DNSCHanger Malware Removal – Notes Show All (Internet goes dark March 8)
February 23, 2012 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2012/02/23/dnschanger-malware-removal-notes-show-all-internet-goes-dark-march-8/
DNSCHanger Malware Removal – Notes Show All (Internet goes dark March 8)
BELOW IS MOST OF WHAT THE AVIRA TOOL IS DOING WITH A CLICK ….
Tool available for those affected by the DNS-Changer
http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1199
The Truth About the March 8 Internet Doomsday
http://www.pcworld.com/article/250296/the_truth_about_the_march_8_internet_doomsday.html#tk.nl_spx_t_cbintro
US-CERT Current Activity – DNSChanger Malware
http://www.us-cert.gov/current/index.html
http://www.us-cert.gov/current/index.html#operation_ghost_click_malware
Hi all….. one area that is common with this area of malware changes is malware getting into the PC and changing “Hosts Files” for a redirect usually to more malicious websites for nefarious reasons. There are more key words for search such as “IP Spoofing” and “DNS Cache Poisoning” …
http://www.webopedia.com/TERM/I/IP_spoofing.html
http://en.wikipedia.org/wiki/DNS_cache_poisoning
This is off the cuff but from years of experience with the “badware” as it is sometimes called for a universal term covering all and all they do. I am throwing an educated guess at the payload involved and may even involve some variants or residuals on individual basis per handfuls here and there of hundreds to thousands of personal computers. A Botherder or Botmaster is a Command and Control console type arrangement the culprit (s ) runs and attempts clandestine contact to infected computers that can go into the millions – but to partially set some aside to test out how their malware payload is holding up against detection. They may have purposely infected the handfuls with variants of the payload in an attempt to resurrect the whole episode all over again. They (cyber criminals) have become very, very sophisticated anymore. Any phrase like “doomsday” today can actually be no exaggeration anymore.
The measures taken here by the FBI et al are unprecedented and on the scale of “State Sanctioned”. It has been obviously a measure not only to attempt correction and for protection of all infected computers and their users private data – but to keep internet commerce itself alive, as the loss of millions would obviously have a large effect.
I admittedly only perform some amateur forensics and would need probably days upon days upon days to do a write up for full manual removal and correction of an affected system. I most likely could find the actual payload, as there are handfuls of company online search engines for just that. But, if one has a little savvy and wants to attempt further manual removal of the malware to avoid cost at a PC Repair Shop – here are some tips. Mind you, in this case a Shop will obviously advise to reinstall Windows after completely wiping (erasing) the disk first – a common automatic procedure with a Windows CD/DVD or if you have made an Emergency CD Repair CD/DVD. (I would advise do NOT hit “Repair” but go ahead and back up all files first you wish to save and the completely reinstall Windows and THEN also scan the backed up files for malware before reinstalling to the PC now in Factory Fresh condition. )
REVIEW THIS FOR HOSTS FILES….
Blocking Unwanted Parasites with a Hosts File
http://winhelp2002.mvps.org/hosts.htm
(In other words in this area you are looking for how to Restore your Hosts Files before infection that changed them.)
How can I reset the Hosts file back to the default?
http://support.microsoft.com/kb/972034
MICROSOFT FIX IT TOOL ***** HOSTS FILES
ALSO….
How to reset Internet Protocol (TCP/IP)
http://support.microsoft.com/kb/299357
A Point of Entry and Attack is the firewall that may even have been circumvented.
Tunneling to circumvent firewall policy
http://en.wikipedia.org/wiki/Tunneling_protocol#Tunneling_to_circumvent_firewall_policy
You may want to uninstall it and clean up left over files and registry
entries (Registry Cleaner) … Here is about the best and indeed they have finally released a free home version ….
PowerTools Lite 2011 [Genuine Freeware] - The Freeware Registry and System Cleaner
http://www.macecraft.com/powertoolslite2011/
(Which is of course by the famous jv16 PowerTools – by far the top recommended for a decade, about. )
YUCK… one more area to review….
