Just in time for the holidays a new PC scam is making the rounds that trys to trick you into turning over you hard earned cash.
“Windows Troubleshooting” is a new nasty scam that distributes as cracked software installer, it displays a fake BSOD, or Blue Screen of Death, on the infected machine and then shows Troubleshooting Windows pop up that seems like legit Windows Troubleshooter.
The Troubleshooting scam was first detected by Pieter Arntz (a security researcher from Malwarebytes), the researcher said that Tech Support Scammers use different techniques for distributing themselves. This particular one was offered as a cracked software installer.
After installed, the scam will say that your Windows cannot be fixed, prevents you from using Windows, and encourages you to buy a program using PayPal to fix the “detected problems” and unlock the screen.
The option of “Buy Windows Defender Essentials” will open a PayPal page to let you purchase the app for $25. The funds will be transferred to the following PayPal address
“firstname.lastname@example.org” and use the following URL:“https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=DXKLEMZTGTTDY”
After a successful payment, victims will be redirected to “hitechnovation.com/thankyou.txt”, which includes the word “thankuhitechnovation” that tells the program to open a new screen that pretends to fix the issues and enables the victim to close the program.
How to remove it?
To remove this scam, you should first bypass the lock screen, the malware uses a simply breakable mechanism to verify if a victim made a payment or not. But, you can simply workaround this issue by following these steps:
– Open the fake PayPal purchase screen.
– Press Ctrl + O keys from the keyboard to launch open dialog box.
– Type http://hitechnovation.com/thankyou.txt into Open box and press enter.
That’s all. You should be able to close the window and access your Windows because the program will think the user paid and shut itself down.
Another quiet week in the tech world gives us some more time for actual technology tips. Lets look at some keyboard shortcuts you can use to make your life easier with Microsoft’s Windows.
High Contrast: SHIFT + ALT + PRINT
In its default setting, this shortcut opens a warning window before applying any changes. Click Yes or simply hit Return to switch to the high contrast setting.
This will enlarge the font on all open windows and change colors to high contrast. For example, the desktop will turn black, what was black text on white background before will be reversed. Clicking the same key combination again reverts the changes.
Switch Between Open Windows: ALT + TAB
This keyboard shortcut launches a layover window that shows all open programs. Hold onto the ALT key and click the TAB key to move to the next application. Release both keys to open the selected window.
You can reverse the direction by holding ALT + SHIFT while pressing the TAB key.
Delete Without Confirmation: SHIFT + DEL
Do you hate these nagging windows asking you whether you really want to do this or that. If you want to quickly delete something, without being harrassed for a confirmation, use this shortcut.
Do you want to make the instant delete route your default setting? Right click the Recycle Bin on your desktop, select Properties, and remove the checkmark next to Display delete confirmation dialog.
Show Desktop / Restore Open Windows: Windows key + D
Rather than moving your mouse into the bottom right corner of your screen to see your desktop, press this keyboard shortcut. Press it again to restore your windows exactly as they were before.
Lock System: Windows key + L
You should never leave your desktop unattended. Before you head out to the loo or to grab another coffee, press this keyboard shortcut to lock your system. When you return and log back in, all programs and windows will appear the way you left them.
Run Command Prompt as Administrator: Windows key + R, type cmd, hold CTRL + SHIFT, hit ENTER
This is one complex chain of commands. But if you manage to do it right, you’ll have instant Administrator access to the command prompt.
Unfortunately, this shortcut doesn’t seem to work anymore as of the Windows 10 Creators Update. Alternatively, press Windows key + X to open the Quick Access Menu, then use the UP/DOWN arrow keys to move the Command Prompt (Admin) entry, and hit ENTER.
Shut Down: Windows key + X, U, I / U / R / H / S
You can shut Windows down with a few button clicks. It all starts with Windows key + X to open the Quick Access Menu, followed by the U key to expand the Shut down or sign out options. Finally, press I to sign out, U to shut down, R to restart, H to hibernate, and S to sleep.
Create Your Own Desktop Keyboard Trick
Are there folders or applications you need a lot? Why not create your own keyboard shortcut to quickly access these tools.
Note: This will only work for shortcuts located on your desktop!
