• Tag Archives computer repair
  • Microsoft continues its legacy of spying on its windows users! Windows 10 Privacy Spy destroyer

    DISTROY WINDOWS 10 SPYING – Privacy Concerns

    Microsoft Windows 10 Software

    As we all know since windows 7 Microsoft has altered its operating system to be more user friendly and at the same time collect more user data on its customers, When windows 8 was launched , there were big changes including location platform and many more but now with the new Windows 10 release there are endless limitations on the collection of data being sent to Microsoft.

    Some group has released a piece of software which eliminates all apps, and blocks the data from being sent to Microsoft. I will not comment much on the software but see below what it does block.

    Also a new app by the name of DoNotSpy10 has been created by a German developer pXc-coding.

    Destroy Windows 10 Spying is an app that can block anonymous data being sent, remove apps that can’t be removed the standard way and more. I liked that it can remove some of the Windows default programs that can’t be removed under Apps & Features, an annoyance I immediately discovered since I prefer to “slim” down windows.

    I should note that there are still a few steps to complete, you’ll still need to go online to Microsoft’s site and opt out of the company’s invasive advertising tracking features when using DoNotSpy10 or other piece of software.

    It’s your own fault if you don’t know that Windows 10 is spying on you. That’s what people always say when users fail to read through a company’s terms of service document, right?

    Well, here is Microsoft’s 12,000-word service agreement. Some of it is probably in English. We’re pretty sure it says you can’t steal Windows or use Windows to send spam, and also that Microsoft retains the right to take possession of your first-born child if it so chooses. And that’s only one of several documents you’ll have to read through.

    Actually, here’s one excerpt from Microsoft’s privacy statement that everyone can understand:

    Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.

    If that sentence sent shivers down your spine, don’t worry. As invasive as it is, Microsoft does allow Windows 10 users to opt out of all of the features that might be considered invasions of privacy.
    Some of the domains we know send anonymous information back to Microsoft include:
    vortex.data.microsoft.com
    vortex-win.data.microsoft.com
    telecommand.telemetry.microsoft.com
    telecommand.telemetry.microsoft.com.nsatc.net
    oca.telemetry.microsoft.com
    oca.telemetry.microsoft.com.nsatc.net
    sqm.telemetry.microsoft.com
    sqm.telemetry.microsoft.com.nsatc.net
    watson.telemetry.microsoft.com
    watson.telemetry.microsoft.com.nsatc.net
    redir.metaservices.microsoft.com
    choice.microsoft.com
    choice.microsoft.com.nsatc.net
    df.telemetry.microsoft.com
    reports.wes.df.telemetry.microsoft.com
    wes.df.telemetry.microsoft.com
    services.wes.df.telemetry.microsoft.com
    sqm.df.telemetry.microsoft.com
    telemetry.microsoft.com
    watson.ppe.telemetry.microsoft.com
    telemetry.appex.bing.net
    telemetry.urs.microsoft.com
    telemetry.appex.bing.net:443
    settings-sandbox.data.microsoft.com
    vortex-sandbox.data.microsoft.com
    survey.watson.microsoft.com
    watson.live.com
    watson.microsoft.com
    statsfe2.ws.microsoft.com
    corpext.msitadfs.glbdns2.microsoft.com
    compatexchange.cloudapp.net
    cs1.wpc.v0cdn.net
    a-0001.a-msedge.net
    statsfe2.update.microsoft.com.akadns.net
    sls.update.microsoft.com.akadns.net
    fe2.update.microsoft.com.akadns.net
    diagnostics.support.microsoft.com
    corp.sts.microsoft.com
    statsfe1.ws.microsoft.com
    pre.footprintpredict.com
    i1.services.social.microsoft.com
    i1.services.social.microsoft.com.nsatc.net
    feedback.windows.com
    feedback.microsoft-hohm.com

    feedback.search.microsoft.com
    rad.msn.com
    preview.msn.com
    ad.doubleclick.net
    ads.msn.com
    ads1.msads.net
    ads1.msn.com
    a.ads1.msn.com
    a.ads2.msn.com
    adnexus.net
    adnxs.com
    az361816.vo.msecnd.net
    az512334.vo.msecnd.net

    www.CCREPAIRSERVICES.COM

    Local and Online PC Computer Repair Tel. 754-234-5598

    FAST SAME DAY COMPUTER REPAIR, VIRUS REMOVAL, CRYTOWALL FILE RECOVERY AND LAPTOP SCREEN REPAIR SERVICE


  • Malicious Ads on Yahoo, AOL, Match.com, Trigger CryptoWall Infections

    cryptowall

    Attackers have been leveraging the FlashPack Exploit Kit to peddle the CryptoWall 2.0 ransomware on unsuspecting visitors to sites such as Yahoo, The Atlantic and AOL. Researchers believe that for about a month the malvertising campaign hit up to 3 million visitors and netted the attackers $25,000 daily.

