Holcomb Computer Tech

09/02/2022

Arghhhh! It was an excellent game but damn! the flags on the 3rd quarter. Receivers need to get they're game together.

08/25/2017

For the first time, Intel’s upcoming 8th-generation Core CPUs will feature quad-core processors aimed at ultrabooks, offering performance as much as 40 percent faster than in the previous generation, the company said.

Intel hasn’t disclosed the prices of its four new 15-watt 8th-gen Core U-series chips, though the company revealed Monday how fast they’ll run: The slowest Core i5-8250U will run at 1.6GHz, with a boost clock of 3.4GHz; the fastest Core i7-8650U will run at 1.9GHz, boosting up to 4.2GHz.

All four U-series chips include four cores and eight threads. PCs using the new 8th-gen Core chips should begin shipping soon, Intel said, with about 80 new system designs ready to go by the 2017 holiday season.

06/01/2017

Want to prepaid for fall. Fix your equipment now. Virus removal and upgrades. Give me a shout.

03/18/2016

The Cerber Ransomware not only Encrypts Your Data But Also Speaks to You

A ransomware called Cerber has been floating around for about a week, but we were not able to retrieve a sample until today. Thanks to and , samples were found and further analysis of the ransomware could be done. When infected, a victim's data files will be encrypted using AES encryption and will be told they need to pay a ransom of 1.24 bitcoins or ~500 USD to get their files back. Unfortunately, at this point there is no known way to decrypt a victim's encrypted files for free.

At this time we do not currently know how the Cerber ransomware is being distributed, but according to SenseCy, it is being offered as a service on a closed underground Russian forum. This means that it is probably a new Ransomware as a Service, or RaaS, where affiliates can join in order to distribute the ransomware, while the Cerber developers earn a commission from each ransom payment.

03/18/2016

The scourge of ransomware has finally come to OS X! Researchers at the security firm Palo Alto Networks have announced that version 2.90 of the Transmission bittorrent client for Mac OS X has been adulterated with a new ransomware variant they have named KeRanger. Users on the Transmission forum and a message on the front page of the Transmission website confirm this:

(see photo 1)

According to Palo Alto Networks, the malicious installer was generated on March 4, and once installed, will wait 3 days after infection before encrypting the victim's files. This means that the first victims won't notice they are affected until at least March 7. Once activated, the ransomware connects to a Command & Control server over the TOR network and will then begin to encrypt certain types of files. It will then demand a ransom of 1 bitcoin, or about $400 USD, to receive a decryptor.

Very little information is available at this point regarding how the Transmission installer was compromised. It is known, however, that the ransomware is signed with a valid Mac developer's certificate, which is now revoked by Apple. This certificate has a listed owner of POLISAN BOYA SANAYI VE TICARET ANONIM SIRKETI (Z7276PX673), which is not the certificate for the legitimate Transmission developer.

Apple has already released a signature update for their XProtect antimalware software, and due to the revokation of the abused certificate, OS X will refuse to execute malicious installers signed by it.

(see photo 2)

Palo Alto Networks has also posted instructions for users who believe they might be infected, towards the bottom of their announcement article. The developers of Transmission recommend that users install version 2.91, which will attempt to detect and remove the infection.

Unfortunately, at the time of this writing there are no antimalware scanners that are currently detecting either of the affected installers:

03/18/2016

From bleepingcomputer.com

A new ransomware was released yesterday that was based on the open-source EDA2 ransomware. This ransomware encrypts your data using AES encryption, appends the Locked extension, and then demand .5 bitcoins to get the decryption key. There have been quite a few EDA2 ransomware variants, but what makes this story different is how this ransomware developer is such a pompous ass and that they were able to get the victim's keys back.

The ransom note for this infection was first tweeted by Malekal Morte and then a victim posted about the ransomware at BleepingComputer a few hours later. Normally, ransomware developers are very businesslike when giving instructions to their victims.

Instead, this developer acts like a pompous jackass by bragging about how the police will never find them, what the victim did wrong, and basically going on a power trip. Some particularly asinine statements include:

* You'll never be able to find me. Police will never be able to find me. Go ahead and try them if you like, but don't expect your data back. They will be concerned about helping the community, not with helping you meet your deadline. If they say they need to keep your desktop for a few days, well lol, you probably won't be seeing your machine again soon, let alone your data. I've been doing this for five years now and haven't been caught yet.

* Best Buy will have no ability to undo the encryption. Hell, even the NSA probably couldn't undo it. Well maybe they could, but I suspect you won't be a high priority for their computation clusters for at least a couple of years.

* In 72 hours, you will never be able to get these files open. I don't much like people struggling against the powerful and there is no way for you to argue for an extension. Just make it happen.

