Home BlueCollarPC.US

Welcome to the BlueCollarPC …… A Community Help Website Since 2005!

BlueCollarPC.US Launched June 14 2010, a Personal Website for General Audiences with Computing Safety and Malware Removal Help and Information as main theme which includes memberships available for live help – at our Groups and Forums. Formerly Webmaster of BlueCollarPC.Net [closed] from 2005 -2009 (over 6 million Visitors) and back up BlueCollarPC.Org [closed]. ALL tolled, our sites are honored to offer free Community Help to just over 12 MILLION Users/Visitors since 2005 to present 2015.
VISIT OUR PERMANENT BACK-UP SITE HERE :
https://sites.google.com/site/pcsecurityhelper/ “PC SECURITY HELPER” (GOOGLE SITES)
VISIT/READ OUR BLOG HERE:
BlueCollarPC @ WordPress
https://bluecollarpcwebs.wordpress.com/

For the record… Towards the end of 2009, the BlueCollarPC .Net /.Org(back up) created by me had enjoyed just over 6 Million Vistors/Users! – and are proud to have helped and indeed actually had “discovery” in the security industry concerning the malware RASautodial registry entries discovered by Yours Truly. Never be afraid to ‘take a look under the hood’ of your PC ! You never know what you’ll find. The move to BlueCollarPC.US reflects the move to complete malware removal help including the newer dreaded botnet infections and many others evolved. Our original domain began as an antispyware help detect/removal site.

Browsing the pages here you will find dedicated information, files, and links – as well as utilities softwares for detecting, blocking, and removing unwanted installations that are the threats beyond Anti-Virus and Firewall protections. These have now become generally known as the spyware catagory of threats to personal computers and online and personal safety.

“Malware” is the general term caught on that refers to all – both antivirus and antispyware catagory threats – including virus, worm, trojan, adware, spyware, rootkits, botnet infections, more.

There has now grown a wide community of help for removal of “badware” and “crimeware” (nics) from personal computers – very genuine and informed persons along with many professionals. The beginning is learning about the threats, their behaviors, and identifying any that may be present on your PC – and then of course clean removal. I hope all things here are very helpful to all interested, as I myself am involved in all and draw my complete experiences basically as an average consumer, and now ‘advanced user’ and finally endeavoring to Amateur Forensics and degreed with a Data Processor Certificate (1970 – older IBM 029 and Univac 026 Data Processor Machines and slight programming with the dinosaur Univac / Sperry Rand 9200/9300 Series w/ COBAL). We can’t all be programmers on today’s disk computer systems but we can learn to easily keep them clean
and healthy from the ills and dangers of malwares.

How And Where To Report Cyber Crime
REPORT CYBER CRIME

Internet Crime Complaint Center (IC3)
http://ic3.gov/
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). IC3’s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >> http://ic3.gov/

Federal Trade Commission (USA) Complaint Input Form
https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03
If you believe you have been the victim of identity theft, you may use the form below to send a complaint to the Federal Trade Commission (FTC). The information you provide is up to you. However, if you don’t provide your name or other information, it may be impossible for us to refer, respond to, or investigate your complaint or request. To learn how we use the information you provide, please read our Privacy Policy.

Federal Bureau of Investigation – Cyber Investigations – Cybercrime
http://www.fbi.gov/cyberinvest/cyberhome.htm
Computer Crime & Intellectual Property Section
http://www.cybercrime.gov/

WiredSafety.Org
http://www.wiredsafety.org/911/
Our Cyber911 Help tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement…

ReportCybercrime.Com (Private)
http://www.reportcybercrime.com/
Also, through our interactive forum you can get opinion of specialist attorneys and lawyers. Each lawyer in practice will give his opinion on matters, which are raised in the forum. You Can post queries view answers from experts and improve upon your knowledge base…

How to Report Cybercrime
http://www.katiesplace.org/report_cybercrime.html
WiredSafety’s Cyber911 Emergency tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement.

Take a Bite Out of Cyber Crime
ByteCrime.Org
http://www.bytecrime.org/

Security product vendors
Links to developers and vendors of computer and network security products and services… SOURCE: http://www.virusbtn.com/resources/links/index?ven
AEC (Trustport)
AVG (formerly Grisoft)
Agnitum (Outpost)
AhnLab (V3Net)
Aladdin (eSafe)
Alwil Software (avast!)
ArcaBit (ArcaVir)
Authentium (Command)
Avira (AntiVir)
BitDefender (formerly Softwin)
Bullguard
CA (Corporate)
CA (Home user)
Central Command (Vexira)
Check Point (ZoneAlarm)
ClamAV (open source)
Comodo (BOClean)
Cybersoft (VFind/VTSK)
Doctor Web
ESET (Nod32)
Ewido
F-Secure
Filseclab (Twister)
Fortinet
Frisk Software (F-PROT)
G DATA (AVK)
Ggreat
HAURI (ViRobot)
IBM ISS (Proventia)
Ikarus
Intego (Mac specialist)
Iolo
K7 Computing
Kaspersky Lab
Kingsoft
Lavasoft (AdAware)
McAfee, Inc. (formerly Network Associates)
MicroWorld Software (eScan)
Microsoft (Forefront)
Microsoft (OneCare)
Moon Secure (open source AV for Windows project)
New Technology Wave Inc. (VirusChaser)
Norman Data Defense Systems
PC Tools (Spyware Doctor)
Panda Software
Per Systems
Proland Software (Protector Plus)
ProtectMac (Mac specialist)
Quick Heal Technologies
Rising
SecureMac (MacScan)
Sophos
SpyBot – Search & Destroy
Sunbelt Software (CounterSpy, Vipre)
Symantec Corporation (Norton)
Trend Micro Inc.
VirusBlokAda (VBA32)
VirusBuster Ltd.
Webroot (Spy Sweeper)
eEye Digital Security (Blink)

WARNING – FAKE BOGUS SOFTWARES / Scareware…… INFECTION:

Title: The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites
Description: Bad, False, Fake products
URL: http://www.spywarewarrior.com/rogue_anti-spyware.htm
LavaSoft — The Rogue Gallery
http://www.lavasoft.com/mylavasoft/rogues/latest
The Rogue Gallery, powered by the Malware Labs at Lavasoft, is a resource dedicated to keeping computer users safe from rogue security software. By providing a comprehensive database of current rogue security applications, you have the ability to clearly see what programs are considered rogue – and avoid them.
Partial list of rogue security software
http://en.wikipedia.org/wiki/Rogue_security_software

Security Notes / About: The highly innovative Windows XP was released in 2001. This began the “XP Years”. At that time, antivirus software was the only defense anyone ever heard of, used, – and based on the term “computer virus” and how damaging they could be to computers – we learned in launching a new Windows PC – the dangers. The “adware” was beginning and suddenly “spyware” was being discovered. Firewalls were unheard of in consumerism.

CONTACT US

CONTACT US if you need live help via emails back and forth until problem resolved successfully. Do not feel any question or comment is stupid and not worth mentioning. Most times anything you see or suspect nine times out of ten is what the problem turns out to be. PC Users seem to have a good sense and suspicion.

BASICALLY compose an email describing what problem or problems (symptoms) you are experiencing and need help with. This does not have to be specifically malware infection suspected – you can ask for tech help too.  Please add any specifics and with malware infection suspected TRY to exactly describe what was happening up to the point you experienced what may be malware infection.

FOR INSTANCE you can write you had just downloaded this free software and after installing it, things seemed to really bog down slow. Also noticed suddenly there was some toolbar appearing at the top of the browser you did not install. The Homepage suddenly changed also and will not go back. It is weird but seems something is transmitting something in the background invisible somehow.

YOU CAN ALSO SUBMIT SECURITY LOGS FOR ANALYSIS as many quality products now have added this feature to where you can simply click VIEW LOG when a scan is complete and then copy/paste that in an email and send it for analysis. One of the ORIGINALS WAS HiJackThis Logs here….

 

HiJackThis Website / Download
http://sourceforge.net/projects/hjt/

INFORMATION / History
HijackThis
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/HijackThis

WHEN YOU ARE READY simply address your composed email to info@bluecollarpc.us and Send and you will get an immediate auto-reply message confirming your email was received. The SENDER will appear as BlueCollarPC.US Webmaster and the address will be info@bluecollarpc.us

You will receive a Help Response with clear easy steps to take to solve the problem. Note most times it takes more than one email message back and forth like – first do this and respond results, and another – now do this and should take care of it and email results now to confirm the problem has been solved. We are a little bit more kinder than practically all Help Forums you may have been to. We will add some information links about the infection – the exact culprit as the particular virus, trojan, worm, spyware etc. and what it did/does. Some tips to avoid future infection and perhaps some add on security software to beef up your computer security solution to achieve safe uninterrupted computing.

We are also much faster than practically all Help Forums as answering your help emails within minutes or hours rather than days.

***** YOU MAY CONTACT US AT THE WEBMASTER ADDRESS FOR ALL THAT PERTAINS ONLY AT info@bluecollarpc.us

# CONTACT PERMISSION AT THIS EMAIL ADDRESS is ONLY for Help Submissions and standard webmaster email such as concerns over content of site etc. ALL OTHER EMAIL will be reported as either Unsolicited Email or Unsolicited Commercial Email (UCE = Spam).

 

Webmaster: BlueCollarPC.US 
Malware Removal/Amateur Forensics
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: mailto:BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
Subscribe to BlueCollarPCSecurity

Powered by us.groups.yahoo.com

 

BY SPECIAL REQUEST WE WILL PERFORM REMOTE ASSISTANCE WITH YOU ONLINE. THIS HAS TO BE SCHEDULED WHEN BOTH ARE ONLINE AT SET TIME. WINDOWS REMOTE ASSISTANCE IS BUILT INTO WINDOWS AND ALLOWS THE HELPER PC FULL ACCESS TO YOUR PC ONLINE WHILE YOU WATCH OR PARTICIPATE ALSO. READ INFORMATION BELOW HOW THIS IS SO SIMPLE TO DO. THERE ARE ALSO SEVERAL FREE SOFTWARES THAT PERFORM THE SAME FUNCTION LISTED HERE…..
 
Windows Remote Assistance (Built into Windows, free)
[You simply send an Invitation and Password to friend to gain access to your PC to help fix it when you are both online.]
 
Windows Remote Assistance: frequently asked questions
Get or give help with Windows Remote Assistance, and learn about privacy, sharing, and permissions….
 
Step-by-Step Guide to Remote Assistance (Windows XP)
 
Invite Another User to Troubleshoot Your Windows 7 Machine with Remote Assistance
You might get stuck and need the help of a friend or colleague.  Here we will take a look at using Windows Remote Assistance to allow someone you trust to connect to your computer and help troubleshoot the problem. Windows Remote Assistance has actually been around since Windows XP and was included in the …….
 
ALTERNATE SOFTWARES FOR REMOTE ASSISTANCE
 
TeamViewer – Free Remote Control, Remote Access & Online …
Software for Remote Support, Remote Access, Remote Administration, Home Office and Online Meetings. For Windows, Mac, Linux, iPhone, iPad, Android and …
More than 100,000,000 Users spread over more than 200 countries already use TeamViewer – when will you start? TeamViewer is ready to use, right after downloading! Download, execute, and get started! – Your first session will start in less than a minute. Commercial users are welcome to use these downloads for trial purposes. TeamViewer is free for all non-commercial users!
TeamViewer Download for Windows
TeamViewer Download for Linux
TeamViewer Download for Mac
TeamViewer Mobile App Download
Is TeamViewer UAC compatible?
Yes! In general, TeamViewer, also on operating systems with User Account
Control (UAC), functions automatically.
 
myNetPC | Free software downloads at SourceForge.net
Free – ‎Windows (Remote Help)
Jan 27, 2013 – myNetPC is a VNC – Ultimate goal is open-source alternative to “LogmeIn” and “GoTomyPC”.
 
LogMeIn: Remote Access and Remote Desktop Software (NOT FREE, WE DO NOT USE)
Get In and go with remote access from LogMeIn. Enjoy the freedom to work from anywhere by accessing desktop and laptop computers, PC or Mac, over the …

Leave a Reply

Our LINKS

OUR LINKS (All are hosted by us)

OUR COMPUTER HELP CLUBS – WEBSITES/JOIN GROUPS

WINDOWS

ALTERNATE WEBSITE: BlueCollarPC Security Helper (Windows)
https://sites.google.com/site/pcsecurityhelper

TABS: Home, Malware Removal Center, Threats FAQs, PC Help, Wireless, Windows Registry Help

BlueCollarPCSecurity Yahoo Group
BlueCollarPC Security and Tech Help
http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
RSS https://groups.google.com/forum/feed/bluecollarpcsecurity/msgs/rss.xml?num=15

Windows8Club Yahoo Group
Windows 8 PC Help Club
NEW FORUM: http://windows8club.freesmfhosting.com/index.php
http://tech.groups.yahoo.com/group/Windows8Club/
RSS https://groups.google.com/forum/feed/windows-8-club/msgs/rss.xml?num=15

MOBILES / HANDHELDS (PDA Personal Digital Assistant – Original Name)
PDAMobileCafeMobileAlertList Yahoo Group
Wireless-Mobile Devices Security Alerts
http://tech.groups.yahoo.com/group/PDAMobileCafeMobileAlertList/
RSS https://groups.google.com/forum/feed/pdamobilecafe-mobilealerts/msgs/rss.xml?num=15

LINUX

LinuxDucks Linux Operating System Club
HOME: http://linuxducks.webs.com/
Welcome to Linux Ducks ! Join or Yahoo Group or on-site Forum for live interaction… discussions, questions and answers, in the news, more.
FORUM: http://linuxducks.free-forums.org/index.php
LinuxDucks Yahoo Groups LinuxDucks Linux Operating System Club
http://tech.groups.yahoo.com/group/linuxducks/
RSS https://groups.google.com/forum/feed/linuxducks/msgs/rss.xml?num=15

Our You Tube Channels
BlueCollarPC YouTube Channel http://www.youtube.com/BlueCollarPC

JFK50YearJubilee YouTube Channel http://www.youtube.com/user/JFK50YearJubilee

TheBeetlesUSA You Tube Channel http://www.youtube.com/user/thebeetlesusa

President John Fitzgerald Kennedy JFK 50th Anniversary Jubilee
FORUM: JFK 50 Year Jubilee Hearings Forum
http://jfk50yearjubilee.freesmfhosting.com

Solved by the Administrator (My Conclusion)
http://jfk50yearjubilee.freesmfhosting.com/index.php/topic,165.0.html
Administrator Research Contributions (OPAL BUST)
http://jfk50yearjubilee.freesmfhosting.com/index.php/topic,12.0.html http://www.youtube.com/watch?v=F-KOpdISioM&feature=player_embedded

JFK50YearJubilee YouTube Channel http://www.youtube.com/user/JFK50YearJubilee

BLOGS

ChristianEministry.Com @ WordPress
http://christianeministry.wordpress.com/
RSS http://christianeministry.wordpress.com/feed/

BlueCollarPC @ Word Press
https://bluecollarpcwebs.wordpress.com/
RSS http://bluecollarpcwebs.wordpress.com/feed/

PDA Mobile Cafe’s Blog
Mobile PC and everything wireless – cell, pda, laptop
http://pdamobilecafe.wordpress.com/
RSS http://pdamobilecafe.wordpress.com/feed/

MUS

TheBeetlesUSA
http://thebeetlesusa.webs.com/

CHRISTIANITY

HOME: eChurchOfPhiladelphia.Org
http://www.echurchofphiladelphia.com/

FORUM: eChurchOfPhiladelphia.Org eChurch Forums
Studies Posted and Forums
http://churchphilaforums.freesmfhosting.com/index.php

ChristianEministry.Com (OUR OUTREACH) Blog, all links, more
http://christianeministry.com/

ChristianEministry Yahoo Groups (Bible Studies)
eChurchOfPhiladelphia.Org Bible Studies http://groups.yahoo.com/group/ChristianEministry/
RSS http://rss.groups.yahoo.com/group/ChristianEministry/rss

ChristianEministry.Com Podcasts
http://www.cyberears.com/index.php/Show/audio/5772
Podcast RSS http://www.cyberears.com/podcasts/podcast_5772.xml
Podcasts and Music by eMinister of eChurchOfPhiladelphia.Org, Authorized King James Holy Bible only, the English language dedicated translation commonly accepted in the Faith as the Word of God. Webmaster ChristianEministry.Com.

Leave a Reply

Wireless

 

WIRELESS – – –

 

HOME NETWORKS (WLAN) ….. WI-FI SECURITY AND SET-UP…. Small Business

 

Basically for security, you may want to read this typical security article about WEP encryption (BELOW) …. it has been hacked and you will want to upgrade in all areas to newer WPA encryption and not log onto Networks putting you at risk with much older and outdated WEP encryption. This applies to all Wireless Netoworks, whether a Home Network with Routers or Public Wi-Fi Access or other Municipal City Wide Wi-Fi Services. NOTE that Windows Mobile 2003 began with WPA as default and there were certain older Models that were not elegible for the Windows Mobile 2003 and thus stuck with WEP encryption as worthless. Today,  there is a wireless explosion with Wi-Fi and Bluetooth as well and through many devices and scenarios. Because of the explosion as well by crimewares and cyber crime persons (adware, spyware, botnets, malwares) involving Identity Theft and related Cyber Crimes – the average user is well advised to become security educated on any Device able to access the World Web or the Wireless Internet or Wireless Connections of any kind.

 

Cafe Latte attack steals data from Wi-Fi PCs (WEP encryption cracked) October 19th, 2007 Cafe Latte attack steals data from Wi-Fi PCs “With the discovery of our attack, every employee of an organization is the target of an attack.” Security researcher uncovers technique that exploits holes in WEP encryption to log onto supposedly secure wireless networks If you use a secure wireless network, hackers may be able to steal data from your … via Infoworld http://www.topix.net/tech/computer-security/2007/10/cafe-latte-attack-steals-data-from-wi-fi-pcs

 

UPDATE: Once thought safe, WPA Wi-Fi encryption is cracked – Network World http://www.networkworld.com/news/2008/110608-once-thought-safe-wpa-wi-fi.html?t51hb

 

USE WPA-2 MINIMUM …..WPA 1 (Personal) takes time but can be hacked now. NEW UPDATE ——————> WPA2 security hole discovered Wi-Fi WPA2 vulnerability FAQ AirTight’s WPA2 exploit seems to be an ARP spoofing attack Network World July 28, 2010 05:33 PM ET So this guy at AirTight Networks says Wi-Fi Protected Access 2 has a “hard shell on the outside, but a soft underbelly inside”due to an overlooked vulnerability, and an attacker can decrypt traffic that’s been encrypted with WPA2. Is this total panic time? Well, probably not, based on tentative conclusions from folks who’ve been trying to figure out what’s going on from the very limited information AirTight Networks has released so far. The Wi-Fi Alliance crafted WPA2, based on the IEEE 802.11i specification. Do they have a response to AirTight? ….. http://www.networkworld.com/news/2010/072810-wif–wpa2-vulnerability-faq.html?source=NWWNLE_nlt_daily_am_2010-07-29

 

WPA2 security hole discovered LinuxSecurity.com: Security experts at AirTight Networks have discovered a hole in the WPA2 Wi-Fi security protocol. The security hole was named as Hole 196 after the number of the relevant page in the IEEE 802.11 (2007) standard document. 7/27/2010 6:12 AM Read more | Open in browser http://www.linuxsecurity.com/content/view/152895?rdf

 

WPA2 vulnerability found ‘Hole 196’ means malicious insiders could spoof WI-Fi packets, compromise WLAN Network World July 23, 2010 12:59 PM ET Perhaps it was only a matter of time. But wireless security researchers say they have uncovered a vulnerability in the WPA2 security protocol, which is the strongest form of Wi-Fi encryption and authentication currently standardized and available. …. http://www.networkworld.com/newsletters/wireless/2010/072610wireless1.html?source=NWWNLE_nlt_wireless_2010-07-26

 

VISTA LINKS:

Windows Vista Help: What are the different wireless network security … This is referred to as WPA-Enterprise or WPA2-Enterprise . It can also be used in a pre-shared key (PSK) mode, where every user is given the same passphrase http://windowshelp.microsoft.com/Windows/en-US/Help/b385cc8a-af25-489e-a82e-decf6df26b681033.mspx

 

Windows Vista Partners: D-Link Systems Support for WEP, WPA, and WPA2 security standards help ensure that you will be able to use the best possible encryption—regardless of your other wireless devices. http://www.microsoft.com/windows/shop/partners/dlink.mspx

Windows Vista Help: Choosing a network location For wireless networks, a wireless connection encrypted with Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA). (For WPA, WPA2 is preferred. http://windowshelp.microsoft.com/Windows/en-US/Help/6ddfa83c-01c8-441e-b041-1fd912c3fe601033.mspx

 

Windows Vista Help: Enable 802.1X authentication On wireless networks, 802.1X can be used with Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) encryption. 5. In the Choose a network … http://windowshelp.microsoft.com/Windows/en-US/Help/d4a8a69a-f885-4766-a991-446031bc32881033.mspx

 

Windows Vista Help: Ad hoc networking Security type. For your computer’s security, choose WPA-2 Personal. (We don’t recommend using WEP. WPA-2 is more secure. If you try WPA-2 and it doesn’t work, we recommend that … http://windowshelp.microsoft.com/windows/en-us/help/0e158c21-4c70-4235-879d-0c9133218e561033.mspx

Windows Vista Help: Setting up a wireless network We recommend that you use WPA because it offers better security than the traditional Wired Equivalent Privacy (WEP) security. With WPA you can also use a passphrase , so you don’t … http://windowshelp.microsoft.com/windows/en-us/help/297fa2dc-b20b-4327-b673-707a968c86801033.mspx#EK

WPA Wireless Security for Home Networks Explains how to use Wi-Fi Protected Access (WPA), a new wireless security specification, to secure your home network. http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx

 

Windows XP: Improve the security of your wireless home network WPA-PSK (also known as WPA-Personal). A more secure alternative to WEP, but because it is newer, it is not as widely supported. Microsoft Windows XP with Service Pack 2 supports WPA … http://www.microsoft.com/windowsxp/using/networking/security/wireless.mspx

 

Download details: Windows XP Support Patch for Wi-Fi Protected Access … WPA is intended to replace the existing Wired Equivalent Privacy (WEP) standard, offering much more robust methods of encryption and authentication and resulting in a new level of … http://www.microsoft.com/downloads/details.aspx?familyid=009D8425-CE2B-47A4-ABEC-274845DC9E91&displaylang=en

Wi-Fi Protected Access (WPA) support for Wireless Network (IEEE 802.11 … Provides a hotfix that lets you apply wireless network policy settings to a domain or an organizational unit. You can also use this new feature to define preferred wireless … http://support.microsoft.com/kb/811233

Expert Zone Support Webcast: How to set up WPA-based wireless security … Thursday, April 21, 2005: 10:00 AM Pacific time: Explains how to secure a wireless network using new security standards. Explains how to set up WPA-based wireless security and … http://support.microsoft.com/kb/895616

Download details: Update for Microsoft Windows XP: KB826942 This update provides support for Wireless Protected Access, a new standards-based wireless security solution developed by the Wi-Fi Alliance. … This update provides support for … http://www.microsoft.com/downloads/details.aspx?FamilyId=5039EF4A-61E0-4C44-94F0-C25C9DE0ACE9&displaylang=en

 

Wireless LAN Technologies and Microsoft Windows For example, Windows XP with Service Pack 2 (SP2) supports configuration options for the Wi-Fi Protected Access (WPA) security standard. However, if the wireless network adapter … http://www.microsoft.com/technet/network/wifi/wrlsxp.mspx

 

The Wi-Fi Protected Access 2 (WPA2)/Wireless Provisioning Services … The update supports the additional mandatory security features of the IEEE 802.11i standard that are not already included for products that support WPA. http://support.microsoft.com/kb/893357

 

WPA Wi-Fi Protected Access (WPA) is an implementation that is based on a subset of the IEEE 802.11i standard. WPA, when used with the Temporal Key Integrity Protocol and the Michael … http://msdn2.microsoft.com/en-us/library/ms886626.aspx

 

Implement WPA2-Personal wireless security on a Windows XP SP2-based … Like WPA, WPA2 relies on Pre-Shared Key (PSK) to provide encryption. For more information about WPA and wireless security in general, see my earlier column, How to secure your … http://www.microsoft.com/windowsxp/using/security/expert/bowman_wirelesssecurity.mspx

You cannot connect to a wireless access point with the Wi-Fi Protected … After you install the Wi-Fi Protected Access (WPA) update (815485) on a Windows XP-based computer, your wireless network adapter may not be able to connect to your wireless access … http://support.microsoft.com/kb/821442

 

Configuring Windows XP IEEE 802.11 Wireless Networks for the Home and … WPA Encryption. IEEE 802.11i is a new standard that specifies improvements to wireless LAN networking security. The 802.11i standard addresses many of the security issues of the … http://www.microsoft.com/technet/network/wifi/wifisoho.mspx

 

Set up a secure wireless network using Windows Connect Now WPA-Personal/PSK provides a more secure encryption solution. D-Link’s WCN devices are all WPA-Personal capable. To specify the SSID and encryption…. http://www.microsoft.com/windowsxp/using/networking/learnmore/bowman_05june13.mspx

 

Using a Wireless Laptop at Work and at Home Also set your WEP or Wi-Fi Protected Access (WPA ) encryption for the network at this time. For an excellent article on setting up WPA on a home network, see Barb Bowman’s WPA … http://www.microsoft.com/windowsxp/using/tabletpc/expert/russell_tabletlaptop.mspx

Wireless LAN Support in Windows: Frequently Asked Questions The new WPA settings will be read and configured for wireless clients running Windows XP with Service Pack 2 , Windows XP with Service Pack 1 and the Wireless Update Rollup Package … http://www.microsoft.com/technet/network/wifi/wififaq.mspx

 

WPA Authentication The following topics define the requirements for supporting Wi-Fi Protected Access (WPA) on an 802.11 device: Driver Requirements for WPA. Describes what the 802.11 miniport … http://msdn2.microsoft.com/en-us/library/aa504154.aspx

 

Appendix D: WPA Support The Securing Wireless LANS with Certificate Services solution is by design compatible with Wi – Fi Protected Access (WPA) security for wireless LANs (WLANs). WPA compatibility … http://www.microsoft.com/technet/security/prodtech/windowsserver2003/pkiwire/AP04.mspx?mfr=true

 

Wi-Fi Protected Access (WPA) Overview: The Cable Guy, March 2003 Let the Cable Guy guide you through an overview of Wi-Fi Protected Access (WPA) … For a list and additional information on all The Cable Guy columns, click here. http://technet.microsoft.com/en-us/library/bb877996.aspx

 

Choosing a Strategy for Wireless LAN Security Wi–Fi Protected Access (WPA) Pre–shared Key (PSK) for very small businesses and home offices.  Password–based WLAN security for organizations that do not use and do not need … http://www.microsoft.com/technet/security/guidance/cryptographyetc/peap_int.mspx

 

Microsoft Security Advisory (917021): Description of the Wi-Fi … Wi-Fi Protected Access (WPA) is an interim standard adopted by the Wi-Fi Alliance to provide more secure encryption and data integrity while the IEEE 802.11i standard was being … http://www.microsoft.com/technet/security/advisory/917021.mspx

 

Planning a Wireless LAN Security Implementation … focused on the use of strong authentication to the WLAN using 802.1X and encrypting the network traffic using dynamic Wired Equivalent Privacy (WEP) or WiFi Protected Access (WPA) http://www.microsoft.com/technet/security/guidance/cryptographyetc/peap_2.mspx

 

Download details: Secure Wireless Access Point Configuration Receive guidance about configuring wireless access points to support Wi-Fi protected access (WPA) and configuring the required supporting network infrastructure. … Receive … http://www.microsoft.com/downloads/details.aspx?FamilyID=27390BD4-D920-43AF-98A1-0F53FBB90A02&displaylang=en

 

Secure Wireless Access Point Configuration Receive guidance on configuring wireless application protocols (WAPs) to support wi-fi protected access (WPA) and configuring the required supporting network infrastructure. http://www.microsoft.com/technet/security/midsizebusiness/topics/serversecurity/wirelessaccessconfig.mspx

 

How to troubleshoot wireless network connections in Windows XP Service … Options here include Open , Shared , WPA , and WPA-PSK . If you are using WPA , no additional configuration is required. If you are using WPA-PSK , an 8- to 63-character password is … http://support.microsoft.com/kb/870702

Using Wi-Fi safely: encryption and other tips Wi-Fi Protected Access (WPA): like burglarizing a house with a good alarm system. WPA offers a more robust encryption scheme that uses a system called Temporal Key Integrity … http://www.microsoft.com/smallbusiness/resources/technology/broadband_mobility/using_wi_fi_safely_encryption_and_other_tips.mspx

 

Overview of Securing Wireless LANs with PEAP and Passwords Using WPA in the Solution. Appendix C: Supported OS Versions. Appendix D: Scripts and Support Files. Support. More information about support for the Microsoft products in this solution … http://www.microsoft.com/technet/security/guidance/cryptographyetc/peap_0.mspx

 

Hooking up with Wi-Fi: 6 things to know 802.11g, however, employs a newer encryption standard, Wi-Fi Protected Access (WPA), which isn’t perfect but is considered to be much more secure than WEP. http://www.microsoft.com/smallbusiness/resources/technology/broadband_mobility/hooking_up_with_wifi_6_things_to_know.mspx

 

Windows XP Update Bolsters Security of Both Private and Public Wi-Fi … Building on the protections of the earlier Wi-Fi Protected Access (WPA) specification, the new Wi-Fi Alliance standard offers the advanced data encryption mandated by the Federal … http://www.microsoft.com/presspass/press/2005/may05/05-12WPA2UpdatesPR.mspx

 

Microsoft Product Information Center: Microsoft® Broadband Networking … Automatic WPA/WEP security . Get automatic Wired Equivalent Privacy (WEP) protection and Wi-Fi Protected Access™ (WPA), the most sophisticated standard in wireless security. http://www.microsoft.com/products/info/product.aspx?view=22&pcid=13194ee9-f7e7-4785-9cbf-f5ed24e8eff4&type=ovr

 

Wi-Fi Protected Access 2 Data Encryption and Integrity: The Cable Guy … Like WPA and the Temporal Key Integrity Protocol (TKIP), AES CCMP uses a set of temporal keys that are derived from a master key and other values…. http://technet.microsoft.com/en-us/library/bb878096.aspx

 

Smart Display Setup Is Incompatible with Wi-Fi Protected Access Update After you install the Wireless Fidelity (Wi-Fi) Protected Access (WPA) update on a Microsoft Windows XP Professional-based computer, and then you run the Smart Display Setup … http://support.microsoft.com/kb/821486

 

You cannot connect to a wireless network on a Windows Vista-based … You use Wi-Fi Protected Access (WPA) together with Advanced Encryption Standard (AES) encryption to access wireless networks. A computer certificate is configured correctly on … http://support.microsoft.com/kb/935222

 

Planning for Secure Wireless Services WiFi Protected Access (WPA) High. Easy to deploy. More secure than WEP. WPA is a newer standard and not as broadly adopted. Updates required to Microsoft Windows XP to support WPA…. http://www.microsoft.com/technet/solutionaccelerators/smbiz/sitsol/DsgnNwrk_11.mspx?mfr=true

 

Configuring the Wireless LAN Clients For instructions on how to configure Wi-Fi Protected Access (WPA) data protection and key management, see Appendix B, “Using WPA in the Solution. http://www.microsoft.com/technet/security/guidance/cryptographyetc/peap_6.mspx

Wi-Fi Protected Access 2 (WPA2) Overview: The Cable Guy – May 2005 Wi-Fi Protected Access (WPA) is an interim standard adopted by the Wi-Fi Alliance to provide more secure encryption and data integrity while the IEEE 802.11i standard was being .. http://technet.microsoft.com/en-us/library/bb878054.aspx

 

Wireless LAN Enhancements in Windows XP Service Pack 2 – The Cable Guy … Built-in support for Wi-Fi Protected Access (WPA) Originally provided for Windows XP as a free download (the WPA Wireless Security Update in Windows XP ), Windows XP SP2 includes WPA … http://technet.microsoft.com/en-us/library/bb878093.aspx

 

Small Business Computer Security Checklist: Wireless Networks Turn on encryption: Turn on and use Wi-Fi Protected Access (WPA) encryption to prevent eavesdropping. There are several encryption technologies used on wireless networks; if your … http://www.microsoft.com/smallbusiness/support/articles/step_8_safeguard_wireless_networks.mspx

 

Planning Guide — Deciding On a Secure Wireless Networking Strategy … Wi–Fi Protected Access (WPA) Pre-shared Key (PSK) for very small businesses and home offices. Password-based WLAN security for organizations that do not want to use certificates http://www.microsoft.com/technet/security/prodtech/windowsserver2003/pkiwire/PGCH02.mspx?mfr=true

Windows Registry Help

Windows Registry Help

Windows Registry Information

Links to Windows Registry information and also Registry Cleaners utilitites… Windows Registry….  