First you need to create an actual desktop shortcut. In Windows 10, this has become a little more tricks. Right-click on the application in its program folder or send it from the Start Menu to the Taskbar and SHIFT + right-click its Taskbar icon, then select Create Shortcut from the context menu.
Make sure the shortcut sits on your desktop. Now right-click the shortcut and select Properties. You should see a line that says Shortcut Key: None. Click that line and then click a letter on your keyboard, for example P. This will create a shortcut, here CTRL + ALT + P.
And there you go, now you have your own personal shortcut key.
This weekend, Google Project Zero researchers announced on twitter that they had discovered a “crazy bad” loophole in Microsoft’s built-in Windows anti-malware software package, Windows Defender, that leaves your system susceptible to remote attacks.
What is particularly scary is that the attack could take place over email – without even reading or opening the full email.
The security experts proceeded to say they have reported the issue to Microsoft, adding that further details will be revealed once the bug has been eliminated – and it appears the time has finally come.
Microsoft today started to roll out a fix for the flaw that is now available via Windows Update. As explained in the report, the exploit resided in the Microsoft Malware Protection Engine and allowed attackers to “execute arbitrary code… and take control of the system.”
Here is Microsoft’s official announcement regarding the security flaw.
An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, a specially crafted file must be scanned by an affected version of the Microsoft Malware Protection Engine. There are many ways that an attacker could place a specially crafted file in a location that is scanned by the Microsoft Malware Protection Engine. For example, an attacker could use a website to deliver a specially crafted file to the victim’s system that is scanned when the website is viewed by the user. An attacker could also deliver a specially crafted file via an email message or in an Instant Messenger message that is scanned when the file is opened. In addition, an attacker could take advantage of websites that accept or host user-provided content, to upload a specially crafted file to a shared location that is scanned by the Malware Protection Engine running on the hosting server.
If the affected antimalware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file scanned. If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs in order for the vulnerability to be exploited. All systems running an affected version of antimalware software are primarily at risk.
Microsoft states that the patch will arrive on your system automatically over the course of the next two days.
According to the initial security report filed by Google, the exploitable Malware Protection service is “enabled by default” in Windows 8, 8.1, 10, Server 2012 and several more versions of the software.
Over the past couple years, we have focused much attention on Ransomware, and that’s for good reason. However old threats are still here to make our digital lives miserable as well. One of the oldest surviving threats we continue to deal with is adware.
There’s no denying that adware is a big problem. In fact 2016 saw a huge spike in Mac OS malware, mostly due to bundled adware. Google has tried tackling this problem by kicking known adware distributors out of the Play Store.
Google is perhaps the most aggressive trying to battle adware today because Android especially has seen a great deal of adware in recent years.
Earlier this year, a number of Android phones were discovered to have been infected with powerful adware. The “infection” took place somewhere between the factory, and the business that ordered them. That means some Android phones were purchased with adware pre-installed!
Avoid Download Portals
Desktops also continue to be targeted. One of the popular ways of infecting desktop PCs are through download portals. Many people continue to unwittingly use download portals that bundle adware and other unwanted programs with legitimate apps that people are looking for.
Unfortunately, these download portals show up at the top of search results and trick searchers into thinking they’re getting the best version of the app. When you are looking for a specific app take the time to go directly to the software provider’s website. If you do not – and you simply click on the first link in the search results you may be using a download portal which usually will give you a boatload of unwanted apps, in addition to the one you actually wanted.
* Yes – I know I used the words “download portals” five times in this section. That’s because I want you to remember what they are – so you can avoid them.
Keeping Alert for Adware
As with any other type of malware, the best way to deal with adware is to be aware if them – and what they are. Here are four things to watch out for.
If Ads Abound on Your PC – Don’t Panic But You Do Need to Act
If you’ve been infected with adware, you’re going to be seeing a lot of ads. Pop-ups, in-app ads, browser takeovers, and all sorts of other annoying behaviors might happen.
Different types of adware behave differently.
However one thing that they all have in common is that they will show you a huge number of ads. You’ll notice more ads, more insistent and pervasive ads, and ads outside of the locations where you usually see them. If you’ve been seeing any of this stuff, download anti-adware software right away.
