• Tag Archives virus removal
  • Complete Computer Repair – Local USA Computer Repair And Nationwide Online Support

    Local USA Computer Stores and Worldwide Online Technical Support and Repair Services

    Over 20 Years experience repairing laptop and desktop computers.

    Apple Computer Repair – Macbook Pro, Macbook Air, Imac, Macbook, Mac Repair

    Windows PC Repair – Dell, Acer, HP, Compaq, Dell, Sony, Toshiba, Lenovo, Asus, Samsung

    Motherboard Repair  –  BGA repair,  BIOS Repair, SMD Repair, BGA Reflow, Video Repair

    Laptop Screen Repair  –  LCD Repair, Screen Repair, Laptop Repair, LCD and LED screens

    PC and Apple Virus Removal  –  Spyware Removal, Malware Removal, Rootkit Removal

    IT Network Specialist Analyst  – Server Setup, Server installation, Server Configuration

    Local USA Computer Stores – Fort Lauderdale FL, Miami, Boca Raton

    Nationwide and Local Computer Sales – South Florida USA Computers Importer / Exporter

     

    We beat any Local Repair shop or any USA computer store located on the East Coast!


  • Complete Computer Repair – Apple and PC Services

    Professional Onsite Computer Repair

    Over 20 Years experience repairing laptop and desktop computers.

    Apple Computer Repair – Macbook Pro, Macbook Air, Imac, Macbook, Mac Repair

    Windows PC Repair – Dell, Acer, HP, Compaq, Dell, Sony, Toshiba, Lenovo, Asus, Samsung, MSi, Vizio, IBM Gateway and more

    Motherboard Repair  –  BGA repair,  BIOS Repair, SMD Repair, BGA Reflow, Video Repair

    Laptop Screen Repair  –  LCD Repair, Screen Repair, Laptop Repair, LED screens, LCD screens

    PC and Apple Virus Removal  –  Spyware Removal, Malware Removal, Rootkit Removal, Ransom Removal

    IT Network Specialist Analyst   Server Setup, Server installation, Server Configuration

    Complete Computer Repair Services Help and Support

     

    SAME DAY SERVICE 754-234-5598

     


  • Complete Computer Repair VS Geek Squad Prices and Service

    BEST SERVICE AND PRICE VS GEEK SQUAD

    Complete Computer Repair Services BEATS The Geek Squad Prices

    Complete Computer Repair VS Best Buy Geek Squad Services

    • Virus Removal Geek Squad takes 3 to 7 days – WE TAKE TWO HOURS
    • Laptop Screen Repair Geek Squad takes 5 to 10 days – WE TAKE TWENTY MINUTES
    • Computer or Laptop Motherboard Repair Geek Squad takes 10 to 15 days – WE TAKE A TWO HOURS
    • Hard Drive Replacement Geek Squad takes 3 to 7 days – WE TAKE FIFTEEN MINUTES

    Geek Squad Charges for In home Service $125 Plus WE DONT CHARGE

    IT NETWORK SERVICES NOT OFFER BY GEEK SQUAD
    Troubleshoot and resolve ongoing T1/DSL problems
    Network cabling and Server Setup
    VPN / Proxy setup
    IT Network Engineers and Analyst’s
    Client/Server Setup Un-managed Switch
    Onsite Hardware repair
    Onsite Desktop / Laptop repair Soldering Repairs
    Windows Or OS X VMware setup and Maintenance
    Microsoft Windows and Macintosh OS X Servers

    CALL TODAY 754-234-5598

    Fort Lauderdale Computer Repair, Apple Mac Repair Same Day, PC Repair for Dell, Acer, Asus, Compaq, Sony, Toshiba, Lenovo, IBM MSI, Vizio, Emachines, HP, Gateway, Fujitsu, Samsung and more.