TCP reset attack
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/TCP_reset_attack
Bottom line….Above was posted for review, and hastily, if there are still problems and if need be to mention in the event of a necessary trip to the PC Repair Shop. Attempt recommended Avira Tool in these emails as advised. Check out the US CERT links if needed or as double check after Avira clean up – there is a link for detection at the FBI sight for anyone fearing infection I believe. (Avira has consistently had one of the best detection/blocking/removal ratings for years – visit VirusTotal).
AS I SUSPECTED THERE ARE MANY VARIANTS …… LIST (omg There are 23 variants presently ! ! ! – (Absolutely a Shop will advise to reinstall Windows without batting an eye)
*COMPUTER ASSOCIATES*
SOURCE / ONLINE SEARCH ENGINE AND TYPE IN “DNSChanger” as malware payload
look up…
CA Spyware Information Center (Search Engine)
http://www3.ca.com/securityadvisor/pest/
CA Spyware Information Center search engine (ComputerAssociates, makers of PestPatrol and many security wares)
(*Malware search engine look up is top right)
SEARCH RESULTS: (hot links at results link for each below)
http://www.ca.com/us/search/default.aspx?q=dnschanger&sk=findthreat&backUrl=http%3A%2F%2Fwww.ca.com%2Fus%2Fspyware.aspx
1 DNSChanger B – CA Technologies Quick View
Description: DNSChanger B
Size: 36 KBDate: 01/09/20072 DNSChanger P – CA Technologies Quick View
Description: DNSChanger P
Size: 36 KBDate: 02/22/20123 DNSChanger P – CA Quick View
Description: DNSChanger P
Size: 50 KBDate: 11/20/20094 DNSChanger G – CA Technologies Quick View
Description: DNSChanger G
Size: 37 KBDate: 02/19/20125 DNSChanger C – CA Technologies Quick View
Description: DNSChanger C
Size: 36 KBDate: 04/19/20076 DNSChanger S – CA Technologies Quick View
Description: DNSChanger S
Size: 36 KBDate: 02/22/20127 DNSChanger U – CA Technologies Quick View
Description: DNSChanger U
Size: 36 KBDate: 01/29/20108 DNSChanger T – CA Technologies Quick View
Description: DNSChanger T
Size: 36 KBDate: 01/29/20109 DNSChanger M – CA Technologies Quick View
Description: DNSChanger M
Size: 36 KBDate: 02/21/201210 DNSChanger L – CA Technologies Quick View
Description: DNSChanger L
Size: 36 KBDate: 07/17/200911 DNSChanger – CA Technologies Quick View
Description: DNSChanger
Size: 36 KBDate: 06/14/200612 DNSChanger r – CA Technologies Quick View
Description: DNSChanger r
Size: 36 KBDate: 02/21/201213 DNSChanger I – CA Technologies Quick View
Description: DNSChanger I
Size: 36 KBDate: 02/20/201214 DNSChanger azf – CA Technologies Quick View
Description: DNSChanger azf
Size: 36 KBDate: 02/20/201215 DNSChanger H – CA Technologies Quick View
Description: DNSChanger H
Size: 36 KBDate: 02/19/201216 DNSChanger E – CA Technologies Quick View
Description: DNSChanger E
Size: 37 KBDate: 11/26/200717 DNSChanger D – CA Technologies Quick View
Description: DNSChanger D
Size: 37 KBDate: 02/19/201218 DNSChanger k – CA Technologies Quick View
Description: DNSChanger k
Size: 36 KBDate: 08/04/200819 DNSChanger A – CA Technologies Quick View
Description: DNSChanger A
Size: 36 KBDate: 07/29/200820 DNSChanger ayy – CA Technologies Quick View
Description: DNSChanger ayy
Size: 36 KBDate: 02/05/201221 DNSChanger arn – CA Technologies Quick View
Description: DNSChanger arn
Size: 36 KBDate: 03/11/200822 DNSChanger aum – CA Technologies Quick View
Description: DNSChanger aum
Size: 36 KBDate: 03/11/200823 DNSChanger F – CA Technologies Quick View
Description: DNSChanger F
Size: 37 KBDate: 02/19/2012
——–>
BASIC PAYLOAD…..