    According to experts at Proofpoint, a firm that primarily specializes in email security, the exploit kit targeted a vulnerability in Adobe Flash via users’ browsers to install the ransomware on users’ machines.

    Malvertising is an attack that happens when attackers embed malicious code – in this case code that led to the latest iteration of CryptoWall – into otherwise legitimate ads to spread malware via drive-by downloads. Users can often be infected without even clicking on anything.

    CryptoWall, which takes users’ files, encrypts them with rigid RSA-2048 encryption, then asks for a fee to decrypt them, made a killing earlier this summer. In August it was reported that the ransomware made more than $1.1 million for its creators in just six months.

    Similar to Critoni/Onion, a ransomware dug up in July, CryptoWall 2.0 downloads a TOR client on the victim’s machine, connects to a command and control server and demands users send Bitcoin – $500 worth – to decrypt their files. Since the campaign lasted about a month, from Sept. 18 to this past Saturday, researchers are estimating that 40 of the campaign’s Bitcoin addresses collected at least 65 BTC each, a number that roughly translates to $25,000 a day.

    cryptowall1

    Proofpoint claims that high ranking sites such as AOL, The Atlantic, Match.com and several Yahoo subdomains such as their Sports, Fantasy Sports and Finance sites, were spotted serving up the tainted ads. Other sites lesser known in the U.S. such as Australia’s Sydney Morning Herald, The Age, and the Brisbane Times, were reportedly also doling out the ads.

    While the campaign started a month ago the firm claims things didn’t start to ramp up until recently.

    “After crossing a threshold level, it became possible to associate the disparate instances with a single campaign impacting numerous, high-traffic sites,” Wayne Huang, the company’s VP of Engineering, said of the campaign.

    The firm claims it worked quickly to notify those involved in the campaign, including the ad providers, and as of this week, believes the situation has been nullified.

    Last month researchers with Barracuda Labs found a CryptoWall variant with certificate signed by Comodo being distributed through ads on a handful of different websites. None of those sites were nearly as trafficked as those spotted by this most recent campaign however. The Alexa rankings for Yahoo (4), AOL (37), Match (203), and The Atlantic (386) place them within the top 500 of the internet’s most popular sites, something that likely upped the campaign’s exposure level.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Microsoft released eight security bulletins on Tuesday that address dozens of vulnerabilities including a zero-day flaw

    Microsoft Patches 3 Zero-day Vulnerabilities actively being Exploited in the Wild

    As part of monthly patch update, Microsoft released eight security bulletins on Tuesday that address dozens of vulnerabilities including a zero-day flaw reportedly being exploited by Russian hackers to target NATO computers and a pair of zero-day Windows vulnerabilities that attackers have been exploiting to penetrate major corporations’ networks.

    Just a day before yesterday, our team reported you about a Zero-day vulnerability discovered by the cyber intelligence firm iSight Partners affecting all supported versions of Microsoft Windows and is being exploited in a five-year old cyber-espionage campaign against the Ukrainian government and U.S organisations.

    Researchers at FireEye found two zero-day flaws, used in separate, unrelated attacks involving exploitation of Windows kernel, just a day after iSight partners disclosed zero-day in Windows. The pair of zero-day vulnerabilities could allow an attacker to access a victim’s entire system.

     

    According to the researchers at FireEye, the two of three so-called zero-day flaws are being actively exploited in the wild by hackers and are being used as “part of limited, targeted attacks against some major corporations.”

    Microsoft updates for the month of October 2014 Patch Tuesday address several vulnerabilities in all currently supported versions of Windows, Internet Explorer, Office, Sharepoint Server and the .Net framework. Three of the bulletins are marked “critical” and rest are “important” in severity. Systems administrators are recommended to apply the patches immediately for the critical updates.

