DoctorLaptop’s Tips #71, 03 Dec., 2018

On-Line Annoyances and Anti-virus Fake Warnings – How to Minimize Them
The problems:
Fake messages from your anti-virus program warning you of non-existent threats, or asking you to purchase a product you already use. Avast has become such a nuisance I refuse to use it any more. Chrome popups begging you to try their browser and set Google as your homepage, when both are already the case. First page Google search results that are a decade old, clear evidence of rigged search results that are supposed to be ranked by recent popularity. Rogue popups on websites demanding you update Flash or Java, then install malware instead. Websites and videos blocked because they are “unavailable in your area”. This is the short-list, but dealing with these will make your online experience way better.
First lets deal with your anti-virus. Most slow your computer considerably and popup all sorts of rubbish, even in the paid versions. They install all types of extra cleaners and tuneup tools you’ll never use, that slow your comp. The good news for Windows 10 users is that the new Windows Defender Anti-virus, included in all Windows 10 Systems, is now fully improved and capable of providing you as good protection as the other free or paid options like AVG/Avast/McAfee/etc. Windows Defender won’t slow your comp down, and will auto-scan when it senses you are not using the computer for other things. So go ahead and uninstall your old anti-virus and Defender will automatically take over those duties. I still recommend you do a monthly Full Scan with Malwarebytes AntiVirus. If you tend to visit dodgy websites like betting or streaming video, then I would also install Cybereason RamsomFree Protection. Be aware that to uninstall your current antivirus is a 2 step process. First you uninstall it like any other program. Second, you visit the website of the old antivirus, find and download their “Uninstall” or “Clear” tool (links provided below article), and run that following the prompts, to delete all the rubbish left behind when it was uninstalled.
For Windows 7 and 8 users I have a different strategy. I uninstall the old antivirus as above, then install the newly updated FREE antivirus called Immunet. No popups or ads. No need for extra ransomware protection or monthly Malwarebytes scans, remove them before installing Immunet. After installing it, open it, in the Computer column go to Scan Settings and create 2 scheduled scans, a weekly Flash Scan, and a monthly Full Scan. Close that window. Next, in the Product column click Settings, check that ” Clam AV Detection Engines” are both turned on. Then click Close button, done. Immunet uses very little memory resources so after a few restarts your comp will run quicker.

Chrome browser and Google Search have both become so infused with data collectors, ads, rigged results, popups and all the other nonsense I just avoid them as much as possible. For a web browser I use 2. Firefox is my primary browser, with uBlock Origin (ad blocker) and Ghostery (anti-tracker) and Windscribe Free VPN add-ons installed. My backup browser is Epic Browser, it’s a version of Chrome with all the surveillance crap removed, and it has a basic free VPN and ad-blocker built in. For a search engine I use two, and, both designed for security. Startpage uses Google search as it’s source, and does not track you, unfortunately it supplies the same rigged results. Duckduckgo search results are more fairly ranked.

To remove the geo-location (not available in your area) blocks on websites, including many US newspaper and magazine websites, set your VPN to the target country and reload the page. I suggest you use a VPN all the time unless you are on a very slow internet commection, under 10Mb/s. Don’t use a VPN on sites that rely on knowing your true location, such as on-line stores. Sorry, most free VPNs won’t get you UK IPTV, but they will protect you from snoops, trackers and open many blocked websites. A good VPN option is the very fast Windscribe VPN. The free version has a generous 10Gb monthly limit but still won’t get you UK IPTV. The Premium (Pro) version has a huge selection of servers to choose from and will meet all your advanced VPN needs the free version can’t. Get Windscribe VPN, free or Pro,  here, which will also boost my Windscribe data limit (Thanks!). Click this link, then click on ” continue to website”.

Remember to use CCleaner every 2 weeks, both the Cleaner and Registry functions. All the presets are correct, don’t change them, just run it as it comes.
If your new adblocker is blocking web content you want to see, find it’s icon in the browser toolbar on the far right, click it, and then temporarily disable it; or choose to “Whitelist” the site if you will be returning frequently so the adblocker automatically ignores that chosen site.

Epic Browser:
uBlock Origin for Firefox:
Cybereason RansomFree:
Avast Clear:
AVG Removal Instructions:
Norton Removal Tool:
McAfee Removal Tool (MCPR) :

Happy Computing and Happy Holidays, Naythan, DoctorLaptop.  Contact:  or email . Available thru the holidays to setup all your new tech gifts!


DoctorLaptop Windows Alert 13SEP17


Immediately Patch Windows 0-Day Flaw That’s Being Used to Spread Spyware (Summary)

Windows 0-Day Flaw

Get ready to install a fairly large batch of security patches onto your Windows computers.