    THE GEEK SQUAD CAN’T BEAT OUR REPAIR PRICES OR SERVICE



  • Computer Repair Services – Local Repair and On line Computer Technician Available

    If you need your computer up and running today, Call a reliable PC technician. Proudly Serving and providing on site local service in South Florida. Online service repair technicians available Anytime, Any day, Anywhere. Call 754-234-5598

    Complete Computer Repair

    SOME OF OUR COMPUTER AND NETWORK SERVICES

    • Networking — home office / business
      • Onsite PC support and installation
      • Hard drive Failure / Laptop Motherboard Repair
      • Data Backup and Data recovery
      • Malware, Viruses, Trojans, Rootkits, Ransomeware and Spyware Removal
      • Screen Replacement and repair
      • Apple Repair, PC Repair, Laptop Repair, Desktop Repair
      • Computer Upgrades and Build Custom Computers
      • Windows Upgrade, OSX Upgrades
      • Memory Upgrade, Hard drive upgrade,
      • Network Security, Secure Your Network, Internet Security
      • Wireless routers Installations
      • Wireless Printers Installation and Configuration
      • Anti-Virus Protection and Configuration
      • Windows Recovery for XP, Vista, Windows 7, windows 8, windows 10
      • Re install Windows 98, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10 Installations

    –> We have computer parts for sale at low prices new and old for every make and model, HP, Compaq, Acer, Lenovo, Dell, Asus, Samsung, Toshiba, Sony, IBM, Emachines, Fujitsu, MSI and more.

    TEL. 754-234-5598

    *Lower prices than Geek Squad Fort Lauderdale, CompUSA Fort Lauderdale, Tiger Direct Fort Lauderdale, Staples Fort Lauderdale, Office Depot Fort Lauderdale, Online Virus Removal Sites, Local Computer Repair Shops. If you find a lower price call us and we will match that price. Computer Repair Coupons welcome, Computer repair discount for seniors.


  • Malicious Ads on Yahoo, AOL, Match.com, Trigger CryptoWall Infections

    cryptowall

    Attackers have been leveraging the FlashPack Exploit Kit to peddle the CryptoWall 2.0 ransomware on unsuspecting visitors to sites such as Yahoo, The Atlantic and AOL. Researchers believe that for about a month the malvertising campaign hit up to 3 million visitors and netted the attackers $25,000 daily.

    According to experts at Proofpoint, a firm that primarily specializes in email security, the exploit kit targeted a vulnerability in Adobe Flash via users’ browsers to install the ransomware on users’ machines.

    Malvertising is an attack that happens when attackers embed malicious code – in this case code that led to the latest iteration of CryptoWall – into otherwise legitimate ads to spread malware via drive-by downloads. Users can often be infected without even clicking on anything.

    CryptoWall, which takes users’ files, encrypts them with rigid RSA-2048 encryption, then asks for a fee to decrypt them, made a killing earlier this summer. In August it was reported that the ransomware made more than $1.1 million for its creators in just six months.

    Similar to Critoni/Onion, a ransomware dug up in July, CryptoWall 2.0 downloads a TOR client on the victim’s machine, connects to a command and control server and demands users send Bitcoin – $500 worth – to decrypt their files. Since the campaign lasted about a month, from Sept. 18 to this past Saturday, researchers are estimating that 40 of the campaign’s Bitcoin addresses collected at least 65 BTC each, a number that roughly translates to $25,000 a day.

    cryptowall1

    Proofpoint claims that high ranking sites such as AOL, The Atlantic, Match.com and several Yahoo subdomains such as their Sports, Fantasy Sports and Finance sites, were spotted serving up the tainted ads. Other sites lesser known in the U.S. such as Australia’s Sydney Morning Herald, The Age, and the Brisbane Times, were reportedly also doling out the ads.

    While the campaign started a month ago the firm claims things didn’t start to ramp up until recently.

    “After crossing a threshold level, it became possible to associate the disparate instances with a single campaign impacting numerous, high-traffic sites,” Wayne Huang, the company’s VP of Engineering, said of the campaign.

    The firm claims it worked quickly to notify those involved in the campaign, including the ad providers, and as of this week, believes the situation has been nullified.

    Last month researchers with Barracuda Labs found a CryptoWall variant with certificate signed by Comodo being distributed through ads on a handful of different websites. None of those sites were nearly as trafficked as those spotted by this most recent campaign however. The Alexa rankings for Yahoo (4), AOL (37), Match (203), and The Atlantic (386) place them within the top 500 of the internet’s most popular sites, something that likely upped the campaign’s exposure level.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Nearly 7 Million Dropbox accounts Allegdely Hacked

    Internet users have faced a number of major privacy breaches in last two months. Major in the list are The Fappening, The Snappening and now the latest privacy breach in Dropbox security has gained everybody’s attention across the world.

    Dropbox, the popular online locker service, appears to have been hacked by an unnamed hacker group. It is still unclear how the account details of so many users were accessed and, indeed, if they are actually legitimate or not. However, the group claims to have accessed details from nearly 7 million individual accounts and are threatening to release users’ photos, videos and other files.