    The zero-day flaw (CVE-2014-4114) discovered by iSight partners in all supported versions of Microsoft Windows and Windows Server 2008 and 2012 that is being exploited in the “Sandworm” cyberattack, are patched as part of MS14-060. Microsoft rated Bulletin MS14-060 as important rather than critical because it requires a user to open a Microsoft Office file to initiate the remote code execution.

    The vulnerability [exists in Windows OLE] could allow remote code execution if a user opens a Microsoft Office file that contains a specially crafted OLE object,” Microsoft warned in its bulletin. “An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user.” (OLE is Microsoft technology for creating complex documents that contain a combination of text, sound, video and other elements.)

    However, the two zero-days discovered by FireEye are patched as part of MS14-058 and are marked critical. They are designated CVE-2014-4148 and CVE-2014-4113.

    We have no evidence of these exploits being used by the same actors. Instead, we have only observed each exploit being used separately, in unrelated attacks,” FireEye explained.

    CVE-2014-4148 exploits a vulnerability in TrueType Font (TTF) processing. TTF processing is performed in kernel mode as part of the GDI and has been the source of critical vulnerabilities in the past as well.

    The vulnerability affects Windows 8.1/Windows Server 2012 R2, Windows 8/Windows Server 2012, Windows 7/Windows Server 2008 R2 (Service Pack 0 and 1) and Windows XP Service Pack 3. It affects both 32-bit and 64-bit versions of the Operating System, but the attacks have only been observed against 32-bit systems.

    However, CVE-2014-4113 is a local Elevation of Privilege (EoP) vulnerability that affects all versions of Windows including Windows 7, Vista, XP, Windows 2000, Windows Server 2003/R2, Windows Server 2008/R2, Windows 8.x and Windows Server 2012/R2.

    Out of remaining bulletins, two are rated critical, both address remote code execution vulnerability in Internet Explorer and Microsoft .NET Framework respectively. Remaining bulletins are rated important in severity, include elevation of privilege bugs, Security Feature Bypass, and a remote code execution flaw.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Nearly 7 Million Dropbox accounts Allegdely Hacked

    Internet users have faced a number of major privacy breaches in last two months. Major in the list are The Fappening, The Snappening and now the latest privacy breach in Dropbox security has gained everybody’s attention across the world.

    Dropbox, the popular online locker service, appears to have been hacked by an unnamed hacker group. It is still unclear how the account details of so many users were accessed and, indeed, if they are actually legitimate or not. However, the group claims to have accessed details from nearly 7 million individual accounts and are threatening to release users’ photos, videos and other files.

    HACKERS CLAIMED TO RELEASE 7 MILLION USERS’ PERSONAL DATA

    A thread surfaced on Reddit today that include links to files containing hundreds of usernames and passwords for Dropbox accounts in plain text. Also a series of posts with hundreds of alleged usernames and passwords for Dropbox accounts have been made to Pastebin, an anonymous information-sharing site.

    Hackers have already leaked about 400 accounts by posting login credentials, all starting with the letter B, and labelled it as a “first teaser…just to get things going“. The perpetrators are also promising to release more more password details if they’re paid a Bitcoin ransom.

    More Bitcoin = more accounts published on Pastebin. As more BTC is donated, More pastebin pastes will appear.”

    The security breach in Dropbox would definitely have bothered its millions of users and since passwords are involved in this incident, so it has more frightening consequences on its users. Reddit users have tested some of the leaked username and password combinations and confirmed that at least some of them work.

    DROPBOX DENIED THE HACK – THIRD PARTY IS RESPONSIBLE

    However, Dropbox has denied it has been hacked, saying the passwords were stolen apparently from third-party services that users allowed to access their accounts. In a statement to The Next Web, Dropbox said:

    Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have expired as well.”

    The incident came just few days after the Snappening incident in which the personal images of as much as 100,000 Snapchat users were leaked online, which was the result of a security breach in the its third-party app.

    Snapchat has denied that its service or server was ever compromised, but the servers of a third-party app designed to save Snapchat photos, which became the target for hackers to obtain personal photographs.

    DROPBOX – “HOSTILE TO PRIVACY” SAYS SNOWDEN
    Dropbox was in the news earlier this week when, in a recent interview with The Guardian, NSA whistleblower Edward Snowden called Dropbox a “targeted, wannabe PRISM partner” that is “very hostile to privacy” — referring to its ability to access your data itself, which is yet another security consideration when it comes to web services.Snowden suggested web users to stop using Dropbox and warned them that the cloud storage service does not safeguard users’ privacy because it holds encryption keys and can therefore be forced by governments to hand over the personal data they store on its servers. He suggested people to use an alternative cloud storage provider that do not store any encryption keys, so that the users’ data cannot be read by anyone.