To begin …. The difficulty in spelling out how to work with the Registry and associated Files is not easy and only for one reason. That reason is that mistaken deletions will cause damage. This is why it takes time – even months – to begin to know your machine like the back of your hand, what’s under the hood. A healthy fear is necessary to learn. However, the bottom line is that this eventually becomes necessary for all computer owners unless you are rich enough to keep dropping your Computer off at the repair shop for what you will learn are very simple procedures as easy as deleting read emails.

You begin by location – how the location of Files are written and how the location of a Registry key is written. The location written shows where it is at on the computer. This becomes essential in communicating that for help and also identification of a malware file or registry entry. In learning this, you will eventually be able to manually inspect your computer from time to time for malware as well – beyond simply blindly trusting security software that admittedly is not 100 percent effective. Eventually, through trial and error and repetition of visually identifying locations, you also learn the areas malware installs on the computer and this in turn makes you that familiar to ‘take a look under the hood’ and manually inspect your machine for malware entries. You may find inert inactive fragments or remnants of a spyware or adware installation that was removed previously. You may blunder onto a variant of a malware that was as yet undiscovered and make a report of that to antispyware companies at their websites – simply by recognizing the familiar files and registry entries of a previously removed installation from memory of it. This can occur during a registry cleaner scan as well – an item presented that turned out to be one of these. You can also report any left over item the antispyware program did not remove, and they will add that to current definitions…. but you must know location and how to write that. In the Windows Registry you can right click a key and click “Copy this Key Location” and then paste that in a text file or email. This is another way of seeing how the location is properly written and how that is pointing to it.

Unless you know what you are looking at DO NOT DARE DELETE ANYTHING IN THE WINDOWS REGISTRY OR YOUR WINDOWS OPERATING SYSTEM AND / OR OTHER SOFTWARE WILL BE RENDERED INOPERABLE… is the only way to say that.

Okay, let’s take that look under the hood. The  Windows Registry – how to get there?

Click > Start (lower left) > and click Run (on the menu) > and type in ” regedit ” in the little box. This automatically opens the Windows Registry.

On the left tree you click the little plus signs ( + ) that spread or collapse the tree. Collapse all the trees to the five sectors

HKEY_CLASSES_ROOT

HKEY_CURRENT_USER

HKEY_LOCAL_MACHINE HKEY_USERS

HKEY_CURRENT_CONFIG

Now spread the HKEY_LOCAL_MACHINE key directory open. Skim down and spread open “Software”. Notice all the names of Folders of your software. These should be very, very recognizable to you by name.

Okay …. shut the Registry (you can return anytime). To close it just click the ” X ” (means close file) all the way uppermost top right corner.

Well now you’ve been inside the Windows Registry without touching anything. The area we were looking at is one of the most common places registry items are deleted from and I will show you why….

Now we are going to look at the Files these keys are all associated to – the software and system that entered them.

Right Click > Start (lower left) > on menu click Explore… this will automatically open Windows Explorer were all your Software Files and the Windows Operating System Files are at… Local Disk (C;) – the “C-Disk”.

Spread open the tree on the Left (the same manner of clicking once the little ( + ) plus sign)…

+My Computer to

+ Local Disk (C (The C Disk)

…and spread open C Disk (where all files are on)….

Skim (scroll) down to “Program Files” and spread that open. Hover on or highlight on “Program Files” on the left and tap or click that just once. Look in the right side. All the Program Files folders will appear and have their names on them. These, again, will be very recognizable by software name. These are the actual Software Program Files (inside the folders) and don’t touch them. (Any change there can corrupt the software programs – they must remain unchanged).

You will notice on the left side – spread open the Program Files tree spread and you will see on the tree every sub folder (directory) of Program Files you are looking at on the right for your installed software. Each software has its own Folder that occurs automatically when you click “Install”.

Now if you remember, over in Windows Registry these look very, very similar. Generally when you uninstall a software – whatever is left over (not removed) then is called an “orphan” meaning a file or key without a parent folder – here the Program Files folder – although many times the empty Program Files Folder is still there after an uninstallation. When you uninstall a software – the left over corresponding registry items are then instantly picked up in a registry cleaner scan as safe to delete because this software no longer exists obviously.

Now this is where quality comes in. Most registry cleaners are not worth 2 cents unfortunately as they find too many “false positives” – meaning they are detecting registry items that belong to valid programs installed and running on the computer. This is another reason you NEVER click Delete in a Registry Cleaner or ‘Move to Back Up Folder’ unless you have positively identified it as safe to delete. This is another reason I slam Spybot Search and Destroy which used to present registry items for deletion and is why actually in most circles it is deemed for advance use only, though all newbies are directed to use it by uninformed persons who preach to have blind faith with it. This you NEVER do when it comes to your Registry. Most times System Restore will replace Files deleted but many times it can not replace Registry items deleted. This mistake generally takes some Disaster Recovery program by the experienced, and may be possible to re-write deletions back into the Registry by the trained and experienced. Now you know why just ONE mistake in the Registry IS a disaster. Depending on what and where it was, Windows may not be able to operate properly again. The software certainly won’t and will cause the computer disk most likely to indefinitely freeze up or even constantly crash the computer altogether until fixed. If it was actually the fatal mistake of deleting part of the Windows Operating System, the cheapest way out would be to simply purchase a new Windows copy and start from scratch – because most likely it will never boot again until then – or in other words it would cost up to 3 and 4 and 5 times as much as a new license copy to drop it off at the Computer Repair Shop.

You must become very, very familiar by going back and forth manually and looking at both sides and are totally positive that a registry key you are going to delete is indeed some left over fragment of an uninstalled software.

If you are using a registry cleaner that does not allow you to double click an item after a scan and it automatically opens right to it in the Windows Registry highlighted – DUMP IT…. it is a piece of crap (feature-wise) and you don’t want to trust the idiot that made that treating you like an idiot unable to make an informed decision of deletions. (The old “trust your computer to no one but yourself, and you only have yourself to blame for it”).

If it does not give you the full location listed in the results of each item – DUMP IT – it is a piece of crap (feature-wise) and you don’t want to trust the idiot who made it who is treating you – the informed public – like an idiot. A 30 dollar loss is better than $3,000.00 !!!! worth of computer you can’t use if you spent it already for an inferior product.

For now as a beginner, I would get familiar with things first and just do a lot of dry runs…. do the registry scan after certain events and look over the results. See what shows up all of a sudden after uninstalls. You should begin to see a pattern and become that familiar with normal deletion operations that are safe. There is NO HURRY to delete anything. You can let the trash pile up a long time before you have to put it out.

The other thing that is going to help is learning to properly writing the Location of an item in Files and then in Registry – and learning how to locate them when you see this.

Example : Adobe

The Files location is written like this:

C:ProgramFilesAdobe

…. which means to go to Windows Explorer and on Local C Disk at Program Files – there, Adobe is a sub folder.

The main Registry Key looks like this:

HKEY_LOCAL_MACHINESOFTWAREAdobe

…. Which means open the Windows Registry to Local Machine and in Software – Adobe is a sub key.

So Bottom Line is that you MUST locate each and EVERY registry item presented to you for deletion and inspect that. Is it truly a left over orphan belonging to nothing ? Is it in the location expected for this ? Until you can answer that like your life depended on it and you are actually that confident – YOU NEVER DELETE ANYTHING IN THE WINDOWS REGISTRY UNLESS YOU ARE ABSOLUTELY SURE.

The bottom line here is that I am passing on the general knowledge learned that brings any Computer Operator from novice to Advanced User. The chain goes for operators (users) like this universally: Novice (newbie) > Intermediate > Savvy > Advanced > Professional > Expert. ….So these lessons here, hopefully, should be enough to bring you up to Intermediate User at least, knowing and identifying Files and Registry entries in your computer – where to find them, and how locations are written and found – easily and effortlessly.

I hope this helped more than answers that may have hurt !

About Software Utilities Adding Restricted Sites lists to the Registry What Professionals and Experts say…..

You will see below a Professional explanation and why registry cleaners are used to prevent damage to Windows and/or softwares. Whereby certain utilities may add lists of sites and domains – this can be an exact example of “incremental entries” by softwares, or manually, into the Registry constantly per “definitions” (lists added) Updates….

Product Incrementation of Windows Registry – Windows Registry Size Limits http://www.liutilities.com/products/registrybooster/faq/registrycleaner/

“Fragmentation is a serious problem and occurs when application processes modify the registry continually and incrementally . Eventually registry file sizes may exceed the Registry Size Limits imposed by Windows. This causes subsequent modifications to the registry to fail. Most registry repair software allow you to defrag your registry ensuring that such issues do not occur. This is true prevention.”

…..the constant inordinate or unusual ‘incrementation’ of constantly adding Restricted Sites and domain entries in great mass volume offers no real protection – as malware circumvents the Restricted Sites feature of any browser anyway – and as explained will lead to failure of software running processes and application design as well as the Windows Operating System.

The Windows Registry has an imposed size limit. When this is approached and to succession – Windows will fail to operate as well as other software that relies on normal incremental changes such as definition updates to antivirus and critical Windows Updates as prime example. What is bottom line is, actually Windows can cease to function at some point of additions to the Windows Registry just like regular hard drive memory runs out at some point of continual downloads of files, media, etc.

SEE: Microsoft – Windows Registry Size Limits Imposed Below are the Experts and creators of Windows facts….

Windows Registry Size Limits Imposed / Microsoft… http://msdn.microsoft.com/msdnmag/issues/01/12/XPKernel/

There is a limit on the size of the System hive (the file that stores the HKEY_LOCAL_MACHINESystem key and its descendants) of 200MB, because of restrictions placed on the operating system boot loader by the environment in which it runs (the boot loader reads the System hive into memory very early in the boot process), but the limit for the System hive was just 12MB in previous versions of Windows…..

MORE: Registry Size Limit functionality has been removed from Windows Server 2003 and from Windows XP http://support.microsoft.com/kb/292726

Windows Registry Size Limits http://msdn2.microsoft.com/en-us/library/ms724872.aspx

RegistrySizeLimit http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/r….

Don’t listen to hackers – and this is extremely crucial with all systems released before Windows XP. The XP size limit was increased but has an imposed Size Limit by Microsoft. Some say “don’t worry about it”… and those are just the persons you remember when your computer fails. Too late then. Hackers may tell you to set up “registry folders” for Windows 98 and 95 to place these downloads (lists) in that would save or add registry room which would be preposterous.. Hackers will tell you if and when you run out of room in XP you can “increase the paged pool size – no problem”. Neither of these work or are true and are bad hacks and may intentionally be attempting pranks at your expense to destroy peoples machines like the “kiddie script” malware writers – or for “bragging rights” achieved. DUMP IT ! Did you know that antispyware programs like Webroot Spysweeper and Trend Micro Antispyware and the free Microsoft Windows Defender have real time active shields that block all attempts at all sites – not just “the bad ones – Restricted Sites” ???

This is what any obviously bad ‘donate’ forum or bad repair shop will not tell you if they derive profit (kind of like lible malpractice, don’t you think?) at the expense of the unknowing consumer. The attempted and much greater protection  is very simple – for 30 dollars a year you are good to go with quality professional shareware at price enabling the real time protection with heuristics. End of story. Do it and dump it now before you injure your machine. The professional shareware has been the solution since their creations. Most popular and used and effective.

The Restricted Sites mass and incremental (add ons) writings are one major – over and above – example of Registry Damages / System Failures. In real world using Windows XP – “Will you ever run out of room and to damage or failure?” Maybe not in the lifetime of it, and depends on what else you install obviously. SEE “disposable web domains” that from 2007 on are as common as the “disposable free email accounts” used to commit UCE (Unsolicited Commercial Email – spammers) that are launching malicious content websites continually – so that in other words it is impossible for those type utilities triple staffed to even keep up to offer any full free protection. Humanly impossible. And again, there are many times I have seen the red “Restricted” in the browser tray and I am looking right at and navigating the website right in front of me. This Windows feature is obviously some archaic feature probably predating to Windows 95 or even earlier ? The language and cybercrime have changed and the feature is simply no longer effective and you are not protected so don’t be fooled with that fatal false sense of security. As well, there are legal liabilities that should require corrections when a bad website is purchased by someone else who puts out good safe content. This then can no longer be a “Restricted Site” as a malicious content site and could be another entrapment by some slick bad doers along the lines of suits for profit. Presumably these type softwares and websites offering them should have correction updates obviously or otherwise it seems an unlawful blocking by their software of a valid site now. Cybercrime is an ugly, ugly, ugly cyber place. Too bad the good have to play fair against the lawless.

 

Registry Information Links

•Microsoft: Description of the Microsoft Windows Registry http://support.microsoft.com/kb/256986

•AnnoyancesOrg: Introduction to the Registry http://www.annoyances.org/exec/show/registry

•ComputerHopeCom: Windows Registry help http://www.computerhope.com/registry.htm

•Uniblue Registry Cleaner Comparison Chart  LINKS/Soure: http://www.liutilities.com/products/registrybooster/comparisions/

 

•Registry Fix http://www.liutilities.com/products/registrybooster/comparisions/registryfix/

•CleanMyPC http://www.liutilities.com/products/registrybooster/comparisions/cleanmypc/

•ErrorNuker http://www.liutilities.com/products/registrybooster/comparisions/errornuker/

•System Mechanic http://www.liutilities.com/products/registrybooster/comparisions/systemmechanic/

•Registry Cleaner http://www.liutilities.com/products/registrybooster/comparisions/registrycleaner/

•Free Registry Fix http://www.liutilities.com/products/registrybooster/comparisions/freeregistryfix/

•Registry Repair http://www.liutilities.com/products/registrybooster/comparisions/registryrepair/

•jv16 Power Tools http://www.liutilities.com/products/registrybooster/comparisions/jv16powertools/

•3B Registry Repair Pro http://www.liutilities.com/products/registrybooster/comparisions/3bregistryrepairpro/

•Advanced Registry Doctor http://www.liutilities.com/products/registrybooster/comparisions/advregistrydoctor/

•Error Killer http://www.liutilities.com/products/registrybooster/comparisions/errorkiller/

•Registry First Aid http://www.liutilities.com/products/registrybooster/comparisions/registryfirstaid/

•Registry Mechanic http://www.liutilities.com/products/registrybooster/comparisions/registrymechanic/

•Advanced Administrative Tools http://www.liutilities.com/products/registrybooster/comparisions/advadmintools/

•Ace Utilities http://www.liutilities.com/products/registrybooster/comparisions/aceutilities/

•Error Doctor http://www.liutilities.com/products/registrybooster/comparisions/errordoctor/

 

Recommended – as the best money can’t buy….. RegSeeker is Genuine Freeware – no ads, not ad-driven – and is Upgraded and works with Windows Vista. Get the latest version….

RegSeeker 1.55: http://www.hoverdesk.net/ RegSeeker is a perfect companion for your Windows registry ! RegSeeker includes a powerful registry cleaner and can display various informations like your startup entries, several histories (even index.dat files), installed applications and much more ! With RegSeeker you can search for any item inside your registry, export/delete the results, open them in the registry. RegSeeker also includes a tweaks panel to optimize your OS ! Now RegSeeker includes a file tool to search for duplicate files, bad shortcuts and more ! RegSeeker is FREE for personal use only !

PowerTools Lite – The Freeware Registry and System Cleaner http://www.macecraft.com/powertoolslite2011/

PowerTools Lite 2011 is a freeware edition of jv16 PowerTools – the ultimate Windows optimization and tuneup utility suite. PowerTools Lite 2011 allows you to easily clean up your computer from unneeded data, unused temp files, registry left overs and automatically fix registry errors. NOTE: jv16 PowerTools has been about the best registry cleaner loaded with extra advanced features including registry editor for years and years since the beginning. Recently over a year ago they released the above free edition which has four levels of intensity clean for beginner to advanced. Very safe. Very trusted .

PREMIUM jv16 PowerTools: http://www.macecraft.com/

http://en.wikipedia.org/wiki/Jv16_powertools

Forensics

Forensics

Resume:AmatuerForensics

Resume: AmatuerForensics

(old: http:// ww w .blue collar pc .net /forensics.html [All BlueCollarPC.Net Created Oct 2005 closed Oct 2009]

Resume: AmatuerForensics Build “Pseudo 14 Teredo Trojan Botnet Attack”

SOURCE: Resume: AmatuerForensics Build “Pseudo 14 Teredo Trojan Botnet Attack”….. htt p :/ / CLOSED bluecolla rpc .net/smf /index.php?topic=380.0

[NOTE this is in no way a “job interview” but meant in the sentiment by Beatle John Lennon at Let IT Be (rooftop) at the end saying, “I would like to say thank you on behalf of the group and myself and I hope we passed the audition” LOL

Resume: Amatuer Forensics Build “Pseudo 14 Teredo Trojan Botnet Attack”….. _________________________________________________________________________.

A  ~  W O R K  –  IN  –  P R O G R E S S ….. (“Knowledge shall be the stability of thy times…”)

Logs: Botnet Attack-Denial Of Service,Catastrophic damage,MSN.com subscribers targeted http://tech.groups.yahoo.com/group/BlueCollarPC/message/2450 “Pseudo 14 Teredo Trojan Botnet Attack” – Botnet Attack-Denial Of Service,Catastrophic damage,MSN.com subscribers targeted htt p : / / CLOSED groups.google.com/ group/Blue CollarPC/br owse_thread/thread/3228b2bc1ca5da8e BLOG: Death Of A Sails Man: Pseudo 14 Teredo Trojan Botnet Attack January 28, 2009 htt p :/ / CLOSED bluecolla rpc.wo rdpress.com/20 09/01/28/death-of-a-sails-man-pseudo-14-teredo-trojan-botnet-attack/ Tags: malware, trojan, botnet, pseudo, 14, IPv4, IPv6, tunneling, attack, worm, virus Posted in BCPCNet WebLog | 2 Comments »

RESUME: WEBMASTER BLUECOLLARPC.ORG DOMAIN / AMATUER SECURITY FORENSICS BCPCGroup ~ The BlueCollarPC.Org Website Security Group NOTICE BlueCollarpc.Net CLOSED OCT 2009 ! ——————————————————————————————

((( FORENSICS – BUILD )))—> building pc incident security forensics

temporary amatuer build of a full amatuer forensics submission, ongoing to finish this text will be removed upon completion !

AMATUER PC SECURITY FORENSICS TITLE: “Pseudo 14 Teredo Trojan Botnet Attack”

INFECTION DATE Scan Time: 12/18/2008 4:02:15 PM

ESTIMATE: [transport Bug in the Environment] …

DEFINITION—-> bug Last modified: Wednesday, July 16, 2003  http://www.webopedia.com/TERM/b/bug.html An error or defect in software or hardware that causes a program to malfunction. Often a bug is caused by conflicts in software when applications try to run in tandem. According to folklore, the first computer bug was an actual bug. Discovered in 1945 at Harvard, a moth trapped between two electrical relays of the Mark II Aiken Relay Calculator caused the whole machine to shut down. NON SAMPLE—> Unix transport bug (and a possible fix)  Unix transport bug (and a possible fix). 20 Jun 2003 15:58:02 +0200. Previous message: couple of trivial patches … http://lists.freedesktop.org/archives/dbus/2003-June/000389.html

SYMPTYMOLOGY: All System Restore Points deleted (several) Windows System Restore access blocked (blank white pages). Access in all browsers blocked to security sites (blank white pages) and also MSN.com customer customer settings (blank white pages) along with blocking Internet Explorer from installation finalization in retrograde from version 7 back to 6 and back again creating their circle jerk game for MSN Customers (blank white pages) via the Run Once webpage needing 2 clicks to complete installation – with all identity wiped in the browser and DNS information, no connectivity (broadband/dsl). Blocking meaning these were all blank white browser page including the Google Pack panel and Trend Micro Internet 2009 panel. Help files booby trapped with virus. Access blocked to Computer shortcuts and browsers online to Windows Updates. Some log files deleted. Windows > Search function feature access blocked – blank white page. Control Panel > Users access blocked as blank white page. Others…. able to access Microsoft Baseline Analyzer online – visible, but radio buttons access blocked – kept clicking button nothing happened, cursor mouse inoperative just on button clicks at website for scan begin. More…..

SYNOPSIS: [Apparent rootkit technologies in partiality are mechanism performing registry injection of false keys and files and payload facilitation – affording creation of a false positive detection and payload entry and transport via subsequent restore action as vehicle. The command registry injection by the limited rootkit technologies (stripped version apparently) and upload payload files constitute a “transport bug in the environment – matrix” as absence precludes delivery detection malicious and operative upon action taken. There were no valid detections basis for triggering false positive offered.]

DIAGNOSIS # Injection 14 values here: HKEY_CURRENT_USERSoftwareMicrosoftWindowsShellNoRoamBagMRU15 (Apparently causing blank white background on shells, browsers). Apparent encapsulated payload delivery and encapsulated ‘kiddie script’ as registry injection mini-load creating many type above and other keys in the various affected places to fake the appearance as a trojan via visual navigation behaviors. # Worm present as all System Restore Points deleted. # DNS broadband/dsl connectivity information wiped in system, connectivity destroyed, several security softwares disabled…. # Security scan logs do indicate major worm, traces of another major worm, spyware packages installed, additional viruses activated in Help Files and Downloader Trojan reported as installed. # Apparent encapsulated payload delivery. # SUMMATION: Damages 99.999 Percent of time defines a criminal botnet attack attempting even ‘spoofing’ of broadband/dsl connection and hijacking the computer immersing in crimeware botnet.

PROGNOSIS: Hijacking of PC into botnet for illegal piracy software exchange – foiled ! # Windows Installer corrupted by viruses all the way back through Service Packs to veriosn 2.0. thus denying installation and uninstalltion ability.  # Peer To Peer (P2P) package installed.  # Windows NetMeeting hijacked to perform file swap and possible IRCrelay communications – “Command and Control”. (original blast – “chatter detected”).

PAYLOAD DETECTED:

Worm (exlorer .exe) http://www.neuber.com/taskmanager/process/explorer.exe.html
Trace.Registry.Blubster (several)
Trace.Registry.SpyPc 8.0!A2 (several)
Worm.Win32.Otwycal.c
Trace.File.Borzoi
Trojan-Downloader.Win32.Agent.bkw
Trace.Registry.Internet Cleanup 5.0 (couple)
Trojan.Small.jhy.5632
Virus.Win32.Patched.B!IK
Virus.Win32.Patched.B!IK
Win32.Luder!IK (several)
Virus.Win32.Nsag.A!IK (several)
Virus.Win32.Virut.q!IK (several)
Trojan.Win32.Anomaly.D!IK
Virus.Win32.Virut.bo!IK
Win32.Virtob.8!IK (couple)
Virus.Win32.Virut.ar!IK
Virus.Win32.Virut.as!IK (couple)
Virus.Win32.Luder.B!IK
Win32.Luder!IK (several)
Virus.Win32.Nsag.A!IK (several)
Trojan-Downloader.Win32.Small!IK
Trojan-Dropper.Agent!IK
Trojan-Downloader.Win32.Agent.bkw

 

STATUS: [Restored, Windows Installer remains damaged – inoperative after several fix attempts

CLARIFICATION….. Clarification – “psuedo trojan” is my term for a fake trojan unique to this infection payload.

RELATED: MAJOR ZERO DAY THREATS – WINDOWS UPDATES PATCHES ISSUED FOR:
# WMF meta file Zero Day
# .AniCursor Zero Day
# VML Zero Day (Vector Mark Up)

BLOGS ~ LISTS ~ GROUPS…..

Death Of A Sails Man: Pseudo 14 Teredo Trojan Botnet Attack
January 28, 2009 by bluecollarpc
htt p CLOSED ://bluecollarpc.wordpress.com/2009/01/28/death-of-a-sails-man-pseudo-14-teredo-trojan-botnet-attack/
I guess a good name for this one is “Death Of A Sails man” ….. in referring to all the fun years on my Windows XP
Home Edition Personal Computer. Sailing, surfing – you get it.
Conficker Worm Targets Microsoft Windows Systems – Overblown?
March 30, 2009 by bluecollarpc
htt p CLOSED ://bluecollarpc.wordpress.com/2009/03/30/conficker-worm-targets-microsoft-windows-systems-overblown/
Security tip for Vista Firewall, others, against Conficker threats (Symantec)…..
April 8, 2009
htt p CLOSED://bluecollarpc.wordpress.com/2009/04/08/security-tip-for-vista-firewall-others-against-conficker-threats-symantec/
Tags: Conficker, firewall, open port, Port 5357, teredo, Vista Firewall
Posted in BCPCNet WebLog | No Comments »
Restoring false positive threat from Quarantine, Safe Mode dangers
April 3, 2009
htt p CLOSED ://bluecollarpc.wordpress.com/2009/04/03/restoring-false-positive-threat-from-quarantine-safe-mode-dangers/
Tags: back up, botnets, false positive, kiddie scripts, registry, restore point, safe mode, safe practices, system restore, worms
Posted in BCPCNet WebLog | 1 Comment »
Conficker Worm Targets Microsoft Windows Systems – Overblown?
March 30, 2009
Tags: botherder, botlord, botmaster, botnet, IPv4, IPv6, kiddie scripts, psuedo teredo, teredo, tunneling, worm, zombie, zombie networks
Posted in BCPCNet WebLog, SpyLerts | 4 Comments »
BCPCNet-Modcasts: “Malware Botnet Cartel” by BlueCollarPC.Net
February 12, 2009 by bluecollarpc
PLAY))) Malware Botnet Cartel (BCPCNet-Modcasts)
htt——-CLOSED
COMMENTS: (bluecollarpc) htt p CLOSED ://ww w. bluec ollarpc.net/

Cybercrime Treaty Gains Momentum…
Article: http://www.networkworld.com/news/2008/040108-cybercrime-treaty-gains-more-interest.html?fsrc=rss-security
Council Of Europe:
http://www.conventions.coe.int/Treaty/Commun/ChercheSig.asp?NT=185&CM=8&DF=&CL=ENG
Vista User Account Control gets perfect score – rootkits – use disabling tweaks ?
By bluecollarpc
ht t p CLOSED ://bluecollarpc.wordpress.com/2008/08/28/vista-user-account-control-gets-perfect-score-rootkits-use-disabling-tweaks/
Freeware security was a solution – once upon a time…..
August 29, 2008 by bluecollarpc
htt p CLOSED ://bluecollarpc.wordpress.com/2008/08/29/freeware-security-was-a-solution-once-upon-a-time/

COMMENTS ~ PUBS

LET’S AVOID…..
US Consumers robbed: $8.5 Billion by online threats – throw PCs in trash August 11, 2008 by bluecollarpc
ht tp CLOSED ://bluecollarpc.wordpress.com/2008/08/11/us-consumers-robbed-85-billion-by-online-threats-throw-pcs-in-trash/ U.S. Consumers Lost Nearly $8.5 Billion to Online Threats (Kansas City InfoZine)
Spyware accounts for $3.6 B in losses;
2.1 million computers replaced due to malware 8/8/2008 5:44 AM Read more| Open in browser http://www.infozine.com/news/stories/op/storiesView/sid/29832/
Tunneling to circumvent firewall policy
http://en.wikipedia.org/wiki/Tunneling_protocol#Tunneling_to_circumvent_firewall_policy

——————————————————————-/.

COMMENTS ATTACHED: (REPLIES) “~~~ BUILD NOTES…..~~~” .

_____PRESS_____

Security Software Disabler Trojan http://inews.webopedia.com/TERM/S/security_software_disabler_Trojan.html

Botnet – Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Botnet

botnet Definition: TechEncyclopedia http://www.techweb.com/encyclopedia/defineterm.jhtml?term=botnet

Botnet : Definition From Webopedia http://www.webopediacom/TERM/b/botnet.html

Article: Battling the Botnet Pandemic Lavasoft News – March 2007

http://www.lavasoft.com/company/newsletter/2007/2_28/article2.html

Battling the Botnet Pandemic. Your home computer may be among the millions of PCs that are under the control of criminals, and worse yet, you may not even be aware of it.

Article: Botnet – CNET News.com

http://news.com.com/Security+from+A+to+Z+Botnet/2100-7355_3-6138435.html

Security from A to Z: Botnet | CNET News.com Security from A to Z: Botnet | These armies of zombie PCs are used by cybercriminals for sending spam .. These armies of zombie PCs are used by cybercriminals for sending spam. Part of a series on …

Article: Botnet Basics http://www.eweek.com/article2/0,1895,2097976,00.asp

Botnet Basics Bots are software applications that run automated tasks over the Internet. A network of bots working under a central command and control center is a botnet. This eVideo seminar looks at the basic …

Article: Botnet Battle Already Lost? http://www.eweek.com/article2/0,1759,2029720,00.asp

Is the Botnet Battle Already Lost? Botnets have become a big underground business, and the security industry has few answers. eWEEK … It’s dress-down Friday at Sunbelt Software’s Clearwater, Fla., headquarters. In a bland cubicle on …

MSNBC: The lowdown on ‘Bots’ http://www.msnbc.msn.com/id/17805145/

The lowdown on ‘Bots’ What are ‘bots’? “Bots” – short for robots – are hijacked computers that are infected by computer viruses and then used by criminals and pranksters for a variety of criminal and malicious purposes. Who controls ‘bots’? The criminals behind “bots,” known as “bot herders,” assemble armies of infected computers — often between 50,000 and 70,000 PCs strong — that they can then charge customers for the use of. The going rate for sending spam is $5,000 a day or more, according to Howard Schmidt, former White House cyberczar. What are ‘bots’ used for? “Bots” are used to spread malicious programs, send spam, fuel “pump-and-dump stock schemes and launch denial-of-service attacks, among other things. How many ‘bots” are there? Internet founding father Vint Cerf recently estimated that 150 million computers have been hijacked. Most other experts believe that figure is too high, but there is general agreement that “bots” number in the millions, if not the tens of millions. How can I tell if my computer is a ‘bot’? You can’t necessarily. Antivirus software will catch most known viruses, but new ones are being created all the time. It used to be that poor performance often tipped off users that their computers had been infected, but “bot herders” now distribute tasks among thousands of computers to avoid tell-tale crashes.

More:

How big is the botnet problem? Feature By Julie Bort, Network World, 07/06/07

http://www.networkworld.com/research/2007/070607-botnets-side.html?fsrc=rss-security

Types of attacks: Botnets

Cross-site scripting: Inserting malicious JavaScript into the header of an otherwise legitimate Web site.

DNS cache poisoning: Hacking a DNS so that it directs people who enter legitimate URLs to the hacker’s malicious Web site.

iFrames: Invisible frames capable of executing malware.

Pharming: Creating an illegitimate copy of a real Web site and redirecting traffic to the phony site to obtain information or download malicious code.

Pretexting: Pretending to be a legitimate entity to lure people to malicious sites.

Toxic blogs: Uploading links to malicious Web sites, or when blogs support HTML or scripts, uploading malicious code or using iFrames.

