Starbuck

If Norton was on the system before Win10 was upgraded, then yes It should still be there. (but only if you really want to keep it! )

Hi bj43cj47 To find out if Word is installed is easy..... If you are showing the Desktop.... Press the 'Windows' key on the keyboard and then click on the down Arrow ( bottom left ) http://img.photobucket.com/albums/v708/starbuck50/wordpic1_zpshcpmqnjg.png This will fetch up the App list. Scroll along to the Microsoft Office section ( if there ) and Word will be listed. http://img.photobucket.com/albums/v708/starbuck50/wordpic2_zps3kpoecpi.png If it's not listed... it's not installed. Word comes as part of the Microsoft Office package, but can also be downloaded as a stand alone program. You can get a trial version here: Microsoft Word 2013 Free Trial You could also install Open Office Open office documents are compatible with Microsoft Office..... So if you were to send an Open Office word document to someone with Word installed.... they would be able to open the document.

Hi Zippy, Ok, so a slight difference... but not permanent? There are a few other things we can look into: Step 1 Let's check for any problems with the hard drive: You can do this by running the Scandisk utility within Windows. Click Start >> Computer Right click on your main drive (usually 'C') Select Properties Click on the Tools tab Under Error Checking.. Click Check Now Tick the options that you require ( Please tick both options ) Click Start On the screen that comes up.. Click Yes then OK Now restart your computer. Note: Be patient. Analyzing the drive can be a lengthy process Step 2 Let's also check that there's no corrupt system files: Click Start >> All Programs >> Accessories, Now right-click Command Prompt, and then click Run as administrator. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow. Type the following command, and then press the ENTER key on the keyboard: (the space is meant to be there between the c and the / ) sfc /scannow The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions. Note: Run the sfc /scannow command at least twice...... it doesn't always get all the problems on the first run. Step 3 Let's give the system a good defrag ... usually helps with older systems. Download Puran Disc Defragmenter Save it to your 'Desktop'. Run the program...Vista/Windows 7/8/10 users right-click and select Run As Administrator. Do NOT allow it to install the Babylon toolbar or any other 3rd party software. ( Click skip on that section of the install if asked) On the last screen UNtick to show the help page. Now from the main 'Puran Defrag' screen, click on the 'C' drive to highlight it. Then click on 'Defrag'. This program is faster than the built in Windows Defrag and is more efficient. Do not use the m/c while the defrag is running. See if the system runs any faster afterwards.

Hi Roger, Ok, this all makes sense now. It would seem that your system has been reset using the USA locality. Main differences between a US and UK keyboard: an AltGr key is added to the right of the space bar the # symbol is replaced by the £ symbol and a 102nd key is added next to the Enter key to accommodate the displaced # @ and ” are swapped the ~ is moved to the # key, and is replaced by a ¬ symbol on the backquote (`) key the \ key is moved to the left of the Z key the Enter key spans two rows, and is narrower to accommodate the # key on laptop computers, the | and \ key is often placed next to the space bar If your Microsoft password contains just letters/numbers .... it shouldn't make too much difference. But if it contains symbols .... you may have problems. First option would be to reset your microsoft account password. To reset your Microsoft Account password, go to This Link follow further instructions, and your password will be reset. Then try logging in again. If this gets you in ... you can then change the locale quite easily. How to change your keyboard layout on Windows 10 PC If worst comes to worst.... you may have to consider refreshing your Operating system. By refreshing your Windows 10 you will lose your installed apps, but you will keep your personal files. To refresh your Windows 10 follow these steps: On the login screen hold Shift on your keyboard and press Power option and choose Restart. After your computer restarts choose Troubleshoot. Now click Advanced. Choose Reset this PC and choose Keep my files. (Note * ) Once again, we have to mention that your personal files will be saved, but installed apps and downloaded files will not. You might have to insert Windows 10 DVD or bootable USB with Windows 10 to complete the process, so it wouldn’t hurt to have one just in case you need it. After following the instructions the refreshing process will start. This might take a while so be patient. Once the process is finished you’ll be able to access Windows 10 again. Note * If your computer came with Windows pre-installed, you may also see a third option, “Restore Factory Settings”. This will restore the original version that came with your PC–so if your computer came with Windows 8, and you upgraded to Windows 10, it will reset back to Windows 8. Hope this gives you somewhere to start..