    USERS ARE ADVISED TO CHANGE PASSWORDS

    Until the full scope of the problem is known, it’s probably worthwhile changing your password. But whether the attack is confirmed or not, it’s a good idea to change your password just to be on a safer side — especially for those users who use same password for multiple services.

    Users are also recommended to turn on two-factor authentication, which Dropbox now supports and install a time-based, one-time password app on a mobile device.

    Update: Dropbox has issued a statement on its blog further clarifying that the Dropbox passwords were stolen from “unrelated services.”

    The usernames and passwords…were stolen from unrelated services, not Dropbox,” the company said in a blog post. “Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place that detect suspicious login activity and we automatically reset passwords when it happens.”

    Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services. For an added layer of security, we always recommend enabling 2 step verification on your account.”

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • ONE MILLION people already running Windows 10

     

    Microsoft announced early this week that they have released a Technical Preview of Windows 10. This sounds awesome. Because I always loved the moment when new OS release comes from Microsoft. People were expecting Windows 9 after the previous 8.1 but it was quite surprising that Microsoft Skipped 9 and released Windows 10.

    Microsoft has revealed that a million people have signed up for the Windows Insider Program it is using to offer early access to Windows 10 for those willing to test the operating system’s early iterations.

    Of those crash test dummies, Redmond says 36 per cent are running the OS in a virtual machine.That leaves about 650,000 people running Windows 10 on bare metal.

    Microsoft says

    “Insiders” have delivered “over 200,000” pieces of feedback. If the list of most-requested features Microsoft has presumably allowed to reach Paul Thurrott’s Supersite for Windows is any guide, feedback is not coming from sysadmins: most requests concern minor UI tweaks and aesthetics, although “Make it easier to use a local account” is the third-most-requested new feature.

     

    SNEAKPEAK

    Well if you are not familiar with previous release then Download Windows 8.1 ISO first. Then you can have better picture what changes Microsoft brought in this Metro Style User Interface. There was large community which was preferring Windows 7 on these new Metro Interface operating Systems. That’s why Microsoft had to take a new step. This time they created a Mix of Windows 7 and Windows 8 to create the New Windows 10.

    Windows 10 Download ISO 64 bit Free

    Features of Windows 10 Technical Preview

    Below are some noticeable improvements which you’ll get after Windows 10 Download ISO 32 Bit 64 Bit.

    • New Cleaned Start Menu.
    • Mix of Windows 7 Menu and Windows 8 Metro Interface.
    • Virtual Desktops Feature.
    • Task View Option with Arrays of Virtual Desktops.
    • Dynamically Resizing of Windows Apps.
    • Huge Search Improvements.

    More Features can be seen when you Download Windows 10 ISO.

    Windows 10 Download ISO 32 Bit 64 Bit

    Windows 10 Technical Specs

    • Software Full Name: Windows 10 Technical Preview 32 Bit 64 Bit English
    • Setup File Name: WindowsTechnicalPreview-x86-EN-US.iso (32 Bit), WindowsTechnicalPreview-x64-EN-US.iso (64 Bit)
    • Full Setup Size: 2.93 GB (32 Bit), 3.81 GB (64 Bit)
    • Setup Type: Offline Installer / Full Standalone Setup:
    • Compatibility Architecture: 32 Bit (x86) / 64 Bit (x64)
    • Latest Version Release Added On: 2nd Oct 2014
    • License: Free
    • Developers: Microsoft

    Minimum System Requirements for Windows 10

    Before you start Windows 10 Download ISO 32 Bit 64 Bit, Make sure you PC meets minimum system requirements.

    • Processor: 1 GHz
    • Memory (RAM): 1 GB (For 32 Bit), 2 GB (For 64 Bit)
    • Space: 16 GB Free Hard Disk Space

    Microsoft’s not saying when the feedback will result in a new release of of the OS, or when it will go on sale. ®


  • Snapchat Hacker Threatens to Leaked thousands of Nude Celebriti Images

     

    The waves of celebrities nude photos have not yet stopped completely, and a new privacy threat has emerged exposing tens of thousands of private photographs and videos of innocent users are circulating over the Internet.