    HACKERS CLAIMED TO RELEASE 7 MILLION USERS’ PERSONAL DATA

    A thread surfaced on Reddit today that include links to files containing hundreds of usernames and passwords for Dropbox accounts in plain text. Also a series of posts with hundreds of alleged usernames and passwords for Dropbox accounts have been made to Pastebin, an anonymous information-sharing site.

    Hackers have already leaked about 400 accounts by posting login credentials, all starting with the letter B, and labelled it as a “first teaser…just to get things going“. The perpetrators are also promising to release more more password details if they’re paid a Bitcoin ransom.

    More Bitcoin = more accounts published on Pastebin. As more BTC is donated, More pastebin pastes will appear.”

    The security breach in Dropbox would definitely have bothered its millions of users and since passwords are involved in this incident, so it has more frightening consequences on its users. Reddit users have tested some of the leaked username and password combinations and confirmed that at least some of them work.

    DROPBOX DENIED THE HACK – THIRD PARTY IS RESPONSIBLE

    However, Dropbox has denied it has been hacked, saying the passwords were stolen apparently from third-party services that users allowed to access their accounts. In a statement to The Next Web, Dropbox said:

    Dropbox has not been hacked. These usernames and passwords were unfortunately stolen from other services and used in attempts to log in to Dropbox accounts. We’d previously detected these attacks and the vast majority of the passwords posted have been expired for some time now. All other remaining passwords have expired as well.”

    The incident came just few days after the Snappening incident in which the personal images of as much as 100,000 Snapchat users were leaked online, which was the result of a security breach in the its third-party app.

    Snapchat has denied that its service or server was ever compromised, but the servers of a third-party app designed to save Snapchat photos, which became the target for hackers to obtain personal photographs.

    DROPBOX – “HOSTILE TO PRIVACY” SAYS SNOWDEN
    Dropbox was in the news earlier this week when, in a recent interview with The Guardian, NSA whistleblower Edward Snowden called Dropbox a “targeted, wannabe PRISM partner” that is “very hostile to privacy” — referring to its ability to access your data itself, which is yet another security consideration when it comes to web services.Snowden suggested web users to stop using Dropbox and warned them that the cloud storage service does not safeguard users’ privacy because it holds encryption keys and can therefore be forced by governments to hand over the personal data they store on its servers. He suggested people to use an alternative cloud storage provider that do not store any encryption keys, so that the users’ data cannot be read by anyone.

    USERS ARE ADVISED TO CHANGE PASSWORDS

    Until the full scope of the problem is known, it’s probably worthwhile changing your password. But whether the attack is confirmed or not, it’s a good idea to change your password just to be on a safer side — especially for those users who use same password for multiple services.

    Users are also recommended to turn on two-factor authentication, which Dropbox now supports and install a time-based, one-time password app on a mobile device.

    Update: Dropbox has issued a statement on its blog further clarifying that the Dropbox passwords were stolen from “unrelated services.”

    The usernames and passwords…were stolen from unrelated services, not Dropbox,” the company said in a blog post. “Attackers then used these stolen credentials to try to log in to sites across the internet, including Dropbox. We have measures in place that detect suspicious login activity and we automatically reset passwords when it happens.”

    Attacks like these are one of the reasons why we strongly encourage users not to reuse passwords across services. For an added layer of security, we always recommend enabling 2 step verification on your account.”

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Rise in Anti-Child Porn Spam Protection Ransomware infections

    This ransomware pretends to be from a legitimate government organization that states that the infected computer is sending out SPAM that contains links to child pornography sites. The ransom program then states that in order protect yourself, and others, it has encrypted your data using Advanced Encryption Standards, or AES, encryption. Just like the Malware Protection and the ACCDFISA Protection Program variants, these files are not actually encrypted but are password protected RAR files.

    sl.png

    ScreenLocker window for ACCDFISA v2.0, There are actually a few different versions of this. ACCDFISA v2.0 HTML file, These can be worded slightly different, and can have different emails to message the virus creator.

    There seems to be either a leak of the ACCDFISA v2.0 source, or the creator is mixing up the layout of Ransom Note, Screen Locker, and even the internal code. So far I have found 3 different version of ACCDFISA v2.0 with different contact emails, Ransom Notes, Code, and what is worse is even the method of delivery. The previous ACCDFISA v2.0 mostly only affected servers with RDP enabled with weak security. But the last 2 victims I have been messaging had neither a server or RDP enabled, and claimed to have gotten it either by email or a malicious or hacked site. This makes this older modified infection another top placer for worst encrypting infections because the key is unrecoverable, Restore Points are wiped, the computer is locked down, services are mangled, free space and deleted files are wiped with SDelete, and of course files are encrypted with WinRar SFX AES exe’s.

