It’s time to upgrade your computer with the latest Windows 11 or the newly released Windows 12 — guaranteed! If you’re still using Windows 10 or an outdated version of Windows 11, now is the perfect opportunity to take your system to the next level. Our expert technicians specialize in Windows installation with a focus on no data loss, ensuring a seamless transition to your new operating system. Whether you’re looking to upgrade to Windows 11 or make the leap to Windows 12, our team offers a complete transfer of all your files, settings, and applications. You won’t lose anything during the installation process. Our recovery installation services are designed to get your computer back to full functionality without any interruptions. When you choose our professional Windows upgrade services, you’re guaranteed a smooth and stress-free experience. Don’t wait any longer — upgrade to the latest Windows OS versions and enjoy improved speed, enhanced security, and new features that will revolutionize the way you use your computer. Contact us today at 754-234-5598 or visit our Windows Installation page at https://www.ccrepairservices.com/operating_system_install.html to get started with your Windows 11 or Windows 12 upgrade.
- Tag Archives windows 10
-
-
Windows 10 Surveillance Platform weaponized into and back ported Implants delivered seamlessly to Windows 7 and 8 via Windows Update
Windows 10 Surveillance Platform weaponized into and back ported Implants delivered seamlessly to Windows 7 and 8 via Windows Update
You may or may not have noticed shenanigans in your windows based 7 and * machines.
Microsoft likes the data they stream from windows 10 machines soo much that they decided to back port functionaly and carve out impants resulting in a of push 4 optional and 2 important windows updates
They will appear in control panel installed updates as
Optional
“Update for Microsoft Windows (KB3068708)”
“Update for Microsoft Windows (KB3075249)”
“Update for Microsoft Windows (KB3080149)”
“Update for Microsoft Windows (KB3022345)”Important
“Update for Microsoft Windows (KB2952664)”
“Update for Microsoft Windows (KB3021917)”If you have better things to do than hand eye troll through the list of installed updates then here are two approached to detect the SurveillanceWare Implants.
The referenced KB’s are specific to the surveillance implants which target Windows 7 only. If your running windows 8, 8.1 or 10 your more than likely fighting much more of a loosing battle. So this section is specific so where it may be temporarily possible to remove the Implants.
Detection – Open an elevated command prompt
wmic QFE list full /format:texttablewsys | find “KB3068708”
wmic QFE list full /format:texttablewsys | find “KB3022345”
wmic QFE list full /format:texttablewsys | find “KB3075249”
wmic QFE list full /format:texttablewsys | find “KB3080149”
wmic QFE list full /format:texttablewsys | find “KB3021917”
wmic QFE list full /format:texttablewsys | find “KB2952664”or alternatively detect with an update to the systeminfo command
systeminfo | findstr “KB3068708 KB3022345 KB3075249 KB3080149 KB3021917 KB2952664”
To start removal after optionally taking an evidence image or a system backup
wusa /uninstall /kb:3068708 /quiet /norestart
wusa /uninstall /kb:3022345 /quiet /norestartThen reboot seems required then continue
wusa /uninstall /kb:3075249 /quiet /norestart
wusa /uninstall /kb:3080149 /quiet /norestart
wusa /uninstall /kb:3021917 /quiet /norestart
wusa /uninstall /kb:2952664 /quiet /norestart———- Windows 7, 8, 8.1 script to detect implants——-
Here is a list and updated DIY detection ready scripting for all 14 (currently known) Surveillance implants. Including Implants for windows 8 and later.I guess they thought they could catch more fish with 14 baited lines.
Here are two batch files . run the larger script to see whats detected.
Open an elevated command prompt
create a batch file
Name: check-kb.batAdd the batch script content
@echo off
echo ‘ Only the first parameter is used in the search, the rest display context.
echo ‘
echo ‘
echo Checking for %1 %2 %3 %4 %5 %6 %7 %8 %9 %10
@echo on
wmic QFE list full /format:texttablewsys | find “%1”
@echo offCreate a batch file, purpose is to check for currently known Implants.