    The personal image that are believed to be sent through Snapchat — the ephemeral messaging service that allows users to send pictures that should disappear after a few seconds — has been floating on the image based 4chan’s notorious /b/ board since last night. The incident was result of a security breach in an unofficial third-party app for Snapchat.

    Earlier this week, an anonymous 4chan user claimed to have obtained images on Snapchat and then the user warned of releasing thousands of nude videos and images sent using Snapchat soon in an event dubbed ‘The Snappening’.

    Previously, It was believed that the official SnapChat mobile app or its servers had been hacked by the hackers, and the third-party Snapchat client app has been collecting every photo and video file sent through the messaging service for years, giving hackers access to a 13GB private Snapchat files.

    But Snapchat has denied that its service was ever compromised. Earlier today, Snapchat issued a statement about the “Snappening” and blamed its consumers for using unofficial and unauthorized third-party apps.

    “We can confirm that Snapchat’s servers were never breached and were not the source of these leaks,’ a Snapchat representative said in a statement. “Snapchatters were victimised by their use of third-party apps to send and receive Snaps, a practice that we expressly prohibit in our Terms of Use precisely because they compromise our users’ security. We vigilantly monitor the App Store and Google Play for illegal third-party apps and have succeeded in getting many of these removed.“

    The most worrying part for the users is that Snapchat was right. The personal data is supposed to be obtained from a website called SnapSaved.com — an external app used by a number of Snapchatters in order to save Snapchat photos without the sender knowing — which has been inactive for the past few months and is apparently independent of the official Snapchat service.

    However, Business Insider has pointed to SnapSaved.com, a site which is no longer functional, and the SnapSave app as potential sources of the leak. Meanwhile, an assortment of photos has been traced back to SnapchatLeaked.com — site also posted personal and nude photos of Snapchat users, indicating that the photos could have been circulating for months.

    “The Snappening” is named in reference to the recent celebrity nude photos leak that was called “The Fappening.” The incident comes just weeks after thousands of celebrity nude images were leaked online through 4chan website, following a hack of Apple’s iCloud.

    Snapchat was first hacked in December 2013 when 4.6 million Snapchat users were exposed in a database breach. Later, the denial-of-service attack and CAPTCHA Security bypass The most worrying part for the users is that Snapchat was right. The personal data is supposed to be obtained from a website called SnapSaved.com — an external app used by a number of Snapchatters in order to save Snapchat photos without the sender knowing — which has been inactive for the past few months and is apparently independent of the official Snapchat service.

    However, Business Insider has pointed to SnapSaved.com, a site which is no longer functional, and the SnapSave app as potential sources of the leak. Meanwhile, an assortment of photos has been traced back to SnapchatLeaked.com — site also posted personal and nude photos of Snapchat users, indicating that the photos could have been circulating for months.

    “The Snappening” is named in reference to the recent celebrity nude photos leak that was called “The Fappening.” The incident comes just weeks after thousands of celebrity nude images were leaked online through 4chan website, following a hack of Apple’s iCloud.

    Snapchat was first hacked in December 2013 when 4.6 million Snapchat users were exposed in a database breach. Later, the denial-of-service attack and CAPTCHA Security bypass vulnerabilities were discovered by the researchers at the beginning of this year.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Keylogger Optimized with AutoIT Infected Thousands of Computers

    A new surge of malware has been discovered which goes on to infect hundreds of thousands of computers worldwide and allegedly steals users’ social and banking site credentials.

     

    Few days back, a list of 5 million combinations of Gmail addresses and passwords were leaked online. The search engine giant, Google said that Gmail credentials didn’t come from the security breaches of its system, rather the credentials had been stolen by phishing campaigns and unauthorized access to user accounts.

     

    Just now, we come across another similar incident where cyber criminals are using a malware which has already compromised thousands of Windows users worldwide in an effort to steal their Social Media account, Online account and Banking account Credentials.

     

    A Greek Security Researcher recently discovered a malware sample via a spam campaign (caught in a corporate honeypot), targeting large number of computers users rapidly. He investigated and posted a detailed technical analyses of the malware on his blog.

     

    After reverse engineer the malware sample file, he found that the cybercriminals are using a combination of software AutoIT (Automate day-to-day tasks on computers) and a “commercial” Keylogger named “Limitless Keylogger” to make it FUD i.e. Fully Undetectable from static analysis.

     

    Keylogger is a critical type of software program for cyber criminals, which records every input typed into the keyboard and easily detects passwords for users’ Email accounts, Social Media accounts and Online Bank accounts.