Affected Microsoft products include:
Internet Explorer
Microsoft Edge
Microsoft Windows
.NET Framework
Skype for Business and Lync
Microsoft Exchange Server
Microsoft Office, Services and Web Apps
Adobe Flash Player

Also included in new updates is a patch for

How to Check For and Install Updates in Windows 10, 8.1, 8, 7, Vista

In Windows 10, Windows Update is found within Settings.

First, tap or click on the Start menu, followed by Settings. Once there, choose Update & security, followed by Windows Update on the left. Check for new Windows 10 updates by tapping or clicking on the Check for updates button. In Windows 10, downloading and installing updates is automatic and will happen immediately after checking or, with some updates, at a time when you’re not using your computer.

In Windows 8, Windows 7, and Windows Vista, the best way to access Windows Update is to open Control Panel and then choose Windows Update. Tap or click Check for updates to check for new, uninstalled updates. Installation sometimes happens automatically or may need to be done by you via the Install updates button, depending on what version of Windows you’re using and how you have Windows Update configured.

Hey, Naythan. Went straight from your post to check on my W10 updates and it was downloading the new update.. However it failed to install. ‘Actualizacion acumulativa para windows 10 version 1703 basados en 64 (KB4038788) failed to install on 14/09/17. As far as I know I am not on a metred connection so I fail to understand why it did not install. Everything went well with the download and the P/C did shut down to enable installation. Previous installs no problem. Any ideas please amigo.

Naythan Harris A common prob. You can do this, Direct Download KB4038788 Offline Installer, link at bottom of this page…


Hmmm went through all that and it said the update was not applicable to my computer. Guess I downloaded the wrong thing. I cliked windows update…

Naythan Harris Then you may be missing the prerequisite update(s) that must be installed 1st. If it were me, I would go to Power Options/Advanced Setting and turn off Fast Start. Now restart , don’t be alarmed if the first few restarts are slow, the comp is organizing and installing downloaded updates and you may have some catching up to do if Fast Start was on. Manually check for updates after the 4th restart. Fast Start uses the Hibernate service to shorten the powerup time by saving the active settings of the current session, but by doing so blocks the full shutdown/restart cycle that installing some updates requires. Fast Start is a poorly implemented function and I disable it on most Win 10 machines I work on, as most Win 10 problems revolve around the updating process.

Ransomware Update – The Threat Continues, by DoctorLaptop

Ransomware Update – The Threat Continues, by DoctorLaptop
Despite what you may have heard about a solution found to stop the recent ransomware attacks the threat is not gone. Be sure you have protected your computers. A new wave of attacks has begun and we should expect several more waves of attacks in coming months. The new attacks don’t only encrypt your data like classic ransomware. Instead some hijack your system and run hacker programs hidden in the background while your computer is on. This is known in tech jargon as turning your computer into a “bot”. As a result your computer gets slow and all your data and info are exposed. Hackers use armies of bots to accomplish hacking schemes that require massive numbers of computers focused on a task, such as doing “denial of service attacks” and “mining” crypto-currency. Read this article for an explanation in easy to understand terms.  Contact me if you need help or have questions. Email: or Mobile 675 993 069 (after 11am please).


DoctorLaptop’s Tips #61
Ransomware has returned as an active threat after an 18 month period
where it was not very common. This is due to the recent release of  U.S. NSA
hacking tools. In the last wave of ransomware I advised the installation of
Hitman Alert. If you still have it keep it updated, and be glad you took my
advice and got it while it was free. New copies are no longer free. Here is
what you need to know to protect your computers.
1. Ransomware usually arrives in an email attachment and installs when you
open the attachment. New hacking techniques make it possible for these
booby-trapped emails to appear as if they were sent by someone on your
Contacts list! Do not open any attachments, even from contacts, unless you
are expecting an attachment. Ransomware can also come from other sources like
poisoned websites or infected network connections. Spanish internet service provider Telefonica had servers targeted with ransomware this week.
2. Keep your Windows fully updated. There are no forced Windows 10 upgrades
to worry about anymore. If Windows Updater does not run after a half hour wait then it is probably corrupt, a common problem with Windows 7/8.1. This can be repaired with the proper tools.
3. Only download software from sites with a good reputation. Many sites that
offer free downloads will infect your computer. I suggest using these safe sites:
4. Use a good antivirus and keep it updated. Free, reliable options are
explained on this site, including safe download links.
5. Use a ransomware blocker unless you use BitDefender antivirus, which has
one built in. I suggest using this free one, it will run beside your antivirus without
problems and requires no user actions unless you are attacked. If it detects ransomware it will pop up a window with instructions to complete the removal process. If it asks for permission to update do so. Read the info on the download page to understand how it works, explained in easy to understand language:
6. If you get infected with ransomware, force computer off by using the power button and bring it to me or a true professional repair facility immediately. I can probably remove it and save everything if you get it to me in under 24hrs. Time is of the essence! Do not let untrained techs attempt a recovery or you risk losing all your data and necessitating a full system re-install. This is not a job for amateurs.
7. To remove an unwanted antivirus is now a 2 step process. Windows instructions: First, uninstall in the usual way by going to Control Panel>Programs and Features, then choose the program and click Uninstall. Restart computer. Second, go to one of the download sites mentioned above and use the site’s search-box by entering
“the name of your antivirus + uninstall tool” and click search. Find the appropriate tool, download it. Find the downloaded file, usually in your Downloads Folder, right click it and choose Run As Administrator. Then follow the prompts. Then restart computer. Now run CCleaner and use the Registry function to remove any left over files.
Contact: doctorlaptop @ Mobile: 675 993 069 (no calls before 11am)