Just don’t get it from…
Third-Party App Stores
If you stick to Apple’s App Store, the Google Play Store, the Chrome Store, and other first-party, controlled app stores, you will be much safer than if you use third-party options.
The same rule for desktop and laptop software applies. Unless the app isn’t available from the Windows or Mac app stores — and you can’t find it on the developer’s website — avoid third party software download sites.
Watch for the Warnings
Believe it or not, you will often be warned right before you download adware. It’s those small print terms and conditions that often go ignored. Take the time to read them if you really – really want that free app. There’s a good chance that they contain something useful. They’ll often tell you that you’ll be getting something else in addition to the software you’re looking for.
No matter where you’re getting an app, make sure to at least browse the terms and conditions first. You just might save yourself the hassle of trying to deal with the problem later.
Avoid Free Versions of Software
If you found a place to download Microsoft Office for free, run the other way. You’re not going to get high-end, fully featured apps without paying. Someone might be offering it, but they’re probably offering a few other things that they aren’t telling you about, very likely adware – or worse.
Even apps that are normally free often carry some sort of adware. Ironically a number of illegitimate anti-virus apps have been discovered to come bundled with malware.
Always be very careful about where you get your software.
What to Do If You’ve Been Infected
Here are some warning signs to watch out for.
Have you noticed a lot more pop-ups than usual lately? Or advertisements that you can’t close? If you see a new toolbar (these are very popular), a new default search engine (also a common symptom), new programs that you don’t remember installing, or new bookmarks in your browser, you are then more likely infected with adware.
Do your best not to interact with any of these ads, as that may make the problem worse. Close — force close, if you need to — those apps and download an anti-adware application as soon as possible. Here are three choices that will help you rid your computer of adware for free.
With one of the best reputations in the game, Malwarebytes is a company you can trust to clean up your computer. Its AdwCleaner software specifically targets adware and browser hijackers, as well as “potentially unwanted programs,” which could include toolbars and other questionable downloads.
AdwCleaner is free, and all you have to do is download it and run it. It doesn’t get much easier.
Another company with a great reputation, BitDefender is at the forefront of anti-malware tech. This lightweight antivirus app protects you from all sorts of mayhem, including adware and spyware. It also packs anti-phishing and anti-fraud features for additional protection.
While you get more features out of the paid version of this app, the free option is still a great way to go.
While some of anti-adware software out there only works on Windows computer, Malwarebytes’ anti-malware software will protect your Mac from attacks. This extremely lightweight client is great even if your Mac is starting to get old and slow down.
Don’t make the mistake of thinking that Macs don’t get adware. They do. So download this now.
As with any type of malware, the best way to deal with adware is to not get infected in the first place. Make sure you have an up-do-date antivirus solution running on your computer, watch out for suspicious-looking sites, and remember that the best things in life aren’t free. Especially when it comes to software.
If you are using Windows Vista it’s time to move on. That is because earlier this week Microsoft released the official release of the Windows 10 Creators Update, bringing with it new 3D, gaming, privacy, and security functionality to the operating system and at the same time announced the end of Windows Vista support.
What this means is that Microsoft is officially ending Windows Vista extended support as of April 11, 2017. This was expected and is five years after the operating system hit its end-of-maintenance support date of April 10, 2012, and roughly 10 years since Microsoft first released Windows Vista to a litany of complaints and its eventual replacement by the much more well-received Windows 7.
Microsoft’s operating system support policies are spelled out fairly specifically, as follows:
Mainstream support. Microsoft will offer mainstream support for a minimum of 5 years from the date of a product’s general availability. For example, if you buy a new version of Windows and five years later another version is released, you will still have two years of support left for the previous version.
Extended support. Microsoft will offer extended support for a minimum of 5 years from the date of a product’s general availability.
What this means is that Windows Vista will no longer receive any kind of update, including new security updates, non-security hotfixes, or free or paid support. Microsoft will also no longer provide any online technical content updates. In other words, if you’re intent on continuing to use Windows Vista — and there aren’t many of you who remain committed to one of the company’s least popular operating systems — then you’re completely on your own.