     

    This malicious application captures every keystrokes users press and send them to a specified email address linked to the cyber criminal. More interestingly, the malware uses AutoIT in order to evade detection by Antivirus programs.

     

    Limitless Keylogger Optimized with AutoIT Infected thousands of Computers

     

    The malware distributed in the spam campaign comes as a WinRAR SFX executable file with a custom icon which drops 4 malicious files onto the victim’s computers with hidden and system attributes.

     

    The Malware archive includes:

     

    • AutoIT script ‘update.exe’ of 331MB
    • Python script to “deobfuscate” AutoIT script
    • oziryzkvvcpm.AWX – Settings for AutoIT script
    • sgym.VQA – Another Encrypted malware/Payload Binary
    Initially the obfuscated AutoIT Script is of size 331MB, because it contains lots of garbage content, but after deobfuscate process it becomes only 55kbyte in size with clean malicious code.

     

    Researcher found lot of functions and various functionalities in the malware code those allow the malicious software to protect itself from detection.

     

    On Further reserve engineering, he found that the malware sends the collected keystroke data to the cybercriminal via SMTP email server. So he sniffed the whole conversation of malware SMTP traffic and discovered that the keylogger was sending all keystrokes of the user, screenshots, recovery data (saved passwords from several applications/browsers) to an email ID – “ontherun4sales@yandex.ru”.

     

    He also extracted the hardcoded SMTP email ID username and passwords of the respective Yandex mail address from the malware source code.
    Limitless Keylogger Optimized with AutoIT Infected thousands of Computers
    Researcher told SecNews, “The detection was accomplished in the past few days and found that the malware was being Greek is targeting users (minimum numerical cases).
    Possibly some Indonesian hackers might have used the malicious software available on the Russian hacking forum sites” they said. “and the targets are well known companies from retail industry,oil,airlines etc
    At last, the researcher also disclosed some online FTP servers using Google hacks, where the data has been uploaded by the different variants of the Limitless Logger by various hacking groups.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Rise in Anti-Child Porn Spam Protection Ransomware infections

    This ransomware pretends to be from a legitimate government organization that states that the infected computer is sending out SPAM that contains links to child pornography sites. The ransom program then states that in order protect yourself, and others, it has encrypted your data using Advanced Encryption Standards, or AES, encryption. Just like the Malware Protection and the ACCDFISA Protection Program variants, these files are not actually encrypted but are password protected RAR files.

    sl.png

    ScreenLocker window for ACCDFISA v2.0, There are actually a few different versions of this. ACCDFISA v2.0 HTML file, These can be worded slightly different, and can have different emails to message the virus creator.

    There seems to be either a leak of the ACCDFISA v2.0 source, or the creator is mixing up the layout of Ransom Note, Screen Locker, and even the internal code. So far I have found 3 different version of ACCDFISA v2.0 with different contact emails, Ransom Notes, Code, and what is worse is even the method of delivery. The previous ACCDFISA v2.0 mostly only affected servers with RDP enabled with weak security. But the last 2 victims I have been messaging had neither a server or RDP enabled, and claimed to have gotten it either by email or a malicious or hacked site. This makes this older modified infection another top placer for worst encrypting infections because the key is unrecoverable, Restore Points are wiped, the computer is locked down, services are mangled, free space and deleted files are wiped with SDelete, and of course files are encrypted with WinRar SFX AES exe’s.

    For informational purposes, the 2 virus creator emails I have found with these variants are brhelpinfo@gmail.com and Dextreme88@gmail.com.

    When first run, this program will scan your computer for data files and convert them to password protected RAR .exe files. These password protected data files will be named in a format similar to test.txt(!! to decrypt email id <id> to <Email>@gmail.com !!).exe. It will then use Sysinternal’s SDelete to delete the original files in such a way that they cannot be undeleted using file recovery tools. It will also set a Windows Registry Run entry to start c:\<Random Number>\svchost.exe when your computer starts. This program is launched immediately when you logon and blocks access to your Windows environment. If you boot your computer using SafeMode, Windows Recovery disk, or another offline recovery CD, you can delete or rename the c:\<Random Number>\svchost.exe file in order to regain access to your Windows Desktop. This “lockout” screen will also prompt you to send the hackers the ransom in order to get a passcode for the system lockout screen and for your password protected files.