Hi Roger and welcome to FPCH. I have moved your thread to a more appropriate forum. This should get you more replies. I take that this has just started happening? Has the system just been updated? Are you using a Microsoft linked login? Is this a laptop or a desktop? If a Desktop... have you tried a different keyboard (it's possible that it could be a keyboard issue)

Hi Mikey, The error code is basically saying that the file has been corrupted. This is why the file won't delete. Best thing to try is to run chkdsk and try and repair the file. You can do this by running the Scandisk utility within Windows. Click Start >> Computer Right click on your main drive (usually 'C') Select Properties Click on the Tools tab Under Error Checking.. Click Check Now Tick the options that you require ( Please tick both options ) Click Start On the screen that comes up.. Click Yes then OK Now restart your computer. Note: Be patient. Analyzing the drive can be a lengthy process

DXXD ransomware v1 decrypted, v2 undecryptable http://img.photobucket.com/albums/v708/starbuck50/dxxd-ransomware-shows-ransom-note-using-windows-legal-notice-screen-509149-2_zpsjot1cxzi.jpg A new ransomware that goes by the name of DXXD uses the Windows Legal Notice screen to show a ransom note even before the user logs on his or her computer. The Windows Legal Notice screen is an intermediary screen that appears before the Windows login form and, as its name hints, it's there for the purpose of showing various types of legal notices and other messages before a user can use the PC. This is the first time a ransomware author has used the Legal Notice screen to show a ransom note, but won't be the last. A very efficient way of delivering a ransom note While users can dismiss the notice by pressing the "Ok" button, the screen does its job and gets the user's attention. Users who encounter these screens and then log on their computers will find some of their files encrypted by the DXXD ransomware, a new threat that appeared towards the end of September. Besides the obvious Legal Notice message, which appears because the ransomware added two registry keys to infected Windows PC, spotting the DXXD ransomware is easy because it appends the "dxxd" string to all of the user's encrypted files, with a file like "photo.png" becoming "photo.pngdxxd." DXXD 2.0 released after researchers cracked the first version DXXD is already at version 2.0 after security researcher Michael Gillespie cracked the ransomware at the start of the month and released a free decrypter on the Bleeping Computer forums. Following the release of this tool, the author of the DXXD ransomware created a new ransomware version, which fixed the encryption flaw that allowed the decrypter to work. In fact, the ransomware's author has created an account on the Bleeping Computer forums so he can taunt Gillespie that he defeated his decrypter. The author of the Apocalypse ransomware joined in taunting the researcher, showing his support for a fellow crook. DXXD author claims he's in possession of a Windows 0-day The DXXD author also tried to throw researchers off his tracks by claiming he infects computers using a zero-day RCE exploit that affects all Windows versions released between 1995 and 2016. This is highly unlikely, and a zero-day like this would be valued at millions of dollars, and most likely used for something more heinous than just installing shoddy ransomware. Lawrence Abrams, Bleeping Computer founder, didn't buy into this false flag. "Based on information discovered, I believe that the ransomware developer is hacking into servers using Remote Desktop Services and brute forcing passwords," Abrams says. "If you have been affected by the DXDD Ransomware, you should reset all the passwords for the affected machine." Currently, there's no way to decrypt files locked by the DXXD 2.0 version. This is because researchers haven't had the opportunity to take a look at the source code of the DXXD 2.0 version just yet. Victims of the DXXD ransomware are advised to not pay the ransom since researchers suspect they might be able to crack this version as well. Victims should get in contact with Gillespie or Abrams via the DXXD ransomware support topic on the Bleeping Computer forums. UPDATE: Good news from Michael Gillespie. http://img.photobucket.com/albums/v708/starbuck50/dxxd-ransomware-shows-ransom-note-using-windows-legal-notice-screen-509149-3_zpsapu9jh4k.jpg Source: http://news.softpedia.com/news/dxxd-ransomware-shows-ransom-note-using-windows-legal-notice-screen-509149.shtml

Hi Ozner, Unfortunately there is no decryptor for this ransomware yet.... so there's no way to get your files back. Some of the guys are working on it at the moment, but because this variant of the Locky ransomware has only been around for a couple of weeks.... it'll take time. This thread will keep you up to date if a decryptor is found: Locky Ransomware now uses the .ODIN extension for Encrypted Files Sorry we couldn't be of more help.