Perhaps the most significant downside to using an unsupported OS is that you’re leaving yourself wide open to security vulnerabilities. You’ll also likely receive zero support from hardware and software vendors in terms of keeping their products working well.
Most users will likely go ahead and upgrade their machine to Windows 10 if it’s currently stuck on Windows Vista. Windows 10 offers a host of improvements, not the least of which is enhanced security — albeit raising some potential privacy concerns — along with the best level of third-party support. If your PC can’t handle an upgrade to Windows 10, then you might just want to consider buying a new one.
One of my favorite PC cleaners is CCleaner. This nifty free piece of software can really put some life back into your computer. There is a paid version but for the majority of home PC users the free version will add some life your PC. Here are some highlights if you take time time to install CCleaner.
Cleaning Out Some Old Programs
When you analyze and run a cleaning scan, CCleaner picks some default types of information to delete. But some of these aren’t worth cleaning regularly. For instance, browser cache can build up over time and use lots of space on systems with smaller hard drives. However, the cache lets you access commonly visited sites quickly, so clearing it all the time is detrimental.
On the Cleaner tab, have a look at the various categories CCleaner lets you tweak. The Windows header contains entries for Edge and Internet Explorer, File Explorer, and other system elements like log files. The Applications header lets you clear browser information, as well as various utilities you might have installed like Foxit Reader, Office, 7-Zip, and more.
Browse though these items and uncheck everything you don’t want CCleaner to remove. If you often navigate via the Recent Documents page in File Explorer, it’s not worth the minuscule storage you save by removing it.
Say Goodbye to Some of those Unnecessary Startup Programs
Whenever you install software, it often sets itself to run at startup and adds an entry to your right-click menu. In theory these are useful, but having too many startup items can slow down your system and a messy context menu is more frustrating than helpful.
CCleaner lets you easily edit both of these lists. Open the Tools tab and select the Startup option. Here, you can see startup programs under Windows, as well as Context Menu items and even Scheduled Tasks. Click an entry you don’t want, then click the Disable button on the right side. You shouldn’t Delete something unless you’re certain that you don’t need it.
To keep a copy of everything you have in these lists, press Ctrl + A to select all items and click the Save to text file button. If you’re not sure what an entry is, right-click it and choose Open containing folder to find the source.
If you’re not sure which items to remove, check out the top items you don’t need at startup. And once you’ve removed useless entries, you should boost your context menu by adding great shortcuts.
So Long Duplicate Files – and Hello More Free Space
Duplicate files are a pain. Not only do they waste space, they might confuse you if you edit one file, then open the other one and wonder where the changes went. To combat this, use CCleaner’s tool to find extra copies and remove them.
Head to Tools > Duplicate Finder to start. Here you can specify criteria, such as limiting file sizes, skipping over hidden and system files (which is a safe idea), and only searching certain drives. By default, the tool considers duplicate files as those with an identical name, file size, and modified date. You can also check the Content box to further restrict matches.
Once you click Search, the list will populate. Be careful with deleting these files; stick to removing your own documents and videos and avoid removing DLLs or other data used by programs.
Don’t Be Scared – Wipe That Drive!
When you click Delete on a file in Windows, it disappears from your view. But that file is still on your hard drive for a while after deletion. Windows marks the spot where that data was stored as free space ready for new information, so until that happens you can recover the old file with the right software.
CCleaner provides a tool to securely erase data from your hard drive so that others can’t access it. Visit Tools > Drive Wiper to access it. Under Wipe, select Free Space Only. A Simple Overwrite will do in most cases, but you can do an Advanced Overwrite with three passes if you’d prefer. Select the drives you want to perform this on, and click Wipe. Note that this will take some time, so you shouldn’t use your computer while it’s running.
Wiping the free space won’t affect the contents of your drive at all, but will prevent previously deleted files from being recovered. If you want to completely obliterate a drive, select Entire Drive next to Wipe. This will irrevocably destroy all information on the drive, so use it with caution! For safety you can’t run this process on your Windows disk, but it’s great for wiping external drives.
Getting Under the Hood with Your Disk Space
While CCleaner can free up a good amount of space for you, chances are that the bulk of storage on your computer is taken up by your files and installed programs. There are several disk usage visualization tools, but CCleaner has its own built right in.