DNSChanger
Date Published:
Wednesday, June 14, 2006
Alias
W32/Backdoor.KGE [F-Prot Antivirus]
Overall Risk : HIGH
Category
Trojan: Any program with a hidden intent. Trojans are one of the leading causes of breaking into machines. If you pull down a program from a chat room, new group, or even from unsolicited e-mail, then the program is likely trojaned with some subversive purpose. The word Trojan can be used as a verb: To trojan a program is to add subversive functionality to an existing program. For example, a trojaned login program might be programmed to accept a certain password for any user’s account that the hacker can use to log back into the system at any time. Rootkits often contain a suite of such trojaned programs.
Date of Origin
date of origin: Variants from September, 2009 to September, 2009
Operation
DNSChanger: at least DNSChangerKB
Files:
[tn]dnschanger.exe
2701526
hgqhp.exe
kdrgh.exe
virtue_7884154
kdrgh.exe
hgqhp.exe
[tn]dnschanger.exe
WEBMASTER / http://www.bluecollarpc.us/
PS – a quality real time protection antimalware installed no doubt would have blocked this infection and variants to date. Cyber Crime Units have about the rest of all information needed no doubt by now with professional forensics performed.
Rate this: Share this: Twitter
Like this:LikeBe the first to like this post. Posted in ANNOUNCE, BlueCollarPC WordPress Blog. Tags: antispyware, antivirus, bluecollarpc blog, botherder, botmaster, botnet, botnet infection, Computer Health, computer maintenance, Council of Europe Treaty on Cybercrime, crimeware, cybercrime, DNSChanger, DNSChanger detect, DNSChanger fix, DNSChanger remove, fix, Forensics, IDTheft, infection, novice user, optimum performance, patch fix update, patches, pipelining, rogue, security, security products, zombie, zombie network. Leave a Comment »
Friday, February 24, 2012
Wednesday, February 22, 2012
Recommended Settings and use of CCleaner – Temporary Internet Files Clean Up Browsers, Applications
Recommended Settings and use of CCleaner – Temporary Internet Files Clean Up Browsers, Applications
January 14, 2012 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2012/01/14/recommended-settings-and-use-of-ccleaner-temparary-internet-files-clean-up-browsers-applications/
Recommended Settings and use of CCleaner – Temporary Internet Files Clean Up Browsers, Applications
TO CLEARN TEMPORARY INTERNET FILES IN ALL BROWSERS GET CCLEANER….
CCleaner – Wikipedia, the free encyclopedia (very popular, safe, freeware/donate)
CCleaner supports the cleaning of temporary and unneeded files from certain …
http://en.wikipedia.org/wiki/CCleaner
CCleaner http://www.ccleaner.com/
ADD FOR FIREFOX….
BetterPrivacy :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/6623
Customize Firefox, Thunderbird, and other Mozilla products with thousands of … Better Privacy serves to protect against not deletable long term cookies,…. http://addons.mozilla.org/
….deletes flash cookies that none others generally delete. Cookies
should only be given session cookies permissions as a privacy and security issue (cookies have been broken into by malwares) and only if necessary.
CCLEANER SETTINGS / RECOMMENDED CLICKS
( CCleaner is for newbies and is indeed a Power User software utility for the advanced user as well ! )
****THERE ARE TWO SETTINGS COLUMNS – REVIEW *****
**** WINDOWS TAB / TOP
WINDOWS….
# Check all for Internet Explorer (ALL ! )
WINDOWS EXPLORER
# Recent Documents, Search Autocomplete, Other MRUs
(Do NOT click Network Passwords as no doubt this will keep deleting any Router type passwords in the system and you will have to keep typing in the Network Security Key (router password) each use.
SYSTEM
# Empty Recycle Bin (IF you are sure you do not need to recover mistaken deletions here. Be sure or do NOT check and simply open Recycle Bin and delete manually)
# Clipboard
# TEMPORARY FILES IS SPECIAL….. CCleaner only deletes these after they show as 2 DAYS OLD or older. IT IS BEST TO NOT CHECK THIS UNTIL THERE HAS BEEN AT LEAST A COUPLE AND MORE DAYS AFTER EACH SOFTWARE INSTALLATION OR MAJOR CHANGES TO THE SYSTEM SUCH AS WINDOWS UPDATES.