Name: checkfor_NPI_patches.batAdd the batch script content
@echo off
SetLocal
REM — (as of 2015-08-26):
cls
call Check-kb KB3012973 – Opt in payload – Upgrade to Windows 10 Pro
call Check-kb KB3021917 – Opt in payload – Update to benchmark Windows 7 SP1
call Check-kb KB3035583 – Opt in payload – delivers reminder “Get Windows 10” for Windows 8.1 and Windows 7 SP1
call Check-kb KB2952664 – Opt in payload – Pre launch day push of payload for compatibility update for upgrading Windows 7
call Check-kb KB2976978 – Opt in payload – Pre launch day push of payload for Compatibility update for Windows 8.1 and Windows 8
call Check-kb KB3022345 – Opt in payload – surveillance Telemetry [Replaced by KB3068708]
call Check-kb KB3068708 – Opt in payload – Update for surveillance customer experience and diagnostic telemetry
call Check-kb KB2990214 – Opt in payload – Update that prepares payload to Windows 7 to add surveillance in later installed versions of Windows
call Check-kb KB3075249 – Opt in payload – Update that adds surveillance telemetry to Windows 8.1 and Windows 7
call Check-kb KB3080149 – Opt in payload – Update for CIP and surveillance with diagnostic exfil leveraging telemetry
call Check-kb KB3044374 – Opt in payload – Marketing Windows 10 surveillance payload to windows 8,8.1 devices
call Check-kb KB2977759 – Opt in payload – Windows 10 surveillance Diagnostics Compatibility Telemetry HTTP request response
call Check-kb KB3050265 – Opt in payload – Marking via Windows Update services opting in to Windows 10 surveillance Implant
call Check-kb KB3068707 – Opt in payload – CIP telemetry request response check in for Windows 7,8,8.1Whatever Surveillance implants revealed in your machine, it can be removed with a customization of the wusa command, just replace the ??????? with the kb numbers reported.
wusa /uninstall /kb:??????? /quiet /norestart
——-Housekeeping QAHousekeeping checks post removal additional steps. I can foresee someone will prophetically conclude a recommended step 5) Uninstall windows and install a secure *nix variant. Obligatorily mentioned in advance. Thanks.
An eye on post removal Hinkyness had some hits after removals and reboots.
1) Only two of the four uninstalled KB’s reappeared as available optional “Update for Windows 7 for x64 based Systems (KB3075249) and (KB3080149), another reappeared as
Important “Update for Windows 7 for x64 based Systems (KB3068708)”
The important one was the “Update for customer experience and diagnostic telemetry” Important to who, NSA?
The “KB3068708″ Update for customer experience and diagnostic telemetry” did not reappear as an available patch. It may be dependent on one of the other three removed bits
2) Before the uninstall, I had foresight to search the infected file system
for .manifest with a common namespace string called assemblyIdentity which is set to a string value “Microsoft-Windows-Authentication-AuthUI.Resources”The before removal search listing files which matched the above search constraint yielded 62 matches in 52 manifest files.
The after removal search listing of files which match the above search constraint yields 74 matches in 64 manifest files.
Conclusion, the removal did not remove the manifest files pushed in the original infection.