    For informational purposes, the 2 virus creator emails I have found with these variants are brhelpinfo@gmail.com and Dextreme88@gmail.com.

    When first run, this program will scan your computer for data files and convert them to password protected RAR .exe files. These password protected data files will be named in a format similar to test.txt(!! to decrypt email id <id> to <Email>@gmail.com !!).exe. It will then use Sysinternal’s SDelete to delete the original files in such a way that they cannot be undeleted using file recovery tools. It will also set a Windows Registry Run entry to start c:\<Random Number>\svchost.exe when your computer starts. This program is launched immediately when you logon and blocks access to your Windows environment. If you boot your computer using SafeMode, Windows Recovery disk, or another offline recovery CD, you can delete or rename the c:\<Random Number>\svchost.exe file in order to regain access to your Windows Desktop. This “lockout” screen will also prompt you to send the hackers the ransom in order to get a passcode for the system lockout screen and for your password protected files.

    This variant took 3 hours to completely finish on my VM. I was able to access the key file, and decrypt nearly all files and back them up before shutdown. So if you are lucky enough to see this happening, you should immediately backup the key file on the desktop / in the ProgramData folder.

    Sadly, just like the past variants, files cannot be decrypted either without the key, or a backup. If you are reading this infection free I have one question, Have you backed up today?. If not, you better get to it as these types of computer infections are on the rise and definitely here to stay!

    The files that this infection creates when it is installed are:

    File List:

    c:\<Random>\svchost.exe – ScreenLocker / Decrypter

    c:\<Random>\howtodecryptaesfiles.htm – RansomNote that all RansomNotes lnk’s point to

    c:\ProgramData\fdst<Random>\lsassw86s.exe Encrypter / Main dropper

    c:\ProgramData\<Random>\<Random>.dll – Different Numbers and Hashes used by the infection / Also where Temp Key is kept, But removed after completion

    c:\ProgramData\<Random>\<Random>.DLLS List of files to be infected by WinRar

    c:\ProgramData\<Random>\svchost.exe – WinRar CUI renamed

    c:\ProgramData\<Random>\svchost.exe – Sdelete Renamed

    c:\ProgramData\svcfnmainstvestvs\stppthmainfv.dll List of Numbers used by the infection

    c:\ProgramData\svtstcrs\stppthmainfv.dll List of Numbers used by the infection

    c:\Windows\System32\backgrounds2.bmp Renamed ScreenLocker / Decrypter, Used to replace the one in ProgramData if deleted

    c:\Windows\System32\lsassw86s.exe Renamed Encrypter / Main dropper, Used to replace the one in ProgramData if deleted

    c:\Windows\System32\scsvserv.exe Used to complete mangle / disable services to further lock down computer

    c:\Windows\System32\lsassvrtdbks.exe Assists with encryption

    c:\Windows\System32\session455.txt Temp Storage used with .BAT file to logoff user account

    c:\Windows\System32\decryptaesfiles.html Used to copy to ProgramData

    c:\Windows\System32\Sdelete.dll Used to copy Sdelete to ProgramData

    c:\Windows\System32\kblockdll.dll Used to Lock desktop

    c:\Windows\System32\btlogoffusrsmtv.bat Used to log user off

    c:\Windows\System32\default2.sfx Used with winrar to encrypt files

    c:\Windows\System32\cfwin32.dll WinRar CUI renamed

    %Desktop%\<Random>.Txt – Also contains Decrypt Key, But removed after completion

    Registry List:

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run C:\<Random>\svchost.exe – Launches ScreenLocker

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run C:\<Random>\svchost.exe – Launches ScreenLocker

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run C:\ProgramData\<Random>\svchost.exe – Launches ScreenLocker

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Online Virus Removal Service – Remove viruses, trojans, malware from your PC

    expert virus removal services

    Find expert computer & laptop repair services, Laptop repair, virus removal, spyware and malware problems, laptop screen repair and more.

    With Complete Computer Repair Virus Removal Service, our security expert can remotely access your PC and clean it of all viruses, spyware and any other threats or annoying programs hiding in your PC while you watch their every move, in real time.

