scan Archives

Tech Optimizer

April 13, 2026

Fake Claude site installs malware that gives attackers access to your computer

Claude, an AI tool developed by Anthropic, receives nearly 290 million web visits monthly and has become a target for cybercriminals. A fake website has been found that impersonates Claude, distributing a trojanized installer named Claude-Pro-windows-x64.zip. This installer, while appearing legitimate, deploys PlugX malware, granting attackers remote access to users' systems. The fraudulent site mimics the official download page and uses passive DNS records linked to commercial bulk-email platforms, indicating active maintenance by the operators. The ZIP file contains an MSI installer that incorrectly spells "Claude" as "Cluade" and creates a desktop shortcut that launches a VBScript dropper. This script runs the legitimate claude.exe while executing malicious activities in the background, including copying files to the Windows Startup folder to ensure persistence after reboot. The attack utilizes a DLL sideloading technique recognized by MITRE as T1574.002, where a legitimate G DATA antivirus updater is exploited with a malicious DLL. Within 22 seconds of execution, the malware establishes a connection to an IP address associated with Alibaba Cloud, indicating control over the compromised system. The dropper script also employs anti-forensic measures to delete itself and the VBScript after deployment. Indicators of compromise include the filenames Claude-Pro-windows-x64.zip, NOVUpdate.exe, avk.dll, and NOVUpdate.exe.dat, along with the network indicator 8.217.190.58:443 (TCP) as the command and control destination. Users are advised to download Claude only from the official site and to remain vigilant against potential compromises.

Winsage

April 11, 2026

“We have discontinued SaRA”: Microsoft replaces its Windows 11 Recovery Assistant — here’s how to transition to Microsoft’s modern command-line replacement.

Microsoft has phased out the Support and Recovery Assistant (SaRA) utility with the March 2026 Security Update for Windows 11, replacing it with the new "Get Help" command-line tool. The SaRA was designed to troubleshoot and resolve common issues affecting Windows 11 and Microsoft 365 applications. Users are now encouraged to use the Get Help command-line tool, which offers enhanced functionality and security. To use the Get Help tool, users must download the files, extract them, and run specific commands in the Command Prompt. The tool addresses various issues, including Microsoft 365 activation challenges and Outlook profile errors.

AppWizard

April 10, 2026

These two huge PC performance app downloads have been infected by a virus

The download pages for CPU-Z and HWMonitor have been compromised, redirecting users to malware-infected files. Users should verify that downloaded files are named "hwmonitor1.63.exe" or "cpu-z2.19-en.exe" and be cautious of files like "HWiNFOMonitorSetup.exe." A virus scan is recommended, as Windows Defender has flagged the compromised versions. The malicious files were identified approximately nine hours ago, indicating a successful attack on the CPUID download site. The correct download links have been restored, but CPUID has not issued an official statement. The breach was reported by a Reddit user who experienced a warning from Windows Defender after downloading a suspicious file. CPUID's website and social media have not been updated since 2024, and users are advised to stay vigilant.

Winsage

April 9, 2026

This fake Windows support website delivers password-stealing malware

A phishing campaign has been identified that uses a counterfeit Microsoft support website, microsoft-update[.]support, to trick users into downloading a malicious Windows update disguised as WindowsUpdate 1.0.0.msi. This file, created on April 4, 2026, appears legitimate but contains malware designed to steal sensitive information. The campaign targets French-speaking users, leveraging recent data breaches in France to create convincing scams. The malware, once executed, installs an Electron application that runs a Python interpreter, which then deploys various data theft tools. It employs two persistence mechanisms: modifying the Windows registry and creating a shortcut in the Startup folder. The malware connects to external sites for reconnaissance and data exfiltration, using domains like datawebsync-lvmv.onrender[.]com and store8.gofile[.]io. The malware's components have evaded detection by antivirus tools, with VirusTotal reporting zero detections for the main executable and its launcher. Users are advised to check their registry, remove suspicious files, change passwords, and run a full system scan if they suspect installation of the malicious update. Safe updating practices include using the built-in Windows update feature and being cautious of phishing attempts. Indicators of compromise include specific file hashes, domains associated with the phishing campaign, and file system artifacts related to the malware's installation.

