winfirewallwarning.in [108.179.196.158] and also related winfirewallwarning1.in:
This domain is probably not related to the last theokalam.com scam I wrote about. I think the theokalam.com scam has stolen or reused some code from the winfirewallwarning.in site.
Update on the above crossed out comment: Funny what comes out in time. Seems that they are related as a web design and marketing company commented on my “theokalam” post saying they sold hosting to allineonetech! And thus the link is now confirmed between the two scams.
Text on the page says:
Operating System : Microsoft Windows Your OS Version : Windows Your ISP : Unknown Your Browser : Unknown Your IP : 122.176.185.157
http://www.winfirewallwarning.in says:
Windows Firewall has detected multiple high risk infections on your computer, due to this navigation has been blocked. Please immediately call Toll Free: 1-844-714-8454 or visit http://www.microsoft.com for more information.
❑ Prevent this page from creating additional dialogues.Call On Toll Free +1-844-714-8454. Or Visit Support.microsoft.com
The system scan have found (36) viruses that pose a serious threat:
Threat Alert
TRJN.FakeAV-Download
Spyware.BANKER.ID
TRJN.PORN-Downloaded
TRJN.FB-Download
IDNTY-Up
TRJN.FakeAV-DownloadYour personal and financial information might be at risk call +1-844-714-8454 for security check. Do not try to remove the virus manually. call toll-free support at +1-844-714-8454 ■
VIRUS WARNING ALERT
Ox000000CE DRIVER UNLOADED WITHOUT CANCELLING PENDING OPERATIONSWINDOWS HEALTH IS CRITICAL DO NOT RESTART
PLEASE CONTACT MICROSOFT CERTIFIED TECHNICIANS
Toll Free : +1 844-307-5663
BSOD : Error 333 Registry Failure of operating system – Host : BLUE SCREEN ERROR Ox000000CE
Please contact Microsoft Certified Technicians on Toll Free :
+1 844 307 5663
To immediately rectify issue to prevent data lossA user name and password are being requested by http://winfirewallwarning1.in. The site says: “Please immediately ‘Call Toll Free 1-844-231-7441’ : or visit http://www.microsoft.com for more information.”
However this one makes it _incredibly easy_ to track down who is behind this scam.. the whois on the domain winfirewallwarning.in leads you right to their doorstep:
Admin Name:Nitin Jakhmola
Admin Organization:All In One Tech Support Pvt. Ltd.
Admin Street1:H2-78 II Floor Vikaspuri
Admin City:New Delhi
Admin State/Province:Delhi
Admin Postal Code:110018
Admin Country:IN
Admin Phone:+91.9999770388
Admin Email:nick@allinonetech.net
Also hosted on the same server 108.179.196.158 is:
– allinone-support.com – A broken website
– techiesns.com – A tech support company in India
– md5-decoder.com – Seemingly functional MD5 hash lookup / cracker service!
– free-softwares-download.com – Some sort of functional software download site for all sorts of titles. Very strange.
– technosystemusallc.com – An app, website and network development and tech support company with a contact address on their website of the USA but the whois gives an address in India:
Registrant Name: Amar D Singh
Registrant Organization: Techno System USA LLC
Registrant Country: IN
Registrant Phone: +91.9873858132
Registrant Email: nick.jakhmola86@outlook.com
– hosting-security.com – More pop up / tech support scam sites
– webdomain-hosting.com – More scam pop up / tech support scam sites (This domain has a whois address of dineshnegi17@gmail.com which leads to a massive list of other scam pop up domains [1])
– antivirus-store.us – Scam pop up tech support site.
[1] This list was sourced from hyas.com
{
city: "newdelhi",
domain: "allinone-tech.net",
zip: "110018",
phone: "919310885027",
country: "in",
rant: "techsupport",
date: "2014-11-06 00:00:00",
type: "exclusive_whois",
email: "aprivate59@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
date: "2014-12-16 00:00:00",
type: "exclusive_whois",
email: "dineshnegi17@gmail.com"
},
{
city: "newdelhi",
domain: "us-pcsupport.com",
zip: "110018",
phone: "919310885027",
country: "in",
rant: "techsupport",
date: "2015-03-24 00:00:00",
type: "exclusive_whois",
email: "aprivate59@gmail.com"
},
{
city: "newdelhi",
domain: "pc-care365.net",
zip: "110018",
phone: "919310885027",
country: "in",
rant: "techsupport",
date: "2015-04-08 00:00:00",
type: "exclusive_whois",
email: "aprivate59@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
street: "g6295topfloorrohini",
date: "2014-12-17 00:00:00",
ns: "ns1.allinonetech.net",
type: "whois",
email: "dineshnegi17@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
street: "g6295topfloorrohini",
date: "2014-12-18 00:00:00",
ns: "ns75.websitewelcome.com",
type: "whois",
email: "dineshnegi17@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
street: "g6295topfloorrohini",
date: "2014-12-28 00:00:00",
ns: "ns1.allinonetech.net",
type: "whois",
email: "dineshnegi17@gmail.com"
},
{
city: "Newdelhi",
domain: "high-alert24x7.com",
create_date: "2015-05-08 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns1.allinonetech.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "Newdelhi",
domain: "pc-care365.net",
create_date: "2015-04-08 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns1.allinonetech.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "Newdelhi",
domain: "us-pcsupport.com",
create_date: "2015-03-25 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns1.allinonetech.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "Newdelhi",
domain: "allinone-tech.net",
create_date: "2014-11-07 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns8125.hostgator.com",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "New delhi",
domain: "allinonepcsecurity.com",
create_date: "2014-02-02 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1 Sant Nagar Extension Tilak Nagar",
registrar: "PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM",
ns: "ns3.domainindia.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "New delhi",
domain: "antivirus24x7support.net",
create_date: "2013-08-07 00:00:00",
country: "",
phone: "919310885027",
street: "",
registrar: "PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM",
ns: "ns3.domainindia.net",
type: "whois",
email: "aprivate59@gmail.com"
}
Sourced elsewhere:
– fixpccleaner.com
thecomputerperson 
Pingback: theokalam.com / “0808 238 7541” tech support scammers | thecomputerperson
Do you know how to get rid of there java script warning about my mac being blocked, it wont close or let me shut down or restart my pc, Even after i press okay or cancel.
Somehow you need to Force Quit or End Task on the web browser and then prevent it from automatically bringing up the websites once you load it again. Sadly I don’t know how you do this on a Mac (Windows, no problem.. Mac, nope!).
So how do u do it on windows please as I cannot open Firefox without this happening thanks
Try either holding down shift when loading firefox and it might start in safe mode and not re-open the offending tabs.
Or try clicking start, type in run.. select the run option.
Then type in
firefox about:blank
and press ok.
It should load firefox with a blank page.