Instead you can click this and then DO NOT CLICK RUNCLEANER BUT RATHER CLICK “ANALYZE” which will not delete anything but scan and present what is available for deletion. If you see anything under around 100M size of files you are okay. UNLESS you have the Windows Updates icon in the bottom tray that says you have Updates to install – THEN anything over 100M size files total present may indicate malware present and has been running for awhile creating these.
PLEASE READ THIS ENTIRE BLOG TO KNOW WHAT AND HOW TO USE THIS….
Temporary Internet Files – Windows Temp Files, Safe To Delete ?
January 14, 2010 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2010/01/14/temporary-internet-files-windows-temp-files-safe-to-delete/
ADVANCED
# DO NOT CHECK ANYTHING IN ADVANCED OR YOU MAY CAUSE SERIOUS DAMAGE TO
THE SYSTEM.
****APPLICATIONS TAB TOP
FIREFOX/MOZILLA
# CHECK ALL EXCEPT “Compact Databases”
APPLICATIONS
# CHECK ALL (According to what you have installed – example: Adobe Reader history)
INTERNET
# CHECK ALL (histories)
MULTIMEDIA
# CHECK ALL (histories)
WINDOWS
# OPTIONAL – You can check these or not if you wish to review using these and do not want the histories (logs) deleted.
CCLEANER – SOME MORE POWER USE CLICKS
{TIP: When using ANALYZE make sure you have clicked Run Cleaner and THEN add the items you wish to check without deleting with ANALYZE. Otherwise you will be looking at all the junk files you would normally delete anyway and will muddy the results of an Analyze scan as then you will just see the particular files you wanted to investigate WITHOUT all the other junk files added in the Analyze results.}
WINDOWS TAB TOP
—————–
SECTIONS:
WINDOWS EXPLORER
# RUN IN START MENU MAY NESS WITH START UP ORDER APPARENTLY AND WOULD BE BEST LEFT UNCHECKED
SYSTEM
# Memory Dumps, Chkdsk File Fragments
…. both of these should be left UNCHECKED as they will invariably only come into play at the rare Computer Crash event. This will inevitably create some special helpful information files of the event (annonymous) that will help Microsoft (or others involved – softwares, browsers, causes – annonymous) that may send out invisibly at the next computer start up. (There are settings in the Control Panel to turn these off or on – reports – RECOMMENDED to leave ON to be a help to all computer users for causes of these undesirable events that they may create patch/fix/updates to prevent the occasion from occurring again for all) .
(After the computer seems to be working again okay – you may want to check these and then click ANALYZE to see if there are any items here available per scan to delete safely. They would be really small no doubt in size not really affecting overall performance memory wise.)
# Windows Log Files …..are safe to delete, DO NOT click this as a regular clean up each time. These Logs are created automtically by Windows and can contain some information recent events that may be EXTREMELY HELPFUL to discover problems that can be easily fixed. Time to time the computer has been working fine would THEN be a time to ADD THIS to the Run Cl;eaner clean up. It will save nominal disk space as these are never really that big and in text only. The first clean up of these may be a large clean up as to 1M to 10M even at first run and if the computer is a couple years old. (They do pile up needlessly. ) TRY the CCLeaner Analyze first to see files size as example. OTHERWISE LEAVE UNCHECKED ! ! !
# DNS Cache, Font Cache ….. LEAVE UNCHECKED and do not use unless directed to by an at least Advanced User or Tech professional.
# Shortcuts…. DO NOT use this and simply delete those manually as many normal icons you use will suddenly disappear be using this to delete them. For power users building their own custom systems , this may be a desirable action to use this deletion feature.