3) In a read of KB 3080149, it indicated it installed and updates / requires maintenance of a file named utc.app.jsonBefore removal, the file file was found in 6 places on the infected filesystem
After “removal” the file exists in the same 6 locations, same filesize just waiting for re-use and reinfection.discovered and removed using the disribed method 22 additional implants
Found all 6 utc.app.json were removed and it had left two backup copies under the name utc.app.json.bk
in
C:\ProgramData\Microsoft\Diagnosis\DownloadedSettings
C:\Users\All Users\Microsoft\Diagnosis\DownloadedSettings
in the same directory, found a backed up file telemetry.ASM-WindowsDefault.json.bkIn order to see the hidden system directory, you must elevate to admin
dir wont show the rest of the telemetry files unless you clear the files attributes
An Elevated file explorer will show the files
Files wont be readable until you change owner permissions or change your running user principal context to that which does allow access to the file.telemetry file content
{
“settings”: {
“Microsoft-ApplicationInsights:::sampleRate”: “100”,
“Microsoft-ApplicationInsights-Dev:::sampleRate”: “100”,
“Microsoft-ApplicationInsights-Dev:::latency”: “Realtime”,
“xbox.xsapi:::sampleRate”: “100”,
“Office:::sampleRate”: “100”,
“Skype:::sampleRate”: “100”,
“Census:::sampleRate”: “100”,
“Microsoft.Windows.Appraiser.General::ms.CriticalData:sampleRate”: “100”,
“Microsoft.Windows.Appraiser.Instrumentation::ms.Telemetry:sampleRate”: “100”,
“Microsoft.Windows.Compatibility.Asl::ms.Telemetry:sampleRate”: “5”,
“Microsoft.Windows.Inventory.General::ms.CriticalData:sampleRate”: “100”,
“MicrosoftTelemetry::ms.CriticalData:sampleRate”: “0”,
“MicrosoftTelemetry::ms.Measures:sampleRate”: “0”,
“MicrosoftTelemetry::ms.Telemetry:sampleRate”: “0”,
“Setup360Telemetry::ms.CriticalData:sampleRate”: “100”,
“SetupPlatformTel::ms.CriticalData:sampleRate”: “100”,
“TelClientSynthetic:HeartBeat_5::sampleRate”: “100”
}}
content file of utc.app.json
{
“settings”: {
“UTC:::GroupDefinition.MicrosoftTelemetry”: “f4-Redacted data-6aa”,
“UTC:::CategoryDefinition.ms.CriticalData”: “140-Redacted data-318”,
“UTC:::CategoryDefinition.ms.Measures”: “71-Redacted data-63”,
“UTC:::CategoryDefinition.ms.Telemetry”: “321-Redacted data-32”,
“UTC:::GroupDefinition.Microsoft-ApplicationInsights”: “0d-Redacted data-d0b”,
“UTC:::GroupDefinition.Microsoft-ApplicationInsights-Dev”: “ba-Redacted data-3d”,
“UTC:::GroupDefinition.xbox.xsapi”: “53b-Redacted data-af3”,
“UTC:::GroupDefinition.Office”: “8DB-Redacted data-155”,
“UTC:::GroupDefinition.Skype”: “9df-Redacted data-a89”,
“UTC:::DownloadScenariosFromOneSettings”: “1”
}To mitigate future infection, am considering removal alteration or perform a revocation of file permissions to utc.app.json and the hinky manifest files.
4)Re the connections the malware opened, which may or may not have Mitm certificate pinning mitigation. My personal opinion is to mitigate by locking access to the data ex filtration end points.
Firewall now blocks outbound access from your network to
vortex-win.data.microsoft.com
Name: VORTEX-cy2.metron.live.com.nsatc.net
Address: 64.4.54.254
Aliases: vortex-win.data.microsoft.com
vortex-win.data.metron.live.com.nsatc.net
vortex.data.glbdns2.microsoft.comsettings-win.data.microsoft.com
Non-authoritative answer:
Name: OneSettings-bn2.metron.live.com.nsatc.net
Address: 65.55.44.108
Aliases: settings-win.data.microsoft.com
settings.data.glbdns2.microsoft.comChances are that anything outbound to “.data.microsoft” should likely be blackholed if you opt out of the “Idiots Do Opt Having Pervasive Surveillance Patches” IDOH-PSP program for short.
Hope this helps to bring most of the malware workflow, as is early info on this new day of vendor sponsored in your face implants, info will likely be incomplete.
