Tech Help and Discussions

Laptops sold between December 2015 and December 2017 may be powered by a battery that's prone to overheating or even melting. If you own a laptop, you already have the Meltdown and Spectre security flaws to worry about. If you own a HP laptop, add another potential woe to your list. A small number of HP laptops and mobile workstations shipped between December 2015 and December 2017 will need their batteries replaced because they have a "potential to overheat, posing a fire and burn hazard," the company said Thursday. These batteries are sealed within the laptop, which means their removal and replacement is not a DIY job. "This action pertains to approximate…

Hi, I know that my question is not related to the said topic but how do I downgrade my HP Pav laptop OS from Windows 10 to 8? Windows 10 is creating an update from time to time and it affects my internet connection. Mod Edit: Posts split away to their own thread. Starbuck

There are many HKLM Group Policy restriction ATTENTION lines in the FRST report. Maybe they're there due to CryptoPrevent. Here's an exaple. The full logs are attached. HKLM Group Policy restriction on software: *.mp3.msh* HKLM Group Policy restriction on software: *.png.hta HKLM Group Policy restriction on software: *.7z.jse HKLM Group Policy restriction on software: %userprofile%\AppData\*.isp I also note that MBAM starts with Windows. I have it set to NOT start with Windows. I'll have to play around with that. Anything else to be concerned about in these logs? ESET said it was clean. I ran MBAM afterwards and it found PUPs. Kaspersky scan is clean. …

Attackers behind new ransomware campaign are offering a "really easy" tutorial video in order to ensure they make money from their criminal activities. A new form of ransomware has emerged and is being distributed through malicious Office documents, infecting victims with file-encrypting malware. Uncovered by researchers at Netskope, the 'Spider Virus' ransomware campaign was first detected on December 10 and is ongoing. Like many ransomware schemes, the attack begins with malicious emails to potential victims. The email subjects and the lure documents indicate the attackers are keen on targeting victims in the Balkans. It's currently unknown where the at…

For the second time this year, HP has been forced to issue an emergency fix for pre-installed keylogger software. Hewlett Packard has issued an emergency patch to resolve a driver-level keylogger discovered on hundreds of HP laptops. The bug was discovered by Michael Myng, also known as "ZwClose." The security researcher was exploring the Synaptics Touchpad SynTP.sys keyboard driver and how laptop keyboards were backlit and stumbled across code which looked suspiciously like a keylogger. In a blog post, ZwClose said the keylogger, which saved scan codes to a WPP trace, was found in the driver. While logging was disabled by default, given the right permis…

Some Windows 7 and Windows Server 2008 users are reporting they can't check for updates using Windows Update and Microsoft Update. No word yet on a Microsoft fix. Windows 7 users are reporting problems checking for updates through Windows Update and Microsoft Update. The root of the problem may be an expiration date that Microsoft needs to fix on its side, noted Computerworld earlier today. A Microsoft Answers thread for those hit by the Windows Update Error 80248015 -- which began at some point on December 3 -- is growing. I've also seen some with Windows Server 2008 reporting this same problem on Twitter. I am one of those affected on my desktop Dell…

I have 'memo' on my phone where I keep items like car tag #'s, and other things one is likely to forget and need. How do you back memo up? Samsung Galaxy S5

I was in the forum and was advised, after trying to remove the pups unsuccessfully, to run tests and post here. I am only a mid level user. I have Windows 10 and use Chrome. My wife has a chromebook on the same network and it uses chrome. I reset them bot h after disabling the extensions. I am uploading the tests I ran per directions from the forum. I patiently look forward to your reply as to how to remove these PUPS from the MBAM scan. Addition.txt JRT.txt FRST.txt 1.txt

By 2018, they are expected to account for 35 percent of all cyberattacks. Fileless attacks are on the rise and are predicted to comprise 35 percent of all attacks next year, according to the Ponemon Institute. A new national survey conducted by Barkly and the Ponemon Institute titled "2017 State of Endpoint Security Risk," released on Wednesday, suggests that this method of cyberattack is becoming more popular -- and traditional antivirus solutions are doing little to stop the trend. After surveying 665 IT security professionals in the enterprise, the organizations discovered that faith in traditional file-scanning and antivirus software has become ashes in t…

When I run MBAM I get the same PUPS. When they are quarantined and deleted why do I keep getting them back? What would you advise so my scans are s clean as before. I don't just want to accept them unless I have to.