    • Instant – Security experts are available 24×7 to eliminate viruses, Trojans, spyware, rootkits and other malware from your PC.
    • Remote – You can sit back and relax while the complete service is delivered remotely via an Internet connection to your home.
    • Intelligent – We will include a complete tuneup and optimization of your equipment for super fast performance

    Let our virus removal experts quickly and effectively remove all type of Trojans,malware, spyware and cyber-bugs. Service you can count on! So, relax and leave the dirty work to us.

    Online Virus Removal service for just $80.00

    Available daily, 24×7, fast, easy, and stress-free.
    Contact Complete Computer Repair Virus Removal Service department today!

    Tel. 754-234-5598


  • NEW MALWARE – New Banking trojanwith Network Sniffer Spreading on the Internet at a high pace

    The hike in the banking malware this year is no doubt almost double compared to the previous one, and so in the techniques of malware authors.

    Until now, we have seen banking Trojans affecting the infected device and steal users’ financial credentials in order to run them out of their money. But nowadays, malware authors are adopting more sophisticated techniques in an effort to target as many victims as they can.

    BANKING MALWARE WITH NETWORK SNIFFING

    Security researchers from the Anti-virus firm Trend Micro have discovered a new variant of banking malware that not only steal the users’ information from the device it has infected but, has ability to “sniff” network activity to steal sensitive information of other network users as well.

     

    The banking malware, dubbed as EMOTET spreads rapidly through spammed emails that masquerade itself as a bank transfers and shipping invoices. The spammed email comes along with a link that users easily click, considering that the emails refer to financial transactions.

    Once clicked, the malware get installed into users’ system that further downloads its component files, including a configuration and .DLL file. The configuration files contains information about the banks targeted by the malware, whereas the .DLL file is responsible for intercepting and logging outgoing network traffic.

    The .DLL file is injected to all processes of the system, including web browser and then “this malicious DLL compares the accessed site with the strings contained in the previously downloaded configuration file, wrote Joie Salvio, security researcher at Trend Micro.

    If strings match, the malware assembles the information by getting the URL accessed and the data sent.

    ENCRYPTED STOLEN DATA

    Meanwhile, the malware stores stolen data in the separate entries after been encrypted, which means the malware can steal and save any information the attacker wants.

    The decision to storing files and data in registry entries could be seen as a method of evasion“, Salvio said. “Regular users often do not check registry entries for possibly malicious or suspicious activity, compared to checking for new or unusual files. It can also serve as a countermeasure against file-based AV detection for that same reason.”

    HTTPS CONNECTIONS KICKED

    Moreover, the malware also has capability to even bypass the secure HTTPs connection which poses more danger to users’ personal information and banking credentials, as users will feel free to continue their online banking without even realizing that their information is being stolen.

    [It has] capability to hook to the following Network APIs to monitor network traffic: PR_OpenTcpSocket PR_Write PR_Close PR_GetNameForIndentity Closesocket Connect Send WsaSend

    This kind of financial threat is really dangerous for the people, because previous banking malwares often rely on form field insertion or phishing pages to steal users’ financial information, but the use of network sniffing in the malware, makes the threat even more harder for users to detect any suspicious activity as no changes are visibly seen, said the researcher.

    Researchers are still investigating that how the gathered stolen data the malware sniffs from the network is being sent to the attacker.

    The malware infection is not targeted to any specific region or country but, EMOTET malware family is largely infecting the users of EMEA region, i.e. Europe, the Middle East and Africa, with Germany on the top of the affected countries.

    Users are advised to do not open or click on links and attachments provided in any suspicious email, but if the message is from your banking institution and of concern to you, then confirm it twice before proceeding.

    The hike in the banking malware this year is no doubt almost double compared to the previous one, and so in the techniques of malware authors.

    Until now, we have seen banking Trojans affecting the infected device and steal users’ financial credentials in order to run them out of their money. But nowadays, malware authors are adopting more sophisticated techniques in an effort to target as many victims as they can.

    BANKING MALWARE WITH NETWORK SNIFFING

    Security researchers from the Anti-virus firm Trend Micro have discovered a new variant of banking malware that not only steal the users’ information from the device it has infected but, has ability to “sniff” network activity to steal sensitive information of other network users as well.

    The banking malware, dubbed as EMOTET spreads rapidly through spammed emails that masquerade itself as a bank transfers and shipping invoices. The spammed email comes along with a link that users easily click, considering that the emails refer to financial transactions.