Hi Bob, Ar right, I see that now... my mistake :( It seems that AdwCleaner should be able to remove it. We'll try that and if it doesn't work, post the FRST reports and I'll remove it with a fix. Please download AdwCleaner by Xplode onto your desktop. Close all open programs and internet browsers. Double click on adwcleaner.exe to run the tool. Vista/Windows 7/8/10 users right-click and select Run As Administrator. Click on the Scan button. AdwCleaner will begin to scan your computer. After the scan has finished... Click on the Cleaning button. Press OK when asked to close all programs and follow the onscreen prompts. Press OK again to allow AdwCleaner to restart the computer and complete the removal process. After rebooting, a logfile report (AdwCleaner[C*].txt) will open automatically. Copy and paste the contents of that logfile in your next reply. A copy of that logfile will also be saved in the C:\AdwCleaner folder. Note: There are both 32-bit and 64-bit versions of Farbar Recovery Scan Tool available. Please pick the version that matches your operating system's bit type. If you are unsure what you're system bit type is..... click Here for help. For x32 bit systems download Farbar Recovery Scan Tool and save it to your Desktop. For x64 bit systems download Farbar Recovery Scan Tool x64 and save it to your Desktop. Double-click the downloaded icon to run the tool. Vista/Windows 7/8/10 users right-click and select Run As Administrator http://img.photobucket.com/albums/v708/starbuck50/frsticon_zpsdc3cbdc3.png When the tool opens click Yes to disclaimer. http://img.photobucket.com/albums/v708/starbuck50/frstdis_zps7f598f12.png Make sure that Addition.txt is selected at the bottom Press Scan button. http://img.photobucket.com/albums/v708/starbuck50/newfrst_zpsa63ffa3d.png It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply. The first time the tool is run, it also makes another log (Addition.txt). Please copy and paste it to your reply also. Thanks

Hi Bob, I take it you are talking about Google Chrome. This can be installed as a third party app when installing A 'free' program. If you press the 'Windows key' on your keyboard, does it show in the App list: http://img.photobucket.com/albums/v708/starbuck50/gchromeun_zpsefewefcy.png If so, Right click on it and select Uninstall. or............... Press the 'Windows Key' + X on your keyboard to fetch up the quick access menu. Click on Programs and Features http://img.photobucket.com/albums/v708/starbuck50/gchromeun2_zpsr6dq64t9.png Does Google Chrome appear in the list? if so, Right click on it and select Uninstall. http://img.photobucket.com/albums/v708/starbuck50/gchromeun3_zpsjwgfhd5e.png or are you saying that Google Chrome doesn't appear on any of these lists?

lol that actually makes things easier. AVG has been known as a resource hog, so I'm going to recommend that you uninstall it and install a different AV. Obviously we wouldn't have done this if you had the paid for version.... as you would then have been out of pocket. Please uninstall AVG using the normal add/remove in Control Panel. Then.... because AVG doesn't always cleanup properly.... Download the AVG removal tool from: Here (England) or Here (USA) Choose: AVG Remover . download to your desktop. then double click to start the uninstaller. Windows 7,8 and 10 users... right click on the downloaded file and select Run as Administrator Follow any prompts..... These are free Anti Virus programs that I recommend: Avira AntiVir Bitdefender Free Install only one of these, update the definitions and then run a full scan. See if the system runs any faster after a change of AV.

Glad to hear that it wasn't too painful an experience Ray. :) I'll mark this topic as solved.

If you refuse to pay up, the malware vanishes from your PC -- but leaves everything fully encrypted. http://img.photobucket.com/albums/v708/starbuck50/new-locker-crypto-repents-imagecredsymantec_zpstdzo9mhc.jpg Kaspersky has released a decryption tool for the Polyglot ransomware to assist victims in recovering their files without giving in and paying a fee. On Monday, the cybersecurity firm launched the free tool (.ZIP), which is suitable for the Polyglot Trojan which is also known as MarsJoke, a strain which has been linked to attacks on government targets. Ransomware is a particularly nasty kind of malware which has hit the headlines over the past year after targeting victims including businesses, hospitals, and universities. What makes the malware strain particularly devastating -- for organizations and the general public alike -- is its ability to take away access to files and content stored on a compromised machine. Once ransomware such as MarsJoke, Cerber, or CTB-Locker is downloaded and executed -- often finding its way onto a PC through phishing emails or malicious links -- the ransomware encrypts files and in some cases, full hard drives. Once the victim can no longer access their machine, a holding page informs them that they must pay a "fee" in return for a decryption key which will release their content back to them. Polyglot infects PCs through spam emails which have malicious RAR archives attached. When infecting a machine, this family of ransomware blocks access to files and then replaces the victim's desktop wallpaper with the ransom demand, which is made in virtual currency Bitcoin. Many types of ransomware will simply sit on the machine for the payment to be made. However, Polyglot insists on a payment deadline and if the blackmail fails and no money is sent to the operators, the malware will delete itself -- leaving behind a machine with encrypted files and no way to retrieve them. Until now, at least. Kaspersky's tool will decrypt these machines and unlock user data. According to the security firm, although Polyglot looks similar to the severe CTB-Locker ransomware, the malware uses a weak encryption key generator. On a standard home PC, it takes less than a minute to brute-force the full set of possible Polyglot decryption keys -- which gives you an idea of actually how weak the malware is. This weakness also provided a path for Kaspersky to exploit to create the decryption tool. Anton Ivanov, senior malware analyst at Kaspersky Lab commented: If you are suffering from a different type of ransomware, it is worth checking out the No More Ransom project to see which decryption tools are available to you. The project is a joint initiative between Kaspersky Lab, the National High Tech Crime Unit of the Netherlands' police, Europol's European Cybercrime Centre, and Intel Security, designed to help users recover their data without giving into the cybercriminals and paying up. Source: http://www.zdnet.com/article/one-more-bites-the-dust-kaspersky-releases-decryption-tool-for-polyglot-ransomware/#ftag=RSSbaffb68

Microsoft decided to list KB3184143 as optional. This KB promises to remove all remnants of Windows 10 GWX nagging. This update will remove following previously installed updates: KB 3035583 -- Update installs Get Windows 10 app in Windows 8.1 and Windows 7 SP1 KB 3064683 -- Windows 8.1 OOBE modifications to reserve Windows 10 KB 3072318 -- Update for Windows 8.1 OOBE to upgrade to Windows 10 KB 3090045 -- Windows Update for reserved devices in Windows 8.1 or Windows 7 SP1 KB 3123862 -- Updated capabilities to upgrade Windows 8.1 and Windows 7 KB 3173040 -- Windows 8.1 and Windows 7 SP1 end of free upgrade offer notification KB 3146449 -- Updated Internet Explorer 11 capabilities to upgrade Windows 8.1 and Windows 7 Link to download: https://support.microsoft.com/kb/3184143 Also available via Windows Update optional pane.

Hi David, The one thing to bear in mind is that the free upgrade from Win8 to Win10 has now finished. Is the choice Win8 or Win8.1 .... it makes a big difference on the end of cycle dates. End of sales for PCs with Windows 8 preinstalled, was ....June 30, 2016 So it really should be Win8.1 now. Win8.1 .....Mainstream support ends on 1/9/2018 Extended support ends on 1/10/2023 I've not had many issues with Win10 ..... a few earlier driver issues, but none for a long time now. One of my systems runs the standard Win10, another runs the Insider version of Win10. Both run fine. That said, I do still run Win7 and Win8.1 systems as well. ( anything for a change lol )

I'd be inclined to keep a razor handy as well. :) Let me know how it goes .... if you don't fall asleep before they answer.

Hi Zippy, Is your AVG the free version or the paid for version?

Hi again Ray, After thinking this through I realised that I do in fact use Sky!! Well not the main Sky ..... but I do use Now Tv which is Sky based. Shows how much I actually use it.... mmmm bit of a waste really. I just checked my login details to see how I could change them. My Sky Id ( login name) can't be changed! Email address can be changed, but you have to contact Sky to do that. Changing the password is easy. What a performance! Is this what you encounter when you try changing details to your Sky account? On reflection.... just changing your associated email address and password should be enough. The SkyId is of no use to anyone else if they don't know the email address or password associated with it. When you enter another email address..... please don't use another Yahoo email address. Use something else. ( I've never had any problems with my Gmail accounts .... or my Hotmail account for that matter )

Hi Ray, I don't use Sky, but I think I can see where they're coming from with this. Your Sky iD is your sign in for all our online services, including My Sky, Sky Go, Sky Store, Sky Broadband Shield, Sky apps including the Sky Q app, and much more. This is linked to your email address. If you just changed the Sky ID.... someone ( with access to your email ) could say they've lost their SkyID and use the email address to request access. Requested SkyID would be sent to the users email address. So to make everything secure, you really should change your SkyId, Email address and password. I've been telling people for years that Yahoo is insecure and that nobody should use their email service. This isn't the first time that Yahoo has been hacked and I doubt it'll be the last. Security doesn't seem to be high on their list of priority's.