——————————————————————————–
~~~ BUILD NOTES…..~~~

AMATUER FORENSICS SYNOPSIS – NOTE – DEFINING TERM USED “ENCAPSULATION” – CLARIFICATION…

This was, of origin, declared an “in the wild threat” by me. The original posts defined that, in detail, blow by blow – and finally easily understood line by line. This began with the incorrect (false positive) and partial “detection” as a trojan as the threat payload which in reality was a full blown Conficker worm type botnet (worst). One and two parts and so on of the highly deceitful payload where as an enormous skyscraper size threat/damage which in reality to Advanced Users was an ant size minimal “joke program” threat – the lethal “kiddie script” added.

Encapsulation, in my best guess opinion as my “Amatuer Forensics”, in – two manners – caused, first, the trojan false positive and second ALSO getting the unknown in the wild virus (lethal kiddie script) under the wire undetected by other existing real time antivirus that was in place and running up to date when the payload hit (while security suite was in uninstall/renewal state). That (lethal kiddie script) did the registry changes (malicious changes). But it goes a little further – A LOT FURTHER….. Also disguised and delivered were at least one well known worm and three other viruses which FINALLY were detected by scans before executing. Now, how the hell did that happen. Right, IMPOSSIBLE. So in real world, although the lethal kiddie script had basically only performed all the result/symptom “blank white pages” which are the blocking of getting to security sites as well acting very much like ‘Restricted Sites” feature of Windows and behavior result of a trojan — in real world the entire payload was disguised (encapsulated) and this was one small part of the whole package. It (lethal kiddie script) ran first and was instantaneous. The worm ran simultaneously but took at least 4 seconds minimal to 6 to delete the several System Restore Points in Windows System Restore – and which was now blocked via the malicious registry changes already performed by the “lethal kiddie script”.

“Malicious Encapsulation” in computers is simply attempting to put a detectable malicious malware threat inside a package best disguising it and passing off as safe or okay communication. Or even more simply – like the infamous Unibomber that tragically sent out “mail bombs” to several persons. These got past everyone appearing as friendly normal safe mail packages on the outside and of course a nightmare was inside.

It is entirely unfathomable to believe that existing real time protection antivirus in place running (proactive – not reactive stand alone free scanner) and, even a firewall to some extent, did not block (antivirus) or in the least detect (firewall) malicious behavior and/or malicious content of the major part of the payload delivered as the “same-name threat” – that old and well known worm file called “Explorer.exe”. This is a “same-name threat” meaning it has the same file process name as one in Windows (other softwares) and here, Explorer.exe which of course is Windows Explorer (where you access all files on the computer and the Windows Operating system files). And so here we are. An older than the hills recrafted worm introduced with and by an unknown malicious script (lethal kiddie script) that was “encapsulated” to appear as a false positive trojan or downloader trojan. In the very least one must admit there were two malicious mechanisms of deceit – one being the one that caused a false positive to make the package look like a downloader trojan to a well known antispyware program and the other that disguised a large enough worm and at least 3 viruses to install without detection. In reality, could be the same as one mechanism. Like I said this is best shot as “Amatuer Computer Security Forensics” – this entitling me. LOL.

ALL “ENCAPSULATION” MEANS HERE – IDENTIFIED BY ME – IS AS BEST GUESS AMATUER FORENSICS THAT ENCAPSULATION CODING WAS USED TO FOOL KNOWN ANTISPYWARE AND WENT UNDETECTED BY ANTIVIRUS PROGRAMS AS UNDER THE WIRE DISGUISING – AND PAST TWO EXISITING UNDAMAGED FIREWALLS, ONE BEING WINDOWS XP FIREWALL. GRANTED COMODO FIREWALL MAY HAVE NOT BEEN FULLY CONFIGURED YET BY ME FOR FULL PORT STEALTH AND RECOMMENDED SECURITY LEVELS. I WAS VERY BUSY PAST HORRIFIED MAKING ALL NOTES DURING INVESTIGATION WHILE REPAIRS ONGOING AND AS BEST POSSIBLE AND NOW NOTICING A COUPLE DETAILS LIKE THAT WERE NOT NOTED. THIS IS NOT ABOUT A BLAME GAME SO THAT LINE IS INSIGNIFICANT HERE. WHAT THIS IS – IS THE “ANATOMY OF A BOTNET HIT- HOW AND WHAT FOR SAKE OF A BETTER HOME SECURITY DEFENSE ON THE AVERAGE PC WORLDWIDE AND AS WELL TO ANSWER THE QUESTION “WHAT THE HELL DOES A BOTNET DO ONCE INFECTING THE COMPUTER AND HOW THE HELL DOES IT GET THERE IN THE FIRST PLACE?” – THE ANSWER BEING – HERE YOU ARE LOOKING RIGHT AT ONE !

This (encapsulation – computer) is perhaps a fancy way to describe a typical new unknown virus in the wild – OR may be even a new coding completely unknown to any conventional malicious script disguising. In the very least, I think it must be agreed that the Comodo Suite Firewall/Antivirus would have CERTAINLY detected the all too common all too used malicious “explorer.exe” payload. Perhaps it (Comodo Antivirus) is not even “West Coast Certified” yet in its infancy even. That’s disastrous, as famous and like top three worldwide antispyware “Counterspy” has added antivirus that wasn’t (West Coast Certified) and created the “Vipre” suite minus firewall. I have tried Vipre recently (Holidays 2008) and found that out and as fast as I was reading that I seen they are now certified I believe. Look it up. I am looking up Comodo Antivirus for certifications. For we students in the College of Hard Knocks – once certified you are no longer called “crapware” publicly. Once certified enables the program as a contender in the major market – the coveted accomplishments. Certification brings proven factual trust opposed to a “false sense of security” – example: one with crapware antivirus telling everyone, being a newbie, “yeah I am full protected with my AV”. There are now over 1 million viruses. If the antivirus does not have these signature detection and removal definitions – duhh, you are NOT protected.

SEE….. ….. …..

West Coast Labs West Coast Labs (WCL) is one of the world’s leading independent test facilities. We are a global leader in research, testing and certification for … http://www.westcoastlabs.org/

ALSO….. Process name: Windows Explorer Product: Windows Company: Microsoft File: explorer.exe Security Rating: http://www.neuber.com/taskmanager/process/explorer.exe.html

This is the user shell, which we see as the familiar taskbar, desktop, and so on. This process isn’t as vital to the running of Windows as you might expect, and can be stopped (and restarted) from Task Manager, usually with no negative side effects on the system. Note: The explorer.exe file is located in the folder C:Windows. In other cases, explorer.exe is a virus, spyware, trojan or worm! Virus with same name: W32.MyDoom.B – Symantec Corporation and other…

*
Related botnet activities information ….. SEE ….. (related botnet activites possible)

Tunneling to circumvent firewall policy

http://en.wikipedia.org/wiki/Tunneling_protocol#Tunneling_to_circumvent_firewall_policy

IP spoofing http://www.webopedia.com/TERM/I/IP_spoofing.html

(î-pç spoof´ing) (n.) A technique used to gain unauthorized access to computers, whereby the intruder sends messages to a computer with an IP address indicating that the message is coming from a trusted host. To engage in IP spoofing, a hacker must first use a variety of techniques to find an IP address of a trusted host and then modify the packet headers so that it appears that the packets are coming from that host. Newer routers and firewall arrangements can offer protection against IP spoofing.

US-CERT Vulnerability Note VU#800113 http://www.kb.cert.org/vuls/id/800113

DNS cache poisoning (sometimes referred to as cache pollution) is an attack technique … all rely on an attacker’s ability to predictably spoof traffic,… DNS cache poisoning – Wikipedia, the free encyclopedia Aug 18, 2008 … China has been accused of engaging in DNS poisoning, as part of the Golden Shield Project, for particular sites or networks which violate … http://en.wikipedia.org/wiki/DNS_cache_poisoning

Shocker DNS spoofing vuln discovered three years ago by a student … http://www.theregister.co.uk/2008/07/09/dns_bug_student_discovery/ Jul 9, 2008 … In order to spoof a DNS request it’s necessary to “guess” both the Query … Vendors form alliance to fix DNS poisoning flaw (9 July 2008) …

 

NOTES: “LETHAL KIDDIE SCRIPT” IS MY TERM AS MEANING THE REAL KIDDIE SCRIPTS THAT WERE AMONG THE ORIGINAL VIRUSES WERE PRODUCED GENERALLY BY YOUNG AGED PERSONS AS A SHOW OFF TO HURT OR BREAK INTO A SYSTEM AS HACKER BUT MORE AS A SHOW OFF OR PROOF OF CONCEPT EVEN. HERE – SAME TYPE OF MALWARE BUT NOW WRITTEN UP TO INTENTIONALLY CAUSE MALICIOUS DAMAGE – “LETHAL”.

SEE…… terms – malicious code malicious script etc. Malware From Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Malware

What is script kiddie? – A Word Definition From the Webopedia … This page describes the term script kiddie and lists other pages on the Web where you can find additional information. http://webopedia.com/TERM/S/script_kiddie.html

BOTTOM LINE…. This is my first and probably last (maybe first of many?) actual “botnet attack” malware installations I have ever given any Malware Removal Help for – ironically being in my own machine. Best first hand example for experience and as Microsoft websites tell you in malware area webs to ‘don’t get all hung up in where this that and the other thing or how and why and so on – but rather concentrate on best effort of full clean removal and just move on’ – …..along those lines. That’s great advice except for Helpers who need to be on top as much as anyone in IT Security to be credible or trusted.

ENCAPSULATION – GOOD GUYS AND SEE “REAL TIME PROTECTION” AND “HEURISTICS” IN ANTIVIRUS AND ANTISPYWARE AND BEHAVIOR DETECTION…. rtc.

EXAMPLE: “System and method for providing exploit protection with message tracking …… determining whether an encapsulation has been applied to an attachment associated with a message and unencapsulating such encapsulated attachment…..”

System and method for providing exploit protection with message tracking – A method and system for providing protection from exploits to devices connected to a network. The system and method include a component for determining whether an encapsulation has been applied to an attachment associated with a message and unencapsulating such encapsulated attachment, and a component that performs at least one decompression … http://www.patentsurf.net/6,993,660 FULL http://www.patentsurf.net/6,941,478

MORE…..

NOW…. TO ADD TO MY AMATUER FORENSICS …..

YOU ARE GOING TO SEE ONE OF THE SECRETS OF THIS DARK SIDE OF THE INTERNET CRIMEWARE MALWARE BOTNET HERE…..

IF YOU WILL REMEMBER THE “SHELL” REGISTRY KEYS STRAIGHT ACROS THE BOARD THAT MADE ALL THE BROWSER AND SHELL WINDOWS TO DISPLAY BLANK WHITE PAGES….. HERE:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsShellNoRoamBagMRU15

SEE….. Most Recently Used – Wikipedia, the free encyclopedia Jun 15, 2007 … Most Recently Used (MRU) may refer to: A specific menu in Microsoft Windows, see Common menus in Microsoft Windows; An uncommon method of … http://en.wikipedia.org/wiki/Most_Recently_Used http://en.wikipedia.org/wiki/Common_menus_in_Microsoft_Windows

That is a proper key with an additional copycat 14 value key. This corruption / rewrite of the key was extremely odd as kind of seeing doubles. One key, split, both values like seeing doubles of the key itself. SHOTZIE….. BINGO ….. GOTCHA….

HERE IS THE SECRET — THEY ARE USING TEMPORARY FILES BECAUSE LOOK AT THE KEY AND EVERYONE SHOULD KNOW THAT “MRU” MEANS “MOST RECENTLY USED” WHICH ARE TEMPORARY FILES AND CALLED YOUR TRACKS ON THE INTERNET – YOUR PC HISTORY OF NAVIGATIO YOU DO NOT WANT CRIMEWARE TO GET AHOLD OF AND IS WHY EVERYONE SAYS TO USE THE HISTORY CLEAN UP UTILITIES…. BUT THERE IS MORE…..

THE TEMPORARY FILES OF TIS PAYLOAD HAD THE KIDDIE SCRIPTS TO CREATE LIKE A THREE DOOR CHOICE FOR FORENSICS AS TO THE FOLLOWING….

IS THE KEY A FABRICATED WINDOWS EXPLORER WEBSITE PAGE DISPLAYING A FAKE PAGE AS SUCH AS THE BLANK WHITE PAGE OF IT – FAKE SHELL ?

IS IT AN ACTUAL SHELL OF LIKE A SOFTWARE CONTROL PANEL FOR EXAMPLE THAT IS FORCED TO DISPLAY JUST THE BLANK WHITE PAGE BECAUSE THIS IS THE DEFAULT OF WINDOWS WHEN SUCH A KEY IS CORRUPTED ?

SO IT MOVES SIMPLY TO ARE THEY A FAKE SHELL EVEN OR ACTUAL AND VARIATIONS ON THE THEME OBVIOUSLY. SO THIS IS NEITHER HERE NOR THERE EXCEPT TO MOVE TO RESTORE THE REGISTRY IS THE ONLY WAY OUT IF THERE ARE THE HANDFULS AND HANDFULS AND HANDFULS OF THESE ENTRIES….

BUT…… HERE IS THE BANG….. YOU DID NOT CONSIDER THIS ….

ARE THEY INJECTED TEMPORARY FILES REGISTRY ENTRIES FROM YOUR TRASH OR THEIRS ? IN OTHER WORDS RETREIVING THE GRAPHICS IMAGES OF A SHELL WITH —- HERE YOU GO BINGO —- REGISTRY INJECTION ?

IN OTHER WORDS THE KEYS THEMSELVES ARE REGISTRY INJECTION OF CRAP THAT DOES NOT EVEN EXIST AND ARE CAUSING BLANK WHITE PAGES DISPLAY… ACTUALLY THE PAYLOAD JUST MASS INJECTS THE REGISTRY FOR ALL THE AREAS CAUSING THE DENIAL TO SECURITY WEBSITES WITH ANY BROWSER AND WHATEVER ELSE IS THE TARGET SUCH AS MSN CUSTOMERS AS WAS MINE.

IT JUST IS VERY STRANGE THEY WOULD MASS INJECT FALSE KEYS PARTICLULARLY MOST RECENTLY USED (MRU) TEMPORARY HISTORIES.

POINT ? THEY ARE USING MASS REGISTRY INJECTION FOR TEMPORARY FILES RETRIEVAL AND DISPLAY, MANIPULATED BY THE FALSE KEYS.

YOU THINK I DON’T KNOW WHAT I AM TALKING ABOUT ? LOOK HERE AND TELL ME WHY THIS WAS CREATED AND WHY IT HAS SETTINGS TO DELETE ALL TEMPORARY MRU FILES AND KEYS TO BE SET FOR EVERY MINUTE, EVERY FEW MINUTES, EVERY HOUR, EVERY FEW HOURS AND SO ON….. WELL KNOWN POPULAR TRUSTED BEEN AROUND FOR YEARS JavaCoolSoftware.com …..

MRU Blaster http://www.javacoolsoftware.com/mrublaster.html Protect your privacy, and keep your PC free from clutter. Find and remove over 30,000 MRU lists. Version: 1.5 Free for personal & business use. http://www.javacoolsoftware.com/mrublaster.html MRU-Blaster works on Windows 95, 98, ME, NT, 2000, XP, or Vista. (Simply put: we need money to pay the bills. If you use MRU-Blaster, and are happy with it, we’d love if you would consider donating.) http://www.javacoolsoftware.com/mrublaster.html

BUT WHAT IF THE MRUs ARE FAKE REGISTRY INJECTION ” YOU SEE ? AND HOW THE HELL DO YOU CLEAN THEM UP (DELETE) IF THEY ARE CORRPUTED TOO ? SHOOTING BLANKS THINKING YOU ARE GOOD TO GO… BUT NONE THE LESS IS RECOMMEMDED SOFTWARE OBVIOUSLY ! ! ! DO IT ! ! AND ADD ALL TRACKS CLEAN UP ANDS RUN THEM CONTINUALLY TO GET RID OF ALL TEMPORARY HISTORY TRACKS….

SEE IT ? THE KEYS ARE FAKE KEYS MASS INJECTED AND NOT REALLY CORRUPTED / CHANGED / RE-WRITTEN KEYS AT ALL ! (POINT – BINGO) SEE IT ? HOW THE HELL IS ANY TRACKS CLEANING SOFTWARE GOING TO GET RID OF THEM ? THEY CAN’T BECAUSE THEY ARE NOT REAL FILES KEYS — GET IT ?

SO FOR THE EXERCISE, WE ARE TALKING HEADS UP TO “REGISTRY MASS FAKE KEYS INJECTION” ….. GET IT ? GOOD.

IT IS ALL OF THE MAGIC OF WINDOWS AT CORE ISSUE….. INDEXING, PREFETCH ALL THE TEMPORARY INTERNET FILES THAT MAKE WINDOWS SO FAST AND SO GRAPHICALLY VISUAL…. THESE PARTS ARE INDEXED FOR LIGHTENING SPEED AND ALL THEMSELVES ARE CONTINUALLY CREATING TEMPORARY FILES AND LOGS ALL OVER WINDOWS IN THEIR PROPER PLACES….. IN OTHER WORDS TURNING ALL THESE FEATURES OFF LEAVES YOU IN THE STONE AGE WITH EACH SIMPLE CLICK AND TASK TAKING UP TO 5 MINUTES EACH (dramatized). SO YOU MOVE FROM WINDOWS OR PC OR FIGHT. —————————————————————————————————————

CLARIFICATION…..

The continual references of the IPv6 is the area of the attack actually is existing IPv4. This is the direct route to connectivity and malware disabling firewalls and the then counterfeit attempts at hijacking the broadband connection – or in others immersing the infected PC into a malware botnet – “zombie network”.

IPv6 is the new scarcely used, I believe, internet services of the world web. Then in this light of course is what the reference to the IPv6 as here and future are the newer attacks and for future.

All in all – this is all about the Windows XP Years and all the malware devastations the world has heard of or experienced. The idea of research here is checking out connectivity information between the PC and the ISP (Internet Service Provider like AOL,MSN, Earthlink etc) like your IP Number area and also firewalls. Connectivity area and firewalls. Anti-modem defense software like in dial up certainly enters the picture.

It is not hard to know why the cyber criminal would prefer broadband – duhh! [innocent sarcasm].

So for the exercise here we are looking at these areas and how they are manipulated, counterfeited, hijacked, etc – and meaning particularly by a malware botnet. Everything is basically in the IPv4 areas in reality where the world web is in now and has been for years.

Sorry for the several misquoted times early on. ————————————————————————————————————-   SECURITY HORIZON     These abilities frequenting may became in part or full in any variants as a standard payload. Conficker Worm Botnet is a prime example as a close cousin here. Obviously these new times is these new deadly criminal bo tnets have changed Malware Removal Help….. No longer in caution or common sense can Community….
# Give Help Instructions for Malware Removals to reboot into diagnostics Safe Mode for removals can not safely be advised. If Safe Mode is not blocked, it may intentionally give access but is booby trapped to disallow regaining rebooting into Normal Mode.   # Obviously Windows System Restore and Restore Points are rendered inoperable, deleted.   # Windows Updates and Security Software websites are blocked. Windows Installer may well be rendered inoperable denying download / install abilities.   # Windows Remote Invitations help may not be possible if client infected with keyloggers and crimeware culprits intercepting Password are entering first. May be inoperable. …..Also via encapsulated (or similar deceits) payloads may act as in the wild threats undetectable destroying both computer systems or engaging help in botnet via infection.   # Mobile portable thumb drive (others) anti-malware may be needed to replace mentioned standard help avenues – and may need be prepared for Windows Installer repair.   # More….. Disaster Recovery – Prevention http://www.smfgratuit.com/forums/bluecollarpc/index.php/board,11.0.html

*
(((PROLOUGE)))
NOW DISCLOSED…… APPARENT ATTEMPT TO INFECT PLASMA SERVERS AS WELL…. Optical buffer http://en.wikipedia.org/wiki/Optical_buffer NON Sample – http://www.sun.com/customers/servers/pppl.xml

The attempted area to infect plasma servers ? Like I said – “watch the plasma burns Mr. 14 !” I found your little infected gif – your z’text” was discovered. PBMF! [much of the above will be more concise and cleaned up – a build, here preliminary Prolouge adding…]
a-squared Anti-Malware – Version 4.0 Last update: 4/19/2009 5:06:37 PM 12:32 AM 4/20/2009

Scan settings:

Objects: Memory, Traces, Cookies, C:WINDOWS, C:Program Files Scan archives: On Heuristics: Off ADS Scan: On

Scan start: 4/19/2009 5:31:46 PM

C:WINDOWS$NtUninstallKB834707$wininet.dll  detected: Virus.Win32.Nsag.A!IK

C:WINDOWS$NtUninstallKB867282$wininet.dll  detected: Virus.Win32.Nsag.A!IK

C:WINDOWS$NtUninstallKB883939$wininet.dll  detected: Virus.Win32.Nsag.A!IK

C:WINDOWS$NtUninstallKB890923$wininet.dll  detected: Virus.Win32.Nsag.A!IK

C:WINDOWSI386AGENTSVR.EX_/agentsvr.exe  detected: Virus.Win32.Luder.B!IK

C:WINDOWSI386BCKGZM.EX_/bckgzm.exe  detected: Virus.Win32.Virut.q!IK

C:WINDOWSI386CMSTP.EX_/cmstp.exe  detected: Trojan.Win32.Anomaly.D!IK

C:WINDOWSI386DEFRAG.EX_/defrag.exe  detected: Win32.Luder!IK

C:WINDOWSI386DIANTZ.EX_/diantz.exe  detected: Win32.Luder!IK

C:WINDOWSI386HRTZZM.EX_/hrtzzm.exe  detected: Virus.Win32.Virut.q!IK

C:WINDOWSI386MSCONFIG.EX_/msconfig.exe  detected: Win32.Luder!IK

C:WINDOWSI386NETDDE.EX_/netdde.exe  detected: Win32.Luder!IK

C:WINDOWSI386NSLOOKUP.EX_/nslookup.exe  detected: Win32.Luder!IK

C:WINDOWSI386ODBCCONF.EX_/odbcconf.exe  detected: Virus.Win32.Virut.bo!IK

C:WINDOWSI386OEMIG50.EX_/oemig50.exe  detected: Win32.Virtob.8!IK

C:WINDOWSI386OSK.EX_/osk.exe  detected: Virus.Win32.Luder.B!IK

C:WINDOWSI386RDSHOST.EX_/rdshost.exe  detected: Win32.Luder!IK

C:WINDOWSI386RSVP.EX_/rsvp.exe  detected: Win32.Luder!IK

C:WINDOWSI386SESSMGR.EX_/sessmgr.exe  detected: Win32.Luder!IK

C:WINDOWSI386SETUP50.EX_/setup50.exe  detected: Virus.Win32.Virut.as!IK

C:WINDOWSI386WBEMTEST.EX_/wbemtest.exe  detected: Virus.Win32.Luder.B!IK

C:WINDOWSI386WINHLP32.EX_/winhlp32.exe  detected: Virus.Win32.Virut.ar!IK

C:Program FilesCommon FilesAdaptec SharedSystemWininet.dll  detected: Virus.Win32.Nsag.A!IK

C:Program FilesCOMPAQWorks6.0RedistIE5Iemil_3.cab/WININET.DLL  detected: Virus.Win32.Nsag.A!IK

C:Program FilesCOMPAQWorks6.0RedistIE5Iew2k_3.cab/wininet.dll  detected: Virus.Win32.Nsag.A!IK

C:Program FilesCOMPAQWorks6.0RedistIE5Vbscript.cab/wshext.dll  detected: Trojan-Downloader.Win32.Small!IK

C:Program FilesPCCloneEXrsspublisher.msi  detected: Trojan-Dropper.Agent!IK

Scanned

Files:  91029 Traces:  629588 Cookies:  54 Processes:  48

Found

Files:  27 Traces:  0 Cookies:  0 Processes:  0 Registry keys:  0

Scan end: 4/19/2009 10:48:25 PM Scan time: 5:16:39

C:Program FilesPCCloneEXrsspublisher.msi Quarantined Trojan-Dropper.Agent!IK

C:Program FilesCOMPAQWorks6.0RedistIE5Vbscript.cab/wshext.dll Quarantined Trojan-Downloader.Win32.Small!IK

C:WINDOWSI386WINHLP32.EX_/winhlp32.exe Quarantined Virus.Win32.Virut.ar!IK

C:WINDOWSI386SETUP50.EX_/setup50.exe Quarantined Virus.Win32.Virut.as!IK

C:WINDOWSI386OEMIG50.EX_/oemig50.exe Quarantined Win32.Virtob.8!IK

C:WINDOWSI386ODBCCONF.EX_/odbcconf.exe Quarantined Virus.Win32.Virut.bo!IK

C:WINDOWSI386DEFRAG.EX_/defrag.exe Quarantined Win32.Luder!IK

C:WINDOWSI386DIANTZ.EX_/diantz.exe Quarantined Win32.Luder!IK

C:WINDOWSI386MSCONFIG.EX_/msconfig.exe Quarantined Win32.Luder!IK

C:WINDOWSI386NETDDE.EX_/netdde.exe Quarantined Win32.Luder!IK

C:WINDOWSI386NSLOOKUP.EX_/nslookup.exe Quarantined Win32.Luder!IK

C:WINDOWSI386RDSHOST.EX_/rdshost.exe Quarantined Win32.Luder!IK

C:WINDOWSI386RSVP.EX_/rsvp.exe Quarantined Win32.Luder!IK

C:WINDOWSI386SESSMGR.EX_/sessmgr.exe Quarantined Win32.Luder!IK

C:WINDOWSI386CMSTP.EX_/cmstp.exe Quarantined Trojan.Win32.Anomaly.D!IK

C:WINDOWSI386BCKGZM.EX_/bckgzm.exe Quarantined Virus.Win32.Virut.q!IK

C:WINDOWSI386HRTZZM.EX_/hrtzzm.exe Quarantined Virus.Win32.Virut.q!IK

C:WINDOWSI386AGENTSVR.EX_/agentsvr.exe Quarantined Virus.Win32.Luder.B!IK

C:WINDOWSI386OSK.EX_/osk.exe Quarantined Virus.Win32.Luder.B!IK

C:WINDOWSI386WBEMTEST.EX_/wbemtest.exe Quarantined Virus.Win32.Luder.B!IK

C:WINDOWS$NtUninstallKB834707$wininet.dll Quarantined Virus.Win32.Nsag.A!IK

C:WINDOWS$NtUninstallKB867282$wininet.dll Quarantined Virus.Win32.Nsag.A!IK

C:WINDOWS$NtUninstallKB883939$wininet.dll Quarantined Virus.Win32.Nsag.A!IK

C:WINDOWS$NtUninstallKB890923$wininet.dll Quarantined Virus.Win32.Nsag.A!IK

C:Program FilesCommon FilesAdaptec SharedSystemWininet.dll Quarantined Virus.Win32.Nsag.A!IK

C:Program FilesCOMPAQWorks6.0RedistIE5Iemil_3.cab/WININET.DLL Quarantined Virus.Win32.Nsag.A!IK

C:Program FilesCOMPAQWorks6.0RedistIE5Iew2k_3.cab/wininet.dll Quarantined Virus.Win32.Nsag.A!IK

Quarantined

Files:  27 Traces:  0 Cookies:  0
There are many reasons basic information was posted. Number one, this was an “in the wild attack” in nature meaning obviously unknown to antivirus and antispyware companies runnning as Trend Micro, Comodo, McAfee, PC Tools etc.

The nature of bot (the payload package) cyber crime is very much like the average consumerism going crazy over FREE STUFF all over the internet. “Bot World” is a gigantic underworld shopping mall. We don’t want what works and what doesn’t posted publically. We don’t want anything helpful to them in other words posted immediately until defenses are in place across the board – is a basic attitude. In other words, in the Security Community you want to aiding security not crimewares.

No doubt Visitors passing by have scratched their heads at all of this and the “final submission” idea was never meant as imminent. It was more a look see laugh for those involved in this.

As for those involved in many “pro” forums – you know where you always end up for help instead of places like our forums and pay donations for crap help – this was a next phase as many of those would not allow me in past their training boot camps with my superior removal abilities and recommendations of removals which are proved and tried and diluted from the experts which they are obviously not and have been a laughing stock to companies like Trend Micro and Emsi.com and an annoyance and irritation. Coinicidental many of them own PC Repair Shops ? If you smell scam….

So the point was they would make personal attacks on me and accuse me of “parroting” and “regurgitation” meaning “hey dude you are just like a talking parrot repeating everything you hear” and “you just puke up everyhting you swallow down” (information wise) – “who are you and let’s see some imperical data” and on and on.

Well, number one – let’s see them show forensics as I did with a little gif image containing a text virus to infect Verizon plasma servers in this payload ! Had somethoing to do with a little word “particle” and I won’t go further LOL.

No doubt behind my back somewhere in their circles they may have claimed I was making wild eyed claims for attention as they do. An old drug rehab theraputic tool is the saying “We see in others what we dimly perceive in ourselves” with this type behavior or as God says – the mouth boasts the heart, talking about the drunkards of evil.

What may have been missed is that the Diagnosis as in epilouge and prolouge is that this attack is classified as “Spear Phished – Known Product Trust” meaning the payload was delivered thorugh “Spear Phished – titulation” meaning the culprit cyber stalked my activities, got my ‘flavors’ and hit my computer with the package right from the company – the well knwo company who is very, very reputible and well known and trusted. Did the departmenals have Bin Laden’s gun to their head. Maybe. Maybe it was some rich “Botlord” meaning as a “God Father of crime”. I have many enemies. I turned many of them in when discovering secret “codes” as Yahoo ID screen names in the mobile computer groups. A sh*tload of mobile piracy wares for sale right in the public and the groups. The “codes” uncovered where the ID names ALL indicated they were working for Bin Laden and terrorism at large where all the gains were to go. This is quite public as the FBI arrest which also is not public. You see I could have gotten one million dollars each for the f**king bastards but at the time our USA rate was 40 percent of all American software was pirated and resold or given away. This was Homeland Defense et al. I donated the million dollars each for each of the arrests back to the Software Business Alliance giving them full disclosure so they could investigate in such a high profile end that it was that succesful. Of course, President Bush (Jr) had full power of the “Suspension of the Writ of Habeas Corpus” as the best tool. In USA, that means ain’t nothing here any of your business and lawfully never will be. This is why I say to my detractors – kiss my Anglican Jew ass – not my hand ! Ass is in the Bible you know….

WHY WAS THIS SPEAR PHISHING BY TRUSTED KNOWN PRODUCT EMPLOYEES… This is a new event… “Spear Phished – Known Product Trust” that has now happened twice to me and my equipment. The only thing close to this as believeable is the Cyber Security Agencies publishing that IT Employees are a worst security threat than malware as a type “disgruntled employee” syndrome. Forensics by the way is sort of like Psychology that diagnosis symptoms for the Pshychiatrist to treat. Here, Forensics is as a “Probable Cause” for Cyber Security Agencies such as the USA FBI to then take action for arrest. Christ, the other involved biometrics break out, are you serious? Yep !

So the payload here executing in approxiamately under 6 seconds indicates NO COMMAND AND CONTROL ACTIONS when attacking and disabling Trend Micro Suite, Comodo Suite, McAfee Antivirus/Firewall, PC Tools itself – ALL running simultyaneouly as explained and why this incredibly packed protection was active for that just one moment and purley NOT any regular practice (renewing Trend Micro Suite with opther protections in place and test trial wrap up).

Let’s take a look at a Botmaster or Botheder NON SAMPLE of what may criminally used as a Command and Control Console to get an idea of how long the “hang time” is to discover exisiting protections and then attack them as unautomated or partially – needing human interaction….

Take a look at www.openfiler.com…. the first intro paragraph (Products) is kind of the “meta data” of a BotMaster / BitHerder Console.

SO NOW UNDERSTAND THIS PAYLOAD EXECUTED WITH ABSOLUTELY NO HUMAN INTERACTION BY A BOTMASTER / BOTHERDER AND THUS REVEALS A PRE-PACKAGED CRIMEWARE VIA CYBER STALKING AND SOCIAL ENGINEERING TACTICS…. get it, publically it was known what I was doing at the time and on the other end of the PC Tools product at end of a scan – the “pipe line”.

This equates SPEAR PHISHING BY TRUSTED KNOWN PRODUCT     ADDITIONALS

Amatuer Forensics Build in Progress – “Nimrod Botnet”

http://bluecollarpc.us/2010/01/07/new-amatuer-forensics-build-in-progress-nimrod-botnet/

AmatuerForensics-Mobile: USB stick MP3 Player (apparent cross infection – PC / Mobile PC)……

http://bluecollarpc.us/2010/01/07/amatuerforensics-mobile-usb-stick-mp3-player-apparent-cross-infection/


AGAIN THIS WAS WHEN OUR BLUECOLLARPC.NET WAS STILL RUNNING WITH 6 MIILION VISITORS/USERS FROM 2005 TO 2009 [closed] …..
THIS IS TO AGAIN CLEAR MY NAME WHO MANY OF THE FORUMS YOU ARE GOING TO FOR HELP HAVE JOINED MANY PLACES LIKE MICROSOFT NEWS ROOMS AND YAHOO ANTISPY AND YAHOO ANSERS AND ON AND ON AND USED DUMMY DISPOSABLE ACCOUNTS AND KEPT POSTING “THAT BLUECOLLARPC GUY SPAMS THE LIVING PEE OUT OF YOU – DON’T JOIN ANY OF HIS GROUPS” AND ON AND ON CONTINUAL PERSONAL ATTACKS IN VIOLATION OF TOS AND ON AND ON AND — JEALOUSY ? AS THEY HAVE LIKE 30,000 POSTS AND HANDFULS OF MEMBERS BUT SHOW UP TO A COUPLE THOUSAND INACTIVE DEAD ACCOUNTS TO APPEAR AS “WOW – THIS MUST BE THE PLACE TO JOIN” PRESENTATIONS AND ON AND ON CANDY MAN TACTICS EMPLOYING WELL KNWON INFERIOR PRODUCTS AS YOU SECURITY SOLUTYIONS AND HOW MANY TIMES HAVE YOU RETURNED TO DONATE FOR MORE INFECTION DOWN THE ROAD ??? OR ELSEWHERE ???
HERE IS THE LEVEL OF ATTACK AGAINST ME – A SIMPLE COMMUNITY PERSONAL WEBSITE AS INNOCENT AS SOME ‘SOCKER MOMS SITE” — ON THE LEVEL OF CORPORATE SPEAR PHISHING…..
[NOTE… the Windows Installer was attacked by many viruses and Forensics Build in Full here… http://www.smfgratuit.com/forums/bluecollarpc/index.php/topic,13.0.html ….the viruses attacking the Windows Service Packs all the way back to Windows installer Version 2 destroying all versions in deletion and corruptions leaving the following Peer 2 Peer application as virtually the only “download” capability of the computer which attempt into the botnert failed miserably anyway thanks to Windows DEP and other…]
Symantec.com > Business > Security Response > Attack Signatures > P2P Blubster Download Setup http://www.symantec.com/business/security_response/attacksignatures/detail.jsp?asid=20562

P2P Blubster Download Setup: Attack Signature – Symantec Corp. P2P Blubster Download Setup This signature detects attempts to download the Blubster P2P music sharing software.

Severity: MediumThis attack could pose a moderate security threat. It does not require immediate action.DescriptionThis signature detects attempts to download the Blubster P2P music sharing software.Additional InformationBlubster uses basic peer-to-peer structured software without a central server, running a private UDP transport protocol: The MP2P Protocol. The system is designed to allow a user?s identity to remain private, which tries to make all the file-sharing process completely anonymous. Over 2 Years after its inception, MP2P claims to be a super-scalable and ultra-fast network. Blubster is a peer-to-peer filesharing client which is based on MP2P – a propietary UDP transport protocol. peer-to-peer sharing software allows for ease of file distribution between networked users – including potentially copyright protected material.
DID YOU MISS THIS….
Symantec.com > Business THIS ATTACK WAS ON THE LEVEL OF A CORPORATE CEO ATTACK AND I AM A SIMPLE XP USER WITH A PERSONAL WEBSITE – ALTHOUGH I HAVE GONE WELL BEYOND “ADVANCED USER’ THROUGH THE PROCESS LOL. DO YOU UNDERSTAND WHAT I FIXED AS FAST AS IT WAS MESSED UP ? THIS WAS A MASSIVE MASSIVE MASSIVE ATTACK WITH CATASTROPHIC DAMAGES THAT I FIXED AND HAD FULL REPORTED FORENSICS TO ALL AGENCIES WITHIN THE HOUR….. SO NEVER NEVER NEVER BELIEVE ANYONE WHO HAS BACK HANDED BAD MOUTHED THE BLUECOLLARPC.NET WEBMASTER BEHIND MY BACK AND I LAUGH IN THEIR FACE.
LET’S SEE YOU GET THIS LEVEL OF HELP AT THEIR FORUMS…
GO AHEAD TO UNITE FORUMS…. I HAVE APPLIED THERE RESPECTIVELY AND SINCERELY AS AN ADDITIONAL CATAGORY HELP FOR BOTNET INFECTION OF THE WHICH FRANKLY THEY HAVE NO CLUE AS IT IS REPORTED CURRENTLY FEB 2010 THAT 41 PERCENT OF WORLD 800,000 PLUS COMUTERS ARE CURRENTLY BOTNET INFECTED.
LIKE IS SAID “I HOPE WE PASSED THE AUDITON” LOL !!!!
YOU SECURITY PEOPLE NEED TO GET VERY VERY VERY BUSY OPENING BOTNET DETECTION, PREVENTION, AND REPAIR AND REPMOVAL ASAP !!!!
SEE YOU HAVE BEEN TOLD !!!! BlueCollarPC.Org said that !
NOW YOU PROBABLY MISSED THIS AS WELL ….
“BOTNETS BOT WORLD GET FREE MUSIC SUCKS !!!! HOW ??? (maybe they will come forward about the crap products they got for free)
NOTE: Unfortunately the original full forensics build was lost due to the failure of an SMF Forums upgrade. However, there was the original notes of the few media players that were corrupted. Below you will understand the importance. There is incidence of data files or .DAT translated into media image files to hide by crimeware.

NON SAMPLE DAT file manipulation   Reading and writing Isis image buffers. The objects defined below may be used to read and write images to and from two-dimensional DAT files. … http://web.media.mit.edu/~stefan/isis/software/dat-files.html
TWO high qulaity players were unaffected which too legitmately guard particular .dat files.

REFERENCE (Symantec above) “….Blubster is a peer-to-peer filesharing client which is based on MP2P – a propietary UDP transport protocol….”