    Once clicked, the malware gets installed into users’ system that further downloads its component files, including a configuration and .DLL file. The configuration files contains information about the banks targeted by the malware, whereas the .DLL file is responsible for intercepting and logging outgoing network traffic.

    The .DLL file is injected to all processes of the system, including web browser and then “this malicious DLL compares the accessed site with the strings contained in the previously downloaded configuration file, wrote Joie Salvio, security researcher at Trend Micro. “If strings match, the malware assembles the information by getting the URL accessed and the data sent.

     

    ENCRYPTED STOLEN DATA

    Meanwhile, the malware stores stolen data in the separate entries after been encrypted, which means the malware can steal and save any information the attacker wants.

    The decision to storing files and data in registry entries could be seen as a method of evasion“, Salvio said. “Regular users often do not check registry entries for possibly malicious or suspicious activity, compared to checking for new or unusual files. It can also serve as a countermeasure against file-based AV detection for that same reason.”

    HTTPS CONNECTIONS KICKED

    Moreover, the malware also has capability to even bypass the secure HTTPs connection which poses more danger to users’ personal information and banking credentials, as users will feel free to continue their online banking without even realizing that their information is being stolen.

    [It has] capability to hook to the following Network APIs to monitor network traffic: PR_OpenTcpSocket PR_Write PR_Close PR_GetNameForIndentity Closesocket Connect Send WsaSend

    This kind of financial threat is really dangerous for the people, because previous banking malwares often rely on form field insertion or phishing pages to steal users’ financial information, but the use of network sniffing in the malware, makes the threat even more harder for users to detect any suspicious activity as no changes are visibly seen, said the researcher.

    Researchers are still investigating that how the gathered stolen data the malware sniffs from the network is being sent to the attacker.

    MALWARE DISTRIBUTION OVER WORLD MAP

    The malware infection is not targeted to any specific region or country but, EMOTET malware family is largely infecting the users of EMEA region, i.e. Europe, the Middle East and Africa, with Germany on the top of the affected countries.

    Users are advised to do not open or click on links and attachments provided in any suspicious email, but if the message is from your banking institution and of concern to you, then confirm it twice before proceeding.

     

    IF INFECTED Visit Our Main Site OR call 754-234-5598

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

     


  • How to jailbreak iphone 5 iOS 7.1 and iOS 7.1.1. cell phones – mobil

    jailbreak ios tools

    Quite Surprisingly, a team of Chinese hackers, Pangu have released an untethered jailbreak for iOS 7.1 and iOS 7.1.1.

    This untethered jailbreak is compatible with iPhone 5s, iPhone 5c, iPhone 4S, iPhone 4, iPad Air, iPad 4, iPad 3, iPad 2, iPad mini, Retina iPad mini and iPod touch 5G running iOS 7.1-iOS 7.1.1.

     

    The jailbreak tool is currently available for Windows but works on every iOS devices. Many iOS users have posted on Reddit that the tool works successfully.

    Jailbreaking is a process of removing limitations on iOS devices, Apple’s operating system, so you can install third party software not certified by Apple. Such devices include the iPhone, iPod touch, iPad, and second-generation Apple TV.

     

    One question rises in my mind that when Apple’s system root protections have been greatly enhanced in an effort to make jailbreaks more difficult, then what’s the whole story behind the unexpectedly release of this jailbreak tool?

     

    STEPS TO JAILBREAK iOS 7.1 & iOS 7.1.1
    The installation process of the isn’t as simple as the previous jailbreak, but you can follow this Reddit thread:

     

     

    1. Make sure you have iTunes installed.
    2. Edit your iPhone’s date to June 2, 2014
    3. Open the PanGu.exe file
    4. Click the black button to the right (also UNCHECK THE CHECKMARK where you see random characters and the “PP”)
    5. As soon as the “brush stroke” loading bar fills to 20%, the PanGu app will appear on your phone
    6. Tap it
    7. Select Continue
    8. It will fill the loading brush stroke until 80% and your iTunes will open (it will only open IF you have iTunesHelper.exe on your Windows Taskbar)
    9. Close iTunes
    10. Your device will reboot
    11. When it opens again, wait for the brush stroke to complete to 100%
    12. Your device will reboot once more
    13. The process will be finished 100%
    14. The PanGu app will be replaced with Cydia
    15. Do your usual stuff by opening Cydia and continue with what you want to install by then.
    16. For precautionary measures, install Complete PPSync Remover (on https://cydia.angelxwind.net repo) because even though you uncheck the “PP” on step 4, it installs it anyway (internally without the app showing)