-
Complete Computer Repair – Apple and PC Services
Professional Onsite Computer Repair
Over 20 Years experience repairing laptop and desktop computers.
Apple Computer Repair – Macbook Pro, Macbook Air, Imac, Macbook, Mac Repair
Windows PC Repair – Dell, Acer, HP, Compaq, Dell, Sony, Toshiba, Lenovo, Asus, Samsung, MSi, Vizio, IBM Gateway and more
Motherboard Repair – BGA repair, BIOS Repair, SMD Repair, BGA Reflow, Video Repair
Laptop Screen Repair – LCD Repair, Screen Repair, Laptop Repair, LED screens, LCD screens
PC and Apple Virus Removal – Spyware Removal, Malware Removal, Rootkit Removal, Ransom Removal
IT Network Specialist Analyst – Server Setup, Server installation, Server Configuration
Complete Computer Repair Services Help and Support
SAME DAY SERVICE 754-234-5598
-
Complete Computer Repair VS Geek Squad Prices and Service
BEST SERVICE AND PRICE VS GEEK SQUAD
Complete Computer Repair Services BEATS The Geek Squad Prices
Complete Computer Repair VS Best Buy Geek Squad Services
- Virus Removal Geek Squad takes 3 to 7 days – WE TAKE TWO HOURS
- Laptop Screen Repair Geek Squad takes 5 to 10 days – WE TAKE TWENTY MINUTES
- Computer or Laptop Motherboard Repair Geek Squad takes 10 to 15 days – WE TAKE A TWO HOURS
- Hard Drive Replacement Geek Squad takes 3 to 7 days – WE TAKE FIFTEEN MINUTES
Geek Squad Charges for In home Service $125 Plus – WE DON‘T CHARGE
IT NETWORK SERVICES NOT OFFER BY GEEK SQUAD
Troubleshoot and resolve ongoing T1/DSL problems
Network cabling and Server Setup
VPN / Proxy setup
IT Network Engineers and Analyst’s
Client/Server Setup Un-managed Switch
Onsite Hardware repair
Onsite Desktop / Laptop repair Soldering Repairs
Windows Or OS X VMware setup and Maintenance
Microsoft Windows and Macintosh OS X Servers
CALL TODAY 754-234-5598
Fort Lauderdale Computer Repair, Apple Mac Repair Same Day, PC Repair for Dell, Acer, Asus, Compaq, Sony, Toshiba, Lenovo, IBM MSI, Vizio, Emachines, HP, Gateway, Fujitsu, Samsung and more.
THE GEEK SQUAD CAN’T BEAT OUR REPAIR PRICES OR SERVICE
-
Microsoft continues its legacy of spying on its windows users! Windows 10 Privacy Spy destroyer
DISTROY WINDOWS 10 SPYING – Privacy Concerns
As we all know since windows 7 Microsoft has altered its operating system to be more user friendly and at the same time collect more user data on its customers, When windows 8 was launched , there were big changes including location platform and many more but now with the new Windows 10 release there are endless limitations on the collection of data being sent to Microsoft.
Some group has released a piece of software which eliminates all apps, and blocks the data from being sent to Microsoft. I will not comment much on the software but see below what it does block.
Also a new app by the name of DoNotSpy10 has been created by a German developer pXc-coding.
Destroy Windows 10 Spying is an app that can block anonymous data being sent, remove apps that can’t be removed the standard way and more. I liked that it can remove some of the Windows default programs that can’t be removed under Apps & Features, an annoyance I immediately discovered since I prefer to “slim” down windows.
I should note that there are still a few steps to complete, you’ll still need to go online to Microsoft’s site and opt out of the company’s invasive advertising tracking features when using DoNotSpy10 or other piece of software.
It’s your own fault if you don’t know that Windows 10 is spying on you. That’s what people always say when users fail to read through a company’s terms of service document, right?