So just be thankful that it wasn't worse. I could have asked for more money. I could have been working for ISIS and saving that money to behead children. I could have been a mean SOB and just destroyed your data outright. Am I those things? No. I just need the money to live off of (true story) and don't care at all about the hacker "community". So there isn't anyone you will be protecting by sacrificing yourself. I'll just encrypt more people's data to make up for the loss.

Unfortunately, this ransomware was fairly successful as it was able to encrypt approximately 700 victims over the course of one day. It did this by pretending to be a crack for a new FarCry game. Furthermore, at least 3 people paid for their decryption keys.

At this time, the ransomware is no longer working as their Command & Control server appears to have been shut down.

Backdoor to the rescue...
The good news is that the EDA2 ransomware has a backdoor in it that allows us to retrieve all of the decryption keys. Using this backdoor, the EDA2 developer Utku Sen and one of our helpers demonslay335 was able to retrieve all the keys and convert them into the proper decryption keys. Demonslay335 then posted a link to the list of retrieved decryption keys along with a decryptor.

For those who were infected with this variant, you can click here to view a list of decryption keys. When viewing the list, search for your computer name and then copy down the associated key. You can then download the Hidden Tear Decryptor and use that key to decrypt your encrypted files.

A big thanks to everyone who assisted in tracking down the samples and getting the decryption keys: , , , , , , and

01/10/2016

A new ransomware has been discovered called CryptoJoker that encrypts your data using AES-256 encryption and then demands a ransom in bitcoins to get your files back. This ransomware was discovered by a group of security researchers called MalwareHunterTeam whose mission is to discover new security threats and release information about them. CryptoJoker is not widely distributed at this time, but is a fully functional ransomware that could see greater distribution in the future.

The CryptoJoker installer is disguised as a PDF file, which means it is probably distributed via email phishing campaigns. Once the installer is executed it will download or generate numerous executables in the %Temp% folder and one in the %AppData% folder. Each of these files will perform various tasks such as sending information to the Command & Control server, polling for active Regedit or Taskmgr processes and terminating them, and making sure the lock screen is visible and located on top of other active Windows.

08/13/2015

Carbonite Vs. CrashPlan. Which is better for my online backup?
https://www.youtube.com/watch?v=FeMpB8FGx6c

►►►► Check out the details: http://www.cloudwards.net/carbonite-vs-crashplan/ This is a comparison of the most sought after contender in the unlimited cloud ...

08/13/2015

How to Prevent Damage to DC Power Jack on Your Laptop

To prevent damage to the DC input jack you need a plastic wire clip and one or two small plastic tie wraps. This information is made to be used to help reduce or prevent damage to laptop DC Power input jacks when light or medium jerks or yanks are applied to the power cord.
1
Pry a plastic clip open a little to fit the diameter of your power cable. Find a suitable place on the laptop to place the clip that won’t interferes with other functions on the laptop or be in the way when you open and close the laptop lid.
2
Remove protective paper from the adhesive side of the wire clip and stick it to the laptop.
3
With power jack cord plugged into the laptop, slip the cord into the wire clip leaving some slack in cord between DC power jack input and wire clip.
4
With a marker, mark power cord just before it enters wire clip on side of cord closes to DC power jack impute
5
At this point, remove the cord and place a small cable tie on the section of the cord where marked, pull cable tie tight so it will not slide up or down cord. You may need to use needle nose or other pliers to be sure it is tight and will not move. When you are sure the tie wrap is secure and will not move you can then clip or cut the unused part of the cable tie.
6
Insert the cord back into the wire clip.

08/13/2015

Back-to-School special through the end of the month. All virus removal, maintenance, and performance upgrades $60.00.

08/13/2015

Facebook users that like to play your free games need to pay attention. A lot of newer games will open in a new page and ask you to install a plug-in called ArcadeCake.

WHAT IS ARCADECAKE?

ArcadeCake is a gaming software by ArcadeCake LLC. It allows playing various games for free. However, after installing it, you may notice that each of your web browsers was altered. Typically, ArcadeCake LLC drops its add-on on Mozilla Firefox and Internet Explorer web browsers, but there is no guarantee that it won't do that on other web browsers in the future. After doing so, ArcadeCake may start tracking your browsing on the Internet and may try to collect various information. Typically, it collects data that is related to people's search habits, like their search terms, mostly visited websites, entered data, etc. However, it seems that PC's IP address, its location and similar information is also collected, so you should use ArcadeCake adware with an extreme carefulness. After collecting all this information, this potentially unwanted program may start causing commercial ads during your browsing. That's what Terms of Use of ArcadeCake notifies