     

    COMPATIBLE DEVICES

    This Untethered Jailbreak is compatible with following devices running iOS 7.1-iOS 7.1.1:

    • iPhone 5s
    • iPhone 5c
    • iPhone 4S
    • iPhone 4
    • iPad Air
    • iPad 4
    • iPad 3
    • iPad 2
    • iPad mini
    • Retina iPad mini
    • iPod touch 5G
    CONTROVERSY OF STOLEN JAILBREAK EXPLOIT
    It’s worth noting that the jailbreak is available from a new team and the said hack is the first from the team. The controversy behind the sudden release of the jailbreak apparently came from one of the exploits used by a security expert and known jailbreaker Stefan Esser, aka i0n1c, who show off the method to jailbreak the iOS 7.1.1 using iPhone 5C during his training session.

     

    IOS jailbreak tool

     

    The people behind it reportedly took this training session given by Esser and allegedly exposed his exploit in the market. Esser expressed his disappointment over the adoption of his exploit via his twitter account, and later Esser even called the Pangu team members “thieves” and wished “everyone of my followers who installed Pangu much fun with malware from China.

    The jailbreak tool (download here) apparently installs the most popular third-party app installer Cydia, but also throws in a Chinese store with apps unsanctioned by Apple.

    However, world-renowned software developer and a very well-known iOS hacker, H8sn0w has confirmed via Twitter that the jailbreak tool does not contain any spyware or malicious software in it and is safe to use.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Zeus Trojan (or Zbot Trojan) steals confidential information from the infected computer.

    Pandemiya hacking trojan

    A new and relatively rare Zeus Trojan program was found which is totally different from other banking Trojans and has capability to secretly steal data from forms, login credentials and files from the victim as well as can create fake web pages and take screenshots of victim’s computer.

    Researchers at RSA Security’s FraudAction team have discovered this new and critical threat, dubbed as ‘Pandemiya’, which is being offered to the cyber criminals in underground forums as an alternative to the infamous Zeus Trojan and its many variants, that is widely used by most of the cyber-criminals for years to steal banking information from consumers and companies.

     

    The source code of the Zeus banking Trojan is available on the underground forums from past few years, which lead malware developers to design more sophisticated variants of Zeus Trojan such as Citadel, Ice IX and Gameover Zeus.

     

    But, Pandemiya is something by far the most isolated and dangerous piece of malware as the author spent a year in writing the code for Pandemiya, which includes 25,000 lines of original code written in C.
    Like other commercial Trojan, Pandemiya infect the machines through exploit kits and via drive-by download attacks to boost infection rate that exploit flaws in the vulnerable software such as Java, Silverlight and Flash within few seconds victim lands on the web page.

    Pandemiya’s coding quality is quite interesting, and contrary to recent trends in malware development, it is not based on Zeus source code at all, unlike Citadel/Ice IX, etc.,” researchers from RSA, the security division of EMC, said Tuesday in a blog post. “Through our research, we found out that the author of Pandemiya spent close to a year of coding the application, and that it consists of more than 25,000 lines of original code in C.

    Pandemiya Trojan using Windows CreateProcess API to inject itself into every new process that is initiated, including Explorer.exe and re-injects itself when needed. Pandemiya is being sold for as much as $2,000 USD and provides all the nasty features including encrypted communication with command and control servers in an effort to evade detection.The Trojan has been designed with modular architecture to load more external plug-ins, which allows hackers to add extra features simply by writing new DLL (dynamic link library). The extra plug-ins easily add capabilities to the Trojan’s core functionality, that’s why the developer charge an extra of $500 USD to get the core application as well as its plugins, which allows cybercriminals to open reverse proxies on infected computers, to steal FTP credentials and to infect executable files in order to inject the malware at start up.

     

    The advent of a freshly coded new trojan malware application is not too common in the underground,” Marcus writes, adding that the modular approach in Pandemiya could make it “more pervasive in the near future.

    The malware developers are also working on other new features to add reverse Remote Desktop Protocol connections and a Facebook attack module in order to spread the Trojan through hijacked Facebook accounts.