User Datagram Protocol http://en.wikipedia.org/wiki/User_Datagram_Protocol User Datagram Protocol (UDP) is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network without requiring prior communications to set up special transmission channels or data paths. UDP is sometimes called the Universal Datagram Protocol. [sidebar – IP Spoofing, piping and PS.. IRCChat Relay is Pergamos – busted ! See IRC in IRS]

UDP uses a simple transmission model without implicit hand-shaking dialogues for guaranteeing reliability, ordering, or data integrity. Thus, UDP provides an unreliable service and datagrams may arrive out of order, appear duplicated, or go missing without notice. UDP assumes that error checking and correction is either not necessary or performed in the application, avoiding the overhead of such processing at the network interface level. Time-sensitive applications often use UDP because dropping packets is preferable to waiting for delayed packets, which may not be an option in a real-time system. If error correction facilities are needed at the network interface level, an application may use the Transmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this purpose.
# “may arrive out of order,” you will notice in newer state of the art software wireless modems since the Vista release notebooks and laptops avoid “packet crashing” to keep a nice continual connection and communicaton.
# If you entered a botnet intentionally or not seeking FREE MP3 crap – no doubt the MP3 Files were crap as seemingly very poor copies as like “skipping” as a CD on a CD Player or “scratchy” like on a vinyl recording record and player or actual missing parts as skipping to the end. Crap recordings because “may arrive out of order, appear duplicated, or go missing without notice.” Note the news pubs about College Kids are the worst offenders in this area. They got what they paid for. This is INSTABILITY that was the EXACT reason I ended up discovering all the pirated softwares when unknowingly I downloaded the ONLY pirated copy of softtware ever that was in mobile computer form which introduced TERRIBLE INSTABILITY in my Windows Mobile Computer and upon investigation discovered parts of the software certifications and copyrightables removed and IMMEDIATELY realized it was a pirated copy and was LUCKY enough to be able to remove it entirely IMMEDIATELY. PIRACY PRODUCTS INTRODUCE GREAT INSTABILITY INTO THE SYSTEM…. Now the whole public knows like in intravenous drug users you are called the Pillsbury DoughBoy meaning you got handed a BEAT BAG of drugs that was actually 90 percent baby powder (cake mix powder) and we had a good LOL. No doubt as a “new botworld member” they purposely first sent you the “beat bag” to see if you would keep your mouth shut or go running all over the internet blabbering away about their products and who was listening or watching (internet police). To shut you up or introduce you to”option 2 good stuff” as an apology you no doubt have been there ever since as a “preferred customer” and a good little biddtch that knows how to keep their mouth shut….. READ ON…. and “God Damn The Pusher” (SteppenWolf Classic Rock)….
# Time-sensitive applications often use UDP because dropping packets is preferable to waiting for delayed packets, …. Now all Outlook Users are well aware of Email publishing that can be set to what time you want them sent automatically. this is much a tactic here no doubt of some product deliveries going on by criminals to criminals – you if you are recipient knowingly.
# “Preferred Customers” no doubt get this service…… in a real-time system. If error correction facilities are needed at the network interface level, an application may use the Transmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this purpose.
File swapping through Peer To Peer (P2P) should be banned from the world web and left as normal traditional downloading from legitimate sites. This will cure many, many ills.
POST NOTES…..
As well there was a trojan detected and removed attempting hijacking Windows Net meeting on the pc as an apparent additional file swapping more likely as an IRCRelay stealth Botmaster / Botherder  communication.

Microsoft NetMeeting – Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Microsoft_NetMeeting “”…..Protocol for whiteboarding, application sharing, desktop sharing, remote desktop sharing (RDS) and file transfers……”” Microsoft NetMeeting was a VoIP and multi-point videoconferencing client included in many versions of Microsoft Windows (from Windows 95 OSR2 to Windows XP) …

This may lead to further investigations into…..

Windows Meeting Space http://www.microsoft.com/windows/windows-vista/features/meeting-space.aspx Explore the features: Windows Meeting SpaceWindows Meeting Space—and the entire peer-to-peer developer platform in Windows … Both Windows Meeting Space and Microsoft Office Live Meeting help you …

Threats FAQs

Threats FAQs

Threats FAQs Threats Frequently Asked Questions

ORIENTATION…
Notes: Adware is NOT a separate category threat – adware is a Spyware category threat. Antispyware products do NOT remove antivirus category threats
such as viruses and worms. Antivirus products do NOT remove antispyware category threats such as adware and spyware threats. Rootkits are a SEPERATE
threat – though most antivirus companies have added anti-rootkit scanning in the antivirus product since the middle of the past decade (2000-2010). Traditionally and ongoing, there are many anti-rootkit scanners for detection and removal available.

A bot is the payload to infect computers into a botnet, and can also mean a single botnet infected computer. A botnet is made up of all the computers infected by the bot payload to perform its intentions – mass spam, infection, illegal software disgtribution, DDoS (Distributed Denial of Service) extortion, ID Thefts, more. These can infect with the world’s best defense products in place – simply disabling them etc. There have been several break throughs in defenses such as original Symantec AntiBot. Botnet infection has replaced ALL threats as the worst plague to the internet and computer users currently since approximately year 2005-6. Their entry is common like clicking something warned against like virus attachments. The best defense is up to date antivirus and antispyware – as a bot payload can be built in pieces at a time as the system defense may be spied on by Botmaster / Botherder Command And Control employed for picking attacks against known weak products installed in the computer user machine. A botnet infection can be built by several installations secretly by viruses, worms, trojans and downloader trojans, rootkits, spyware kits, virus kits, backdoor threats, safe mode with networking, etc – and various other instant full payload infections via reverse engineering of many security devices/wares/appliances etc.
SEE Forensics http://bluecollarpc.us/forensics-2/ 
(reverse engineered malicious encapsulation example – full payload delivered instantly past top defense products). 
FIX
How can I reset the Hosts file back to the default?
http://support.microsoft.com/kb/972034
MICROSOFT FIX IT TOOL ***** HOSTS FILES….
How to reset Internet Protocol (TCP/IP)
http://support.microsoft.com/kb/299357

SPYWARE CATAGORY THREATS / Glossary
ThreatsGlossary
http://www.webroot.com/En_US/csc/resources-glossary.html
Spyware Encyclopedia
http://www3.ca.com/securityadvisor/pest/browse.aspx
a-squared Process List
http://www.hijackfree.com/en/processlist/
CA Spyware Encyclopedia
http://www3.ca.com/securityadvisor/pest/browse.aspx
F-Secure Malware Code Glossary
http://www.f-secure.com/en_EMEA/security/security-lab/learn-more/
Glossary of Malware
Security Threat Glossary
http://www.westcoastlabs.org/
The Difference Between Adware & Spyware
http://www.webopedia.com/DidYouKnow/Internet/2004/spyware.asp

SPYWARE CATAGORY THREATS
(antispyware products used to detect/remove)

Adware
http://searchcio-midmarket.techtarget.com/sDefinition/0,,sid183_gci521293,00.html
Spyware
http://en.wikipedia.org/wiki/Spyware
Malware (malware means all)
http://en.wikipedia.org/wiki/Malware
http://www.bleepingcomputer.com/tutorials/tutorial41.html
Tracking cookies
http://www.f-secure.com/sw-desc/tracking_cookie.shtml
http://en.wikipedia.org/wiki/HTTP_cookie#Tracking
Browser Hijackers
http://en.wikipedia.org/wiki/Browser_hijacker
http://www.microsoft.com/protect/terms/hijacking.aspx
http://us.trendmicro.com/us/threats/enterprise/threats-summary/browser-hijackers/
Browser Hi-Jackers BHO
http://en.wikipedia.org/wiki/Browser_Helper_Object
Joke Programs
http://threatinfo.trendmicro.com/vinfo/
Spyware/Grayware
http://threatinfo.trendmicro.com/vinfo/
Page hijacking
http://en.wikipedia.org/wiki/Page_hijacking

Clipboard Hijacking attack (definition)
http://whatis.techtarget.com/definition/clipboard-hijack-attack
BLOG: How Secure is the Windows Clipboard? Clipboard Hijacking
https://bluecollarpcwebs.wordpress.com/2015/08/26/how-secure-is-the-windows-clipboard/

Malvertising
http://en.wikipedia.org/wiki/Malvertising
Dialers
http://www.ca.com/us/securityadvisor/pest/browse.aspx?cat=Dialer
dialer
http://www.webroot.com/En_US/csc/resources-glossary.html
Keyloggers – Introduction to Spyware Keyloggers
http://www.securityfocus.com/infocus/1829
Scumware
http://www.cgmsystems.com/Resources/scumware.htm
data miner (spyware)
http://www.webopedia.com/TERM/D/data_miner.html
parasites (Computer)
http://www.yourdictionary.com/computer/parasite
Web bugs
http://news.cnet.com/2100-1017-243077.html
The Web Bug FAQ
http://w2.eff.org/Privacy/Marketing/web_bug.html
Web Bug Report
http://www.securityspace.com/s_survey/data/man.200102/webbug.html
Web beacon
http://en.wikipedia.org/wiki/Web_bug
E-mail web bugs
http://en.wikipedia.org/wiki/Web_bug
Web Beacons – Opt Out at Yahoo
http://info.yahoo.com/privacy/us/yahoo/webbeacons/details.html
Keyloggers defined
http://www.webopedia.com/TERM/K/keylogger.html
Clickjacking
http://en.wikipedia.org/wiki/Clickjacking
Clickjacking is a malicious technique of tricking Web users into revealing confidential information or taking control of their computer while clicking on …

RANSOMWARE

Ransomware
http://www.microsoft.com/security/portal/mmpc/shared/ransomware.aspx
What is ransomware?
http://www.2-spyware.com/ransomware-removal#parasites
Trend Micro Ransomware removal tool
http://esupport.trendmicro.com/en-us/home/pages/technical-support/1096206.aspx
How to rescue your PC from ransomware
http://www.pcworld.com/article/2084002/how-to-rescue-your-pc-from-ransomware.html

NOTE TROJANS ARE BLOCKED – DETECTED – REMOVED BY BOTH
ANTIVIRUS AND ANTISPYWARE PRODUCTS – both needed !

Trojan horse (computing)
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Trojan_horse_(computing)
Trojans – myths & facts
http://www.emsisoft.com/en/kb/articles/tec021007/
Backdoor Santas
http://www.bleepingcomputer.com/tutorials/tutorial41.html
Proxy Trojan
http://www.webopedia.com/TERM/P/Proxy_Trojan.html
http://inews.webopedia.com/TERM/P/Proxy_Trojan.html
Security software disabler Trojan
http://www.webopedia.com/TERM/S/security_software_disabler_Trojan.html
http://inews.webopedia.com/TERM/S/security_software_disabler_Trojan.html
FTP Trojan
http://www.webopedia.com/TERM/F/FTP_Trojan.html
Destructive Trojan
http://www.webopedia.com/TERM/D/Destructive_Trojan.html
Data Sending Trojan
http://www.webopedia.com/TERM/D/Data_Sending_Trojan.html
http://inews.webopedia.com/TERM/D/Data_Sending_Trojan.html
Remote Access Trojan
http://www.webopedia.com/TERM/R/Remote_Access_Trojan.html
How to Remove a Backdoor Trojan Computer Virus
http://www.ehow.com/how_5164888_remove-backdoor-trojan-computer-virus.html

Typical back door capabilities may allow a remote attacker to:
http://www.symantec.com/security_response/writeup.jsp?docid=2001-062614-1754-99

* Collect information (system and personal) from the computer and
any storage device attached to it
* Terminate tasks and processes
* Run tasks and processes
* Download additional files
* Upload files and other content
* Report on status
* Open remote command line shells
* Perform denial of service attacks on other computers
* Change computer settings
* Shut down or restart the computer

EXAMPLE
Backdoor.Trojan | Symantec
http://www.symantec.com/security_response/writeup.jsp?docid=2001-062614-1754-99Trojan Downloader
Trojan Downloader Featured Articles
http://www.ehow.com/search.html?s=trojan+downloader&skin=corporate&t=all
EXAMPLE
Trojan-Downloader.Zlob.Media-Codec (fs) Information and Removal
http://www.sunbeltsecurity.com/ThreatDisplay.aspx?tid=44478&cs=D4312A93E13E09C94EB75A1F9E6481AC
ARP spoofing
http://en.wikipedia.org/wiki/ARP_spoofing
TCP reset attack
http://en.wikipedia.org/wiki/TCP_reset_attack
Tunneling to circumvent firewall policy
http://en.wikipedia.org/wiki/Tunneling_protocol#Tunneling_to_circumvent_firewall_policy
What is script kiddie?
http://webopedia.com/TERM/S/script_kiddie.html
Toxic blogs: Uploading links to malicious Web sites, or when blogs support HTML or scripts, uploading malicious code or using iFrames.Cross-site scripting
http://en.wikipedia.org/wiki/Cross-site_scripting
iFrames:
Invisible frames capable of executing malware.
http://www.techopedia.com/definition/13639/inline-frame-iframe
Pharming
http://www.techopedia.com/definition/4048/pharming
Pretexting
Pretending to be a legitimate entity to lure people to malicious sites.
Social engineering (security) / Pretexting
http://en.wikipedia.org/wiki/Social_engineering_(security)
“SEO Search Engine Poisening”
Search Engine Optimization (SEO)
http://en.wikipedia.org/wiki/Search_engine_optimization
Cyber criminals pump up search engines all ways they can to bump up their malicious sites to top results in search engines (SEO) for key phrases, news events, celebrity, etc etc etc.
Typosquatting
http://en.wikipedia.org/wiki/Typosquatting
Typosquatting is a form of cybersquatting which relies on mistakes such as typographical errors made by Internet users when inputting a website address into a web browser address bar or search engine for example. Should a user accidentally enter an incorrect website address, they may be led to that alternative website owned by a cybersquatter which may infect the computer or lead to ID Theft or capture passwords or any data typed at the site in forms etc.
EXAMPLE – instead of http : // MSN.Com — the mistake = MSM.Com , which for the example is owned by cyber criminals. Logging into email, financial accounts, etc. would have been intercepted and abused by them.

Disposable email addresses
http://en.wikipedia.org/wiki/Disposable_email_address
A trick by spammers who when caught would only loose the free email account shut down by the email provider for violation of terms of service.

Disposable Domains
“Disposable Domians” use by spammers was born shortly after the “disposable email accounts” growth. Easy cheap website hosting was purchased which often include up to 200 free email accounts from the domain name. After the spamming campaign – which may include contact addresses elsewhere – the spammer/cyberthief would simply close the website, thus terminating the email addresses as well. Also, the website hosting may have terminated the website domain for violations of terms of services.
Spammers Step Up Use Of Disposable Domains
September 14, 2006 12:00 AM
http://www.windowsitpro.com/article/email/spammers-step-use-of-disposable-domains
“According to trend research conducted by security software vendor McAfee, spammers have increased the number of disposable domains that they use and are cycling through new domains faster than in the past. While this trend is certainly a boon for domain name registrars it is in fact a bain for recipients of email as well as mail system administrators. …..”

Cybersquatting
http://en.wikipedia.org/wiki/Cybersquatting
Cybersquatting (also known as domain squatting), according to the United States federal law known as the Anticybersquatting Consumer Protection Act, is registering, trafficking in, or using a domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else. The cybersquatter then offers to sell the domain to the person or company who owns a trademark contained within the name at an inflated price

ADVANCED / FROM OUR FORENSICS PAGE

APPARENT ATTEMPT TO INFECT PLASMA SERVERS….
Optical buffer
http://en.wikipedia.org/wiki/Optical_buffer
NON Sample –
http://www.sun.com/customers/servers/pppl.xml
SEE: http://www.bluecollarpc.us/forensics-2/

There is incidence of data files or .DAT translated into media image files to hide by crimeware files. Infected Media Players….
NON SAMPLE
DAT file manipulation
Reading and writing Isis image buffers. The objects defined below may be used to read and write images to and from two-dimensional DAT files. …
http://web.media.mit.edu/~stefan/isis/software/dat-files.html

REFERENCE (Symantec above)
“….Blubster is a peer-to-peer filesharing client which is based on MP2P – a propietary UDP transport protocol….”

User Datagram Protocol
http://en.wikipedia.org/wiki/User_Datagram_Protocol
User Datagram Protocol (UDP) is one of the core members of the Internet Protocol Suite, the set of network protocols used for the Internet. With UDP, computer applications can send messages, in this case referred to as datagrams, to other hosts on an Internet Protocol (IP) network without requiring prior communications to set up special transmission channels or data paths. UDP is sometimes called the Universal Datagram Protocol.

UDP uses a simple transmission model without implicit hand-shaking dialogues for guaranteeing reliability, ordering, or data integrity. Thus, UDP provides an unreliable service and datagrams may arrive out of order, appear duplicated, or go missing without notice. UDP assumes that error checking and correction is either not necessary or performed in the application, avoiding the overhead of such processing at the network interface level.
Time-sensitive applications often use UDP because dropping packets is preferable to waiting for delayed packets, which may not be an option
in a real-time system. If error correction facilities are needed at the network interface level, an application may use the Transmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this purpose.
NEW THREAT…..  ‘TABNAPPING”

BBB Consumer News and Opinion blog (Tab napping)
http://www.bbb.org/us/post/new-tab-napping-scam-targets-your-bank-information-3813
Tab napping is more sophisticated than phishing scams and it doesn’t rely on persuading you to click on a link to a scammers Web page. Instead it targets
internet users who open lots of tabs on their browser at the same time. How does it work? By replacing an inactive browser tab with a fake page set up
specifically to obtain your personal data – without you even realizing it has happened….

Mozilla warns of new phishing scam (Tab napping)
http://www.infosecurity-magazine.com/view/9769/mozilla-warns-of-new-phishing-scam/
Aza Raskin, a well-known US interface design expert and creative lead on Mozilla’s Firefox browser software, has revealed a new type of phishing attack
known as `tab napping.’ ….

Internet Explorer 8 helps protect against “tabnabbing”
Most of us know that we should keep our passwords and other credentials a secret. However, it’s easy for cybercriminals to create a “spoof”, a copy of a familiar website. You might think you’re entering your credentials into your web-based email accounts, social networking sites, or bank websites, but you’re really typing them into a phishing website that was created to steal this information. Cybercriminals have been using this ploy on websites and in pop-up windows for some time, but there are reports of a new phishing technique that takes \advantage of the increased use of browser tabs.
Read more | Open in browser
http://blogs.msdn.com/b/securitytipstalk/archive/2010/06/08/internet-explorer-8-helps-protect-against-tabnabbing.aspx

SCAM, HOAX, CYBER URBAN LEGENDS ….
snopes.com: Urban Legends Reference Pages
The definitive Internet reference source for urban legends, folklore, myths, rumors, and misinformation.
http://www.snopes.com/
Scambusters.org
“Internet Scams, Identity Theft, and Urban Legends: Are You at Risk?”
http://www.scambusters.org/
Hoax-Slayer.Com
Mission Statement: The goal of the Hoax-Slayer Website is to help make the Internet a safer, more pleasant and more productive environment by: Debunking email and Internet hoaxes, Thwarting Internet scammers, Combating spam, Educating web users about email and Internet security issues.
http://www.hoax-slayer.com/


ROOTKITS WORST THREAT TO COMPUTERS BEFORE BOTNETS

Rootkit (definition)
http://en.wikipedia.org/wiki/Rootkit
RootkitRevealer
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
http://en.wikipedia.org/wiki/RootkitRevealer
Rootkit FAQ’s (chkrootkit — locally checks for signs of a rootkit)
http://www.chkrootkit.org/faq/

WORLD WIDE WEB CRIMEWARE / CYBER CRIME EVENTS

FTC.Gov- Phishing Scams and How to Spot Them
http://www.ftc.gov/opa/reporter/idtheft/phishing.shtml
Scareware
http://en.wikipedia.org/wiki/Scareware
Rogue security software
http://en.wikipedia.org/wiki/Rogue_software
Ransomware (malware)
http://en.wikipedia.org/wiki/Ransomware_(malware)
E-mail address harvesting
http://en.wikipedia.org/wiki/Email_harvesting
E-mail harvesting is the process of obtaining lists of e-mail addresses for use in bulk mail or other purposes
usually grouped as spam. Methods range from purchasing lists of e-mail addresses from other spammers to
the more common use of special software, known as “harvesting software”, “harvesting bots” or “harvesters”,
which scan web pages, postings on Usenet, mailing list archives and other online sources to obtain e-mail addresses.
Cyber crime
http://www.webopedia.com/TERM/C/cyber_crime.html
Zero-Day exploit
http://www.webopedia.com/TERM/Z/Zero_Day_exploit.html
Malicious code
http://www.webopedia.com/TERM/m/malicious_code.html
Spoof
http://www.webopedia.com/TERM/S/spoof.html
Password cracking
http://www.webopedia.com/TERM/P/password_cracking.html
Man-in-the-middle attack
http://www.webopedia.com/TERM/m/man_in_the_middle_attack.html
Masquerade attack
http://www.webopedia.com/TERM/M/masquerade_attack.html
Nuker
http://www.webopedia.com/TERM/N/Nuker.html
Binder
http://www.webopedia.com/TERM/B/binder.html
Malicious Active Content
http://www.webopedia.com/TERM/M/malicious_active_content.html
Scams and Hoaxes
http://threatinfo.trendmicro.com/vinfo/
Avoiding Online Job Scams | Privacy Rights Clearinghouse
https://www.privacyrights.org/fs/fs25a-JobSeekerPriv2.htm
Avoid Work at Home Scams – Job Searching – About.com
http://jobsearch.about.com/cs/workathomehelp/a/homescam.htm
BOTNETS / ZOMBIE COMPUETERS / ZOMBIE NETWORKS

BOT = payload of infection or single infected computer – BOTNET = network of infected computers controlled by botmaster,
botherder, Comand and Control. (NOTE a botnet infection can be built by several installations secretly by viruses, worms, trojans
and downloader trojans, rootkits, spyware kits, virus kits, etc and various other probable instant full payload infections via reverse
engineering of many security devices/wares/appliances etc.
SEE
http://bluecollarpc.us/forensics-2/  (reverese engineered encapsulation example – full payload delivered instantly)

Botnet – Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Botnet
botnet Definition: TechEncyclopedia
http://www.techweb.com/encyclopedia/defineterm.jhtml?term=botnet
Botnet : Definition From Webopedia
http://www.webopedia.com/TERM/b/botnet.html

Article: Battling the Botnet Pandemic
http://www.lavasoft.com/company/newsletter/2007/2_28/article2.html
Lavasoft News – March 2007
Battling the Botnet Pandemic. Your home computer may be among the millions of PCs that are under the control of criminals, and worse yet, you may not even
be aware of it.
Article: Botnet – CNET News.com
http://news.cnet.com/Security-from-A-to-Z-Botnet/2100-7355_3-6138435.html
Security from A to Z: Botnet | These armies of zombie PCs are used by cybercriminals for sending spam .. These armies of zombie PCs are used by cybercriminals for sending spam. Part of a series on …
Article: Botnet Basics
http://www.eweek.com/c/a/Video/Botnet-Basics/
Bots are software applications that run automated tasks over the Internet. A network of bots working under
a central command and control center is a botnet. This eVideo seminar looks at the basic …
Article: Botnet Battle Already Lost?
http://www.eweek.com/article2/0,1759,2029720,00.asp
Botnets have become a big underground business, and the security industry has few answers.
eWEEK … It’s dress-down Friday at Sunbelt Software’s Clearwater, Fla., headquarters. In a bland cubicle on …

MSNBC: The lowdown on ‘Bots’
The lowdown on ‘Bots’
http://www.msnbc.msn.com/id/17805145/
What are ‘bots’?
“Bots” – short for robots – are hijacked computers that are infected by computer viruses and then used by criminals
and pranksters for a variety of criminal and malicious purposes.
Who controls ‘bots’?
The criminals behind “bots,” known as “bot herders,” assemble armies of infected computers — often between 50,000
and 70,000 PCs strong — that they can then charge customers for the use of. The going rate for sending spam is $5,000
a day or more, according to Howard Schmidt, former White House cyberczar.
What are ‘bots’ used for?
“Bots” are used to spread malicious programs, send spam, fuel “pump-and-dump stock schemes and launch
denial-of-service attacks, among other things.
How many ‘bots” are there?
Internet founding father Vint Cerf recently estimated that 150 million computers have been hijacked. Most other experts
believe that figure is too high, but there is general agreement that “bots” number in the millions, if not the tens of millions.
How can I tell if my computer is a ‘bot’?
You can’t necessarily. Antivirus software will catch most known viruses, but new ones are being created all the time.
It used to be that poor performance often tipped off users that their computers had been infected, but “bot herders” now
distribute tasks among thousands of computers to avoid tell-tale crashes.

More:
How big is the botnet problem?
Feature By Julie Bort, Network World, 07/06/07
http://www.networkworld.com/research/2007/070607-botnets-side.html?fsrc=rss-security
Types of attacks: Botnets
Cross-site scripting: Inserting malicious JavaScript into the header of an otherwise legitimate Web site.
DNS cache poisoning: Hacking a DNS so that it directs people who enter legitimate URLs to the hacker’s malicious Web site.
iFrames: Invisible frames capable of executing malware.
Pharming: Creating an illegitimate copy of a real Web site and redirecting traffic to the phony site to obtain information or
download malicious code.
Pretexting: Pretending to be a legitimate entity to lure people to malicious sites.
Toxic blogs: Uploading links to malicious Web sites, or when blogs support HTML or scripts, uploading malicious code or
using iFrames.
VIRUS CATAGORY THREATS
(Antivirus products block, detect, remove)
Virus Encyclopedia Trend Micro
http://threatinfo.trendmicro.com/vinfo/
Virus Encyclopedia Search
http://threatinfo.trendmicro.com/vinfo/
Microsoft: What is a computer virus?
http://www.microsoft.com/security/antivirus/whatis.aspx
Armored Virus
http://www.webopedia.com/TERM/A/Armored_Virus.html
Appending Virus
http://www.webopedia.com/TERM/A/Appending_Virus.html
Microsoft: 5 steps to help avoid instant message viruses
Published: September 15, 2006
http://www.microsoft.com/athome/security/viruses/imvirus.mspx
Computer worm
http://en.wikipedia.org/wiki/Computer_worm
Microsoft JPEG Vulnerability
Microsoft JPEG Vulnerability and the Six New Content Security Requirements
http://whitepapers.silicon.com/0,39024759,60129423p-39000575q,00.htm
In November 2004, a critical Microsoft security vulnerability (MS04-028) was discovered which could allow attackers to embed malicious code inside JPEG image
files. Until that time, JPEG image files were considered immune to attack. To effectively deal with this vulnerability, security and IT professionals need to
incorporate six new and critical content security requirements into their networks.
Morris worm
(One of first Computer Worms)
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Morris_worm
“The Morris worm or Internet worm of November 2, 1988 was one of the first computer worms distributed via the Internet. It is considered the first worm and was certainly the first to gain significant mainstream media attention. It also resulted in the first conviction in the US under the 1986 Computer Fraud and Abuse Act.[1] It was written by a student at Cornell University, Robert Tappan Morris, and launched on November 2, 1988 from MIT. ….”continued
Metamorphic virus
Virus that changes its own code with each infection
http://www.virusbtn.com/resources/glossary/metamorphic_virus.xml
“A metamorphic virus is one that is capable of rewriting its own code with each infection, or generation of infections, while maintaining the same functionality. The rewriting process allows each infection to appear different from others, but the changes are not supposed to affect the functionality of the code. This is intended to avoid detection by anti-malware software, but can usually be overcome via emulation or other techniques, and in many cases is deployed in a flawed manner leading to large numbers of misinfections. The complex technology required to do the rewriting is known as a metamorphic engine, and the same such engine may be implemented in several different virus variants.
The term is often used interchangeably with polymorphic virus.”
http://www.virusbtn.com/resources/glossary/polymorphic_virus.xml
 ONE REASON FOR NEED OF REAL TIME PROTECTION ANTIMALWARE PRODUCTS AS OPPOSED TO JUST FREE STAND ALONE SCANNER….
(Real Time Protection products detect/block/quarantine threats)
Computer virus
From Wikipedia, the free encyclopedia
SEE – “Resident viruses”
http://en.wikipedia.org/wiki/Computer_virus
“….If the virus scanner fails to notice that such a virus is present in memory the virus can “piggy-back” on the virus scanner and in this way infect all files that are scanned. ….”


Glossary of Malware
http://www.westcoastlabs.org/
Security Threat Glossary:

Attack Vectors
Method by which malware attempts to enter a system. This generally refers to a protocol such as HTTP, SMTP, FTP, IRC, IM, etc. Anti-Malware – A term
generally applied to a software application which combats malicious code through detection and/or removal.

Drive-by Download
This technique is used to surreptitiously download malware onto a user’s machine. The attack generally includes exploits to browser or OS vulnerabilities, and
may be separated into several pieces so that a user may be directed to several websites or domains to avoid detection by anti-malware programs.

FTP Threats
Malware which uses FTP as an attack vector.

Malicious URL
URLs which direct a user to a Web Threat.

SMTP Threats
Malware which uses email as an attack vector Application-specific attacks – Exploits or hacking attempts which seek to use a vulnerability in a particular software
program to gain entrance onto a user’s system.

Socially Engineered Attack
Exploits or hacking attempts which seek to use a user’s susceptibility to fear, trust or titillation to gain entrance onto a user’s system or information. Phishing and trojans are two types of attacks which rely almost exclusively on social engineering.

Undesirable URL
URLs which direct a user to content which may be considered inappropriate for certain contexts, such as “adult” or violent content, or network tools which could
be used to compromise a network.

Web Threats
This is a category of threats delivered by HTTP which intend to perform actions which harm a user or their system. Phishing, drive-by downloads and sites which host malware can be considered to fall into this category.

Malware Glossary

Bots
The term Bot (short for robot) is a type of program, which has evolved from RATs (see Spyware definitions). A bot usually leverages an internet facing port to
deliver a program that awaits a further command upon which it can take remote control of the system. Bots are often combined with other infected machines to
form a botnet (a network of bot-infected machines). Bots are used to turn an individual machine into a “zombie” that can then be used for actions such as
co-ordinated DoS attacks on websites, spamming, or hired/sold to others for such use

Exploits
An Exploit is a piece of code designed to attack a vulnerability on a computer system, or such an attack. Hackers and writers of Malware look for announcements of such vulnerabilities by manufacturers and other sources and then attack machines, which have not been patched against the vulnerability. The code is designed to enable an activity that otherwise could not take place, or to avoid system restrictions preventing such an activity. Various payloads attached to the exploits may provide the attacker with a number of ways into the compromised system.

Rootkit
Although the term referred originally to Unix systems, the term has come to more widely mean a set of tools or programs that are used on a host system, often
in conjunction with malware, to allow attackers to exploit said system or a network. Rootkits can be used to hide applications from third party scanners and the
term is also coming to mean more generalized cloaking utilities that mask the attacker’s activities. Recently the term rootkit has become more publicly known after the anti-copy security software on several Sony-BMG audio CDs displayed rootkit-like tendencies as part of their Digital Rights Management strategy

Spyware
Spyware is a form of software that makes use of a user’s internet connection without his or her knowledge, usually in order to covertly gather information about
the user. Once installed, the Spyware may monitor user activity on the Internet and transmit that information in the background to someone else. Spyware can
also gather information about addresses and even passwords and credit card numbers. Spyware is often unwittingly installed when users install another program, but can also be installed when a user simply visits a malicious website.

Types of Spyware used in the West Coast Labs Test Suites

Backdoor – A Backdoor is a secret or undocumented way of gaining access to a program, online service, computer or an entire computer network. Most Backdoors are designed to exploit a vulnerability in a system and open it to future access by an attacker. A Backdoor is a potential security risk in that it allows an attacker to gain unauthorized access to a computer and the files stored thereon.

Key Loggers – A Key Logger is a type of surveillance software that has the capability to record every keystroke to a log file (usually encrypted). A Key Logger
recorder can record instant messages; email and any information typed using the keyboard. The log file created by the Key Logger can then be sent to a specified receiver. Some Key Logger programs will also record any e-mail addresses used and Web Sites visited

Financials – A Financial is a program that has the capability of scanning a PC or network for information relating to financial transactions and then transmitting the data to a remote user

Proxies – Proxies are designed to enable an external user to use a computer for their own purposes, for example, to launch DDoS attacks or send spam, so that the true originator of the attack cannot be traced

Password Stealers and Crackers – A Password Stealer is a program resident on a computer, which is designed to intercept and report to an external person any passwords, held on that machine. A Password Cracker has the ability to decode any encrypted passwords

Downloaders – A downloader is a file which when activated, downloads other files on to the system without the knowledge or consent of the user, those other
files then carrying out malicious functions on the system

Hijacker – A Hijacker is a file with the ability to change your default Internet home page and/or to create or alter other Web browser settings such as bookmarks
and redirection of Internet searches or Internet browsing to commercial sites that could offend the user or breach corporate policies on inappropriate or illegal
content

RATs – A Remote Access Trojan (RAT) is a piece of malware designed to run and gain access to a remote computer across a network or the Internet in order to carry out a particular purpose on that remote computer, that purpose being malicious and without the consent of the remote system’s owner or user. Access is usually gained by use of a backdoor, either already installed or included in the code of the RAT.

Trojan
Trojan Horses or Trojans are destructive programs that pretend to be benign applications. Unlike Viruses or Worms, Trojan Horses do not replicate themselves;
they can be damaging to networks by delivering other types of Malware.

Virus
A Virus is a program or piece of code attached to a file or diskette’s boot sector; it is loaded onto a computer without the user’s knowledge. Viruses are manmade (though they can be corrupted in use to form new variants of the virus) and replicate themselves by attaching themselves to files or diskettes, often soaking up memory or hard disk space and bringing networks to a halt. Most recent viruses are internet-borne and capable of transmitting themselves across and bypassing security systems. Minor variants of the same virus are classed as families of viruses

Worm
A Worm is an insidious program or algorithm that replicates itself over a computer network or by email system and usually performs malicious actions, such as using up the computer’s resources or distributing pornography and possibly shutting the system down. Unlike Viruses, Worms copy themselves as standalone programs and do not attach themselves to other objects.
Common Types of Network Attacks
http://technet.microsoft.com/en-us/library/cc959354.aspx
Eavesdropping, Data Modification, Identity Spoofing (IP Address Spoofing), Password-Based Attacks, Denial-of-Service Attack, Man-in-the-Middle Attack, Compromised-Key Attack, Sniffer Attack, Application-Layer Attack
FULL DESCRIPTIONS: http://technet.microsoft.com/en-us/library/cc959354.aspx
NEW
Unbelievable! – Windows 8 Boot Security Cracked already before released (Bootkit malware)
November 18, 2011 – bluecollarpc
Windows 8 Boot Security Cracked
CRN
By Antone Gonsalves, CRN
An Austrian security analyst has built the first known bootkit that bypasses Windows 8′s defenses against installing malware while the operating system is booting.
Peter Kleissner, an independent programmer and recognized …
http://www.crn.com/news/security/231903295/windows-8-boot-security-cracked.htm;jsessionid=NZjzL4QedChUWf+VUz6Tyg**.ecappj02
( HATE TO BE I TOLD YOU SO BUT THE BLUECOLLARPC.US PREDICTED THIS THAT WINDOWS 8 BOOT UP SECURITY FEATURE WILL BE CRACKED AS FAST AS IT HITS THE STREETS….. LOOKS LIKE WE WERE A LITTLE OFF – IT HAS BEEN CRACKED EVEN BEFORE IT HIT THE STREETS ! ! ! …..LOL / This was not product bashing but based on security experience. The changes to BIOS will prove disastorous… read : )
We can expect Windows 8 to be launched sometime in mid-late 2012, however, it’s too early to predict the Windows 8 release date, since it is still under development. Nevertheless, the only question that haunts each and every one of us – Will Windows 8 win the battle against Apple which it had lost several years back?
Bootkits
http://en.wikipedia.org/wiki/Bootkit#bootkit
A kernel-mode rootkit variant called a bootkit is used predominantly to attack full disk encryption systems, for example as in the “Evil Maid Attack”, in which a bootkit replaces the legitimate boot loader with one controlled by an attacker; typically the malware loader persists through the transition to protected mode when the kernel has loaded.[35][36][37][38] For example, the “Stoned Bootkit” subverts the system by using a compromised boot loader to intercept encryption keys and passwords.[39] More recently, the Alureon rootkit has successfully subverted the requirement for 64-bit kernel-mode driver signing in Windows 7 by modifying the master boot record.[40]
The only known defenses against bootkit attacks are the prevention of unauthorized physical access to the system-a problem for portable computers-or the use of a Trusted Platform Module configured to protect the boot path.[41]
HISTORY TO DATE…..
Windows 8 Spells Trouble for Linux, Hackintosh Users and Malware Victims
http://tech.groups.yahoo.com/group/LinuxDucks/messages/523
Windows 8 won’t dual-boot Linux?
http://tech.groups.yahoo.com/group/LinuxDucks/message/539
Microsoft, Red Hat Spar Over Secure Boot-loading Tech
http://tech.groups.yahoo.com/group/LinuxDucks/message/541
Windows 8 Dual Boot Possible If ‘Secure Boot’ Disabled
http://tech.groups.yahoo.com/group/LinuxDucks/message/544
How to change the boot order of a dual-boot Linux PC
http://tech.groups.yahoo.com/group/LinuxDucks/message/550
Linux Licensing in Conflict with Secure Boot Support
http://tech.groups.yahoo.com/group/LinuxDucks/message/565
FSF warns of Windows 8 Secure Boot (Sign Petition)
http://tech.groups.yahoo.com/group/LinuxDucks/message/626
Linux Foundation, Canonical and Red Hat Weigh In On Secure Boot
http://tech.groups.yahoo.com/group/LinuxDucks/message/650
The right to dual-boot: Linux groups plead case prior to Windows 8
http://tech.groups.yahoo.com/group/LinuxDucks/message/662
Linux Foundation: Secure Boot Need Not Be a Problem
http://tech.groups.yahoo.com/group/LinuxDucks/message/671
Linux Community Offers Secure Boot Ideas
http://tech.groups.yahoo.com/group/LinuxDucks/message/672
Leading PC makers confirm: no Windows 8 plot to lock out Linux
http://tech.groups.yahoo.com/group/LinuxDucks/message/673
Linux Advocates protest ‘Designed for Windows 8′ secure boot policy
http://tech.groups.yahoo.com/group/LinuxDucks/message/679
Linux Community Counters Microsoft’s Windows 8 Secure Boot Mandate
http://tech.groups.yahoo.com/group/LinuxDucks/message/696
INFORMATION LINKS
New Windows 8 Security ItemsUnified Extensible Firmware Interface
http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface
Hardware Design and Development for Windows 8
Unified Extensible Firmware Interface
http://msdn.microsoft.com/en-us/library/windows/hardware/br259114.aspx
Bootkits
http://en.wikipedia.org/wiki/Rootkit#bootkit
BIOS
http://en.wikipedia.org/wiki/BIOS

Windows 8 “Secure Boot”

Circumvented Already
http://news.softpedia.com/news/Windows-8-Bootkit-Might-Prove-Secure-Boot-Ineffective-235138.shtml
Comprimised already by bootkit:
http://www.itworld.com/security/225417/windows-8-secure-boot-already-cracked
http://arstechnica.com/business/news/2011/11/security-researcher-defeats-windows-8-secure-boot.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss
http://www.pcworld.com/businesscenter/article/248342/windows_8_secure_boot_the_controversy_continues.html
(This is a great debate and many, many articles already )
http://linuxducks.free-forums.org/fsf-warns-of-windows-8-secure-boot-sign-petition-vt508.html

Help Center

Help Center

How To Use the Help Center

# Look Up the full threat by name or partial name at the Malware Online Search Engines below. Generally, full files and registry keys are posted of the entire malicious installation and degree of danger to personal information comprimise that may have occurred.
# Look up a file or process with the File/Process Online Search Engines below. Identify a file or process as good or bad.

# Install antimalware (antivirus and antispywware) listed below which are about the only Free with Real Time Protection activated (blocks all threats in real time 24/7 ) and add a free firewall if you do not currently have the funds or use for life until you purchase subscription antimalware with real Time Protection activated. Perform FULL SCANS.

# Install some of the other free items as additional antivirus and antispyware – stand alone on demand scanners, no protection. One product may get what another misses. This is called adding “additional layers of protection” to beef up your Security Solution for your PC. Add anti-rootkit scanners and use them. (Since about 2005 all quality antivirus now also scans for rootkits. ) Install and try some of the other mentioned utilities such as the diagnosis items and browser plug ins like SiteAdvisor or WOT (shows good/bad sites in search results) .

# Finish Up…. Get the rest together by making a Emergency Repair CD which is the Windows Operating System burnt to a CD/DVD to use when it is impossible to undo malware damage (generally by lethal virus or worm). This is legal by Microsoft and is only used as the last resort which will erase (wipe) the entire computer disk of everything and re-install Windows to factory fresh (out of the box). ALSO get a USB Drive and add some portable antimalwares.

MALWARE ONLINE SEARCH ENGINES

CA Spyware Information Center (Search Engine)
http://www3.ca.com/securityadvisor/pest/ CA Spyware Information Center search engine (ComputerAssociates, makers of PestPatrol and many security wares)

Webroot Threat Research Center
http://research.spysweeper.com/search.php
Database Search: Know the name of a specific spyware threat? Search our comprehensive spyware database for all the details including method of infection, program characteristics, consequences and recommended course of action.

CounterSpy Research Center
http://research.sunbelt-software.com/WhatYouShouldKnow.aspx
CounterSpy Research Center (search engine for threats)

Microsoft Malware Protection Center
http://www.microsoft.com/security/portal/default.aspx
Threat Research and Response, Microsoft opens security ‘portal’ New site carries prevalence data, updates and malware resources. http://www.microsoft.com/security/portal/default.aspx

Trend Micro Threat Encyclopedia
http://about-threats.trendmicro.com/us/threatencyclopedia#malware
ESET Threat Encyclopedia
http://www.eset.com/us/threat-center/encyclopedia/

SpywareRemove.com Spyware Database
http://spywareremove.com/spywaredatabase.php

MALWARE ENCYCLOPEDIAS

Avira Virus Info
http://www.avira.com/en/threats/index.html

BitDefender Virus Encyclopedia
http://www.bitdefender.com/site/VirusInfo/browseVirusEnciclopedia/

CA’s Virus Information Center
http://www.ca.com/us/securityadvisor/virusinfo/

F-Secure Virus Description Database
http://www.f-secure.com/en_EMEA/security/security-threats/virus/

Fortinet Virus Encyclopedia
http://www.fortiguard.com/encyclopedia/index.html

Kasperksy’s VirusList.Com
http://www.securelist.com/en/

McAfee Avert Labs Threat Library
http://vil.nai.com/vil/

Microsoft’s MMPC Encyclopedia
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Browse.aspx

Panda Encyclopedia
http://www.pandasecurity.com/homeusers/security-info/about-malware/encyclopedia/

Sophos Threat analyses
http://www.sophos.com/security/analyses/viruses-and-spyware/

Symantec Security Response
http://www.symantec.com/business/security_response/index.jsp

Trend Micro Virus Encyclopedia
http://threatinfo.trendmicro.com/vinfo/

 

PROCESS / FILES – ONLINE SEARCH ENGINES

File Research Center – Free File and Process Information
http://www.fileresearchcenter.com/
The File Research Center provides a free scanning service to identify what is running on your computer. We also provide free information about safe and unsafe files, processes, services, spyware, adware, malware, trojans, and other programs that may be on your computer.

ProcessLibrary.com – Search engine.
http://www.processlibrary.com/directory/

WinTasks Process Library
http://www.liutilities.com/products/wintaskspro/processlibrary/
In the recesses of your computer, 20-30 invisible processes run silently in the background. Some hog system resources, turning your PC into a sluggish computer. Worse yet, other useless processes harbour spyware and Trojans – violating your privacy and giving hackers free reign on your computer. WinTasks Process Library is an invaluable resource for anyone who wants to know the exact purpose of every single process.

WinTasks DLL Library
http://www.liutilities.com/products/wintaskspro/dlllibrary/winsock/
Search engine is about mid-page. Look up .dll information – whether valid .dll files.

BleepingComputer.com Search engine
http://www.bleepingcomputer.com/startups/

FILExt – The File Extension Source (What is .exe, .wma, .flv, .jpg – etc)
http://filext.com/

ProcessQuickLink [Genuine Freeware]
http://www.processlibrary.com/quicklink/
For your PC to function Windows needs to run and manage many different processes. While many processes run by Windows are essential and legitimate, most PCs get bogged down with processes that are useless or downright harmful. ProcessQuickLink gives you an easy way to analyze each process running on your PC. Is it a resource hog? Could it be part of a virus infection? Or maybe a sign of spyware? ProcessQuickLink will give you the answer. How it works….. Once you install ProcessQuickLink access the Task Manager. Near each process you will see an button. Click on the button and you will be linked to the process page as listed on processlibrary.com. ProcessQuickLink is compatible with Windows 2000, 2003, XP, Vista and 7.

 

POST SECURITY SOFTWARE LOGS FOR ANALYSIS AND REMOVAL HELP…..

We perform HiJackThis and all Security Logs best Analysis !

BlueCollarPCSecurity YahooGroup and Tech Help
[POST YOUR LOG FOR ANALYSIS TO OUR HELP GROUP]
http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/

TRY / Install / Post Results For Analysis : (other antimalware products have logs to copy/paste/post also)

HiJackThis
can generate a plain-text logfile detailing all entries it finds, and some entries can be fixed by HijackThis. Inexperienced users are often advised to exercise caution, or to seek help when using the latter option.
HiJackThis
http://sourceforge.net/projects/hjt/
HijackThis (What Is?)
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/HijackThis

DIAGNOSIS: Advanced…
Emsisoft HiJackFree (Genuine Freeware)
http://www.emsisoft.com/en/software/hijackfree/
[Included in Emsisoft Antimalware)
A detailed system analysis tool designed to help advanced users to detect and remove all types of HiJackers, Malware, Spyware, Adware, Trojans and Worms.
Detect malicious code at every possible weak point
Processes: Manage all running processes and their associated modules.
Ports: View open ports and the associated listening processes.
Autoruns: Manage all types of autoruns on your system.
Services: Control all services, even those Windows doesn’t display.
Plugins: Control all explorer and browser plugins (BHOs, toolbars, etc.).
LSPs: Manage installed layered service providers (LSPs).
DNS: View all DNS entries in the hosts file.
System configuration: Analyze the system configuration using our live online analysis.

Regain Access to the Registry
http://antivirus.about.com/od/windowsbasics/ht/regedit.htm?nl=1
Malware often disables access to the Windows Registry. In some cases, the Registry may open but then quickly close. Here’s how to regain access to the Windows System Registry.

Regain Access to Task Manager
http://antivirus.about.com/od/windowsbasics/ht/taskmanager.htm?nl=1
Preventing access to the Windows Task Manager is another favorite trick of malware writers. Here’s how to regain access to Windows Task Manager.

What is System Restore?
http://windows.microsoft.com/en-IL/windows-vista/What-is-System-Restore

System Restore: frequently asked questions
http://windows.microsoft.com/en-XM/windows-vista/System-Restore-frequently-asked-questions

Windows Vista System Restore
http://news.softpedia.com/news/Windows-Vista-System-Restore-47381.shtml

System Restore – Windows 7 features
http://windows.microsoft.com/en-US/windows7/products/features/system-restore
Learn how Windows 7 can recover your data from a virus or catastrophic crash with System Restore.

Using Windows 7 or Vista System Restore – How-To Geek
http://www.howtogeek.com/howto/windows-vista/using-windows-vista-system-restore/

Safe mode http://en.wikipedia.org/wiki/Safe_mode
Safe mode is a diagnostic mode of a computer operating system (OS). It can also refer to a mode of operation by application software. Safe mode is intended to fix most, if not all problems within an operating system. It is also widely used for removing rogue security software.

Microsoft Windows XP – Start the computer in safe mode
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx?mfr=true

Start your computer in safe mode Windows Vista
http://windows.microsoft.com/en-SG/windows-vista/Start-your-computer-in-safe-mode

Start your computer in safe mode – Windows 7
Start Windows in a troubleshooting mode that is useful for diagnosing problems.
http://windows.microsoft.com/en-US/windows7/Start-your-computer-in-safe-mode

Startup Repair: frequently asked questions What is Startup Repair? Startup Repair is a Windows Vista recovery tool that can fix certain problems, such as missing or damaged system files, that might prevent Windows from starting correctly. When you run Startup Repair, it scans your computer for the problem and then tries to fix it so your computer can start correctly. MORE…
http://windows.microsoft.com/en-US/windows-vista/Startup-Repair-frequently-asked-questions

Ask HTG: Reading Blue Screen of Death Codes
http://www.howtogeek.com/97093/ask-htg-reading-blue-screen-codes-cleaning-your-computer-and-getting-started-with-scripting/?utm_source=newsletter&utm_medium=email&utm_campaign=081111

Generally IRQL errors are hardware or driver related. We’d suggest checking to see if any drivers have been updated recently and either roll them back to the old driver or see if an even newer driver is available (the vendor may have released a driver to fix the crashes). If that doesn’t help you’ll find BlueScreenView, a crash dump analyzer, rather helpful. We have a guide to using BlueScreenView to help get you started……
BlueScreenView v1.40 – View BSOD (blue screen) crash information stored in dump files. Copyright (c) 2009 – 2011 Nir Sofer
http://www.nirsoft.net/utils/blue_screen_view.html

 

FREE HOME PRODUCTS WITH REAL TIME PROTECTION (free scanners do NOT protect the computer ! )

Microsoft Security Essentials (best Free w/Real Time Protection) Microsoft Security Essentials (5* Stars!) (FULL) [wrkx w/ Netbooks] (Genuine Freeware) Windows OneCare Antivirus is now Free from Microsoft and highly rated, West Coast Labs Certified and has won the VB100 Award ! Now called Microsoft Security Essentials….. (highly recommended ! Includes antispyware ! Full shields) http://www.microsoft.com/security_essentials/ Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software. Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple. Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.

Comodo Free Anti Virus Software Internet Security 5* (FULL)
http://antivirus.comodo.com/
(Genuine Freeware) Free Antivirus Software from Comodo eliminates viruses, spyware, and other malware from desktops and networks fighting against Internet security threats. Full Real Time Protection !
PRESS: Great News ! Comodo Internet Security Earns the Prestigious VB100 Virus Certification HostReview.com (press release) April 14, 2011 http://www.hostreview.com/news/110414-comodo-internet-security-earns-prestigious-vb100-virus-certification

Windows Defender (Formerly Microsft Antispyware)[wrkx w/ Netbooks] http://www.microsoft.com/athome/security/spyware/software/default.mspx [Genuine Freeware, free from Microsoft] (Works with Netbook = [wrkx w/ Netbooks] )
Windows Defender is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It features Real-Time Protection, a monitoring system that recommends actions against spyware when it’s detected, and a new streamlined interface that minimizes interruptions and helps you stay productive.

Spyware Terminator [Genuine Freeware] (Antispyware and antivirus. Real time protection added ! ) 4* (Full) [wrkx w/ Netbooks, tad heavy]
http://www.spywareterminator.com/
Millions of users worldwide rely on Spyware Terminator, winner of many awards and high ratings from industry experts and users. Its free comprehensive protection is comparable to competitors’ paid versions! Spyware Terminator includes:  * Fast spyware scanning * 100% real-time protection * HIPS protection * Antivirus protection * Multilanguage Support
GET REAL TIME PROTECTION DEFENSE

Generally, Do not use two antimalware products that have real time protection technology. These generally will conflict and worst. You can use these below with free stand alone products. Both do work with Microsoft Security Essentials with no problems, personally tried them)

ThreatFire AntiVirus 4-5* (Full) (Genuine Freeware) ThreatFire AntiVirus – Behavioral Virus and Spyware Protection
http://www.threatfire.com/
ThreatFire features innovative real-time behavioral technology that provides powerful protection against both known and unknown viruses, worms, trojans, …

Mamutu (Emsisoft.Com, makers of Emsisoft Anti-Malware) [$20USD Year]
http://www.emsisoft.com/en/software/mamutu/ [SHAREWARE/PAY]
Monitors live all active programs for dangerous behavior (Behavior Blocking). Recognizes new and unknown Trojans, Worms and Viruses (Zero-Day attacks), without daily updates. Small but very powerful. Saves resources and does not slow the PC down. 1 Year: US$20. SHAREWARE / (Purchased) (This is the Real Time Process used in well awarded Emsisoft Antimalware)

 

ANTISPYWARE STAND ALONE SCANNERS

Emsisoft Antimalware (formerly a-squared) (Free Working Version and Proactive Premium Version) [NOW WITH IKARUS ANTIVIRUS] [wrkx w/ Netbooks] http://www.emsisoft.com/en/software/antimalware/ – probably best antimalware in world ! Largest world database defintions – over 5 Million (2010) detects botnet infections – removes safely) a-squared (antispyware) [Now Emsisoft AntiMalware] is a complementary product to antivirus software and desktop firewalls on MS Windows computers. Antivirus software specializes in detecting classic viruses. Many available products have weaknesses in detecting other malicious software (Malware) like Trojans, Dialers, Worms and Spyware (Adware). a-squared fills the gap that malware writers exploit. Automatic updates: In a-squared Free the updater must be run manually. The auto-update feature of a-squared Personal checks hourly for new available updates and installs them automatically. a-squared Free is freeware! You can download and use it completely for free. [Updated: 3 or 30 Day Full Trial and or buy, recommended tops]

Lavasoft Ad-Aware [working-freeware, personal use] (Works with Netbook) [wrkx w/ Netbooks] http://www.lavasoftusa.com/software/adaware/ Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge for personal use. (Lavasoft Ad-Aware is one of the pioneers in antispyware as we know it today along with Spybot Search and Destroy and Webroot Spysweeper)

SUPERAntiSpyware [working-freeware, and premium version] [wrkx w/ Netbooks] http://www.superantispyware.com/ SUPERAntiSpyware scans your computer for known Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers and many other types of threats, and allows you to remove or quarantine them. It offers daily (manual) definition updates, as well as home page hijack protection and customizable scan options. Furthermore, the program includes a Repair feature that allows you to restore various settings which are often changed by malware programs, but usually not corrected by simply removing the parasite. The free version lacks real-time blocking and protection as well as several other advanced options.

Google Pack [wrkx w/ Netbooks] http://pack.google.com/intl/en/pack_installer.html?hl=en&gl=us Google Pack is:; Software specifically selected by Google; Always free – no trial versions or … International versions of Google Pack available in: … INCLUDES PC Tools Spyware Doctor, Norton Security Scan, more

STOPzilla [working freeware] (Real Time Protection) 4* [wrks w/Netbooks] Scans, removes and blocks Malware… http://www.stopzilla.com/ http://www.stopzilla.com/products/stopzilla/home.do STOPzilla received antispyware certification from West Coast Labs http://en.wikipedia.org/wiki/Stopzilla STOPzilla successfully scans, removes and blocks Malware, Adware, Pop-up ads, Phishing attacks, hijackers, rootkits, Trojans, bots, drive-by downloads, rogue programs, messenger service ads, keyloggers, malicious BHOs, dialers, and much more. STOPzilla’s technology has protected users from Spyware / Adware in over 60 countries and has been downloaded by more than 15 million users, worldwide. True Real-timeTM Protection… STOPzilla’s True Real-Time protection detects, blocks, and quarantines both known and potential Spyware infections before they can attack your system and do damage. Legitimate software programs are allowed to execute freely. From the moment you start your computer, STOPzilla is working to protect you from malicious programming, so your PC is never vulnerable.

BitDefender Offers Free Tool Against Autorun Malware SYS-CON Media (press release) For years, this form of malware has ranked high in the worldwide e-threat landscape, with notorious examples including Trojan.AutorunInf, the Conficker worm (Win32.Worm.Downadup), Worm.Autorun.VHD or the fearsome Stuxnet. To help computer users more … http://www.sys-con.com/node/1808413
Malwarebytes http://www.malwarebytes.org/ Free anti-malware (Has become popular, detection rates have greatly improved ! )

 

ANTIVIRUS (Free versions / no protection / scan – remove)

NEW ——-> (FREE / Home Use)

BitDefender Launches Free 60-Second Virus Scanner http://www.bitdefender.com/solutions/60-second-virus-scanner.html

Avira Free http://www.avira.com/en/avira-free-antivirus Avira Free Antivirus – Download Best Antivirus Protects your computer against dangerous viruses, worms, Trojans and costly dialers – Avira Free Antivirus. (One of top detection ratings in industry)

AVG – Free Antivirus http://www.avg.com/us-en/free-antivirus-download AVG Anti-Virus Free is virus and anti-spyware available for free. (Popular, many awards) ClamWin Free Antivirus [Open Source – working freeware] [wrkx w/ Netbooks] http://www.clamwin.com/ (Real Time Protection version in Spyware Terminator now) ClamWin is a Free Antivirus for Microsoft Windows 98/Me/2000/XP and 2003. ClamWin Free Antivirus comes with an easy installer (and open source code). You may download and use it absolutely free of charge. It features: High detection rates for viruses and spyware; Scanning Scheduler; Automatic downloads of regularly updated Virus Database. Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer; Addin to Microsoft Outlook to remove virus-infected attachments automatically. The latest version of Clamwin Free Antivirus is 0.88.2.3 . Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.

Ad-Aware Free Antivirus+
http://www.lavasoft.com/products/ad_aware_free.php
Leaner, meaner, faster. Ad-Aware Free Antivirus+ combines our legendary Anti-spyware with a super fast, free Antivirus. It now features download protection (blocks malicious files before being written to disk), sandboxing (keeps unknown apps running in a virtual environment) and advanced detection – it’s our most powerful free antivirus yet. 450 million Downloads and Counting….

Avast AntiVirus Home Edition [working-freeware] [wrkx w/ Netbooks] http://www.avast.com/eng/avast_4_home.html Free avast! 4 Home Edition. avast! 4 Home Edition is a full-featured antivirus package designed exclusively for home users and non-commercial use. Institutions (even non-commercial ones) are not allowed to use avast! Home Edition. However, ALWIL Software provides the full line of avast! antivirus products at special discount prices for non-profit, charity, educational and government institutions. Please see our price lists for details.

BitDefender Free Edition BitDefender Free Edition is an on-demand virus scanner, which is best used in a system recovery or forensics role. If you are on an “always-on” Internet connection, we strongly advise you to consider using a more complex antivirus solution. http://www.bitdefender.com/PRODUCT-14-en–BitDefender-Free-Edition.html


PORTABLE APPS Try clean up with portable products when access/download blocked or getting dreaded Blue Screen Of Death……

How to Remove Boot Block Malware http://www.ehow.com/how_5941797_remove-boot-block-malware.html Boot block malware is malicious software that settles into your computer’s hard drive in the first sector and replaces the boot block instructions with malware instructions. When you start, or boot up, your computer, the malware is loaded into your computer’s memory and from there it can spread to any other part of your computer. …. http://www.ehow.com/how_5941797_remove-boot-block-malware.html

USE THE FOLLOWING TO REMOVE MALWARE – ROOTKIT/BOOTKIT BOOT-BLOCK TYPE MALWARES ….. EMSISOFT EMERGENCY KIT AND/OR MICROSOFT WINDOWS DEFENDER OFFLINE
Emsisoft Emergency Kit 2.0 [genuine freeware, best, recommended] http://www.emsisoft.com/en/software/eek/ Your emergency kit for infected PCs! Detects and removes Malware > 5 million known dangers. World class dual-scan-engine. 100% portable – perfect for USB sticks. HiJackFree and BlitzBlank included. Emsisoft BlitzBlank BlitzBlank is a tool for experienced users and all those who must deal with Malware on a daily basis. Malware infections are not always easy to clean up. These days the software pests use clever techniques to protect themselves from being deleted. In more and more cases it is almost impossible to delete a Malware file while Windows is running. BlitzBlank deletes files, registry entries and drivers at boot time before Windows and all other programs are loaded. Self made Emergency USB stick – Expand the content of the Emsisoft Emergency Kit to an USB stick and make your own universal tool to scan and clean infected PCs.

Microsoft Standalone System Sweeper (Beta) [FREE] http://connect.microsoft.com/systemsweeper NOW CALLED Windows Defender Offline http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline NEWS: Microsoft ships free malware cleaner that boots from CD or USB ZDNet (blog) June 1, 2011, 10:15am PDT In a move aimed at cutting down on support call costs, Microsoft has released a malware recovery tool that boots from a CD or USB stick. Ryan Naraine is a journalist and social media enthusiast specializing … http://www.zdnet.com/blog/security/microsoft-ships-free-malware-cleaner-that-boots-from-cd-or-usb/8712

Windows Defender Offline Beta (Free from Microsoft, Scan with Windows Defender Offline Betafrom CD/DVD or USB Drive at Start Up to remove blocking malwares) http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline

What is Windows Defender Offline Beta? http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline

Windows Defender Offline Beta: frequently asked questions http://windows.microsoft.com/en-US/windows/windows-defender-offline-faq

How to Create a Bootable Offline Version of Windows Defender http://www.howtogeek.com/100289/how-to-create-a-bootable-offline-version-of-windows-defender/?utm_source=newsletter&utm_medium=email&utm_campaign=221211

We should point out that you can also scan your PC with a BitDefender boot disk, http://www.howtogeek.com/howto/36677/how-to-use-the-bitdefender-rescue-cd-to-clean-your-infected-pc/

a Kapersky boot disk, http://www.howtogeek.com/howto/36403/how-to-use-the-kaspersky-rescue-disk-to-clean-your-infected-pc/

an Avira boot disk, http://www.howtogeek.com/howto/38889/how-to-use-the-avira-rescue-cd-to-clean-your-infected-pc/

or even an Ubuntu Live CD, http://www.howtogeek.com/howto/14434/scan-a-windows-pc-for-viruses-from-a-ubuntu-live-cd/ this is one more tool to add into your toolkit.

ClamWin Portable (Antivirus, more) [FREE] http://portableapps.com/apps/utilities/clamwin_portable Antivirus to go…. ClamWin Portable is the popular ClamWin antivirus packaged as a portable app, so you can take your antivirus with you to scan files on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind. NEWS: ClamWin Portable 0.97.1 (anti-virus) Released | PortableApps.com … ClamWin Portable 0.97.1 (anti-virus) Released. Submitted by John T. Haller on June 17, 2011 – 7:46pm. logo ClamWin Portable 0.97.1 has been released. … http://portableapps.com/news/2011-06-17_-_clamwin_portable_0.97.1_released

SUPERAntiSpyware Portable Scanner (Antispyware) [FREE] http://www.superantispyware.com/portablescanner.html Follow the instructions below to download the SUPERAntiSpyware Portable Scanner. The scanner features our complete scanning and removal engine and will detect AND remove over 1,000,000 spyware/malware infections. The scanner does NOT install anything on your Start Menu or Program Files and does NOT need to be uninstalled. The scanner contains the latest definitions so you DO NOT need Internet Access on the infected system to scan.

Comodo Cleaning Essentials Comodo Cleaning Essentials is a set of portable antivirus tools that will help you to detect and remove malware from an infected PC. http://www.comodo.com/business-security/network-protection/cleaning_essentials.php (DESKTOP http://www.comodo.com/ )

ESET SysInspector is a powerful, portable security tool that will inspect your system’s files, running processes, Registry keys and more, looking for and highlighting anything that could be a sign of malware. (Makers of famous Eset NOD32 Antivirus – most awarded in history) http://www.downloadcrew.com/article/20672-eset_sysinspector_12026_32-bit (DESKTOP http://www.eset.com/us/ )

