All In One Tech Support Pvt. Ltd. / allinonetech.net Tech support scammers and liars.

winfirewallwarning.in [108.179.196.158] and also related winfirewallwarning1.in:

This domain is probably not related to the last theokalam.com scam I wrote about. I think the theokalam.com scam has stolen or reused some code from the winfirewallwarning.in site.

Update on the above crossed out comment: Funny what comes out in time. Seems that they are related as a web design and marketing company commented on my “theokalam” post saying they sold hosting to allineonetech! And thus the link is now confirmed between the two scams.

winfirewallwarning in scam.png

winfirewallwarning.in alert scam bsod.png

Text on the page says:

Operating System : Microsoft Windows Your OS Version : Windows Your ISP : Unknown Your Browser : Unknown Your IP : 122.176.185.157
http://www.winfirewallwarning.in says:
Windows Firewall has detected multiple high risk infections on your computer, due to this navigation has been blocked. Please immediately call Toll Free: 1-844-714-8454 or visit http://www.microsoft.com for more information.
❑ Prevent this page from creating additional dialogues.

Call On Toll Free +1-844-714-8454. Or Visit Support.microsoft.com
The system scan have found (36) viruses that pose a serious threat:
Threat Alert
TRJN.FakeAV-Download
Spyware.BANKER.ID
TRJN.PORN-Downloaded
TRJN.FB-Download
IDNTY-Up
TRJN.FakeAV-Download

Your personal and financial information might be at risk call +1-844-714-8454 for security check. Do not try to remove the virus manually. call toll-free support at +1-844-714-8454 ■

VIRUS WARNING ALERT
Ox000000CE DRIVER UNLOADED WITHOUT CANCELLING PENDING OPERATIONS

WINDOWS HEALTH IS CRITICAL DO NOT RESTART
PLEASE CONTACT MICROSOFT CERTIFIED TECHNICIANS
Toll Free : +1 844-307-5663
BSOD : Error 333 Registry Failure of operating system – Host : BLUE SCREEN ERROR Ox000000CE
Please contact Microsoft Certified Technicians on Toll Free :
+1 844 307 5663
To immediately rectify issue to prevent data loss

A user name and password are being requested by http://winfirewallwarning1.in. The site says: “Please immediately ‘Call Toll Free 1-844-231-7441’ : or visit http://www.microsoft.com for more information.”

However this one makes it _incredibly easy_ to track down who is behind this scam.. the whois on the domain winfirewallwarning.in leads you right to their doorstep:

Admin Name:Nitin Jakhmola
Admin Organization:All In One Tech Support Pvt. Ltd.
Admin Street1:H2-78 II Floor Vikaspuri
Admin City:New Delhi
Admin State/Province:Delhi
Admin Postal Code:110018
Admin Country:IN
Admin Phone:+91.9999770388
Admin Email:nick@allinonetech.net

Also hosted on the same server 108.179.196.158 is:
– allinone-support.com – A broken website
– techiesns.com – A tech support company in India
– md5-decoder.com – Seemingly functional MD5 hash lookup / cracker service!
– free-softwares-download.com – Some sort of functional software download site for all sorts of titles. Very strange.
– technosystemusallc.com – An app, website and network development and tech support company with a contact address on their website of the USA but the whois gives an address in India:

Registrant Name: Amar D Singh
Registrant Organization: Techno System USA LLC
Registrant Country: IN
Registrant Phone: +91.9873858132
Registrant Email: nick.jakhmola86@outlook.com

– hosting-security.com – More pop up / tech support scam sites
– webdomain-hosting.com – More scam pop up / tech support scam sites (This domain has a whois address of dineshnegi17@gmail.com which leads to a massive list of other scam pop up domains [1])
– antivirus-store.us – Scam pop up tech support site.