    HOW TO REMOVE PANDEMIYA TROJAN

    The Trojan can be easily removed with a little modification in the registry and command line action, as explained below:

      1. Locate the registry key HKEY_LOCAL_USER\Software\Microsoft\Windows\CurrentVersion\Run and identify the *.EXE filename in your user’s ‘Application Data’ folder. Note the name, and delete the registry value.
      2. Locate the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\AppCertDlls. Find the value with the same name as the *.EXE file in the previous step. Note the file name, and remove the value from the registry.
      3. Reboot the system. At this stage Pandemiya is installed but no longer running. Delete both files noted earlier. This will remove the last traces of the Trojan. Your system is now clean.

    Please Visit our Computer News Website and Blog

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Fort Lauderdale, Miami, Boca Raton, Boynton Beach and all South Florida


  • Cryptowall Ransomware Spreading on the internet rapidly through advertisements

    Cryptowall Lock Malware spyware spreading
    Cryptowall Lock Malware

     

    Ransomware is an emerging threat in the evolution of cybercriminals techniques to part you from your money. Typically, the malicious software either lock victim’s computer system or encrypt the documents and files on it, in order to extort money from the victims.

    Though earlier we saw the samples of Ransomware tended to be simple with dogged determinations to extort money from victims. But with the exponential rise in the samples of Ransomware malwares, the recent ones are more subtle in design, including Cryptolocker, Icepole, PrisonLocker, CryptoDefense and its variants.

    Now, the ransomware dubbed as Cryptowall, a latest variant of the infamous ransomware Cryptolocker is targeting users by forcing them to download the malicious software by through advertising on the high profile domains belonging to Disney, Facebook, The Guardian newspaper and others.

    Cryptolocker is designed by the same malware developer who created the sophisticated CryptoDefense (Trojan.Cryptodefense) ransomware, appeared in the end of March, that holds the victims’ computer files hostage by wrapping them with strong RSA 2048 encryption until the victim pays a ransom fee to get them decrypted.

    But unfortunately, the malware author failed to realize that he left the decryption keys left concealed on the user’s computer in a file folder with application data.

    So, to overcome this, the developer created Cryptowall ransomware and alike the latest versions of CryptoDefense, the infected system’s files and documents encrypted by CryptoWall are impossible to decrypt.

    The story broke, when researchers at Cisco revealed that cybercriminals have started targeting people with RIG Exploit Kits (EK) to distribute malicious Cryptowall ransomware malware.

    The Rig Exploit Kit was first spotted by Kahu Security in April, which checks for an unpatched version of Flash, Internet Explorer, Java or the Silverlight multimedia program on the infected users and if found, the system is instantly exploited by the bad actors.

    Researchers at Cisco have noticed high levels of traffic consistent with the new “RIG” exploit kit, thereby blocking requests to over 90 domains. On further investigation, the company observed that many of its Cloud Web Security (CWS) users were visiting on those malicious domains after clicking advertisements on high-profile domains such as “apps.facebook.com,” “awkwardfamilyphotos.com,” “theguardian.co.uk” and “go.com,” and many others.

    cryptowall ransomware If clicked, the advertisements redirect victims to one of those malicious domains in order to malvertise users and once the system get infected with the RIG Exploit Kit, it will deliver the payload which includes the Cryptowall Ransomware malware.

    Now, when this CryptoWall is installed in the infected system, it will start scanning the system Hard Drive for data files and encrypt them.

    After encrypting the files on victim’s system, it will create files containing ransom instructions in every folder it had encrypted, demanding up to $500 USD. The service where users are instructed to pay the ransom amount is a hidden service that uses the Command-and-Control server hosted on TOR .onion domain.

    The largest share of infections, some 42 percent, are in the United States, followed by England and Australia, but it believes that several groups and bad actors are involved in this attack chain.

    IF INFECTED Visit Our Main Site OR call 754-234-5598

    for latest computer repair and online news.

    Local and Online Virus removal and computer repairs anytime, anywhere

    Greased Lightbox

    +

    Loading image

    Click anywhere to cancel

    Image unavailable

    Greased Lightbox

    +

    Loading image

    Click anywhere to cancel

    Image unavailable

    Greased Lightbox

    +

    Loading image

    Click anywhere to cancel

    Image unavailable

    Greased Lightbox

    +

    Loading image

    Click anywhere to cancel

    Image unavailable

    Greased Lightbox

    +

    Loading image

    Click anywhere to cancel

    Image unavailable

    Greased Lightbox

    +

    Loading image

    Click anywhere to cancel

    Image unavailable

    Greased Lightbox

    +

    Loading image

    Click anywhere to cancel

    Image unavailable