Some Cookies Are Good – Some Are Not So Good
When you clear browser information, cookies are one of the items CCleaner can remove. You probably don’t have any problem with tracking cookies going out the window, but removing the cookies for your email or social accounts means you have to log back into them. Head to Options > Cookies in CCleaner to remedy this.
The left panel shows you every cookie on your machine, while the right lists the cookies that CCleaner doesn’t delete. You can scroll through the (likely massive) list and double-click any website to add it to the Keep list. For some help, right-click on the left side and click Intelligent Scan — CCleaner will automatically find cookies for sites like Google and AOL and move them to the Keep side. You can remove them if it keeps one you don’t want.
As I said at the strat of this article, the free version in most cases is enough however there are a few features, like cleaning automatically on a schedule which are only available in the $25 Professional version. However, you can easily set up CCleaner on a schedule manually for free. You don’t have to pay to get a ton of powerful features in one great utility. Start using CCleaner to its full potential today!
You can learn more and download the free version of CCleaner here.
Earlier this month I reported that Microsoft decided to push their February Patch Tuesday updates into next month despite a couple of pending security concerns that needed to be addressed.
According to reports, this delay was due to some internal issue in preparing the patches for distribution so the company opted to delay the updates rather than issue patches that may have caused issues for customers.
While delaying routine patches such as the normal monthly cumulative update for Windows 10 is not a big deal, there was a bug with the SMB protocol in Windows that could be used in a Denial of Service attack and it was expected to be patched this month however, that fix is also part of the delayed Patch Tuesday.
Although the Redmond company delayed that security patch, one area that is getting addressed through an out of band update for Windows is an update for Adobe Flash.
This patch applies to the following versions of Windows:
Windows Server 2016
Windows Server 2012 R2
Windows Server 2012
Windows 10 Version 1511
Windows 10 Version 1607
Windows RT 8.1
MS17-005 is rated as a critical so it is recommended that you install it at your earliest opportunity.
There is still no word or indication from Microsoft on whether they might issue additional out of band updates to address the SMB protocol issue before the arrival of Patch Tuesday in March which is scheduled for the 14th.
However, there is a work around to keep someone from exploiting the SMB protocol bug on your system.
Microsoft has released its first batch of patches this year and it’s one of their smallest ever, with only three vulnerabilities fixed across its entire product portfolio.
The patches are covered in four security bulletins, but one is dedicated to Flash Player, for which Microsoft distributed patches through Windows update.
The only security bulletin rated as critical is the one for Microsoft Office and Office Services and Web Apps. It covers a memory corruption vulnerability that can be exploited by tricking users to open specially crafted files and can lead to remote code execution.
Another bulletin, for Microsoft’s Edge browser, covers a privilege escalation flaw that can be exploited by tricking users to view a specially crafted web page. The issue exists in the browser’s cross-domain policies and could allow attackers to inject information from one domain into another domain. Microsoft rates this bulletin as important.
The third bulletin covers a denial-of-service issue in Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2. The flaw is in the Local Security Authority Subsystem Service (LSASS) that handles authentication requests and can be exploited to reboot the system.
The LSASS vulnerability is rated as important, but it has been publicly disclosed before being patched, and a proof-of-concept exploit for it could appear soon.
It’s worth noting that this will be the last time Microsoft will arrange information about patches into security bulletins. Starting next month the company will publish vulnerability and patch details on a new portal called the Security Updates Guide that will give users more flexibility in how they search for and view such information.
For example, users will be able to sort and filter the data by CVE vulnerability identifier, knowledge base (KB) article number, product, or release date. They will also be able to filter out products that don’t apply to them and access the information through an application programming interface.
Soon, Windows 10 will be the only Windows operating system (OS) you can officially buy.
Come the end of this month, original equipment manufacturers (OEM) like Dell or HP will no longer be able to create and sell new computers with Windows 7 or 8.1 pre-installed. Instead, they will all have to use Windows 10.