Norman Malware Cleaner is an interesting portable antivirus tool which will scan your PC, detecting and removing any malware that it uncovers. http://www.downloadcrew.com/article/23283-norman_malware_cleaner (DESKTOP http://www.norman.com/en-us )

The AVG Rescue CD is a portable environment that comes with a range of tools to help you clean up a virus-infected PC, fix hard drive problems, and get an unbootable system working again. This variant of the rescue CD is intended for installation on a USB flash drive. After downloading, you should extract the archive contents directly to the root folder of the USB drive you’d like to use. (If you don’t have a tool that can read RAR files, then try 7-ZIP). http://www.downloadcrew.com/article/4650-avg_rescue_cd_usb_flash_drive_edition (DESKTOP http://www.avg.com/us-en/homepage

CCleaner Portable CCleaner Portable is a compact version of CCleaner that you can store on a CD, USB flash drive, microSD, or even two floppy disks if you still use those. http://www.softpedia.com/get/PORTABLE-SOFTWARE/Security/Secure-cleaning/Windows-Portable-Applications-CCleaner-Portable.shtml (DESKTOP http://www.piriform.com/ccleaner )
Emsisoft Emergency USB Stick (Antivirus + Antispyware) [BUY] http://www.emsisoft.com/en/software/stick/ (USB Drive / Installed) Emsisoft Anti-Malware Personal Edition. Malware, adware and spyware removal and scanning. Plug in an run – It is that easy to clean an infected computer with the Emsisoft Emergency USB Stick! How it works: The Emsisoft Emergency USB Stick contains two useful programs which can be used to scan and clean an infected computer quickly without a required software installation

How to Make a Bootable Antivirus Cd How to Make a Bootable Antivirus Disc This document will teach you how to make a bootable anti-malware ( bootable antivirus ) cd/dvd step-by-step. … This is the best free way to remove any piece of malware with a 100% success rate. Steps: … Get Free Ultimate Boot CD http://windows7themesxp.com/2011/09/how-to-make-a-bootable-antivirus-cd.html

 

PORTABLE BROWSERS

Mozilla Firefox, Portable Edition http://portableapps.com/apps/internet/firefox_portable your browser, your way… in your pocket Mozilla Firefox Portable Edition is the popular Mozilla Firefox web browser bundled with a PortableApps.com Launcher as a portable app, so you can take your bookmarks, extensions and saved passwords with you. (DESKTOP http://www.mozilla.org/en-US/firefox/new/ )

Google Chrome Portable http://portableapps.com/apps/internet/google_chrome_portable browse with speed, simplicity and style Google Chrome Portable is a web browser that runs web pages and applications with lightning speed. It’s designed to be simple and stylish. It’s packaged as a portable app, so you can take your browsing experience with you. (DESKTOP https://www.google.com/chrome )

WARNING – FAKE BOGUS SOFTWARES / SCAREWARE ….. INFECTION:

Title: The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites Description: Bad, False, Fake products URL: http://www.spywarewarrior.com/rogue_anti-spyware.htm

LavaSoft — The Rogue Gallery http://www.lavasoft.com/mylavasoft/rogues/latest The Rogue Gallery, powered by the Malware Labs at Lavasoft, is a resource dedicated to keeping computer users safe from rogue security software. By providing a comprehensive database of current rogue security applications, you have the ability to clearly see what programs are considered rogue – and avoid them.

Partial list of rogue security software http://en.wikipedia.org/wiki/Rogue_security_software

Scareware From Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Scareware Rogue security software From Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Rogue_software

FBI — Don’t Be Scared of ‘Scareware’ They’re called “scareware” because they try to frighten you into purchasing fake antivirus software with a seemingly genuine security … http://www.fbi.gov/news/stories/2010/july/scareware/scareware

 

NOTES….. FUD “Fear, Uncertainty and Doubt, a marketing or political strategy” … FUD (definition) http://en.wikipedia.org/wiki/FUD There are many, many idiots and the corrupt in computer security calling all things FUD (or snake oil – worhtless product, does nothing – such as industry wide security products as antivirus, antispyware, personal firewalls etc. ) . Some of the count are actual cyber criminals socially engineering you ! Some advocate never using a registry cleaner which can not pass legal compliance in IT Security – yet they will advise you to use antivirus and antispyware that does indeed remove malware Windows Registry keys. We as intermediate and advanced users have known for years and have used for years Registry products that are an invaluable help to manually locate malware items and as well identify reported malware by security products (antivirus. antimalware, firewalls). These others are telling you ‘feel-good’ false security lies as ‘sugar daddies’ or ease-of-use ‘candy man’ tactics to be your “security guru” at many forums. We do not promote any false sense of security or environment. Those wishing to profit from calling security FUD are what we use to call Judas Iscariot and are NOT welcomed here or anywhere there is intelligence.

 

UTILITIES / ANALYSIS / ROOTKIT SCANNERS
UTILITIES

Microsoft Baseline Security Analyzer 2.1.1 (for consumers / IT – will find missing Windows Updates, more for average User PC) http://www.microsoft.com/downloads/en/details.aspx?FamilyID=b1e76bbe-71df-41e8-8b52-c871d012ba78

Secunia Personal Software Inspector (PSI) [MILLIONS OF DOWNLOADS] The Secunia PSI is a free security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. http://secunia.com/vulnerability_scanning/personal/

Belarc Advisor http://www.belarc.com/free_download.html The Belarc Advisor builds a detailed profile of your installed software and hardware, missing Microsoft hotfixes, anti-virus status, … ABOUT BELARC http://www.belarc.com/about.html Belarc, located in Maynard, MA, develops and licenses Internet based products which help make personal computers easier to use and maintain by large enterprises, small businesses and individual consumers. Our products are used for software license compliance, hardware upgrade planning, cyber security status, information assurance audits, IT asset management, configuration management, and more. Belarc’s products are in use on well over twenty million computers and are licensed by numerous customers including: AIG, Dana, Kindred Healthcare, NASA, National Park Service, U.S. Air Force, U.S. Army, U.S. Census Bureau, U.S. Coast Guard, U.S. Marine Corps, U.S. Navy, Unilever, WebMD/Emdeon, and many more.

HiJackFree (free from famed / awarded Emsisoft.Com)[wrkx w/ Netbooks] Freeware! HiJackFree helps advanced users to detect and remove Malware manually. With HiJackFree you can manage all active processes, services, drivers, autoruns, open ports, hosts file entries and many more. For your full control over your system. http://www.hijackfree.com/en/
RegSeeker [working-freeware] (One of world’s best registry cleaners) [wrkx w/ Netbooks] http://www.hoverdesk.net/ [Latest versions work with Windows Vista] RegSeeker is a handy tool for managing several popular registry items and searching the registry by keyword. It offers quick access to Startup Entries, Uninstall Information, Color Schemes, History items (URLs, Recent Documents etc) and IE Favorites. The program also includes a registry cleaning feature that finds invalid and unused registry entries, allowing you to delete them. RegSeeker can automatically create a backup before deleting any registry entries. The program comes with an attractive, easy to use interface. Nevertheless it is not intended for complete beginners and you should feel comfortable working with the Windows registry before using it.

Transaction Guard http://www.trendsecure.com/portal/en-US/tools/security_tools/transaction_guard Note to Trend Micro Internet Security Users: Trend Micro Internet Security already includes all the functionality of Spyware Monitor, plus the ability to remove spyware. Use Spyware Monitor when you are using a computer that does not have Trend Micro Internet Security installed (for example: at a library or an Internet cafe). Version 2.0 Transaction Guard is FREE software that protects you against spyware while performing sensitive online tasks on a public computer, like Internet banking or other financial transactions. Transaction Guard has two components: Spyware Monitor – Monitors for spyware and notifies you of any intrusions. Password ClipBoard – An on-screen keyboard for securely entering user names and passwords.

a-squared Anti-Dialer [working-freeware] [wrkx w/ Netbooks] http://www.emsisoft.com/en/software/antidialer/ (DIAL UP PROTECTION) No chance for the Dialer rip off! Protect your PC with a-squared Anti-Dialer from manipulated dial up connections, which can cause a phone bill of several hundred dollars quickly. a-squared Anti-Dialer provides a complete defense against Dialers. Scan all files on your harddisks for Dialer behavior using the Dialer scanner. The integrated background guard protects the PC from new infections. As soon as a potential Dialer creates or manipulates a dial up connection, the a-squared Anti-Dialer will alert it.

CWShredder [working-freeware, install this! worst known threat, only known solution available] [wrkx w/ Netbooks] http://www.intermute.com/spysubtract/cwshredder_download.html CWShredder finds and destroys traces of CoolWebSearch. CoolWebSearch is a name given to a wide range of different browser hijackers. Though the code is very different between variants, they are all used to redirect users to coolwebsearch.com and other sites affiliated with its operators. Learn More: http://www.intermute.com/cwshredder/learn_more_cwshredder.html (Note: CoolWebSearch has been reported as the worst, and the CWShredder is the only known true remover for all traces, variants – and is constantly updated. CWSredder has been aquired by Trend Micro AntiSpyware now but is still free as a stand alone program from them. Take a look at the extensive variants list of the CoolWebSearch toolbar browser hijacker at CA Spyware Information Center……): CA Spyware Information Center (List of CWS variants) http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076035

Trend Micro RUBotted (free) 4-5* (Detect only) [wrkx w/ Netbooks] http://www.trendsecure.com/portal/en-US/tools/security_tools/rubotted Malicious software called Bots can secretly take control of computers and make them participate in networks called “Botnets.” These networks can harness massive computing power and Internet bandwidth to relay spam, attack web servers, infect more computers, and perform other illicit activities. Security experts believe that millions of computers have already joined Botnets without the knowledge of their owners. By using remotely-controlled computers, the criminals in charge of the Botnets try to remain anonymous and elude authorities seeking to prosecute them. RUBotted monitors your computer for suspicious activities and regularly checks with an online service to identify behavior associated with Bots. Upon discovering a potential infection, RUBotted prompts you to scan and clean your computer.

Bothunter – Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Bothunter BotHunter is a free utility for Windows XP and Unix, which aims at detecting botnet activity within a network. It does so by analyzing network traffic and … http://www.bothunter.net/

Zombie computer (DEFINTION) From Wikipedia, the free encyclopedia http://en.wikipedia.org/wiki/Zombie_computer Zombie network (DEFINITION) From Wikipedia, the free encyclopedia SEE Botnet http://en.wikipedia.org/wiki/Botnet

P2P Dangers (Peer to Peer file swapping) [A major source of botnet infections ! ] Summary: A peer network used primarily for music file sharing. In an organization, can degrade network performance and consume vast amounts of storage. Is bundled with many spyware/adware products. Category: P2P… Any peer-to-peer file swapping program, such as Audiogalaxy, Bearshare, Blubster, E-Mule, Gnucleus, Grokster, Imesh, KaZaa, KaZaa Lite, Limewire, Morpheus, Shareaza, WinMX and Xolox. In an organization, can degrade network performance and consume vast amounts of storage. May create security issues as outsiders are granted access to internal files. Often bundled with Adware or Spyware. http://www.ca.com/securityadvisor/pest/pest.aspx?id=453088059

Botnet Infection in Safe Mode with Networking Beware (bad) Helpers directions – “Enter Safe Mode with Networking” ! [EXAMPLE] ….Booby Trap – Backdoor.Tidserv | Symantec… TidServ = Compromised U.S. computers: 1.5 million Main crime use: This downloader Trojan spreads through spam e-mail, arriving as an attachment. It uses rootkit techniques to run inside common Windows services (sometimes bundled with fake antivirus software) or in Windows safe mode, and it can hide most of its files and registry entries…. http://www.networkworld.com/news/2009/072209-botnets.html?source=NWWNLE_nlt_security_2009-07-23 Backdoor.Tidserv | Symantec Sep 18, 2008 … Remove Backdoor.Tidserv – Symantec Security Response provides comprehensive internet protection expertise to guard against complex threats, .. http://www.symantec.com/security_response/writeup.jsp?docid=2008-091809-0911-99

Troubleshooting problems while in safe mode – Windows Vista Help (GOOD GUYS) [Check for botnet infection activity first before entering] Try restarting your computer using Safe Mode with Networking, the only safe mode option that allows networking and Internet … by restarting your computer and also any network … http://windowshelp.microsoft.com/Windows/en-US/Help/ac778c16-dbf9-48f6-9906-2a87dfffa4b11033.mspx

Malware runs even in safe mode – Cleaning Malware (MalwareHelp.Org) April 1, 2011 http://www.malwarehelp.org/safemode-malware-removal-2011.html
ROOTKIT SCANNERS

Vista’s Despised UAC Nails Rootkits, Tests Find Rootkits unable to run on Windows Vista ! http://www.pcworld.com/businesscenter/article/146256/vistas_despised_uac_nails_rootkits_tests_find.html

Rootkit List BleepingComputer.Com is a very popular help destination on the web for years. See their comprehensive list of the malware – rootkits. (Can hide from known security softwares.) http://www.bleepingcomputer.com/startups/rootkit.html

Trend Micro RootkitBuster (popular) [working-freeware] [wrkx w/ Netbooks] http://www.softpedia.com/get/Antivirus/Trend-Micro-Rootkit-Buster.shtml Trend Micro RootkitBuster is a rootkit scanner that offers ability to scan for drivers, registry entries, processes, hidden files and hooked system service. Trend Micro RootkitBuster also includes the cleaning capability for hidden files and registry entries. License: Freeware / OS: Windows All

Sophos Anti-Rootkit (popular) [working-freeware] [wrkx w/ Netbooks] http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html Eliminates hidden applications and processes. Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care. Our free software, Sophos Anti-Rootkit, finds and removes any rootkit that is hidden on your computer.

GMer Free Rootkit Scanner [wrkx w/ Netbooks] http://www.gmer.net/ Download: http://www.pcworld.com/downloads/file/fid,64192-order,1-page,1/description.h License Type: Free Operating Systems: Windows NT, Windows 2000, Windows XP

a-squared HiJackFree [working-freeware] [wrkx w/ Netbooks] http://www.hijackfree.com/en/ a-squared Home: http://www.emsisoft.com/en/ a-squared HiJackFree is a detailed system analysis tool which helps advanced users to detect and remove all types of HiJackers, Spyware, Adware, Trojans and Worms. (Note this is the superior alternative to HiJackThis for advanced users with instant analysis online).

SiteAdvisor.Com Information and Download [working-freeware, Internet Explorer and Firefox browsers] [wrkx w/ Netbooks] http://www.siteadvisor.com/ We test the Web to help keep you safe from spyware, spam, viruses and online scams. SiteAdvisor’s safety ratings are based on automated safety tests of Web sites (including of our own site) and are enhanced with user feedback from our users and our own manual analysis. We do not accept payment from sites to be rated, so we have no conflict of interest. We also document our safety tests for every site we analyze. (Now owned by McAfee).

EarthLink Free Software & Tools For All Internet Users [working-freeware security toolbar] [wrkx w/ Netbooks] http://www.earthlink.net/software/nmfree/ EarthLink Toolbar: Surf safer and easier with our exclusive ScamBlocker and Pop-Up BlockerSM, plus a convenient Google search added to your browser toolbar. Free download. EarthLink Tools for the Firefox Browser, featuring ScamBlocker: Now you can use the popular Firefox Web browser with our customized EarthLink theme and our own extension—the EarthLink Toolbar featuring ScamBlocker! EarthLink Spy Audit: Do you have spyware on your machine? Find out now—FREE!

EULAlyzer 1.1 [wrkx w/ Netbooks] http://www.javacoolsoftware.com/eulalyzer.html EULAlyzer can analyze license agreements in seconds, and provide a detailed listing of potentially interesting words and phrases. Discover if the software you’re about to install displays pop-up ads, transmits personally identifiable information, uses unique identifiers to track you, or much much more.

 

ALTERNATE BROWSERS / wrkx w/Netbooks

Firefox web browser | Faster, more secure, & customizable The Firefox Web Browser is the faster, more secure, and fully customizable way to surf the web. http://www.mozilla.com/firefox/

SeaMonkey free browser suite / wrkx w/Netbooks The Internet browser at the core of the SeaMonkey suite uses the same rendering … If that’s still not enough, SeaMonkey can be extended with numerous Add-Ons that … http://www.seamonkey-project.org/
Google Chrome runs websites and applications with lightning speed. http://www.google.com/chrome/ Google Chrome is a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.

 

PERSONAL SOFTWARE FIREWALLS (necessary to block direct take over of pc by hackers)

PC Tools Firewall Plus – Free Edition 5* [wrkx w/Netbooks] http://www.pctools.com/firewall/ Easy-to-use, free software firewall for PC users to protect your computer from intruders and malicious network traffic. (PC Tools is maker of famous Spyware Doctor)
Comodo Personal Firewall [new, advanced users] (Genuine Freeware, and rated by international tests as about world’s best – now includes antivirus real time) http://www.personalfirewall.comodo.com/

Sygate Personal Firewall Free 5.6.2808 [Not supported, extinct, good system32 monitor] (Old favorite now owned by Symantec) http://www.softpedia.com/get/Security/Firewall/Sygate-Personal-Firewall-Free.shtml

ZoneAlarm Free Firewall Protect your PC with #1 Free Firewall http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm

Ashampoo FireWall Free 1.2 (popular) [wrkx w/ Netbooks] http://www.download.com/Ashampoo-FireWall-Free/3000-10435_4-10575187.html

 

Internet Tracks Cleaners Recommended (Privacy and Security) [You should have browsers Settings to delete all internet history each time it closes. Do NOT keep cookies on your computer at all. They have been broken into by crimewares. Cookies should only be given session cookies permissions as a privacy and security issue (cookies have been broken into by malwares) and only if necessary.

CCleaner – Wikipedia, the free encyclopedia (very popular, safe, freeware/donate) CCleaner supports the cleaning of temporary and unneeded files from certain … http://en.wikipedia.org/wiki/CCleaner CCleaner http://www.ccleaner.com/

ADD FOR FIREFOX…. BetterPrivacy :: Add-ons for Firefox https://addons.mozilla.org/en-US/firefox/addon/6623 Customize Firefox, Thunderbird, and other Mozilla products with thousands of … Better Privacy serves to protect against not deletable longterm cookies,….http://addons.mozilla.org ….deletes flash cookies that none others generally delete. Cookies should only be given session cookies permissions as a privacy and security issue (cookies have been broken into by malwares) and only if necessary.

 

FREE SCANS / TOP COMPANIES…..

MalAware 1.0 http://www.emsisoft.com/en/software/malaware/ Brand new out of the Emsi Software labs: The basic idea behind MalAware was to create build the smallest possible (1 mb) and the fastest possible malware scanner (scan in less than 1 minute) that will only provide an indication of whether a PC is infected with malware or not. However, it should still get the full Emsi Software technology with more than 3 million known nasties. Not an easy task – but our developers have found ways and means to meet these seemingly impossible combinable requirements. By combining a strongly limited version of the signature database of known malware paths with a cloud based scan of all active processes, MalAware achieves a similar accuracy as a-squared Anti-Malware. If it detects that your PC is infected, the second step is to download the big a-squared Anti-Malware package to remove the malware and protect the PC against new infections. Download MalAware 1.0 http://www.emsisoft.com/en/software/malaware/ MalAware does not require software installation and can be started immediately for a quick first control of possibly infected PCs.
Trend Micro Housecall http://housecall.trendmicro.com/ Bitdefender http://www.bitdefender.com/scanner/online/free.html F-secure http://www.f-secure.com/en_US/security/security-lab/tools-and-services/online-scanner/ Kaspersky http://www.kaspersky.com/virusscanner McAfee http://home.mcafee.com/Downloads/FreeScan.aspx Panda http://www.pandasecurity.com/homeusers/solutions/activescan/? Symantec http://security.symantec.com/sscv6/WelcomePage.asp Windows One-Care http://onecare.live.com/site/en-us/default.htm?s_cid=sah SUBMIT: VirusTotal.com http://www.virustotal.com/

 

Malicious Software Removal Tools

Microsoft Free Malicious Software Removal Tool http://www.microsoft.com/security/malwareremove/default.mspx Emergency Download Link (USA English): http://www.microsoft.com/downloads/details.aspx?FamilyId=AD724AE0-E72D-4F54-9AB3-75B8EB148356&displaylang=en The Microsoft Windows Malicious Software Removal Tool checks computers running Windows XP, Windows 2000, and Windows Server 2003 for infections by specific, prevalent malicious software—including Blaster, Sasser, and Mydoom—and helps remove any infection found. When the detection and removal process is complete, the tool displays a report describing the outcome, including which, if any, malicious software was detected and removed. Microsoft releases an updated version of this tool on the second Tuesday of each month, and as needed to respond to security incidents. The tool is available from Microsoft Update, Windows Update and the Microsoft Download Center. Note The version of the tool delivered by Microsoft Update and Windows Update runs in the background and then reports if an infection is found. If you would like to run this tool more than once a month, use the version on this Web page or install the version that is available in the Download Center. Because computers can appear to function normally when infected, Microsoft advises you to run this tool even if your computer seems to be fine. You should also use up-to-date antivirus software to help protect your computer from other malicious software. To download the latest version of this tool, please visit the Microsoft Download Center: http://www.microsoft.com/downloads/details.aspx?FamilyID=ad724ae0-e72d-4f54-9ab3-75b8eb148356&displaylang=en

McAfee AVERT Stinger http://vil.nai.com/vil/stinger/ Stinger is a stand-alone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but rather a tool to assist administrators and users when dealing with an infected system. Stinger utilizes next generation scan engine technology, including process scanning, digitally signed DAT files, and scan performance optimizations.

Microsoft Malware Prevention troubleshooter http://support.microsoft.com/kb/2534555 The Microsoft Malware Prevention trouble shooter is designed to scan your computer and make recommended changes based on your current settings to provide you with the most up to date security for your Windows operating system. Building up your computer’s defenses helps secure your computer against viruses and other malicious software.

The Microsoft Malware Prevention troubleshooter does the following: •Turns on your Windows Firewall. Enabling your Windows Firewall will protect your computer by blocking communication to your PC that may be malicious software. •Antivirus software: Checks your Antivirus protection status. You will be prompted to update your Antivirus program if it is not up to date or enable Real-time protection. If you don’t have an anti-virus program installed it will offer you to use Microsoft Security Essentials or learn more about other security software partners. •Turns on Automatic Update. Windows Update helps keep your PC current, secure and enhance performance by automatically downloading and installing the latest security and feature updates from Microsoft. This helps ensure that both Important and Recommended updates are downloaded. •Pop-blocker: Enabling Pop-up Blocker will make browsing the web safer by helping prevent malicious or unsafe pop-ups from automatically appearing. •Remote Registry: The Windows Remote Registry service enables remote users to modify registry settings on this computer. If this service is stopped the registry can be modified only by users on this computer as opposed to over the network. •Internet Explorer: The package will inform you if you have the latest version of Internet Explorer installed. It will also modify your current privacy settings to ensure you have a safe browsing experience. The package will delete your internet cache and browsing history, which will help protect against malicious threats attempting to access your computer while you’re online. •Enables User Account Control (UAC). User Account Control (UAC) will prevent malicious software from modifying your computer settings without your consent. •Proxy Settings: If malicious software has modified your Internet Proxy settings, therefore making it difficult to get online, the package will reset your settings so you can browse the internet normally.

EarthLink Spy Audit http://www.earthlink.net/software/nmfree/spyaudit/ When you browse the Web, spyware programs can sneak onto your computer. As a result, Web sites can track your browsing habits, corrupt your data, or even steal your identity. To scan your PC for spyware, just run a quick EarthLink Spy Audit.* This free service examines your computer and lists spyware results in minutes. It will not change or harm your system in any way.
Trend Micro AntiSpyware Scan Free Scan http://www.trendmicro.com/spyware-scan/ Trend Micro Anti-Spyware for the Web is a free online tool that checks computers for spyware, and helps remove any infections found. When the detection process is complete, the tool will display a report describing the result including which if any, spyware were detected, and prompt you before the removal process.
Webroot Spy Audit http://www.webroot.com/services/spyaudit_03.htm Quickly scan your PC for spyware – It’s free! At no cost or obligation to you, Spy Audit scans your system registry and hard drive space for thousands of known spyware programs. Spy Audit shows you what spyware is on your system. It will not remove or modify any files. Webroot Software respects your privacy – after all, that’s our business. Running Spy Audit will not add cookies or harm your computer in any way. Spy Audit takes only seconds to run. Try it now.
Pest Patrol Free Spyscan http://www.pestpatrol.com/ Windows Live Safety Center – free safety scan for your computer http://www.microsoft.com/athome/security/update/windows_live_safety_center.mspx Get a free safety scan for your computer. Windows Live Safety Center helps tune up your computer. Windows Live Safety Center is a new service that lets you scan your computer to help protect, clean, and keep it running at its best. The service is free and available directly from the Internet at http://safety.live.com. You can revisit the Windows Live Safety Center for subsequent tune ups as often as you like.
Panda (free scan) http://www.pandasoftware.com/products/activescan.htm Scans, viruses, worms and Trojans from all system devices, hard disks, compressed file and all your email.
Welcome to the CA Security Advisor site Free Spyware Scan (Makers of PestPatrol) http://www3.ca.com/securityadvisor/

 

DESTRUCTIVE THREATS TO COMPUTERS
The Malware that Murders Windows
(PC Magazine) Malware usually makes Windows run badly, but it usually wants to keep it alive. Not always. The S21sec Labs blog details a few examples of malware that deliberately kills Windows… http://www.pcmag.com/article2/0,2817,2344677,00.asp?kc=PCRSS03069TX1K0001121
Webroot: This PC Will Self-Destruct in Ten Seconds Several new variants of existing malware families are rendering the PC unbootable http://blog.webroot.com/2010/04/08/this-pc-will-self-destruct-in-ten-seconds/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+WebrootThreatBlog+%28Webroot+Threat+Blog%29
TheRegister.co.uk An unpatched PC is likely to last just four minutes on the internet Gone in 240 seconds An unpatched PC is likely to last just four minutes on the internet before being attacked and compromised.… http://www.theregister.co.uk/2008/07/15/unpatched_pc_survival_drops/

Incidents of “biometrics failure” (in medical sense meaning rather than security – or quarantine component failure)
Antivirus Quarantine containment failure Amatuer Forensics Build – Nimrod Botnet https://bluecollarpcwebs.wordpress.com/2010/01/07/new-amatuer-forensics-build-in-progress-nimrod-botnet/

SAFE MODE (with networking) FAILURE Backdoor.Tidserv | Symantec… TidServ = Compromised U.S. computers: 1.5 million Main crime use: This downloader Trojan spreads through spam e-mail, arriving as an attachment. It uses rootkit techniques to run inside common Windows services (sometimes bundled with fake antivirus software) or in Windows safe mode, and it can hide most of its files and registry entries…. http://www.networkworld.com/news/2009/072209-botnets.html?source=NWWNLE_nlt_security_2009-07-23 Malware runs even in safe mode – Cleaning Malware (MalwareHelp.Org) April 1, 2011 http://www.malwarehelp.org/safemode-malware-removal-2011.html

PRODUCTS INFORMATION

FBI Releases Warning about Scareware (US-CERT) http://www.us-cert.gov/current/index.html#fbi_releases_warning_about_scareware

Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites Description: Bad, False, Fake products URL: http://www.spywarewarrior.com/rogue_anti-spyware.htm

LavaSoft — The Rogue Gallery http://www.lavasoft.com/mylavasoft/rogues/latest The Rogue Gallery, powered by the Malware Labs at Lavasoft, is a resource dedicated to keeping computer users safe from rogue security software. By providing a comprehensive database of current rogue security applications, you have the ability to clearly see what programs are considered rogue – and avoid them.

Partial list of rogue security software http://en.wikipedia.org/wiki/Rogue_security_software

VB100 Award = Perfect scores ! (Top AntiVirus World Prize) http://www.virusbtn.com/vb100/index http://en.wikipedia.org/wiki/Virus_Bulletin About the Virus Bulletin 100% award… The Virus Bulletin 100% awards recognise those products best able to detect viruses known to be ‘in the wild’. Unlike some other similar-sounding schemes, Virus Bulletin uses the most up-to-date WildList in its tests. This means that products that are ‘up with the game’ are the ones most likely to be granted VB100 awards. More information about Virus Bulletin can be found on its website: www.virusbtn.com.

ESET NOD32 Currently 59 VB100 awards ! http://www.eset.com/ http://en.wikipedia.org/wiki/ESET_NOD32 This brings the ESET Antivirus VB100 award total to 59 – still the highest of any antivirus vendor! December 2009 – ESET antivirus scoops 59th VB100 Award http://www.betterantivirus.com/nod32-and-virus-news/archives/1456-December-2009-ESET-antivirus-scoops-59th-VB100-Award.html

Sophos Antivirus (UK) http://www.sophos.com/ http://en.wikipedia.org/wiki/Sophos Sophos’s anti-virus engine and identities are now packaged into Webroot Spy Sweeper with Anti-Virus (Webroot Spysweeper one of world’s best) http://www.webroot.com/ Sophos wins VB100 on Windows XP http://www.sophos.com/pressoffice/news/articles/2009/04/vb100.html …..the 46th VB100 that Sophos has received ! (Note, Sophos is a corporate business application only available to Home Desktop in the new “marriage” combo suite created recently with industry leader Webroot Spysweeper.)

F-Secure http://www.f-secure.com/ F-Secure Awards – Award-Winning Antivirus and Protection Products http://www.f-secure.com/en_US/about-us/awards-reviews/2009/

Advanced +++ in AV-Comparatives Performance test Dec 23, 2009 Anti-virus (Award) F-Secure Internet Security 2010 receives VB100 award in the latest Virus Bulletin comparative review. http://www.f-secure.com/en_US/products/home-office/internet-security/ VB100 award Dec 01, 2009 Internet Security (Award)

Kaspersky (Russia) http://www.kaspersky.com/ Kaspersky Lab’s antivirus solutions win prestigious VB100 award in testing on Windows 7 platform http://www.kaspersky.com/news?id=207575987 One of the most popular anti-virus solutions among computer users, Kaspersky Anti-Virus 2009, won a VB100 award from Virus Bulletin on Windows Vista Business Edition.

Avast http://www.avast.com/ http://www.avast.com/eng/awards.html

PC Tools Spyware Doctor with AntiVirus (PC Tools Spyware Doctor one of world’s best) http://www.pctools.com/consumer/products/ PC Tools receives prestigious Virus Bulletin VB100 awards for Spyware Doctor and PC Tools AntiVirus http://www.pctools.com/news/view/id/177/

Avira http://www.avira.com/ http://www.avira.com/en/company_news/avira_receives_again_vb_100_award_on_windows_xp.html Desktop Products Avira AntiVir Premium Avira Premium Security Suite Avira AntiVir Professional

CounterSpy (antispyware) with Vipre Antivirus (CounterSpy one of world’s best) http://www.sunbeltsoftware.com/ VIPRE® Antivirus + Antispyware from Sunbelt Software Wins VB100 Award for Malware Detection on Windows 7 Platform http://www.sunbeltsoftware.com/Press/Releases/?id=322 http://www.counterspy.com/

Kingsoft Internet Security http://www.binarynow.com/ Kingsoft Internet Security 2009 obtains VB100 award from Virus Bulletin for April 2009 http://www.binarynow.com/internet-security/kingsoft-internet-security-2009-obtains-vb100-award-from-virus-bulletin-for-april-2009/ Kingsoft Internet Security 9 Plus Internet security suite that contains anti-virus, anti-malware, a vulnerability scanner and personal firewall. Find and fix rootkits, spyware, trojans, virus and malware infections. Protect your PC for less!