Tech Optimizer

April 8, 2026

Avast Antivirus: A Complete Guide to the Software and Its Security Features

Avast antivirus is a widely used digital security solution for mobile and desktop platforms, developed by Gen Digital. It offers a free version that is accessible and easy to set up, making it popular among first-time users. Key security features include real-time threat protection, web protection tools, email protection, behavior monitoring, and a network inspector. The software operates quietly in the background, has a clean and intuitive interface, and provides essential security features in its free version. However, users may experience intrusive upgrade prompts, and advanced tools require a paid subscription. Avast distinguishes itself by offering behavioral threat detection in both free and paid versions, and its extensive user base enhances its threat detection capabilities. The free version includes basic protections suitable for everyday online activities, but advanced features necessitate an upgrade. Users are encouraged to adopt strong passwords, utilize password managers, enable two-factor authentication, and practice safe browsing habits to ensure online privacy.

AppWizard

April 8, 2026

Minecraft village features, loot, trades, and how to find them

Minecraft villages are important locations in the game, serving as resource-rich hubs for players. They can be found by looking for flickering lights at dusk or scanning for house silhouettes during the day. Players can also use specific seeds to locate villages directly. Villages contain various buildings, including libraries and cleric temples, which provide valuable resources like bookshelves and brewing stands. Villagers have specific trades that can be beneficial, such as: - Fletcher: Ideal for acquiring emeralds. - Librarian: Source of enchanted books. - Cartographer: Offers maps to mansions and oceans. Villagers can adopt professions when a profession block is placed nearby, except for Nitwits. Once traded with, a villager's trades remain fixed unless their profession block is removed. A list of villagers and their corresponding profession blocks includes: - Armorer - Blast Furnace - Butcher - Smoker - Cartographer - Cartography Table - Cleric - Brewing Stand - Farmer - Composter - Fisherman - Barrel - Fletcher - Fletching Table - Leatherworker - Cauldron - Librarian - Lectern - Mason - Stonecutter - Shepherd - Loom - Toolsmith - Smithing Table - Weaponsmith - Grindstone The fletcher is a good starting point for earning emeralds by trading sticks. Players can create and repeatedly break a fletching table to encourage trades. The librarian is crucial for obtaining enchanted books, with sought-after enchantments like Mending and Fortune linked to specific biomes. The cartographer offers maps to Woodland Mansions and Trial Chambers, which are essential for exploration.

Tech Optimizer

April 6, 2026

Scammers Want Our Data, Yet CNET Finds Many of Us Aren’t Protecting Our Devices

- 78% of US adults currently own a personal laptop, with HP (32%) and Apple (26%) being the most popular brands. - 54% of laptop owners have encountered potential malware on their devices in the past year. - 88% of those who reported seeing potential malware took action, while 12% did not respond. - 68% of proactive laptop owners either deleted the suspicious file or closed the website or pop-up. - 37% of laptop owners received phishing emails in the past year. - Many modern devices come equipped with built-in antivirus solutions, such as Microsoft Defender for Windows 11 and XProtect for Mac users. - 60% of users who acted upon encountering potential malware manually deleted files or closed suspicious websites, while 35% initiated antivirus scans. - Antivirus software alone cannot safeguard against data breaches or identity theft; a comprehensive cybersecurity strategy involves various tools and practices. - Recommended tools for online security include Bitdefender for antivirus, Aura for identity theft protection, Bitwarden for password management, and ExpressVPN for VPN services.