Android.Lockscreen uses pseudo-random PIN codes to lock users out of their devices and request large sums of money http://img.photobucket.com/albums/v708/starbuck50/android-ransomware-just-became-a-little-bit-more-sophisticated-508747-2_zpsoqtwhtg4.png A previously unsophisticated Android ransomware that locks an Android device's screen has received new updates that make it impossible for security researchers to help victims unlock their devices. Android.Lockscreen was a simplistic Android ransomware that appeared in March 2015. For a long period of time, this threat operated by setting a custom PIN code and showing a message on the user's screen, asking them to call a number for technical support. Users calling this number would be tricked into paying for expensive "technical support" and would then receive the device's new PIN code. Previous Android.Lockscreen versions could be removed Security researchers that took a look at this threat soon realized that the ransomware's source code included the PIN code used to lock devices. For many months, it was easy for security researchers to take a look at the latest Android.Lockscreen samples and extract the PIN code, passing it on to infected victims. But the crooks caught on to their own mistake, and in recent versions, they changed the mechanism through which they generate the PIN code. New versions use a pseudo-random PIN code "Newer variants have eliminated the hardcoded passcode and replaced it with a pseudorandom number," Symantec's Dinesh Venkatesan writes. "Some variants generate a six-digit number and some generate an eight-digit number." Android.Lockscreen now uses the Java Math.random() function to generate a pseudo-random number, which it sets as the device's PIN code. The ransomware is effective at locking the device only on older Android versions, prior to Google's Nougat release, which included protections to prevent calls for PIN/password resets from other apps, if the PIN was set by a user beforehand. To prevent losing control over their Android smartphones, users should install apps only from trusted sources, like the Google Play Store, and pay attention to the permissions apps request upon installation. Android.Lockscreen, by the operations it needs to carry out, will require a lot of intrusive permissions, such as the ability to lock the user's screen, change device settings, and overlay messages on top of other apps. Source: http://news.softpedia.com/news/android-ransomware-just-became-a-little-bit-more-sophisticated-508747.shtml

Hi Zippy, Ok, let's just take a small section: (The registered user accounts) The numbers are actuall 'bytes' removed. With 1,000000 bytes to a megabyte this roughly equates to: christine => 6.6 Gb (that's a lot) john => 167.7 Mb Guest.MAGICBOX => 133.6 Mb Let's run a double check on your system....... Please download RogueKiller Anti-malware (Free) onto your desktop. Close all open programs and internet browsers. Double click on RogueKiller Anti-malware to install the tool. Vista/Windows 7/8/10 users right-click and select Run As Administrator. Select Accept the User Agreement then continue to click Next then finally click Install Click Finish . When the program opens..... click Scan http://img.photobucket.com/albums/v708/starbuck50/rk1_zpsn7bfbew7.png Click Start Scan http://img.photobucket.com/albums/v708/starbuck50/rk2_zpszu8aygv0.png http://img.photobucket.com/albums/v708/starbuck50/rk4_zpsj0fwsy1w.png Double check anything found and tick to select items to be removed http://img.photobucket.com/albums/v708/starbuck50/rk3_zps0k0uqbtb.png Click Remove Selected When the items have been removed.... Click Open Report >> Open TXT. Copy and paste that report into your next reply.

That's right. You can use a direct cable, CD/DVD or USB. None of these methods would use your data allowance. The easiest way to transfer the files is direct to a USB stick.... this doesn't use your data allowance. These are quite cheap and can be bought in 8GB, 16Gb, 32GB etc Just copy all of your music to the USB stick then put the USB stick in the other m/c and copy them over to the music folder. The advantage here is that you can also leave the files on the USB stick and have a backup just in case you need it. All of my music and Pictures are backed up to a USB stick.... they are also backed up to Dropbox. The advantage of Dropbox is that you can download load them again to any m/c or device .... but this will use your data allowance.

Yes the FB help page is out of date. FB changed over to HTML5 in December last year. http://www.theverge.com/2015/12/18/10623738/facebook-now-using-html5-all-videos

Just to point out that FB doesn't use Flash anymore..... they have switched over to HTML5. ( Flash isn't that secure) But this is only needed to play videos. I've uploaded pics from my Win10 desktop system and my win10 laptop without any problem. But it does seem that this is fairly common. I did a Google search for .... problems uploading pics to facebook win 10 and there's loads complaining....... but it does seem random as it doesn't effect everyone. But no conclusive answer.

Hi again joddle, Your title says it all. This is a known problematic piece of rubbish that HP force on you. ( like most manufacturers ...it's called 'cr apware' ) Most people just uninstall it. Your OS doesn't need this to run properly. If you need an updated driver at any time ( which isn't very often) you could download it manually.... you don't need software running all the time checking this. If this system is Win10 ... there was problems and the Support Assistant needed reinstalling. How To: Fix HP Support Assistant After the Windows 10 Upgrade When I bought my Acer laptop I removed nearly all of the preinstalled stuff. It's never needed.... this is proven by running a 'Clean Install' on a system.... where only the OS is installed.