[1] This list was sourced from hyas.com

{
city: "newdelhi",
domain: "allinone-tech.net",
zip: "110018",
phone: "919310885027",
country: "in",
rant: "techsupport",
date: "2014-11-06 00:00:00",
type: "exclusive_whois",
email: "aprivate59@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
date: "2014-12-16 00:00:00",
type: "exclusive_whois",
email: "dineshnegi17@gmail.com"
},
{
city: "newdelhi",
domain: "us-pcsupport.com",
zip: "110018",
phone: "919310885027",
country: "in",
rant: "techsupport",
date: "2015-03-24 00:00:00",
type: "exclusive_whois",
email: "aprivate59@gmail.com"
},
{
city: "newdelhi",
domain: "pc-care365.net",
zip: "110018",
phone: "919310885027",
country: "in",
rant: "techsupport",
date: "2015-04-08 00:00:00",
type: "exclusive_whois",
email: "aprivate59@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
street: "g6295topfloorrohini",
date: "2014-12-17 00:00:00",
ns: "ns1.allinonetech.net",
type: "whois",
email: "dineshnegi17@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
street: "g6295topfloorrohini",
date: "2014-12-18 00:00:00",
ns: "ns75.websitewelcome.com",
type: "whois",
email: "dineshnegi17@gmail.com"
},
{
city: "newdelhi",
domain: "fixpcfree.co",
zip: "110069",
phone: "919310885027",
country: "in",
rant: "danishsingh",
street: "g6295topfloorrohini",
date: "2014-12-28 00:00:00",
ns: "ns1.allinonetech.net",
type: "whois",
email: "dineshnegi17@gmail.com"
},
{
city: "Newdelhi",
domain: "high-alert24x7.com",
create_date: "2015-05-08 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns1.allinonetech.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "Newdelhi",
domain: "pc-care365.net",
create_date: "2015-04-08 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns1.allinonetech.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "Newdelhi",
domain: "us-pcsupport.com",
create_date: "2015-03-25 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns1.allinonetech.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "Newdelhi",
domain: "allinone-tech.net",
create_date: "2014-11-07 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1SantNagarExtensionTilakNagar",
registrar: "PDRLTD.D/B/APUBLICDOMAINREGISTRY.COM",
ns: "ns8125.hostgator.com",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "New delhi",
domain: "allinonepcsecurity.com",
create_date: "2014-02-02 00:00:00",
country: "INDIA",
phone: "919310885027",
street: "H1 Sant Nagar Extension Tilak Nagar",
registrar: "PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM",
ns: "ns3.domainindia.net",
type: "whois",
email: "aprivate59@gmail.com"
},
{
city: "New delhi",
domain: "antivirus24x7support.net",
create_date: "2013-08-07 00:00:00",
country: "",
phone: "919310885027",
street: "",
registrar: "PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM",
ns: "ns3.domainindia.net",
type: "whois",
email: "aprivate59@gmail.com"
}

Sourced elsewhere:
– fixpccleaner.com

Advertisements
This entry was posted in Uncategorized. Bookmark the permalink.

5 Responses to All In One Tech Support Pvt. Ltd. / allinonetech.net Tech support scammers and liars.

  1. Pingback: theokalam.com / “0808 238 7541” tech support scammers | thecomputerperson

  2. Do you know how to get rid of there java script warning about my mac being blocked, it wont close or let me shut down or restart my pc, Even after i press okay or cancel.

  3. Somehow you need to Force Quit or End Task on the web browser and then prevent it from automatically bringing up the websites once you load it again. Sadly I don’t know how you do this on a Mac (Windows, no problem.. Mac, nope!).

  4. Michael Knight says:

    So how do u do it on windows please as I cannot open Firefox without this happening thanks

  5. Try either holding down shift when loading firefox and it might start in safe mode and not re-open the offending tabs.
    Or try clicking start, type in run.. select the run option.
    Then type in
    firefox about:blank
    and press ok.

    It should load firefox with a blank page.

Comment on this topic

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s