06Dec15 – DoctorLaptop’s News

The End of Flash Player

For many years Adobe Flash facilitated slick graphics and animation on games, websites and applications, but it has grown old and is being retired. Of course, Flash has been plagued with various stability and security issues, which is why developers grew to hate the technology. So now it’s time to say goodbye to Adobe Flash, and welcome Adobe Animate. However, on closer examination we find the new replacement, Adobe Animate, very similar to the old Flash, and still prone to security breeches. Adobe has officially announced that “over a third of all content created in Flash Professional today uses HTML5,” so the company is acknowledging the shift in formats with the new name. Animate just looks like an update to the Flash Professional software. It will still support Adobe Flash (SWF) and AIR formats, along with other animation and video formats, including HTML5 canvas, 4K and WebGL output.

Free Windows 10 Security Settings Control Tool

Win 10 security feature settings are distributed in many different places making it a huge chore to turn off all those you don’t want running. This tool places all the settings in one easy to navigate screen making this chore much easier.

W10Privacy is without doubt one of the most comprehensive privacy-focused tweaking tools for Microsoft’s Windows 10 operating system. Recent updates introduced new tweaks and support for changes introduced in the November 2015 update of Windows 10. The program creates a system restore point on start, and displays tweaks in tabs named privacy, telemetry or OneDrive that reveal their focus and are color-coded for easier access. Green preferences are recommended and have no side-effects usually, while yellow and red tweaks need to be checked out individually before they are applied as they may have side-effects and may even affect the system negatively. Read more and get the program for free at:

Love Chrome Browser But Hate The Targeted Ads, Data Collectors and Trackers? Want A Fast Browser For Secure Daily On-Line Purchases/Banking? Then EPIC Browser Is For You!

I have been testing out the new version of the EPIC WEB BROWSER, and am quite pleased. Very secure and free, the way the internet was supposed to be. It is Chrome with all the bad Google data tracker stuff removed and several premium security features added in. “One-click to surf via Epic’s encrypted proxy” to hide your IP address and to encrypt your browsing. It also serves as a USA based VPN. Your searches are private in Epic. When you visit any of the world’s leading search engines in Epic, your searches are automatically routed via proxy to prevent search engines from saving your searches by your IP address. This provides privacy protection against network snoops like your employer, your ISP (internet service provider), and governments. Please note that while installing Chrome plugins is possible, these may leak your actual IP address; for stronger IP protection, either don’t install any plugins or set them to “click-to-play” in Epic’s settings.

Visit the Epic website for more info:

New Ransomware Steals Your Passwords Before Encrypting All Your Files

Introducing the new upgrade to the World’s worst Exploit Kit – Angler, which lets hackers develop and conduct their own “drive-by attacks” (tech talk for “when a website infects you”) on visitors’ computers with relative ease. Often these traps are hidden in pictures in adverts on an infected website, and you don’t even need to click on them to be infected, simply visiting the site can activate them. So now many poorly-secured websites, or those selling advertizing space to unscrupulous clients, are targeting Windows users with a new “Cocktail” of malware that steals users’ passwords before locking them out from their machines for ransom.

Here’s How the New Threat Works:

Once the Angler exploit kit finds a vulnerable application, such as Adobe Flash, in a visitor’s computer, the kit delivers it’s malicious payloads, according to a blog post published by Heimdal Security. The First Payload infects the victim’s PC with a widely used data thief exploit known as Pony that systematically harvests all login usernames and passwords stored on the infected system and then sends them to servers controlled by hackers. This allows attackers to obtain working logins for a number of websites, e-commerce sites, and even corporate applications, from which the hackers could steal more data. The Second Payload drops the widely-used CryptoWall 4.0 ransomware that locks user files until the ransom is paid.

The campaign is “extensive” and originates from a secure hosting environment located in Ukraine, the researchers say. Over 100 web pages in Denmark have been “injected with the malicious scripts…” Ransomware attacks hit thousands of Internet users every week, and costs them a total of $18 Million in losses, according to the FBI. Moreover, a recent report dated back to last month suggested that the Cryptowall family alone has managed to raise over $325 Million in revenue in the past year alone.