ADVANCED
# NEVER USE ANY OF THESE UNLESS YOU ARE AN ADVANCED USER OR TECH PROFESSIONAL ! ! ! YOU HAVE BEEN WARNED ! ! !
AS MENTIONED CCLEANER IS NOT JUST FOR NOVICES AND VETERAN WINDOWS USERS – IT IS ALSO A PREMIUM SOFTWARE FOR ADVANCED AND TECH PROFESSIONALS USAGE (free tech help at forums, groups , lists etc. )
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
January 14, 2012 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2012/01/14/recommended-settings-and-use-of-ccleaner-temparary-internet-files-clean-up-browsers-applications/
Recommended Settings and use of CCleaner – Temporary Internet Files Clean Up Browsers, Applications
TO CLEARN TEMPORARY INTERNET FILES IN ALL BROWSERS GET CCLEANER….
CCleaner – Wikipedia, the free encyclopedia (very popular, safe, freeware/donate)
CCleaner supports the cleaning of temporary and unneeded files from certain …
http://en.wikipedia.org/wiki/CCleaner
CCleaner http://www.ccleaner.com/
ADD FOR FIREFOX….
BetterPrivacy :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/6623
Customize Firefox, Thunderbird, and other Mozilla products with thousands of … Better Privacy serves to protect against not deletable long term cookies,…. http://addons.mozilla.org/
….deletes flash cookies that none others generally delete. Cookies
should only be given session cookies permissions as a privacy and security issue (cookies have been broken into by malwares) and only if necessary.
CCLEANER SETTINGS / RECOMMENDED CLICKS
( CCleaner is for newbies and is indeed a Power User software utility for the advanced user as well ! )
****THERE ARE TWO SETTINGS COLUMNS – REVIEW *****
**** WINDOWS TAB / TOP
WINDOWS….
# Check all for Internet Explorer (ALL ! )
WINDOWS EXPLORER
# Recent Documents, Search Autocomplete, Other MRUs
(Do NOT click Network Passwords as no doubt this will keep deleting any Router type passwords in the system and you will have to keep typing in the Network Security Key (router password) each use.
SYSTEM
# Empty Recycle Bin (IF you are sure you do not need to recover mistaken deletions here. Be sure or do NOT check and simply open Recycle Bin and delete manually)
# Clipboard
# TEMPORARY FILES IS SPECIAL….. CCleaner only deletes these after they show as 2 DAYS OLD or older. IT IS BEST TO NOT CHECK THIS UNTIL THERE HAS BEEN AT LEAST A COUPLE AND MORE DAYS AFTER EACH SOFTWARE INSTALLATION OR MAJOR CHANGES TO THE SYSTEM SUCH AS WINDOWS UPDATES.
Instead you can click this and then DO NOT CLICK RUNCLEANER BUT RATHER CLICK “ANALYZE” which will not delete anything but scan and present what is available for deletion. If you see anything under around 100M size of files you are okay. UNLESS you have the Windows Updates icon in the bottom tray that says you have Updates to install – THEN anything over 100M size files total present may indicate malware present and has been running for awhile creating these.
PLEASE READ THIS ENTIRE BLOG TO KNOW WHAT AND HOW TO USE THIS….
Temporary Internet Files – Windows Temp Files, Safe To Delete ?
January 14, 2010 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2010/01/14/temporary-internet-files-windows-temp-files-safe-to-delete/
ADVANCED
# DO NOT CHECK ANYTHING IN ADVANCED OR YOU MAY CAUSE SERIOUS DAMAGE TO
THE SYSTEM.