Well, here is Microsoft’s 12,000-word service agreement. Some of it is probably in English. We’re pretty sure it says you can’t steal Windows or use Windows to send spam, and also that Microsoft retains the right to take possession of your first-born child if it so chooses. And that’s only one of several documents you’ll have to read through.
Actually, here’s one excerpt from Microsoft’s privacy statement that everyone can understand:
Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to: 1.comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies; 2.protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone; 3.operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or 4.protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.
If that sentence sent shivers down your spine, don’t worry. As invasive as it is, Microsoft does allow Windows 10 users to opt out of all of the features that might be considered invasions of privacy.
Some of the domains we know send anonymous information back to Microsoft include:
vortex.data.microsoft.com
vortex-win.data.microsoft.com
telecommand.telemetry.microsoft.com
telecommand.telemetry.microsoft.com.nsatc.net
oca.telemetry.microsoft.com
oca.telemetry.microsoft.com.nsatc.net
sqm.telemetry.microsoft.com
sqm.telemetry.microsoft.com.nsatc.net
watson.telemetry.microsoft.com
watson.telemetry.microsoft.com.nsatc.net
redir.metaservices.microsoft.com
choice.microsoft.com
choice.microsoft.com.nsatc.net
df.telemetry.microsoft.com
reports.wes.df.telemetry.microsoft.com
wes.df.telemetry.microsoft.com
services.wes.df.telemetry.microsoft.com
sqm.df.telemetry.microsoft.com
telemetry.microsoft.com
watson.ppe.telemetry.microsoft.com
telemetry.appex.bing.net
telemetry.urs.microsoft.com
telemetry.appex.bing.net:443
settings-sandbox.data.microsoft.com
vortex-sandbox.data.microsoft.com
survey.watson.microsoft.com
watson.live.com
watson.microsoft.com
statsfe2.ws.microsoft.com
corpext.msitadfs.glbdns2.microsoft.com
compatexchange.cloudapp.net
cs1.wpc.v0cdn.net
a-0001.a-msedge.net
statsfe2.update.microsoft.com.akadns.net
sls.update.microsoft.com.akadns.net
fe2.update.microsoft.com.akadns.net
diagnostics.support.microsoft.com
corp.sts.microsoft.com
statsfe1.ws.microsoft.com
pre.footprintpredict.com
i1.services.social.microsoft.com
i1.services.social.microsoft.com.nsatc.net
feedback.windows.com
feedback.microsoft-hohm.comfeedback.search.microsoft.com
rad.msn.com
preview.msn.com
ad.doubleclick.net
ads.msn.com
ads1.msads.net
ads1.msn.com
a.ads1.msn.com
a.ads2.msn.com
adnexus.net
adnxs.com
az361816.vo.msecnd.net
az512334.vo.msecnd.netwww.CCREPAIRSERVICES.COM
Local and Online PC Computer Repair Tel. 754-234-5598
FAST SAME DAY COMPUTER REPAIR, VIRUS REMOVAL, CRYTOWALL FILE RECOVERY AND LAPTOP SCREEN REPAIR SERVICE
-
Computer Repair Services – Local Repair and On line Computer Technician Available
If you need your computer up and running today, Call a reliable PC technician. Proudly Serving and providing on site local service in South Florida. Online service repair technicians available Anytime, Any day, Anywhere. Call 754-234-5598
Complete Computer Repair
SOME OF OUR COMPUTER AND NETWORK SERVICES
- Networking — home office / business
• Onsite PC support and installation
• Hard drive Failure / Laptop Motherboard Repair
• Data Backup and Data recovery
• Malware, Viruses, Trojans, Rootkits, Ransomeware and Spyware Removal
• Screen Replacement and repair
• Apple Repair, PC Repair, Laptop Repair, Desktop Repair
• Computer Upgrades and Build Custom Computers
• Windows Upgrade, OSX Upgrades
• Memory Upgrade, Hard drive upgrade,
• Network Security, Secure Your Network, Internet Security
• Wireless routers Installations
• Wireless Printers Installation and Configuration
• Anti-Virus Protection and Configuration
• Windows Recovery for XP, Vista, Windows 7, windows 8, windows 10
• Re install Windows 98, Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10 Installations
–> We have computer parts for sale at low prices new and old for every make and model, HP, Compaq, Acer, Lenovo, Dell, Asus, Samsung, Toshiba, Sony, IBM, Emachines, Fujitsu, MSI and more.