My nephew Craig (a great guy) brought his computer to me because he was having problems with it. Turns out the hard drive was failing. I was able to image the drive and restore it on a new hard drive. While doing so, I ran a MBAM scan. MBAM found Rootkit.Fileless.MT Gen and quarantined it. I then installed Emsisoft AntiMalware - it found only adware. He was using AVG Free and Spybot S&D. Check out that host file. Can you please check to see if there's anything that needs to be addressed. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-11-2017 03 Ran by Craig DiPiano (administrator) on CRAIGDIPIANO-HP (14-11-2017 19:27:09) Running from C…

Malwarebytes announced last week that they have discontinued development for Junkware Removal Tool. For those who have never heard of Junkware Removal Tool, or JRT, it is a popular adware and junkware cleanup utility that is commonly used in support forums and tech shops. JRT was developed in 2012 by one of BleepingComputer's malware removal helpers named Thisisu and was used extensively in the site's virus removal guides and in our support forums. As one of the first, if not THE first, site to host the tool, it quickly became one of our most downloaded utilities with over 8 million downloads. In June of 2015, Malwarebytes acquired JRT and hired its develope…

A well-hidden feature in Windows 10 version 1709 prevents "unfriendly" apps (including most known strains of ransomware) from modifying files in protected folders. Here's how it works. One of the most intriguing new features in Windows 10 version 1709 is a security setting that prevents unauthorized apps from gaining access to Windows system files and your personal data files. With the Controlled Folder Access feature turned on, malicious and suspicious apps are blocked from changing files in known locations. That's a major roadblock for most known strains of ransomware, which do their dirty work by encrypting your personal files and demanding payment for th…

Verizon/AOL has sent out a notice to users stating that they need to update their email client server settings. For a POP3 account, this means changing: incoming.verizon.net --> pop.verizon.net, port 995, SSL enabled outgoing.verizon.net --> SMTP.verizon.net, port 465, SSL enabled So I did this for someone today. Everything worked. I didn't expect the email client would proceed to download emails from about a year ago. It downloaded over 3,000 emails. I guess the new server doesn't know that these emails had already been downloaded. I called AOL tech support. The person who answered ended up telling me that they were actually from billing and couldn't ad…

Thanks. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-10-2017 01 Ran by mike (administrator) on DESKTOP-20VMLL0 (23-10-2017 15:23:08) Running from C:\Users\mike\Downloads Loaded Profiles: mike (Available Profiles: mike) Platform: Windows 10 Home Version 1703 15063.674 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Edge) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be clos…

Hey pete so I am here again with similar issue from last year, wish I could have remembered which thread that was I can follow whatever was done in it but sorry can't find it without having to go through every post I have ever made on this forum. I am not sure if this problem is virus related so want to rule it out first before looking at possible hardware issues. When it's working right it's fine and fast but hanging too regularly for the past couple months. Anyway so I ran Mbam, Adwcleaner and JRT and will post the logs here but FRST 64 whenever I try to run it as Admin I am getting the attached prompt but windows defender is NOT turned on so I am confused, help …

Hey Pete, how's it going? I can use some help with this machine please. PC works very fast but can't go to the net. MBAM on first run showed only PUP's and none on 2nd run. JRT found and deleted some stuff but both Adwcleaner and FRST wouldn't scan as they both show "checking for updates" but doesn;t go any further, help please? Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 10/18/17 Scan Time: 11:17 AM Log File: 6a77404c-b417-11e7-91a2-b8ac6fe470cb.json Administrator: Yes -Software Information- Version: 3.2.2.2018 Components Version: 1.0.186 Update Package Version: 1.0.3042 License: Free -System Information- OS: Windows 7 Service P…

With social media, gathering information has never been easier, making Business Email Compromise the land of milk and honey for cybercriminals. Recently, ransomware like WannaCry or Petya has generated dramatic headlines around the globe. The pernicious online threats have become a shooting star among malware vectors, gaining notoriety and troubling millions of businesses and individuals alike. However, another cyberthreat lurking beneath the surface and causing even greater damage is business email compromise (BEC). Unlike most other cybercrime activity, BEC entirely depends upon social engineering. It involves a faked email from a co-worker or corporate exec…

Hey Pete, all of a sudden today MBAM Premium started showing a prompt on the bottom right of my screen showing "Website blocked", this keeps repeatedly opening and closing all day long, I have no idea how to stop it, can you help with this please or is this an issue where I should contact their tech support about?