Forefront Client Security http://www.microsoft.com/forefront/clientsecurity/en/us/product-information.aspx Forefront Client Security wins VB100 award for Windows Server 2008 anti-malware http://blogs.technet.com/forefront/archive/2008/10/02/forefront-client-security-wins-vb100-award-for-windows-server-2008-anti-malware.aspx

THESE ARE NOT MAGAZINE / PERSONAL TESTINGS…. THEY ARE TREATED AS “FOUNDATION” LIKE / INDEPENDENT WORLD LABS AND TRUE REAL SCIENCE FACT RESULTS – NOT OPINION ….. ALL NOVICE (NEWBIES) ASK “WHAT IS BEST”…… HERE YOU ARE: THE FACTS …..

VB100 Award = Perfect scores ! (Top AntiVirus World Prize) http://www.virusbtn.com/vb100/index http://en.wikipedia.org/wiki/Virus_Bulletin About the Virus Bulletin 100% award The Virus Bulletin 100% awards recognise those products best able to detect viruses known to be ‘in the wild’. Unlike some other similar-sounding schemes, Virus Bulletin uses the most up-to-date WildList in its tests. This means that products that are ‘up with the game’ are the ones most likely to be granted VB100 awards. More information about Virus Bulletin can be found on its website: www.virusbtn.com.

West Coast Labs WCL provides an authoritative and independent service, delivering sound, meaningful technical information on which critical business decisions can be made. … http://www.westcoastlabs.org/ Checkmark is the world’s fastest growing certification system for information security products and services. It is a highly regarded accreditation program, recognized globally by vendors, end users and by government agencies as providing End Users with effective confirmation of a product or service’s effectiveness in an ever-changing threat landscape. Products registered and tested in the Real Time programme are eligible to display the Checkmark Platinum Product Award. Those products registered and tested in the standard certification programmes are eligible to display the Standard Checkmark logo (below left).

AV-Test.org http://www.av-test.org/ The company AV-Test GmbH is a worldwide operating and leading service provider for IT security testing and consultancy services. Our team has more than 15 years of experience in the area of anti-virus research and data security. Every year we perform more than 2,500 product tests of anti-virus, anti-spyware, personal firewalls and related products on behalf of vendors, integrators (OEM), corporate users and magazines.

Malware Research Group http://malwareresearchgroup.com/ MRG Malware Tests MRG On Demand and System Rescue test The purpose of this project is to assess the effectiveness of a set of five full AV/AM applications and two AM/AS applications against 1000 mixed samples on demand and their effectiveness in detecting and removing fifteen live infections from a system.

Welcome to the independent and renowned ProtectStar Test Lab http://www.protectstar-testlab.org/ The ProtectStar™ Test Lab, which has achieved world renown through the “ProtectStar™ AWARD”, carries out thorough ongoing in-depth testing on security solutions offered by leading manufacturers. In addition, the ProtectStar™ Test Lab is the first global IT security company to focus its attention on mobile terminals such as PDAs, cell phones and smart phones, as well as on their security testing and evaluation. About Us http://www.protectstar-testlab.org/2_23_9_aboutus.html

Welcome to AV-Comparatives.org http://www.av-comparatives.org/ On this site you will find independent comparatives of Anti-Virus software. All products listed in our comparatives are already a selection of some very good anti-virus products. In order to get included in our main tests, vendors must fulfill various conditions and minimum requirements.

Epsilon Award – ESWC – the European Software Conference for … The Epsilon Award 2009 was won by Emsisoft. The nomination process for the Epsilon Award 2010 will begin on July 10, 2010. * … Epsilon is the fifth letter of the Greek alphabet and the Phoenician Word for sun derives from that root. An astronomer knows that there is a constellation in space called (Lambda)-Epsilon which we can see at the right hand side. So the Epsilon Award is a combination of Excellency, craftsmanship and visionary ability. These are characteristics of an outstanding programmer and a piece of true software art. http://www.euroconference.org/Epsilon_Vote.htm

About

Webmaster of the BlueCollarPC.US
Former webmaster of BlueCollarPC.Net / BlueCollarPC.Org and BlueCollarPC.Webs.Com. We have moved to www.BlueCollarPC.US for the new decade 2010 ongoing. Data Processor Certificate 1970  (IBM029,Univac026 – Sperry Rand Univac 9200/9300 Series COBAL). Novice to Advanced User to Amatuer Computer Forensics on Windows PC. Advanced Linux User also now.
Location: USA

Welcome to the BlueCollarPC ……    A Community Help Website

BlueCollarPC.US Launched June 14 2010 Personal Website for General Audiences with Computing Safety and Malware Removal Help and Information as main theme which includes memberships available for live help – at our Groups and Forums. Formerly Webmaster of BlueCollarPC.Net from 2005 -2009 (over 6 million Visitors) and back up BlueCollarPC.Org [closed]

Welcome to the www.BlueCollarPC.US We Thank You for choosing us as your additional Computing Security destination !

For the record….. I began the BlueCollarPC Computing Security Community Website in 2005 at the original .Net website. I believe at that time, the .Com website was actually a PC Repair Shop which I was not connected with. Towards the end of 2009, the BlueCollarPC .Net created by me had enjoyed just over 6 Million Vistors/Users! – and are proud to have helped and indeed actually had “discovery” in the security industry concerning the malware RASautodial registry entries discovered by Yours Truly. Never be afraid to ‘take a look under the hood’ of your PC ! You never know what you’ll find.

 

How And Where To Report Cyber Crime
REPORT CYBER CRIME 


Internet Crime Complaint Center (IC3)

http://ic3.gov/
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). IC3’s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >> http://ic3.gov/

Federal Trade Commission (USA) Complaint Input Form
https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03
If you believe you have been the victim of identity theft, you may use the form below to send a complaint to the Federal Trade Commission (FTC). The information you provide is up to you. However, if you don’t provide your name or other information, it may be impossible for us to refer, respond to, or investigate your complaint or request. To learn how we use the information you provide, please read our Privacy Policy.

Federal Bureau of Investigation – Cyber Investigations – Cybercrime
http://www.fbi.gov/cyberinvest/cyberhome.htm

Computer Crime & Intellectual Property Section
http://www.cybercrime.gov/

WiredSafety.Org
http://www.wiredsafety.org/911/
Our Cyber911 Help tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement…

ReportCybercrime.Com (Private)
http://www.reportcybercrime.com/
Also, through our interactive forum you can get opinion of specialist attorneys and lawyers. Each lawyer in practice will give his opinion on matters, which are raised in the forum. You Can post queries view answers from experts and improve upon your knowledge base…

How to Report Cybercrime
http://www.katiesplace.org/report_cybercrime.html
WiredSafety’s Cyber911 Emergency tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement.

Take a Bite Out of Cyber Crime
ByteCrime.Org
http://www.bytecrime.org/

Security product vendors
Links to developers and vendors of computer and network security products and services…
http://www.virusbtn.com/resources/links/index?ven

AEC (Trustport)
AVG (formerly Grisoft)
Agnitum (Outpost)
AhnLab (V3Net)
Aladdin (eSafe)
Alwil Software (avast!)
ArcaBit (ArcaVir)
Authentium (Command)
Avira (AntiVir)
BitDefender (formerly Softwin)
Bullguard
CA (Corporate)
CA (Home user)
Central Command (Vexira)
Check Point (ZoneAlarm)
ClamAV (open source)
Comodo (BOClean)
Cybersoft (VFind/VTSK)
Doctor Web
ESET (Nod32)
Ewido
F-Secure
Filseclab (Twister)
Fortinet
Frisk Software (F-PROT)
G DATA (AVK)
Ggreat
HAURI (ViRobot)
IBM ISS (Proventia)
Ikarus
Intego (Mac specialist)
Iolo
K7 Computing
Kaspersky Lab
Kingsoft
Lavasoft (AdAware)
McAfee, Inc. (formerly Network Associates)
MicroWorld Software (eScan)
Microsoft (Forefront)
Microsoft (OneCare)
Moon Secure (open source AV for Windows project)
New Technology Wave Inc. (VirusChaser)
Norman Data Defense Systems
PC Tools (Spyware Doctor)
Panda Software
Per Systems
Proland Software (Protector Plus)
ProtectMac (Mac specialist)
Quick Heal Technologies
Rising
SecureMac (MacScan)
Sophos
SpyBot – Search & Destroy
Sunbelt Software (CounterSpy, Vipre)
Symantec Corporation (Norton)
Trend Micro Inc.
VirusBlokAda (VBA32)
VirusBuster Ltd.
Webroot (Spy Sweeper)
eEye Digital Security (Blink)

PC Help

PC Help – General Computing Information Links

PC Disaster Recovery Help

NOTES: Data corruption (like virus damage etc) is a feared worst enemy of computers. 

Acronis
Data backup software and disaster recovery solutions help you back up hard disk drive files, (Highy rated with users) “Acronis True Image Home 2009 complete PC protection: back up your entire PC, including the OS plus your data, applications, pictures, video, financial documents, settings and everything!” NOTE: This is not simple files back up – it backs up Windows too – THIS is the top back up scenario and is mandatory without an Emergency CD Repair to restore Windows. In a botnet hit there is definately going to be damage to Windows obviously which is the KEY important part of PREVENTION. (The “OS” is Operating System – Windows, Mac, Linux etc)
http://www.acronis.com/

Back-Up and Recovery – Softpedia.com
Home / Windows / Categories / System / Back-Up and Recovery
http://www.softpedia.com/get/System/Back-Up-and-Recovery/

Create an emergency repair CD
Don’t limit yourself to a floppy: Create an emergency repair CD Sep 25, 2002 … No support tech should be without a reliable boot disk. But with the venerable 3.5 floppy in its twilight, a bootable CD may be …
http://articles.techrepublic.com.com/5100-10878_11-1053250.html

MyBootDisk 2.96
Start-up disk with system repair utilities, NTFS support and more
http://www.softpedia.com/get/System/Boot-Manager-Disk/My-BootDisk.shtml

Symantec Norton Ghost – System Restore – PC Backup Software
System Restore – PC Backup Software | Norton Ghost Norton Ghost from Symantec
http://www.symantec.com/norton/ghost

Windows XP CD Burning Secrets
Sep 16, 2003 … I assume you’ve already mastered the basics of CD burning in Windows XP. If you need a refresher course on burning data CDs, …
http://www.microsoft.com/windowsxp/using/setup/learnmore/bott_03september16.mspx Be Prepared: Create a Recovery Drive for Windows, Linux, Mac, or Chrome OS
Computers don’t come with operating system installation CDs anymore. If your operating system won’t boot, you’ll need a bootable recovery drive to fix it. All operating systems allow you to create these. …
http://www.howtogeek.com/194521/be-prepared-create-a-recovery-drive-for-windows-linux-mac-or-chrome-os/

Information / Help / Removal:
MORE OPTIONS:

When should I re-format? How should I reinstall? (#10063)
http://www.dslreports.com/faq/10063OS Reinstallation vs. Virus Removal
http://safecomputing.umn.edu/guides/rebuild_repair.html

Part Two: Reinstall an Infected Operating System
http://safecomputing.umn.edu/studentchecklist.html

FOLDOC is a computing dictionary.
http://foldoc.org/
It includes definitions of acronyms, jargon, programming languages, tools, architecture, operating systems, networking, theory, conventions, standards, mathematics, telecoms, electronics, institutions, companies, projects, products, history, in fact any of the vocabulary you might expect to find in a computer dictionary.

USE COMMAND TO ENABLE HIDDEN COMPUTER ADMINISTRATOR….
Enable the (Hidden) Administrator Account on Windows 7, 8, or Vista
http://www.howtogeek.com/howto/windows-vista/enable-the-hidden-administrator-account-on-windows-vista/

3 Ways to Enable Administrator Account in Windows 7
http://www.instructables.com/id/3-Ways-to-Enable-Administrator-Account-in-Windows-/

How to enable and disable the Windows Administrator account
http://www.bleepingcomputer.com/tutorials/enable-disable-windows-administrator-account/

WITHOUT COMMAND – ACCESS LOCAL USERS/GROUPS MANAGER
Enable built-in Administrator in Local Users and Groups
http://www.sevenforums.com/tutorials/507-built-administrator-account-enable-disable.html
NOTE: This option will only be available in the Windows 7 Professional, Ultimate, and Enterprise editions.

MICROSOFT:
Enable and Disable the Built-in Administrator Account
https://technet.microsoft.com/en-us/library/dd744293%28v=ws.10%29.aspx

ALTERNATIVE OPTIONS…..
Lost administrator account on Windows 7
http://answers.microsoft.com/en-us/windows/forum/windows_7-security/lost-administrator-account-on-windows-7/62a99dcc-b976-4ad1-9ac5-e7bf803eab83

12 Computer Security Mistakes You’re Probably Making
Tom’s Guide
http://www.tomsguide.com/us/computer-security-mistakes,news-19391.html

 

Why You Probably Aren’t Getting the Internet Speeds You’re Paying For (and How to Tell)
http://www.howtogeek.com/165321/why-you-probably-arent-getting-the-internet-speeds-youre-paying-for-and-how-to-tell/?utm_source=newsletter&utm_medium=email&utm_campaign=150613
We’ll look at why actual speeds differ from advertised speeds and how you can identify whether you’re actually getting the Internet connection speeds you’re paying for.

Built In Restore Options / Enter Safe Mode to Scan For – Remove Malware When Can Not Normally
What is System Restore?
http://windows.microsoft.com/en-IL/windows-vista/What-is-System-Restore
System Restore: frequently asked questions
http://windows.microsoft.com/en-XM/windows-vista/System-Restore-frequently-asked-questions
Windows Vista System Restore – Softpedia
System Restore – Windows 7 features
http://windows.microsoft.com/en-US/windows7/products/features/system-restore
Learn how Windows 7 can recover your data from a virus or catastrophic crash with System Restore.
http://news.softpedia.com/news/Windows-Vista-System-Restore-47381.shtml
Using Windows 7 or Vista System Restore – How-To Geek
http://www.howtogeek.com/howto/windows-vista/using-windows-vista-system-restore/
Safe mode
http://en.wikipedia.org/wiki/Safe_mode
Safe mode is a diagnostic mode of a computer operating system (OS). It can also refer to a mode of operation by application software. Safe mode is intended to fix most, if not all problems within an operating system. It is also widely used for removing rogue security software.
Microsoft Windows XP – Start the computer in safe mode
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/boot_failsafe.mspx?mfr=true
Start your computer in safe mode Windows Vista
http://windows.microsoft.com/en-SG/windows-vista/Start-your-computer-in-safe-mode
Start your computer in safe mode – Windows 7
Start Windows in a troubleshooting mode that is useful for diagnosing problems.
http://windows.microsoft.com/en-US/windows7/Start-your-computer-in-safe-mode 
Startup Repair: frequently asked questions
What is Startup Repair?
Startup Repair is a Windows Vista recovery tool that can fix certain problems, such as missing or damaged system files, that might prevent Windows from starting correctly. When you run Startup Repair, it scans your computer for the problem and then tries to fix it so your computer can start correctly. MORE…
http://windows.microsoft.com/en-US/windows-vista/Startup-Repair-frequently-asked-questions
How to Remove Boot Block Malware
http://www.ehow.com/how_5941797_remove-boot-block-malware.html
Boot block malware is malicious software that settles into your computer’s hard
drive in the first sector and replaces the boot block instructions with malware
instructions. When you start, or boot up, your computer, the malware is loaded
into your computer’s memory and from there it can spread to any other part of
your computer. ….
http://www.ehow.com/how_5941797_remove-boot-block-malware.html
Troubleshoot problems waking computer from sleep mode
http://support.microsoft.com/kb/266283
Unwanted wake-up events
may occur when you enable the Wake On LAN feature
in Windows 7 or in Windows Vista
http://support.microsoft.com/kb/941145
How to Enable the Wake from Standby Option for a USB Mouse
http://support.microsoft.com/kb/280108
By default, the Power Management feature of USB mouse devices is turned off.
This setting is different from classic PS/2 computer functionality.
Therefore, to enable the Wake from standby option, you must manually turn on the Power Management feature for the USB mouse.
To manually enable the Wake from standby option for the USB mouse, start Device Manager, right-click the USB mouse driver,
click Properties, and then click to select the Allow this device to wake the system from standby check box.
The monitor reverts to a low-power state several seconds after you wake it up by pressing the power button or by using the remote control on a computer that is running Windows Vista SP1 or Windows Server 2008….
http://support.microsoft.com/kb/953029
HOTFIX AVAILABLE
http://support.microsoft.com/kb/953029
Free On-line Dictionary of Computing
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Free_On-line_Dictionary_of_Computing
Firefox crashes, Help – Remedies
http://kb.mozillazine.org/Firefox_crashesWindows Security Technologies
System security technologies built in, to enable, add on…

New Windows 8 Security Items
Unified Extensible Firmware Interface
http://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface
Hardware Design and Development for Windows 8
Unified Extensible Firmware Interface
http://msdn.microsoft.com/en-us/library/windows/hardware/br259114.aspx

Bootkits
http://en.wikipedia.org/wiki/Rootkit#bootkit
BIOS
http://en.wikipedia.org/wiki/BIOS

Windows 8 “Secure Boot”
http://news.softpedia.com/news/Windows-8-Bootkit-Might-Prove-Secure-Boot-Ineffective-235138.shtml
Comprimised already by bootkit:
http://www.itworld.com/security/225417/windows-8-secure-boot-already-cracked
http://arstechnica.com/business/news/2011/11/security-researcher-defeats-windows-8-secure-boot.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss
http://www.pcworld.com/businesscenter/article/248342/windows_8_secure_boot_the_controversy_continues.html
(This is a great debate and many, many articles already :
http://linuxducks.free-forums.org/fsf-warns-of-windows-8-secure-boot-sign-petition-vt508.html

Early Launch Anti-Malware (ELAM) – Windows 8
http://www.techopedia.com/definition/29079/early-launch-anti-malware-elam-windows-8
Windows 8 Early Launch Anti-Malware from Third-Party AV Vendors
http://news.softpedia.com/news/Windows-8-Early-Launch-Anti-Malware-from-Third-Party-AV-Vendors-226789.shtml
Managing early launch anti-malware (ELAM) detections
http://www.symantec.com/business/support/index?page=content&id=HOWTO81107
Windows 8 ELAM: too late, too little!
http://www.virusbtn.com/conference/vb2012/abstracts/KulkarniJagdale.xml
How to configure Early Launch Anti-Malware Protection in Windows 8
http://www.bleepingcomputer.com/tutorials/configure-early-launch-antimalware-protection/
How to disable Early Launch Anti-Malware Protection
http://www.bleepingcomputer.com/tutorials/disable-early-launch-antimalware-protection/
Understanding Early Launch Anti-Malware (ELAM) technology in Windows 8
http://www.thewindowsclub.com/earlylaunch-antimalware-elam-technology-windows-8
[Hot Fix] B0006 – The Early Launch Anti-Malware of Titanium 2013 does not load properly
http://esupport.trendmicro.com/solution/en-US/1095123.aspx
Windows 8: Trusted Boot: Secure Boot – Measured Boot
http://blogs.msdn.com/b/olivnie/archive/2013/01/09/windows-8-trusted-boot-secure-boot-measured-boot.aspx

Windows 8
http://support.microsoft.com/gp/windows-8
Support options, learn more and lifecycle information for Windows 8

Windows Security Technologies

Data Execution Prevention (DEP)
Data Execution Prevention (DEP) is a security feature included in modern operation systems. It is available in Linux, Mac OS X and the newer Microsoft …
http://en.wikipedia.org/wiki/Data_Execution_Prevention

Address Space Layout Randomization (ASLR)
Address space layout randomization (ASLR) is a computer security technique which involves randomly arranging the positions of key data areas, …
http://en.wikipedia.org/wiki/Address_space_layout_randomization

Structured Exception Handler Overwrite Protection (SEHOP)
Windows Vista Service Pack 1, Windows 7, Windows Server 2008 and Windows Server 2008 R2 now include support for Structured Exception Handling Overwrite Protection (SEHOP). This feature is designed to block exploits that use the Structured Exception Handler (SEH) overwrite technique. This protection mechanism is provided at run-time. Therefore, it helps protect applications regardless of whether they have been compiled with the latest improvements, such as the /SAFESEH option. We recommend that Windows users who are running any of the above operating systems enable this feature to improve the security profile of their systems.
http://support.microsoft.com/kb/956607

Export Address Table Filtering (EAF)
In August 2010 we released the new version of EMET with brand new mitigations and a new user interface experience. Two new mitigations are included in this version: Mandatory ASLR (breaking current ROP exploits relying on DLLs located at predictable addresses) and Export Address Table filtering (EAF) (breaking virtually the big majority of shellcodes from running). EMET is not bulletproof but will break a lot of the bad guys’ tools and exploits. EMET makes it possible for f.i. to have SEHOP on an XP machine.
http://technet.microsoft.com/en-us/security/Video/gg469855

Heap Spray Allocation (HSA)
In computer security, heap spraying is a technique used in exploits to facilitate arbitrary code execution. The term is also used to describe the part of the source code of an exploit that implements this technique. In general, code that sprays the heap attempts to put a certain sequence of bytes at a predetermined location in the memory of a target process by having it allocate (large) blocks on the process’ heap and fill the bytes in these blocks with the right values. They commonly take advantage of the fact that these heap blocks will roughly be in the same location every time the heap spray is run. Execution flow can be redirected to the heap sprays via buffer overflow or heap overflow flaws.
http://en.wikipedia.org/wiki/Heap_spraying

Null Page Allocation (NPA)
May 23, 2011 … Null Page Allocation (NPA) guards against a piece of malware running itself by taking over a “null” page — a technique that’s never been …
http://www.infoworld.com/t/microsoft-windows/microsoft-shuffles-windows-security-deck-emet-21-831

MEMORY / RAM / UPGRADES / RAM BOOSTERS

Microsoft – Add more memory to your computer
If your computer seems slow, now’s the time for additional RAM
http://www.microsoft.com/athome/moredone/addmemory.mspx

Ultimate Memory Guide
http://www.kingston.com/tools/umg/default.asp
Kingston has written the definitive document related to memory and the technology behind it. Everything you ever wanted to know about memory can be found here.

Microsoft Support
RAM, Virtual Memory, Pagefile and all that stuff
http://support.microsoft.com/kb/2267427

Random-access memory [RAM Memory]
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Random-access_memory

FREE RAM BOOSTERS (Note don’t cause corruption/freeze-up …use when open programs are idle or closed)

Mz RAM Booster (works with Vista)
http://www.softpedia.com/get/Tweak/Memory-Tweak/Mz-Ram-Booster.shtml
Speed up your computer, stop memory leaks and increase free RAM.
Mz RAM Booster is a program created to improve the performance of your computer by auto-recovering RAM and fine tuning some system settings! It uses minimal resources and almost no CPU time. You will be able to experience the best performance boost, without the need of new hardware, hardware tweak and even without restricting your PC’s stability.
Requirements:
· .NET Framework 2.0 (Download at Windows Updates, upgrades)

Rambooster 2.0 (Great old Windows XP ram booster)
http://www.softpedia.com/get/Tweak/Memory-Tweak/Rambooster-Bilton.shtml
Rambooster is a software that helps you optimize your RAM. RAMBooster monitors the amount of RAM your system is using and allows you to free it up. This will let your PC run smoother and faster, and you won’t have to reboot as often. It will monitor the memory at all times, and if the amount of free RAM gets too low, it will automatically boost it for you, finding unused RAM and returning it to the free pool. RAMBooster will also monitor your CPU usage. Includes replaced CPU-infotext with a gauge. RB now always minimizes to the tray instead of taskbar or tray. The GUI looks almost like the old GUI, to make things easier for those who have used RAMBooster for years. Supports RAM up to 9999 MB instead of previous 99. Help-file problems fixed.
Fixed conflicts with CPU-usage meter. Also some dial-up system caused to CPU-reading to freeze to 0%. This part has also been rewritten. Allows only one instance of the program. Lots of code optimization, invisible to users. It is bettter, faster, and more reliable now.

Windows Search 4.0 component of Windows enables instant search of your computer

Windows Search 4.0 Windows XP

http://www.microsoft.com/downloads/en/details.aspx?FamilyId=55C18CB3-C916-4298-ABA3-5B98904F7CDA&displaylang=en

Windows Search 4.0 Windows Vista

http://www.microsoft.com/downloads/en/details.aspx?FamilyId=BC28ED7F-C51B-49CD-B505-95B91B453284&displaylang=en

Windows 7

DON’T FORGET YOUR PASSWORD !

What to do if you forget your Windows password
http://windows.microsoft.com/en-US/windows-vista/What-to-do-if-you-forget-your-Windows-password
If you’ve forgotten your Windows password and you’re on a domain, you should contact your system administrator to reset your password. If you’re not on a domain, you can reset your password by using a password reset disk or by using an administrator account. If you forget the administrator password and don’t have a password reset disk or another administrator account, you won’t be able to reset the password. If there are no other user accounts on the computer, you won’t be able to log on to Windows and will need to re-install Windows

POSSIBLE REMEDY
Top 7 Free Windows Password Recovery Tools
http://pcsupport.about.com/od/toolsofthetrade/tp/passrecovery.htm
A List of the Best Free Password Recovery & Reset Tools for Windows
“Windows password recovery tools are used to recover or reset lost user and administrator passwords used to log on to Windows operating systems. Password recovery tools are often called “password cracker” tools because they are sometimes used to “crack” passwords by hackers. Legally cracking your own Windows password is certainly a legitimate practice! “

Windows Vista

New Vista Empowered Computers, launch…..
TIPS: Vista Basic edition is less “microsoft intrusive” so to speak for preferences as they say – but if you have or get a Laptop or Notebook it is mandatory to
get Vista Home Premium that includes all the Network Automatic Wizards and battery -vs.- operating system optimization utilization settings neccessary for mobile.
These are not included in Basic edition. FIRST after launching and registering your Vista set Windows Updates to Automatic Download and Install.
(General recommendations from an Advanced User…follows)

FLASH !!! did u know ? DO NOT TURN OFF VISTA UAC ! Read……
Vista’s Despised UAC Nails Rootkits, Tests Find – Business Center …
http://www.pcworld.com/businesscenter/article/146256/vistas_despised_uac_nails_rootkits_tests_find.html
May 25, 2008 … Most users find it annoying, but Vista’s Account Control
feature proves most effective in security tests…..
http://www.pcworld.com/businesscenter/article/146256/vistas_despised_uac_nails_rootkits_tests_find.html
NEVER turn off UAC !!! And do NOT use “tweak softwares” for it. You have been
warned…..
Circumventing Vista UAC Security is aiding cyber crime and we consider “Vista Bashing” as part of that. 

Vista User Account Control (UAC) Information links …..
User Account Control (UAC) in Windows Vista extends new privileges to
standard users while upholding robust protections against online threats
http://www.microsoft.com/windows/windows-vista/features/user-account-control.aspx
What is User Account Control?
http://windowshelp.microsoft.com/Windows/en-US/Help/0eeb9ddd-ddaa-4cc5-a092-9908305665471033.mspx
User Account Control Overview
http://windowshelp.microsoft.com/Windows/en-US/Help/9812d370-e66a-451a-80c9-f028d402d4281033.mspx
How to use User Account Control (UAC) in Windows Vista
http://support.microsoft.com/kb/922708
User Account Control
http://www.microsoft.com/singapore/windows/products/windowsvista/features/details/useraccountcontrol.mspx
First Look: New Security Features in Windows Vista
http://technet.microsoft.com/en-us/magazine/cc160980.aspx
Explore the features: Windows Security Center
You can restore User Account Control to the recommended settings with the
click of a button. Ready to set up your computer? This paper offers specific
guidelines for securing your PC …
http://www.microsoft.com/windows/windows-vista/features/security-center.aspx
Description of User Account Control and remote restrictions in Windows Vista
http://support.microsoft.com/kb/951016

Why you should not use a tweak UAC software utility…..
Silent Mode tweak…. DON’T !
Simple. Number one the software utility is not a Microsoft Windows product
which is what these “hacker” utilities will be making changes to – YOUR
Windows Operating System. Just because they can create software (anyone can)
does not mean it is safe and secure and will not corrupt Windows in some
manner. Consider the following rather then these type “tweaks” ….
You may want to consider this article information (below) before
‘hacking’ the Windows system …. a Windows Vista empowered computer
is too pretty to “deface”:

Techworld.com – Vista’s UAC spots rootkits, tests find
http://www.techworld.com/security/news/index.cfm?newsid=101583
Vista’s UAC spots rootkits, tests find
Vista’s Despised UAC Nails Rootkits, Tests Find
Do you know what a rootkit is ? (Certainly one of the most dangerous
malware threats aside from a ‘blended threat’ attack). Do you know
what notifications you are turning off ? Are they malware alerts you
should attend for a stable and secure system ?

An easy way to wade through this is simply if you have ever had a
personal firewall installed that is quality and a tad “agressive” and
you get the several alerts. You go through them one by one and off to
the search engine to see if the process is part of Windows or trusted
software to give permission to.
What you may turn off with some hacker tweak is an actual alert to
malware much as the same as turning off firewall protection to a port
malware is communicating through – or allowing malware by clicking
“OK” to allow it internet access and defeating the purpose of the
security software (antivirus, antispyware, firewall).
I would investigate with extreme prejudice before proceeding in changes not
recommended in today’s crimeware environment – see the following:
MORE:
More Vista hacks NOT Recommended ! (Disable All Balloon Notifications)
June 18, 2008 by bluecollarpc
http :/ /bluecollar CLOSED pc.wordpress.com/2008/06/18/more-vista-hacks-not-recommended-disable-all-balloon-notifications/
Warning: Why you should not use a ‘tweaking UAC’ software utility
June 15, 2008 by bluecollarpc
ht tp:/ /bluecollarpc. CLOSED wordpress.com/2008/06/15/warning-why-you-should-not-use-a-tweaking-uac-software-utility/
Is Limited User Account enough? Not really…
http://www.prevx.com/blog/83/Is-Limited-User-Account-enough-Not-really.html
Security: Inside Windows Vista User Account Control
http://technet.microsoft.com/en-us/magazine/cc138019.aspx
User Account Control, or UAC, is one of the most misunderstood new features
in Windows Vista. But its goal-to enable users to run with standard user
rights-can solve many security issues. Get an inside look at the problems UAC is
designed to address and see exactly how this new feature works. ….

TIP: Great additional free Mail Client fom Microsoft:
Windows Live Mail… Do you know Microsoft Outlook Express or Windows Mail?
Then you pretty much already know how to use Windows Live Mail.
The clean design speeds you through … http://get.live.com/wlmail/overview

December 2007 Windows Vista Application Compatibility Update
http://support.microsoft.com/kb/943302
View products that this article applies to.
Article ID : 943302
Last Review : January 11, 2008
Revision : 2.0
http://support.microsoft.com/kb/943302

SEE:
Windows Vista AppReadiness Beta
(Online Search Engine) Note this is community input by users !
Application Search Browse by Company
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z (Browse by Application)
http://www.appreadiness.com/default.aspx

Windows Genuine Advantage (WGA) for Windows Vista (excerpt)
http://www.microsoft.com/genuine/ProgramInfo.aspx?displaylang=en&tab=Vista
Windows Vista has built in anti-piracy technology that enables Microsoft to combat piracy more effectively. This new technology is a part of the Windows Genuine Advantage program. It changes how Windows Vista activates, validates, and behaves when attempts are made to tamper with the activation or validation requirements of the operating system. This helps to make piracy harder and provides a better experience for customers running genuine Windows.
Using genuine Windows Vista helps customers enjoy the full functionality of Windows while helping to avoid viruses, tampered files, and other malicious software often associated with counterfeit copies. Windows product activation and validation are the experiences customers see when using WGA……. MORE: 
WGA – Wikipedia (excerpt)
On Windows Vista, WGA validation failure has a greater impact. In addition to persistent notification and the disabling of non-critical updates, WGA also disables
Windows Aero, Windows Defender, and ReadyBoost. The user is given a grace period in which to then pass validation, after which most of the operating system
is disabled and Windows reverts to reduced functionality mode, which will be removed in Service Pack 1 of Windows Vista.
http://en.wikipedia.org/wiki/Windows_Genuine_Advantage

Windows Help and How-to: Windows Vista: Setup and maintenance (Microsoft)
http://windowshelp.microsoft.com/Windows/en-US/maintenance.mspx