    This variant took 3 hours to completely finish on my VM. I was able to access the key file, and decrypt nearly all files and back them up before shutdown. So if you are lucky enough to see this happening, you should immediately backup the key file on the desktop / in the ProgramData folder.

    Sadly, just like the past variants, files cannot be decrypted either without the key, or a backup. If you are reading this infection free I have one question, Have you backed up today?. If not, you better get to it as these types of computer infections are on the rise and definitely here to stay!

    The files that this infection creates when it is installed are:

    File List:

    c:\<Random>\svchost.exe – ScreenLocker / Decrypter

    c:\<Random>\howtodecryptaesfiles.htm – RansomNote that all RansomNotes lnk’s point to

    c:\ProgramData\fdst<Random>\lsassw86s.exe Encrypter / Main dropper

    c:\ProgramData\<Random>\<Random>.dll – Different Numbers and Hashes used by the infection / Also where Temp Key is kept, But removed after completion

    c:\ProgramData\<Random>\<Random>.DLLS List of files to be infected by WinRar

    c:\ProgramData\<Random>\svchost.exe – WinRar CUI renamed

    c:\ProgramData\<Random>\svchost.exe – Sdelete Renamed

    c:\ProgramData\svcfnmainstvestvs\stppthmainfv.dll List of Numbers used by the infection

    c:\ProgramData\svtstcrs\stppthmainfv.dll List of Numbers used by the infection

    c:\Windows\System32\backgrounds2.bmp Renamed ScreenLocker / Decrypter, Used to replace the one in ProgramData if deleted

    c:\Windows\System32\lsassw86s.exe Renamed Encrypter / Main dropper, Used to replace the one in ProgramData if deleted

    c:\Windows\System32\scsvserv.exe Used to complete mangle / disable services to further lock down computer

    c:\Windows\System32\lsassvrtdbks.exe Assists with encryption

    c:\Windows\System32\session455.txt Temp Storage used with .BAT file to logoff user account

    c:\Windows\System32\decryptaesfiles.html Used to copy to ProgramData

    c:\Windows\System32\Sdelete.dll Used to copy Sdelete to ProgramData

    c:\Windows\System32\kblockdll.dll Used to Lock desktop

    c:\Windows\System32\btlogoffusrsmtv.bat Used to log user off

    c:\Windows\System32\default2.sfx Used with winrar to encrypt files

    c:\Windows\System32\cfwin32.dll WinRar CUI renamed

    %Desktop%\<Random>.Txt – Also contains Decrypt Key, But removed after completion

    Registry List:

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run C:\<Random>\svchost.exe – Launches ScreenLocker

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run C:\<Random>\svchost.exe – Launches ScreenLocker

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run C:\ProgramData\<Random>\svchost.exe – Launches ScreenLocker

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Microsoft throws old versions of Internet Explorer under the bus

    Come 2016, if you’re not up to date you’re on your own – enjoy your security bugs

    Microsoft has confirmed that it’s ending support for old versions of Internet Explorer, and it’s giving you just shy of 18 months to get up to date.

    Roger Capriotti, director of the IE team, blogged on Thursday that beginning on January 12, 2016, only the most recent version of IE on any supported version of Windows will continue to receive technical support and security updates.

    As of today, that means IE9 on Windows Vista SP2 and Windows Server 2008 SP2, IE10 on Windows Server 2012, and IE11 on any later version of Windows (including Windows Server 2012 R2).

    In fact, the only reason IE9 is still being supported on Vista is because no later versions will run on that little-loved OS. IE9 never won high marks from web devs, and Google, for one, has already discontinued support for it in Gmail and Google Apps.

    “For customers not yet running the latest browser available for your operating system, we encourage you to upgrade and stay up-to-date for a faster, more secure browsing experience,” Capriotti wrote.

    Microsoft is a late convert to web-standards religion, having spent the better part of 20 years releasing browsers that rendered sites in ways that were incompatible with rivals like Firefox, Chrome, and Safari.

    These days, the software giant markets standards compliance as a key feature of IE11, and it has even gone as far as to claim it’s had to build workarounds into its browser to support websites that are coded using the competition’s nonstandard features.

    Redmond even seems to want to atone for its own past bad behavior. It’s now encouraging commercial customers who have built their bespoke web apps for older, patently terrible versions of IE to upgrade to IE11 and use its “Enterprise Mode” to maintain backward compatibility with those standards-shirking browsers.