TEL. 754-234-5598
*Lower prices than Geek Squad Fort Lauderdale, CompUSA Fort Lauderdale, Tiger Direct Fort Lauderdale, Staples Fort Lauderdale, Office Depot Fort Lauderdale, Online Virus Removal Sites, Local Computer Repair Shops. If you find a lower price call us and we will match that price. Computer Repair Coupons welcome, Computer repair discount for seniors.
- Networking — home office / business
-
ONE MILLION people already running Windows 10
Microsoft announced early this week that they have released a Technical Preview of Windows 10. This sounds awesome. Because I always loved the moment when new OS release comes from Microsoft. People were expecting Windows 9 after the previous 8.1 but it was quite surprising that Microsoft Skipped 9 and released Windows 10.
Microsoft has revealed that a million people have signed up for the Windows Insider Program it is using to offer early access to Windows 10 for those willing to test the operating system’s early iterations.
Of those crash test dummies, Redmond says 36 per cent are running the OS in a virtual machine.That leaves about 650,000 people running Windows 10 on bare metal.
Microsoft says
“Insiders” have delivered “over 200,000” pieces of feedback. If the list of most-requested features Microsoft has presumably allowed to reach Paul Thurrott’s Supersite for Windows is any guide, feedback is not coming from sysadmins: most requests concern minor UI tweaks and aesthetics, although “Make it easier to use a local account” is the third-most-requested new feature.
SNEAKPEAK
Well if you are not familiar with previous release then Download Windows 8.1 ISO first. Then you can have better picture what changes Microsoft brought in this Metro Style User Interface. There was large community which was preferring Windows 7 on these new Metro Interface operating Systems. That’s why Microsoft had to take a new step. This time they created a Mix of Windows 7 and Windows 8 to create the New Windows 10.
Features of Windows 10 Technical Preview
Below are some noticeable improvements which you’ll get after Windows 10 Download ISO 32 Bit 64 Bit.
- New Cleaned Start Menu.
- Mix of Windows 7 Menu and Windows 8 Metro Interface.
- Virtual Desktops Feature.
- Task View Option with Arrays of Virtual Desktops.
- Dynamically Resizing of Windows Apps.
- Huge Search Improvements.
More Features can be seen when you Download Windows 10 ISO.
Windows 10 Technical Specs
- Software Full Name: Windows 10 Technical Preview 32 Bit 64 Bit English
- Setup File Name: WindowsTechnicalPreview-x86-EN-US.iso (32 Bit), WindowsTechnicalPreview-x64-EN-US.iso (64 Bit)
- Full Setup Size: 2.93 GB (32 Bit), 3.81 GB (64 Bit)
- Setup Type: Offline Installer / Full Standalone Setup:
- Compatibility Architecture: 32 Bit (x86) / 64 Bit (x64)
- Latest Version Release Added On: 2nd Oct 2014
- License: Free
- Developers: Microsoft
Minimum System Requirements for Windows 10
Before you start Windows 10 Download ISO 32 Bit 64 Bit, Make sure you PC meets minimum system requirements.
- Processor: 1 GHz
- Memory (RAM): 1 GB (For 32 Bit), 2 GB (For 64 Bit)
- Space: 16 GB Free Hard Disk Space
Microsoft’s not saying when the feedback will result in a new release of of the OS, or when it will go on sale. ®