Winsage

April 5, 2026

How to Reset Registry to Default in Windows 11

Many applications modify the Windows 11 registry without user awareness, potentially leading to issues such as boot problems, application crashes, and settings reverting unexpectedly. Windows 11 does not have a "Reset Registry to Default" button, but there are methods to restore the registry to a functional state. Common indicators of registry issues include: - Applications crashing or failing to open. - Blue Screen of Death errors after registry edits or software installations. - Prolonged boot times. - Settings not saving or reverting unexpectedly. - Error messages about missing DLL files or broken file associations. - USB devices or peripherals not being recognized. To address registry issues, users can try the following methods: 1. System Restore: This method restores system-level changes without erasing personal files, provided a restore point exists. 2. Reset Windows 11: This reinstalls the operating system and resets the registry, with options to keep personal files or remove everything. 3. Import a Registry Backup File: This method restores specific registry keys if a backup exists. 4. Offline Registry Repair via Command Prompt: This is an advanced method for unbootable systems, involving manual replacement of registry hive files. Users are advised to back up the registry before making changes and to avoid using registry cleaners, as they can cause more harm than good. Regularly creating restore points and being cautious with online advice can help prevent registry problems.

Tech Optimizer

April 3, 2026

Why I Use Additional Antivirus Protection on Top of Microsoft Defender

Microsoft Defender has evolved into a reliable security tool, integrating seamlessly with the Windows operating system and offering features such as real-time malware scanning, cloud-based threat intelligence, collaboration with the Windows firewall, and ransomware protections. It receives automatic updates through Windows Update, providing users with up-to-date threat definitions. While Defender is sufficient for users with straightforward online activities, those engaging in riskier behaviors or handling sensitive information may benefit from additional protection. Some antivirus solutions offer features that Defender lacks, such as enhanced web protections, phishing defenses, and parental controls. The text mentions that the author uses Bitdefender alongside Microsoft Defender for added security, citing its stronger web protections and broader range of tools. It emphasizes that effective security also relies on user habits, including keeping software updated, avoiding suspicious downloads, using strong passwords, and regularly backing up data.

Tech Optimizer

April 2, 2026

Norton Review 2026: Solid Antivirus With Great Safe Browsing Tools and Parental Controls

Norton Antivirus has a score of 8.3/10. It offers extensive parental controls on some plans, cloud backups for sensitive data, and a high-quality safe browser. However, its identity theft protection features are limited to US-based users, it has higher resource usage than most competitors, and reaching human customer support can be difficult. Norton began as an antivirus company in 1982 and has expanded to include a password manager, safe browser, cloud backups, and privacy monitoring tools. The LifeLock plans provide identity theft protection and insurance for US users. The antivirus software features easy setup, optimization tools for Windows and MacOS, scam detection, and privacy monitoring. Norton offers various plans, including Norton AntiVirus Plus, Norton 360 Standard, Norton 360 Deluxe, and Norton 360 with LifeLock Select Plus, each with different features and pricing. The plans can cover multiple devices, with costs starting at a competitive rate for the first year. Norton’s antivirus software includes real-time protection, manual and automated scans, and scan scheduling. Its parental controls are a notable feature, and while cloud backups are available, storage may be limited. Free tools include a password manager, data breach scan, and safe browser. Norton’s usability is straightforward, with an intuitive account setup and installation process. The antivirus operates with moderate resource usage, maintaining a low footprint during routine tasks. Norton has a strong reputation for malware detection, maintaining a perfect security ranking from AV-Test and high online detection rates from AV-Comparatives. Its password manager and backup systems use AES-256 encryption, and its VPN follows a no-logs policy. Customer support options include a community forum, knowledge base, and 24/7 live chat and phone support, though email support is not available. Norton is considered a good value for families and budget-conscious users, with pricing starting at an affordable rate for single-device coverage. It is suitable for users seeking active threat protection and parental controls, though alternatives like Bitdefender or Malwarebytes may be better for those prioritizing efficiency and advanced features.