    Enterprise Mode, which Microsoft shipped with the Windows 8.1 Update and as a standalone patch in April, makes IE11 behave like IE8, even going as far as to announce the old version to websites and ActiveX controls that have been hard-coded for specific browser releases.

    Concurrent with its announcement of the end of support for old IE versions, Microsoft said on Thursday that it will continue to support Enterprise Mode through the full lifecycle of whichever OS IE11 is running on – meaning it will be supported on Windows 7 through January 14, 2020, for example.

    As Microsoft points out, however, most consumers won’t have to worry about much of this – at least until their version of Windows reaches the end of its lifecycle – because they get the latest version of IE installed automatically as a function of Windows Automatic Updates.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Online Virus Removal Service – Remove viruses, trojans, malware from your PC

    expert virus removal services

    Find expert computer & laptop repair services, Laptop repair, virus removal, spyware and malware problems, laptop screen repair and more.

    With Complete Computer Repair Virus Removal Service, our security expert can remotely access your PC and clean it of all viruses, spyware and any other threats or annoying programs hiding in your PC while you watch their every move, in real time.

    • Instant – Security experts are available 24×7 to eliminate viruses, Trojans, spyware, rootkits and other malware from your PC.
    • Remote – You can sit back and relax while the complete service is delivered remotely via an Internet connection to your home.
    • Intelligent – We will include a complete tuneup and optimization of your equipment for super fast performance

    Let our virus removal experts quickly and effectively remove all type of Trojans,malware, spyware and cyber-bugs. Service you can count on! So, relax and leave the dirty work to us.

    Online Virus Removal service for just $80.00

    Available daily, 24×7, fast, easy, and stress-free.
    Contact Complete Computer Repair Virus Removal Service department today!

    Tel. 754-234-5598


  • Computer & Laptop Repair & Services

    Find expert computer & laptop repair services, Laptop repair, virus removal, spyware and malware problems, laptop screen repair and more.

    Computer Repair, Virus Removal Laptop Authorized Service Centers

     

    Online Virus Removal, Laptop Screen Repair, and Motherboard Repair Specialist

    Acer Laptop – TravelMate, Extensa, Ferrari, Aspire One  Apple – MacBook, MacBook Air, MacBook Pro, Imac G4 G5 Ibook
    Dell Computer – Inspiron, Latitude, Precision, Studio, Vostro, XPS, Studio XPS, Alienware Mini Legacy System Adamo
    Asus Laptop – Asus Eee, Lamborghini Fujitsu – LifeBook, Stylistic  Lenovo – ThinkPad, IdeaPad, 3000, IBM
    Compaq Computer – Armada, Concerto, Contura, Presario, ProSignia, LTE, Mini, EVO, SLT and many More.
    HP Laptop – Hewlett-Packard, HP Pavilion, HP Omnibook Envy EliteBook ProBook   Sony Laptop – VAIO Series
    Gateway Computer – Solo & Pro Series   Toshiba Laptop – Dynabook, Portege, Tecra, Satellite, Qosmio, Libretto
    MSI laptops – Micro-Star International, Megabook, Wind   Samsung Computer – Sens, eMachines, Pro

    Do you have a Broken laptop screen? Cracked Screen? Dim Screen? Dark Screen? Color lines on screen? We sale all type of led screens of any size and resolution.

    Let us help keep your PC or Apple computer personal and business data safe from cyber thieves and organizations that could hold your data hostage online, making it unreachable to you until you pay a fee or purchase a bogus software package. You don’t have to visit questionable websites or participate in torrent file sharing to acquire computer viruses. New viruses and malware exploits are being put in place every day in the hopes that you will make the mistake of visiting an infected website by opening a questionable file or e-mail. We will provide you with professional and reliable laptop computer repair services, Call for a store near you.

    * Lower prices than best buy geek squad computer repair stores, tiger direct, compusa computer repair department, office depot computer repair stores, office max computer repair store, staples and any other major computer repair store chain in south florida. We crush our competitors with free in home service, lowest prices, in stock parts and super fast speedy same day service.

    We are rated 5 star and listed on the top 10 best computer repair companies in the south florida area. Please check our customer reviews and ratings on Google Places,Yelp, Bing, Yahoo and google maps. Satisfaction guaranteed.

    CALL 754-234-5598

    Computer  Repair for All South Florida, Fort Lauderdale, Miami, Boca Raton, Boynton Beach Delray Beach and More