End of Sales
Every version of Windows has a lifecycle, which begins with the release of the product and ends when Microsoft no longer officially supports it. One milestone within the product lifecycle is called end of sales. This refers to the date when a version of Windows is no longer provided to original equipment manufacturers (OEMs) like Toshiba, Dell, or HP. This means that they won’t be able to pre-install the OS on any new systems they produce.
The end of sales date for Windows 7 Home Basic, Home Premium, and Ultimate was back in 2014. For Windows 7 Professional and Windows 8.1, the cut off point is at the end of this month: October 31, 2016. Microsoft gave their customary one year announcement for this, so it won’t come as a surprise to the OEMs. In fact, Microsoft extended the date for Windows 7 Professional because of the general public’s disliking for Windows 8.
However, that end date is now fast approaching. From November 2016, every new Windows system that an OEM produces will run Windows 10.
End of Windows 7 – Really?
Don’t panic. This doesn’t mean that you suddenly won’t be able to buy new systems with Windows 7 installed, though that will eventually be the case. Although OEMs can’t produce new computers with 7 or 8.1 come Halloween, there’s nothing to stop them from selling Windows 7 and 8.1 systems still in stock.
Buying Windows 7
You’ll probably be able to find some decent discounts on older systems that have Windows 7 and 8.1 installed. OEMs will be trying to clear out their inventories. If you’re in the market for a new computer, then it might be worth waiting a couple of weeks for any price drops. Windows 7 Professional laptops are still available to buy and many of those same OEMs are still stocking similar products.
Supporting Windows 7
Windows 10 is obviously Microsoft’s priority, but many people simply prefer Windows 7 and have blocked the upgrade to Windows 10. If you buy a system with Windows 7 Professional, you don’t need to worry about being left in the dark. Though Microsoft won’t be developing any new features for the OS, they are still offering what they call “extended support” until January 14, 2020. This basically means that any major security flaws will be fixed, but nothing else will change.
Don’t get too worried about Windows 7 Professional no longer being installed by OEMs. You could always buy a separate copy of Windows 7 Professional from a retailer like Amazon, while they continue to have them in stock, even if your system doesn’t come with it.
Microsoft earlier this week threw a bone to Windows 7 users by releasing a cumulative roll-up that collects all the bug fixes from February 2011 to April 2016, making it easier to update a PC running the still-standard OS.
“This convenience rollup is intended to make it easy to integrate fixes that were released after SP1 for Windows 7 and Windows Server 2008 R2,” Microsoft said in a document explaining the update.
“Install this one update, and then you only need new updates released after April 2016,” added Nathan Mercer, a senior product marketing manager, in a post to a company blog yesterday.
By using the roll-up, Windows 7 users can skip the tedious process of downloading and installing hundreds of individual updates via Windows Update, or on the business side, through an IT-managed patch system like Windows Server Update Services (WSUS).
IT administrators can also use the roll-up to modify their existing Windows 7 images to produce a more up-to-date image for deploying on new PCs. Instructions on that process can be found on Microsoft’s site.
Oddly this Windows 7 roll-up is available only from the Update Catalog, a site that requires Internet Explorer 6 (IE6) or later, and is, to put it kindly, a mess. Previously, roll-ups and service packs have also been published to Microsoft’s download center and/or to Windows Update.
Most users rely on Windows Update, WSUS, or other patch management platforms, but some — who want to manually download only those fixes they believe are safe and suitable — have turned to the download center. That will not be an option.
Microsoft has been beating the Windows 10 drum almost exclusively since that operating system’s launch last July, virtually ignoring 10’s predecessors. The cumulative roll-up, while certainly a convenience to Windows 7 users, also plays to Microsoft’s pitch to upgrade to Windows 10.
Although the Get Windows 10 (GWX) app which Microsoft seeded to millions of PCs last year, and has repeatedly refreshed and re-issued to Windows 7 and 8.1 devices since then was not listed in the enormous manifest of fixes (download .csv file) included in the roll-up, Microsoft will benefit from a larger number of up-to-date Windows 7 PCs. The more machines with a current Windows 7 configuration, the more that will be able to process a Windows 10 upgrade without significant problems.
The Windows 7 roll-up can be downloaded from the Update Catalog. Again, IE6 or later is required to access the online catalog.