Once your system gets affected by Cryptowall 4.0, unfortunately, there’s not much you can do, as the encryption the ransomware uses is very strong.

So, the only options you are left with are:

-Format your hard drive, re-install system and restore your data from the backup.

-Pay the Ransom money for the decryption key. 300-1500 euros (in Bitcoin e-money only) is typical.

However, I don’t advise anyone to pay ransom as it doesn’t guarantee that you will actually receive the decryption keys. These are criminals after all, and besides, it only encourages them.

Where Does It Come From?

Most malware and viruses are introduced by clicking on links usually contained in spam emails, or by opening attachments from unknown sources. So, DO NOT CLICK on any suspicious link provided in the emails and attachments from unknown sources.

How Can I Avoid It?

Simple answer: The easiest to use program that provides any real degree of protection from this threat is Hitman Pro Alert with Cryptoguard. This easy to install program recently went thru a transitional updating, and while there were some stability problems earlier this year and I recommended avoiding it, it is once again stable and reliable. But it is no longer free. Get it here:

Malwarebytes Anti-malware (MBAM) claims their “pro” version can offer some protection against Cryptowall, yet I have worked on PCs running MBAM that were still infected with Cryptowall. They all had failed to get this additional tool Malwarebytes Anti-Exploit (MBAE). So while MBAM remains a great malware removal tool and anti-virus, I would not consider it a Cryptowall blocker unless you are running both MBAM + MBAE.

Detailed answer (Danger! Geek-speak ahead): The best defensive strategy is a comprehensive approach…make sure you are running an updated anti-virus and anti-malware product, use supplemental security tools with anti-exploitation features capable of stopping (preventing) infection before it can cause any damage, update all vulnerable software and routinely backup your data. You should also rely on behavior detection programs (also called heuristics)rather then simple anti-virus definition (signature) detection software only. Most of the major anti-virus programs now incorporate this feature, but you need to activate it. Look in your anti-virus program’s settings for HEURISTIC ANALYSIS, and turn it on. Heuristics can detect when malware is in the act of modifying/encrypting files rather than just detecting the malicious files.

For example, Emsisoft Anti-Malware uses advanced behavior blocking analysis which is extremely difficult to penetrate…it continually monitors the behavior of all active programs looking for any anomalies that may be indicative of malicious activity and raises an alert as soon as something suspicious occurs. Emsisoft also has the ability to detect unknown zero-day attacks without signatures. ESET Antivirus and Smart Security uses Exploit Blocker which is designed to fortify applications that are often exploited, such as web browsers, PDF readers, email clients or MS Office components.

Ransomware Prevention Tools:

Backing up your data and disk imaging are among the most important maintenance tasks users should perform on a regular basis, yet it’s one of the most neglected areas.

Related Resources:

Note: Some security researchers have advised not to to use multiple anti-exploit applications because using more than one of them at the same time can hamper the effectiveness of Return-oriented programming (ROP) and other exploit checks. This in turn can result in the system becoming even more vulnerable than if only one anti-exploit application is running. (source,






08Nov15, pt2 – New Ransomware Warning

A new version of ransomware, meaner and harder to recover from, has been released on the public.  At this time you cannot depend on any software, like Hitman Pro Alert, to protect you. Backups are required to fully recover from this type of attack.

Read the full article here:

Windows 10 Update 04Aug15- A New Scam and Undoing Win 10 Upgrade

Be aware, after upgrading your Windows 7 or Windows 8.1 systems to Windows 10, you do have 30-days to “downgrade” your PC back to the previous version of Windows.

To start the downgrade, make sure you’re plugged in — the downgrade can take several hours — and log into an admin account. From the Start Menu, click or tap “Settings” then “Update & security.” Choose the “Recovery” option, and then select “Go back to Windows 7” or “Go back to Windows 8.1.” Click “Get started”. You’ll have to give a reason why you want to downgrade. Click “Next” twice and the rollback will begin.


 New Windows 10 scam will encrypt your files for ransom

A cautionary tale in being patient, and not skipping the line.

Just days after Microsoft released its latest operating system, hackers have begun targeting soon-to-be Windows 10 users with an emerging kind of malware.

Cisco security researchers are warning users against opening email attachments purporting to be from the software giant. The “ransomware” malware, which encrypts files until a ransom is paid, is being sent as part of an email spam campaign. The emails claims it’s attachment includes an installer that allows users to get the new operating system sooner. Once a user downloads and opens the attached executable file, the malware payload opens, encrypting data on the affected computer, and locking the owner out.

If you do get this infection you need professional servicing immediately, time is of the essence if you want to save your data and avoid a full re-install of your operating system.  Read more here: