths who were defrauding the public. This operation took months of work to put together with the Harris County District Attorney’s Office calling most of the shots. The outcome was: two people were jailed, one of the two was deported and three others had their ID checked but were let go. I hope this company and any others like them will get the picture that Texas is no place to defraud the public.

Your tax dollars at work, folks. “Defrauding the public” is one thing, and failure to comply with a complex and expensive licensing scheme is another. Hardworking, honest professionals are having their livelihoods taken away for not following, or simply being unaware of, this draconian licensing requirement.

These kinds of sting operations may come all too soon to the “unlicensed” computer repair businesses of Texas. Imagine being called out to clean a virus, or report on the surfing habits of a company’s employee and leaving the office in handcuffs. This is the reality that PC techs may face in the future if something is not done to rein in the Texas Private Security Bureau.

In this day of MySpace, FaceBook, and GMail, digging up dirt on someone takes little more than guessing the name of their dog. Private Investigators, who long to return to the good old days of going through someone’s trash, staking out a house while leaving the tell-tale pile of cigarette butts, and wearing jackets with elbow patches, find that as more and more people move their “dirt” online, their breed of investigation is dying out.

In an attempt to regulate this obsolescence, the Texas Private Security Bureau, lobbied heavily by Private Investigator interests, has passed into law an update to the Private Security Act (HB 2833) which brings computer investigations under the umbrella of investigations that would require a private investigator license. Here is a section of bill in question, the new addition that affects computer investigations in bold:

Sec. 1702.104. INVESTIGATIONS COMPANY.

(a) A person acts as an investigations company for the purposes of this chapter if the person:

(1) engages in the business of obtaining or furnishing, or accepts employment to obtain or furnish, information related to: [...]

(B) the identity, habits, business, occupation, knowledge, efficiency, loyalty, movement, location, affiliations, associations, transactions, acts, reputation, or character of a person; [...]

(D) the cause or responsibility for a fire, libel, loss, accident, damage, or injury to a person or to property; [...]

(b) For purposes of Subsection (a)(1), obtaining or furnishing information includes information obtained or furnished through the review and analysis of, and the investigation into the content of, computer-based data not available to the public.

This text is written so broadly that it could mean just about anything. For example, if a PC Tech looks through a mother’s private computer (computer-based data not available to the public) to find out where her son has been online (the habits [...] of a person), then he has performed an investigation. Very obvious non-investigatory actions like installing a wireless network, installing a hardware upgrade, performing a system tune up, or setting up a home theater system would not fall under the scope of the law; but nearly everything else is in a gray area. When approached for a clarification of the law, the Texas Private Security Bureau held up the overreaching scope of the law. This is the partial text of their opinion; the full PDF is linked here:

We understand the term “computer forensics” to refer to the analysis of computer-based data, particularly hidden, temporary, deleted, protected or encrypted files, for the purpose of discovering information related (generally) to the causes of events or the conduct of persons.

They are saying here that the above scenario of a mother attempting to find out the conduct of her son would run afoul of this law. If a PC repair customer got a virus and wanted to know why they did, the analysis of their browser history, temporary files, and hidden virus files would constitute an investigation and telling the customer how or why they got a virus infection would constitute the delivery of a report on this investigation. The TSB’s report goes on to put computer repair techs on notice and warn them and their customers of the penalties of violating this law.

Computer repair or support services should be aware that if they offer to perform investigative services, such as assisting a customer with solving a computer-related crime, they must be licensed as investigators.

[...]

Please be aware that providing or offering to provide a regulated service without a license is a criminal offense. TEX. OCC. CODE §§1702.101, 1702.388. Employment of an unlicensed individual who is required to be licensed is also a criminal offense. TEX. OCC. CODE §1702.386.

The penalty for performing investigations without a license is up to one year in jail and $14,000 in fines and penalties. Not only would I, or any PC repair tech, be liable, the customer would also be liable and would face the same penalties.

What makes this bill even more fun is that it was lobbied for exclusively by private investigator interest groups, surely under the specious claim of “protecting consumers”, and not one computer repair technician was asked for comment. The list of “witnesses” to this bill are listed here and here. Notice anything about the makeup of the witnesses?

So, now that many actions of Texas computer repair and service companies would require a PI license, now what? Surely a PI license is a simple matter of taking a test or paying a small fee? I’m afraid not. From their registration website, the Texas Private Security Bureau states the following requirements

• three years of investigative experience or a bachelors degree in criminal justice for investigations company license
• two consecutive years of legally acceptable experience in the guard company business
• successful completion of a two-hundred-question examination testing ability of the manager applicant to operate the guard company under the provisions of the statute regulating them
• criminal background check
• submitting fingerprints to have on file with the FBI
• ~$500 in registration fees, subscription fees, application fees, and fingerprint fees, payable yearly

These requirements would necessitate either Texas PC repair techs to close up shop for 3 years while completing an apprenticeship or to pursue an irrelevant college degree. On top of the hefty fees, this makes licensing a tough pill to swallow.

As with any law, exceptions exist, and one loophole is that a large repair shop, like the Geek Squad, would only be required to have one “full” private investigator on staff, and the other techs can simply have PI licenses bought for them ($500 per head per year) without needing to have the degree or apprenticeship. This makes the law doubly confusing as the ones who will be doing the sensitive data work will not actually need to have the mandated training or experience.

I have been contacted by a law firm who wishes to sue the state of Texas in order to get this law repealed or its scope narrowed significantly. I will be updating this blog with the progress of this situation, and hopefully PC Techs in Texas can come out clean.

UPDATE: I am proceeding with a lawsuit against the state of Texas to have this law repealed or changed. Please see this post for more information and updates.

I keep half of my computer repair tools on a USB Flash Drive (the other half I keep on bootable CDs). I found myself often losing the flash drives or otherwise destroying them in my pockets. I came up with a great way to make a cheap (or free!) holder for these keys out of things you should have around the house anyways. You could even use it to hold other USB dongles you frequently work with, such as a USB bluetooth or wifi dongle.

Materials:

• Any USB cable with a female end on it. I just cut mine off the USB extender cable that came with my flash drive. Most flash drives come with these extender cables, so being a packrat, I naturally had dozens of them.
• Eyelet. I’m not even sure if this is the right term for this little screw. I got mine from a half-used picture frame hanging kit. You should be able to find them otherwise at any craft or hardware store.
• (Optional) Any strong glue like super glue or epoxy

Click the link below to catch the rest of the instructions after the fold!

Read the rest of this entry »

When one talks about antivirus definition updates, one usually speaks in terms of Manual and Automatic updates. A manual update is performed by going to the antivirus vendor’s website, downloading the definitions, and then either installing them by running a program or just placing them in your antivirus software’s definition directory. Antivirus software that automatically updates would download new definitions automatically on a set schedule, once a day or once a week, for example. Most antivirus software is pretty straightforward when it comes to Automatic updating. They will almost always come preconfigured for automatic updates, so they are mostly “set and forget” sort of solutions.

This is no way to make money, however. Due to the nature of ever-evolving virus threats, virus definitions are outdated within days of their release, necessitating some sort of a constantly updating definition system. The major antivirus companies have turned antivirus protection from a software to a service. They do this by selling you “subscriptions” or “licenses” to use the software. This means that when your subscription is finished, you will stop getting updates. That is why it is so important to stay on top of your subscriptions and make sure they don’t run out.

As sort of a follow-up to last week’s post, I went around and compiled links to all the antivirus products I could find. From this comprehensive set of links, you should be able to find the updates to the program you run on your computer. Some of the products can only be updated from within the program itself, meaning that you can’t download the definitions manually. I’ve made a note of those that are only updated manually.

If I missed on that you would like me to find the update link for, then please let me know.

Anti Virus Updates

You don’t know how sad it makes me to see things like this (click to enlarge):

This client’s copy of Norton Internet Security expired over a year ago, meaning that for a whole year it has been running with old virus definitions. Why are virus definitions important? Well, image that a virus definition is like a word definition in that it helps you identify the word/virus and what it does. Now imagine that you’re a foreign student traveling in America with a travel dictionary (our virus definitions) from the year 1654. Those word definitions (virus definitions) are terribly out of date, so there’s no chance that you’re going to be able to pick up new words (new viruses) like rollerblade and crunk. Granted, words like rollerblade and crunk may only hurt our feelings, but an undetected virus can do so much more damage!

Many modern PC makers will bundle trial versions of anti-virus products with a computer that will only last 90 days before expiring. This can be even worse than having no anti-virus at all because you might think that you are protected when you actually aren’t.

Please take a few minutes today to make sure that your anti-virus software is updated and running correctly.