Microsoft: New PC ? Tools, Products, and Tips…
Getting started with a new PC? Use these articles and communities to help you get going and be more productive right away…. ) at Microsoft
http://www.microsoft.com/athome/moredone/yournewpc.mspx

Microsoft: Windows Vista Home Premium, Help and How-to
http://windowshelp.microsoft.com/windows/en-us/help/a89698a2-dede-44ec-b4a6-e93ef2860c461033.mspx

Microsoft: 5 steps to help protect your new computer before you go online
http://www.microsoft.com/protect/computer/advanced/xppc.mspx

Ease of Transition… (Idea Utility) ….Files from XP to Vista
Belkin MS Vista Transfer Cable
http://www.radioshack.com/product/index.jsp?productId=2590892&cp=2032061.2032365.2032390&parentPage=family

Windows Vista has built in anti-piracy technology that enables Microsoft to combat piracy more effectively. This new technology is a part of the Windows Genuine
Advantage program. It
changes how Windows Vista activates, validates, and behaves when attempts are made to tamper with the activation or validation
requirements of the operating system. This helps to make piracy harder and provides a better experience for customers running genuine Windows. Using genuine
Windows Vista helps customers enjoy the full functionality of Windows while helping to avoid viruses, tampered files, and other malicious software often associated
with counterfeit copies. Windows product activation and validation are the experiences customers see when using WGA……. MORE
WGA – Wikipedia (excerpt)
On Windows Vista, WGA validation failure has a greater impact. In addition to persistent notification and the disabling of non-critical updates, WGA also disables
Windows Aero, Windows Defender, and ReadyBoost. The user is given a grace period in which to then pass validation, after which most of the operating system
is disabled and Windows reverts to reduced functionality mode, which will be removed in Service Pack 1 of Windows Vista.
http://en.wikipedia.org/wiki/Windows_Genuine_Advantage
How To Rebuild Icon Cache In Windows 7 To Repair Icons
http://www.intowindows.com/how-to-rebuild-icon-cache-in-windows-7-to-repair-icons/
Mar 2, 2010 … Windows users often complain about corrupted desktop and
explorer icons. Like in Windows XP and Vista, Windows 7 icons also may
get …
Restore Missing Desktop Icons in Windows 7 or Vista – How-To Geek
Feb 9, 2007 … Restore Missing Desktop Icons in Windows 7 or Vista. If
you’ve removed your recycle bin icon, or you previously added the some
of the …
http://www.howtogeek.com/howto/windows-vista/restore-missing-desktop-icons-in-windows-vista/
How to Rebuild the Icon Cache in Windows Vista and Windows 7 –
http://www.winhelponline.com/blog/how-to-rebuild-the-icon-cache-in-windows-vista/
Apr 8, 2008 … How to Rebuild the Icon Cache in Windows Vista and
Windows 7. … type in Vista (March 31, 2008) tells you how to refresh
the shell icons in Vista. … Fix Windows 7 Backup and Restore Not
Launching After Uninstalling …
Icons randomly change to different icons
http://support.microsoft.com/kb/132668
XP
http://support.microsoft.com/kb/279769
Jan 19, 2007 … Some icons in My Computer, Windows Explorer, on the
desktop …

Vista Wireless

VISTA LINKS:
Windows Vista Help: What are the different wireless network security …
This is referred to as WPA-Enterprise or WPA2-Enterprise . It can also be used in a pre-shared key (PSK) mode, where every user is given the same passphrase
http://windowshelp.microsoft.com/Windows/en-US/Help/b385cc8a-af25-489e-a82e-decf6df26b681033.mspx
Windows Vista Partners: D-Link Systems
Support for WEP, WPA, and WPA2 security standards help ensure that you will be able to use the best possible encryption—regardless of your other wireless
devices.
http://www.microsoft.com/windows/shop/partners/dlink.mspx
Windows Vista Help: Choosing a network location
For wireless networks, a wireless connection encrypted with Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA). (For WPA, WPA2 is preferred.
http://windowshelp.microsoft.com/Windows/en-US/Help/6ddfa83c-01c8-441e-b041-1fd912c3fe601033.mspx
Windows Vista Help: Enable 802.1X authentication
On wireless networks, 802.1X can be used with Wired Equivalent Privacy (WEP) or Wi-Fi Protected Access (WPA) encryption. 5. In the Choose a network …
http://windowshelp.microsoft.com/Windows/en-US/Help/d4a8a69a-f885-4766-a991-446031bc32881033.mspx
Windows Vista Help: Ad hoc networking
Security type. For your computer’s security, choose WPA-2 Personal. (We don’t recommend using WEP. WPA-2 is more secure. If you try WPA-2 and it doesn’t
work, we recommend that …
http://windowshelp.microsoft.com/windows/en-us/help/0e158c21-4c70-4235-879d-0c9133218e561033.mspx
Windows Vista Help: Setting up a wireless network
We recommend that you use WPA because it offers better security than the traditional Wired Equivalent Privacy (WEP) security. With WPA you can also use a
passphrase , so you don’t …
http://windowshelp.microsoft.com/windows/en-us/help/297fa2dc-b20b-4327-b673-707a968c86801033.mspx#EK

Netiquette
Internet Ettiquette: (Appropriate behavior online)
Good manners online
http://www.earthlink.net/elink/issue93/focus.html

SCAMS, HOAX, CYBER URBAN LEGENDS….
snopes.com: Urban Legends Reference Pages
The definitive Internet reference source for urban legends, folklore, myths, rumors, and misinformation.
http://www.snopes.com/
Scambusters.org
“Internet Scams, Identity Theft, and Urban Legends: Are You at Risk?”
http://www.scambusters.org/
Hoax-Slayer.Com
Mission Statement: The goal of the Hoax-Slayer Website is to help make the Internet a safer, more pleasant and more productive environment by: Debunking email and Internet hoaxes, Thwarting Internet scammers, Combating spam, Educating web users about email and Internet security issues.
http://www.hoax-slayer.com/

How To Report UCE Unsolicited Commercial Email commonly known as “spam”…..
To Report Spam to the appropriate address, you must always include full message headers, or rejected:
NOTE: Do Not Even open unsolicited unknown sender email unless your pc is protected !

To Report Spam to the appropriate address, you must always include full message headers, or rejected:

SpamCop FAQ :
How do I get started reporting spam ?
http://www.spamcop.net/fom-serve/cache/125.html

Federal Trade Commission (Report UCE – Unsolicited Commercial Email):
http://www.ftc.gov/bcp/conline/edcams/spam/report.html
Report Spam to spam@uce.gov
To forward unwanted or deceptive spam to the FTC send it to spam@uce.gov, and be sure to include the full email header. If you think you have been taken
advantage of by a spam scam, file a complaint with the FTC online at www.ftc.gov. Complaints will help the FTC find and stop people who are using spam to
defraud consumers.

UCE: (Spam) Definiton: http://en.wikipedia.org/wiki/E-mail_spam

Anti Phishing Working Group Org
http://www.antiphishing.org/
Report Phishing: Report phishing emails, pharming sites and crimeware to the Anti-Phishing Working Group and help stop this insidious threat to e-commerce.
Click “Report Phishing” link below for instructions.
What is Phishing and Pharming?
Phishing attacks use both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. Social-engineering
schemes use ‘spoofed’ e-mails to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as credit card numbers,
account usernames, passwords and social security numbers. Hijacking brand names of banks, e-retailers and credit card companies, phishers often convince
recipients to respond. Technical subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using Trojan keylogger spyware. Pharming
crimeware misdirects users to fraudulent sites or proxy servers, typically through DNS hijacking or poisoning.

Email Message Headers Help: 

Email Headers
http://cf.stanford.edu/doc/email/headers.php
When forwarding an unwanted or abusive email to postmasters
for action, it’s very important that you include all of the header information.
A great number of spammers, for instance, will do all they can to blur the
origin of their message, but they can’t forge everything! So here’s a guide
to viewing full headers in a variety of popular mail clients.

byUsers :: Reading and Understanding Message Headers
http://www.by-users.co.uk/faqs/email/headers/

Quick reference to Internet message headers
http://www.cs.tut.fi/~jkorpela/headers.html

How to Read Email Headers
http://pobox.com/headers.mhtml

Microsoft Office Assistance: Hide or remove e-mail message headers
http://office.microsoft.com/en-us/assistance/HA010872971033.aspx

How to find the sender’s original IP Address using Email message …
http://www.johnru.com/active-whois/trace-email.html

Scrollbar for expanded message headers – MozillaZine Knowledge Base
http://kb.mozillazine.org/Scrollbar_for_expanded_message_headers

Cookies – Information…
What are cookies, what do they do, what risks are involved, what types are there ?

Cookie – Webopedia Definition
http://www.webopedia.com/TERM/c/cookie.html

Cookie Central
http://www.cookiecentral.com/
Cookie Central FAQ
http://www.cookiecentral.com/faq/

How Internet Cookies Work
http://www.howstuffworks.com/cookie.htm

Microsoft.com Cookies FAQ
http://www.microsoft.com/info/cookies.mspx

How Web Servers’ Cookies Threaten Your Privacy
http://www.junkbusters.com/cookies.html

Blocking Unwanted Cookies with IE 6
http://www.mvps.org/winhelp2002/cookies.htm
One of the new features built-in to IE 6 is the ability to accept and/or block any or all cookies if desired

ONLINE TRACKING: How ANONYMOUS is the INTERNET?
http://www.slais.ubc.ca/courses/libr500/fall1999/www_presentations/g_coleman/cookie.htm

Consumer Tips: How to Opt-Out of Cookies That Track You
http://www.worldprivacyforum.org/cookieoptout.html

Internet Explorer Gallery
Tracking Protection Lists
http://www.iegallery.com/us/trackingprotectionlists/default.aspx
Control what third-party sites can track you while you’re online.
EasyPrivacy Tracking Protection List
https://easylist.adblockplus.org/en/
EasyPrivacy Tracking Protection List is based on the popular EasyPrivacy subscription for Adblock Plus and is managed by the well-known EasyList project, which serves nearly ten million daily users and has a large support forum with dozens of experienced members able to assist resolving any issues that may arise.
Abine’s Kids and Teens Tracking Protection List
http://www.abine.com/tpl/
Abine’s Kids and Teens Tracking Protection List specifically blocks advertisers and data collectors we found in use on the Web sites most popular with kids and teens
Abine’s Standard Tracking Protection List
http://www.abine.com/tpl/
Abine’s Standard Tracking Protection List blocks many online advertising and marketing technologies that can track and profile you as you browse the Web. This list is updated frequently to keep you safer and more private
Fanboy – Adblock Tracking Protection List
http://fanboy.co.nz/adblock/ie.html
The Fanboy Tracking Protection List is supported and maintained by the Fanboy group.
Fanboy – Tracking Protection List
http://fanboy.co.nz/adblock/ie.html
Fanboy Tracking Protection List is supported and maintained by the Fanboy group.

Microsoft.com
http://www.microsoft.com/

Microsoft Windows Update
Latest bug fixes for Microsoft Windows, including
fixes for some possible DoS attacks.
windowsupdate.microsoft.com/

Microsoft Help and Support
Technical support for Microsoft products.
http://support.microsoft.com/

You did originally activate ?
Software Piracy Protection Home – Activating Software
http://www.microsoft.com/piracy/activation.mspx

Check out:
Software Piracy Protection
http://www.microsoft.com/piracy/default.mspx
Information on piracy as well as tips on how to protect yourself against it.

Microsoft does now have, and is instituting to a greater degree, the
validation of your Windows Operating System against a piracy bootleg copy – which will be denied Windows Updates.
SEE:

Genuine Microsoft Software
http://www.microsoft.com/resources/howtotell/ww/windows/default.mspx
One of the many benefits of owning genuine Microsoft software is gaining access to Microsoft Support Services. Below are two ways to help you determine
whether your version of Windows is genuine.

Microsoft Security Center fake warnings  in your task bar… (Example of these)
Briefly: “How to Remove SpyFalcon” (Review in full at website)
http://www.bleepingcomputer.com/forums/topic43659.html
SpyFalcon is a anti-spyware program that is known to issue fake warnings on your computer in order to manipulate you into buying its full commercial version.
If you are infected with this program you may receive warnings in your task bar that appear to be from Microsoft Security Center stating that you are infected
with spyware and to run its special anti-spyware tool. This tool turns out to be the commercial version of SpyFalcon. These warnings are fake and are a goad
to have you buy the commercial version of this software…..

Components

Microsoft Internet Explorer
Help and Support Center for
the Microsoft Internet Explorer Web Browser.
http://support.microsoft.com/ie6

Internet Explorer Homepage
http://www.microsoft.com/windows/ie/default.mspx

Internet Explorer 7 Preview
http://www.microsoft.com/windows/ie/ie7/default.mspx

Microsoft Internet Explorer – Customizing the Links Bar
http://www.microsoft.com/windows/customizelinks.htm
Customizing the Links Bar… Did you know that you can customize the
Links bar in the browser? You can add or remove shortcuts, rearrange the
order of shortcuts, and even change the icons associated with them. Here’s how: …..

Microsoft Outlook Express
Included POP Email Program

http://support.microsoft.com/oex
Windows Security Center
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Windows_Security_Center
Windows Security Center
A component of Microsoft Windows
The Windows Security Center or Action Center is a component included with Microsoft’s Windows XP (beginning with Service Pack 2), Windows Vista and
Windows 7 operating systems that provides users with the ability to view the status of computer security settings and services. Windows Security Center also
continually monitors these security settings, and informs the user via a pop-up notification balloon if there is a problem. It is renamed to Action Center in
Windows 7, where it covers maintenance as well as security.

Windows Updates URLs – add to Trusted Sites
http://update.microsoft.com/windowsupdate/v6/default.aspx
To make this site a trusted website In Internet Explorer, click Tools, and then click Internet Options.
On the Security tab, click the Trusted Sites icon. Click Sites and under Add this website to the zone,
copy and paste these website addresses. You can only add one address at a time and you must
click Add after each one. Note that you may need to
uncheck “Require server verification (https:) for all sites in this zone.”
http://update.microsoft.com
https://update.microsoft.com
http://*.update.microsoft.com
https://*.update.microsoft.com
http://download.windowsupdate.com

Windows Operating Systems (OS)

Microsoft Windows 95
http://www.microsoft.com/windows95/

Microsoft Windows 98 Support Center
http://support.microsoft.com/win98

Microsoft Windows ME
http://www.microsoft.com/Windowsme/

Microsoft Windows XP Support Center
http://support.microsoft.com/winxp

List of Microsoft Windows components
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/List_of_Microsoft_Windows_components

List of operating systems
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/List_of_operating_systems#UNIVAC_.28later_Unisys.29

NOSTALGIA
Inside the world’s long-lost first microcomputer
http://news.cnet.com/8301-13772_3-10429544-52.html?tag=rtcol;inTheNewsNow

Windows XP Upgrade Advisor
http://www.microsoft.com/windowsxp/pro/upgrading/advisor.mspx
The Upgrade Advisor is a tool that checks your system hardware and software to see if it is ready for upgrade to Windows XP. If you run Upgrade Advisor while
you are connected to the Internet, and if your system needs updates that are available on the Windows Update Web site, Upgrade Advisor will find and install
the updates for you.

Windows Vista Upgrade Advisor 1.0
http://www.microsoft.com/downloads/details.aspx?familyid=42B5AC83-C24F-4863-A389-3FFC194924F8&mg_id=10105&displaylang=en
Brief Description: Windows Vista Upgrade Advisor is designed to help Windows XP users identify whether their PCs are ready for an upgrade to Windows Vista,
which edition of Windows Vista meets their needs, and which features of Windows Vista will be able to run on their PCs.

Bookmarks: 

How to Identify Files (file extensions Search Engine)
http://filext.com/
FILExt Home Page, The File Extension Source::;> Welcome to FILExt,
the file extension source. FILExt is a detailed database of file extensions and programs that use them. A file extension is simply the end characters after the
period in a file name (see here for a detailed description). A search in the database here might result in multiple possibilities. Use the context of where you got
the file to help you figure out exactly what it is if there are multiple  possibilities. To help, many of the links on this site will open a new browser window so you
have constant reference to the FILExt data.

Portable App Directory
The Application Directory lists free open source software and freeware portable apps.
As always, the PortableApps.com Platform, menu, backup utility, launchers, installer, format
and other utilities are open source.
http://portableapps.com/apps

 
Driver Guide com
http://www.driverguide.com/
Let’s face it, finding the right device driver can be a tedious, time consuming, often impossible task! The Driver Guide was created to make finding driver updates a whole lot easier. With the help of thousands of our members, we have compiled a massive database archive of drivers and resources that is by far the largest and most comprehensive on the Web.

Business Software Alliance – Software Piracy Prevention
Informing the public of the effects of software piracy, and of action that can be taken to curb this ongoing activity.
http://www.bsa.org/usa/antipiracy/

Welcome to Annoyances.org
http://www.annoyances.org/
Annoyances.org is the most complete collection of information assembled for and by actual users of Microsoft Windows. Explore this free web resource by selecting one of the destinations on your left, or use search to find a specific solution.

Infoplease
Infoplease Encyclopedia and Dictionary
http://www.infoplease.com/encyclopdict.html

Welcome to Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Main_Page
An excellent information source, which is updated on a continuous
basis. It is essentially an free, online encyclopedia, with answers to nearly
any human endeavour or experience. Enjoy!

Tips for Secure Browsing
Always use the most current version of your browser.
http://www.mozilla.org/security/#Security_Alerts

Internet Explorer Version 7 (latest greatest) has what would have prevented the over 3 billion dollars in phisher scams of the USA Public in 2007.. SEE:
Put safety first.
http://www.microsoft.com/windows/products/winfamily/ie/default.mspx
Robust new Internet Explorer 7 architecture and improved security features help protect you against malicious software, and help to keep your personal data safe from fraudulent websites and online phishing scams.

Phishing Filter
http://www.microsoft.com/windows/products/winfamily/ie/features.mspx
This filter warns you about and helps to protect you against potential or known fraudulent websites, and blocks the sites if appropriate. This opt-in filter is updated several times per hour using the latest security information from Microsoft and several industry partners.

Phishing Filter
http://www.microsoft.com/canada/midsizebusiness/businessvalue/local/dm3.mspx
…uses a combination of machine-learning heuristics, client-side scanning for suspicious characteristics and an opt-in online service that utilizes dynamic industry-based reputation services to proactively warn about – and help protect against – potential or known fraudulent sites and blocks the sites if appropriate .
AND MORE:
Address bar protection
Every window, whether it’s a pop-up or standard window, will show you an address bar, helping to block malicious sites from emulating trusted sites.
YET MORE
Cross-domain barriers
Internet Explorer 7 helps to prevent the script on webpages from interacting with content from other domains or windows. This enhanced safeguard gives you additional protection against malware by helping to prevent malicious websites from manipulating flaws in other websites or causing you to download undesired content or software.

International Domain Name Anti-spoofing
http://www.microsoft.com/canada/midsizebusiness/businessvalue/local/dm3.mspx
…will notify users when visually similar characters in a URL are not expressed in the same language to help protect users against visiting sites that would otherwise appear as a trustworthy site.

Features unique to Windows Vista
http://www.microsoft.com/windows/products/winfamily/ie/features.mspx
These features are available only with Internet Explorer 7 in Windows Vista:
* Protected mode Internet Explorer 7 in Windows Vista runs in isolation from other applications in the operating system. It restricts exploits and malicious
software from writing to any location beyond Temporary Internet Files without explicit user consent.
* Parental controls To help keep kids safer online, parents can control browsing behavior through the parental control settings built into Windows Vista. The child’s safety level can be monitored and changed remotely. The safety level carries over to many PC activities, such as playing games or browsing the Internet. A child’s browsing session can even be examined by a parent afterwards, and cannot be removed without the parent’s permission.
Firewalls / Information Links:

Comodo Personal Firewall [new, advanced users]
(Genuine Freeware, and rated by international tests as about world’s best – now includes antivirus real time)
http://www.personalfirewall.comodo.com/

Sygate Personal Firewall Free 5.6.2808 [Not supported, extinct]
(Old favorite now owned by Symantec)
http://www.softpedia.com/get/Security/Firewall/Sygate-Personal-Firewall-Free.shtml

ZoneAlarm Free Firewall
Protect your PC with #1 Free Firewall
http://www.zonealarm.com/security/en-us/zonealarm-pc-security-free-firewall.htm

Ashampoo FireWall Free 1.2 (popular) [wrkx w/ Netbooks]
http://www.download.com/Ashampoo-FireWall-Free/3000-10435_4-10575187.html

Online Armor Personal Firewall Free [new/advanced users]
http://www.tallemu.com/
Online Armor Free provides both a firewall and a whitelist approach to program security for Windows NT, 2000 and XP. It does not show pop-ups for many
known good programs, and it scans all your installed programs when it first runs so that you can quickly tell it what to do with apps it doesn’t know about.
Operating Systems:  Windows XP, Windows 2000, Windows Vista
What is firewall? – A Word Definition From the Webopedia Computer …
http://www.webopedia.com/TERM/f/firewall.html
This page describes the term firewall and lists other pages on the Web where you can find additional information.

Internet Firewalls: Frequently Asked Questions
http://www.interhack.net/pubs/fwfaq/
3.1 What are some of the basic design decisions in a firewall? … Can’tI just poke a hole in the firewall and tunnel that port? …

Windows Firewall in Windows XP Service Pack 2
http://www.microsoft.com/windowsxp/%20using/security/internet/sp2_wfintro.mspx
Learn the basics about the new Windows Firewall in Windows XP Service Pack 2, plus find out hot to adjust your firewall settings if you need to.

Firewall Builder
http://www.fwbuilder.org/
Firewall Builder is multi-platform object oriented firewall configuration and management tool. It consists of a GUI and set of policy compilers for iptables …

Firewall Net.com
http://www.firewall-net.com/en/
Guide to install & configure for Windows Mac or …Firewall Net is a guide for installation and configuration of firewall with windows 95 98 NT 2000 Me Millenium
XP, linux or mac , using : conseal atguard …

Firewall Q&A (Questions & Answers)
http://www.vicomsoft.com/knowledge/reference/firewalls1.html
A whitepaper on relevant firewall questions and answers. The knowledge of this subject relates to firewalls in general use, and stems from NAT and proxy …

Home PC Firewall Guide
http://www.firewallguide.com/
Learn how to protect home computers and networks from Internet outlaws by using personal firewall, antivirus and anti-spyware software plus low-cost …

Howstuffworks “How Firewalls Work”
http://www.howstuffworks.com/firewall.htm
An introductory explanation of how a firewall works and the various filtering methods used, with related links.

IPCop Firewall
http://www.ipcop.org/
A secure Linux distribution managed through a web-interface. It turns an old PC into a firewall and VPN gateway. Features an Intrusion Detection System.

OpenOffice (comparable to Microsoft products)
http://www.openoffice.org/
OpenOffice.org is the leading open-source office software suite  for word processing, spreadsheets, presentations, graphics, databases and more. It is available
in many languages  and works on all common computers. It stores all your data in an international open standard format and can also read and write files from
other common office software packages. It can be downloaded and used completely free of charge for any purpose.
Fight Spam…

These are excellent seemless well known and used programs. The free ones work best the more “agressive” the settings you use. These are not going to work
with your normal ISP Subscription (AOL, MSN, Earthlink, Juno, etc) – they work with POP Mail you can set up with the accounts you have and not with the ISP
software. The free ones are spam filters that will strike through the known spam subject line of the message with (*****) the five asterik stars in front of and
in back of the spam subject line. I have used everything here and they generally do not miss or make mistakes. The shareware (buy) ones create a small toolbar
and a seperate folder not allowing the spam into the Inbox. They all have quick settings and are very , very quick to set up.
Cactus Spam Filter FREE! [working-freeware]
http://www.codeode.com/spamfilter/
Cactus Spam Filter is a free easy-to-use spam blocker. It protects your inbox by learning to detect spam as it’s being used. After a short while it has adapted to
your personal mailbox and blocks out most of the junk e-mail. Since the filter becomes personal, spammers will not be able to fool it. Even though this is a brutal,
merciless spam killer, no e-mails will get lost unless you delete them. Installation is very simple. No setup is required in your e-mail client; this spam stopper
integrates seamlessly with all e-mail clients that use POP3. It has been successfully tested with Microsoft Outlook, Microsoft Outlook Express, Netscape, Opera,
Mozilla, Mozilla Thunderbird, Eudora, Pegasus Mail, IncrediMail, Foxmail, POP Peeper, Command Line POP Client, The Bat!, and Phoenix Mail.

SpamAssassin [working-freeware]
http://spamassassin.apache.org/
The Powerful #1 Open-Source Spam Filter Features: Wide-spectrum: SpamAssassin uses a wide variety of local and network tests to identify spam signatures.
This makes it harder for spammers to identify one aspect which they can craft their messages to work around. Free software: it is distributed under the same
terms and conditions as other popular open-source software packages such as the Apache web server. Easy to extend: Anti-spam tests and configuration are
stored in plain text, making it easy to configure and add new rules. Flexible: Spam Assassin encapsulates its logic in a well-designed, abstract API so it can be
integrated anywhere in the email stream. The Mail::SpamAssassin classes can be used on a wide variety of email systems including procmail, sendmail, Postfix,
qmail, and many others. Easy Configuration: SpamAssassin requires very little configuration; you do not need to continually update it with details of your mail
accounts, mailing list memberships, etc. Once classified, site and user-specific policies can then be applied against spam. Policies can be applied on both mail
servers and later using the user’s own mail user-agent application.
Comodo AntiSpam
http://www.comodo.com/home/email-security/anti-spam.php
Comodo AntiSpam easily integrates into your email system to block spam and junk mail without keeping wanted mail from reaching your inbox.

CA (Computer Associates) Anti-Spam [shareware (buy)]
http://home3.ca.com/STContent/Products/All_Products.aspx?sc_lang=en-US
CA Anti-Spam is the effective and easy-to-use spam filter that makes sure you get messages from people you know, while redirecting messages from people you don’t. There are no complicated rules or filters to create or manage: CA Anti-Spam does it for you. And it works seamlessly with Microsoft Outlook and Outlook Express to stop unwanted junk mail and fraudulent phishing scams, letting you take control of your Inbox. PC Magazine Editors’ Choice Award 3 years running!

SpamBully 4 for Outlook and Outlook Express [shareware]
http://www.spambully.com/
End your spam nightmare and make email enjoyable again by keeping your Inbox free of annoying spam. Our intelligent spam filter for Outlook and Outlook
Express analyzes email so effectively that in many cases it is more …

ANTIVIRUS PROGRAMS ~Free Home versions

Windows OneCare Antivirus is now Free from Microsoft and very highly rated, Certified and has won the VB100 Award ! Now called Microsoft Essentials…..
About Microsoft Security Essentials (5* Stars!)
http://www.microsoft.com/security_essentials/
Microsoft Security Essentials provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software. Microsoft
Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is
protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple.
Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without
interruptions or long computer wait times.

AVG Anti-Virus Free Edition [working-freeware]
Download, Information at this website :
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10320142.html
http://www.grisoft.com/
AVG Free Edition is the well-known antivirus protection tool. AVG Free is available free of charge to home users for the life of the product. Rapid virus database
updates are available for the lifetime of the product, thereby providing the high level of detection capability that millions of users around the world trust to protect
their computers. AVG Free is easy to use and will not slow your system down (low system resource requirements). Highlights include automatic update functionality,
the AVG Resident Shield, which provides real-time protection as files are opened and programs are run, free Virus Database Updates for the lifetime of the product,
and AVG Virus Vault for safe handling of infected files.

ClamWin Free Antivirus [Open Source – working freeware]
http://www.clamwin.com/
ClamWin is a Free Antivirus for Microsoft Windows 98/Me/2000/XP and 2003. ClamWin Free Antivirus comes with an easy installer (and open source code). You may download and use it absolutely free of charge. It features: High detection rates for viruses and spyware; Scanning Scheduler; Automatic downloads of regularly updated Virus Database. Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer; Addin to Microsoft Outlook to
remove virus-infected attachments automatically. The latest version of Clamwin Free Antivirus is 0.88.2.3 . Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.

Avast AntiVirus Home Edition [working-freeware]
http://www.avast.com/eng/avast_4_home.html
Free avast! 4 Home Edition. avast! 4 Home Edition is a full-featured antivirus package designed exclusively for home users and non-commercial use. Institutions
(even non-commercial ones) are not allowed to use avast! Home Edition. However, ALWIL Software provides the full line of avast! antivirus products at special
discount prices for non-profit, charity, educational and government institutions. Please see our price lists for details.

BitDefender Free Edition
BitDefender Free Edition is an on-demand virus scanner, which is best used in a system recovery or forensics role. If you are on an “always-on”
Internet connection, we strongly advise you to consider using a more complex antivirus solution.
http://www.bitdefender.com/PRODUCT-14-en–BitDefender-Free-Edition.html
Glary Utilities 100% freeware
http://www.glaryutilities.com/
Glary Utilities is the #1 free, powerful and all-in-one utility in the world market! It offers numerous powerful and easy-to-use system tools and utilities to fix, speed up, maintain and protect your PC.

Article: NetworkworkWorld.Com – 15 free downloads to pep up your old PC
Can’t afford a new PC? These free tools for Windows will help breathe new
life into your old machine…..
http://www.networkworld.com/slideshows/2009/111909-free-downloads.html?source=NWWNLE_nlt_daily_am_2009-11-24#slide2

Advanced SystemCareT Free v3
http://www.iobit.com/advancedwindowscareper.html
Trusted by 35 Million Users to Care for Their PCs
Works with: Windows 2000/XP/Vista

Glary Utilities
http://www.glaryutilities.com/gu.html
Works with: Windows 2000/XP/Vista

WinPatrol
http://www.winpatrol.com/
Works with: Windows 9x/Me/XP/Vista

Autoruns
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
Works with: Windows XP/Vista

Secunia Personal Software Inspector (PSI)
http://secunia.com/vulnerability_scanning/personal/
Works with: Windows 2000 SP4/XP SP2 or later/Vista

Eusing Free Registry Cleaner
http://www.eusing.com/free_registry_cleaner/registry_cleaner.htm
Works with: Windows 9x/Me/NT/2000/XP/2003/Vista

Free Registry Defrag
http://www.registry-clean.net/free-registry-defrag.htm
Works with: Windows 98/ME/2000/XP/2003/Vista

PC Decrapifier
http://www.pcdecrapifier.com/download
Works with: Windows XP/Vista

CCleaner
http://www.ccleaner.com/features
Works with: Windows 98/Me/2000/XP/Vista

SkyDrive
http://skydrive.live.com/
Running out of disk space, but don’t want to spend the money for a new hard
disk? Here’s a simple solution — use this free online storage service from
Microsoft. You get 25GB of free online space to do anything you want with.

Belarc Advisor
http://www.belarc.com/free_download.html
Works with: Windows 95/98/Me/2000/XP/Vista

SpeedFan
http://www.almico.com/speedfan.php
Works with: Windows 9x/Me/2000/XP/Vista

Wubi Ubuntu Installer
http://wubi-installer.org/
Sometimes you want a new PC because you’d like a new operating system, but
your PC’s processor and RAM can’t handle a new one. Here’s a way to get the
best of both worlds: Use this free program to install a dual-boot version of
Ubuntu Linux on your PC.
Works with: Windows 98/2000/XP/Vista

 

Leave a Reply