****APPLICATIONS TAB TOP
FIREFOX/MOZILLA
# CHECK ALL EXCEPT “Compact Databases”
APPLICATIONS
# CHECK ALL (According to what you have installed – example: Adobe Reader history)
INTERNET
# CHECK ALL (histories)
MULTIMEDIA
# CHECK ALL (histories)
WINDOWS
# OPTIONAL – You can check these or not if you wish to review using these and do not want the histories (logs) deleted.
CCLEANER – SOME MORE POWER USE CLICKS
{TIP: When using ANALYZE make sure you have clicked Run Cleaner and THEN add the items you wish to check without deleting with ANALYZE. Otherwise you will be looking at all the junk files you would normally delete anyway and will muddy the results of an Analyze scan as then you will just see the particular files you wanted to investigate WITHOUT all the other junk files added in the Analyze results.}
WINDOWS TAB TOP
—————–
SECTIONS:
WINDOWS EXPLORER
# RUN IN START MENU MAY NESS WITH START UP ORDER APPARENTLY AND WOULD BE BEST LEFT UNCHECKED
SYSTEM
# Memory Dumps, Chkdsk File Fragments
…. both of these should be left UNCHECKED as they will invariably only come into play at the rare Computer Crash event. This will inevitably create some special helpful information files of the event (annonymous) that will help Microsoft (or others involved – softwares, browsers, causes – annonymous) that may send out invisibly at the next computer start up. (There are settings in the Control Panel to turn these off or on – reports – RECOMMENDED to leave ON to be a help to all computer users for causes of these undesirable events that they may create patch/fix/updates to prevent the occasion from occurring again for all) .
(After the computer seems to be working again okay – you may want to check these and then click ANALYZE to see if there are any items here available per scan to delete safely. They would be really small no doubt in size not really affecting overall performance memory wise.)
# Windows Log Files …..are safe to delete, DO NOT click this as a regular clean up each time. These Logs are created automtically by Windows and can contain some information recent events that may be EXTREMELY HELPFUL to discover problems that can be easily fixed. Time to time the computer has been working fine would THEN be a time to ADD THIS to the Run Cl;eaner clean up. It will save nominal disk space as these are never really that big and in text only. The first clean up of these may be a large clean up as to 1M to 10M even at first run and if the computer is a couple years old. (They do pile up needlessly. ) TRY the CCLeaner Analyze first to see files size as example. OTHERWISE LEAVE UNCHECKED ! ! !
# DNS Cache, Font Cache ….. LEAVE UNCHECKED and do not use unless directed to by an at least Advanced User or Tech professional.
# Shortcuts…. DO NOT use this and simply delete those manually as many normal icons you use will suddenly disappear be using this to delete them. For power users building their own custom systems , this may be a desirable action to use this deletion feature.
ADVANCED
# NEVER USE ANY OF THESE UNLESS YOU ARE AN ADVANCED USER OR TECH PROFESSIONAL ! ! ! YOU HAVE BEEN WARNED ! ! !
AS MENTIONED CCLEANER IS NOT JUST FOR NOVICES AND VETERAN WINDOWS USERS – IT IS ALSO A PREMIUM SOFTWARE FOR ADVANCED AND TECH PROFESSIONALS USAGE (free tech help at forums, groups , lists etc. )
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
How To Delete Java Temporary Files – Avoid Java Malware Exploits
How To Delete Java Temporary Files – Avoid Java Malware ExploitsJanuary 14, 2012 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2012/01/14/how-to-delete-java-temporary-files-avoid-java-malware-exploits/
As well in security it is also recommended to go to Start > Control Panel > Java and open the Java panel and click “Do Not Store Temporary Files On This Computer” ….
….Malware as well has used Java to infect computers (AND FIREFOX ! ) and can hide in these temporary files in the system. This will not affect navigation at all. These are like Temporary Internet Files and are stored for re-visit to a website to load it just a tad faster as the Temporary Internet Files are used for and stored for those reasons. These are junk/trash files completely safe to delete. (In other words when going to a website – any images and pictures and some text items are stored on the computer as well as the cookies files. When re-visiting that same website – these are uploaded from the computer rather than re-downloading then over the internet each time which makes the loading of the website page a tad faster. In real world – it is like nano seconds of no real noticeable speed to the naked eye. )
https://bluecollarpcwebs.wordpress.com/2012/01/14/how-to-delete-java-temporary-files-avoid-java-malware-exploits/
As well in security it is also recommended to go to Start > Control Panel > Java and open the Java panel and click “Do Not Store Temporary Files On This Computer” ….
….Malware as well has used Java to infect computers (AND FIREFOX ! ) and can hide in these temporary files in the system. This will not affect navigation at all. These are like Temporary Internet Files and are stored for re-visit to a website to load it just a tad faster as the Temporary Internet Files are used for and stored for those reasons. These are junk/trash files completely safe to delete. (In other words when going to a website – any images and pictures and some text items are stored on the computer as well as the cookies files. When re-visiting that same website – these are uploaded from the computer rather than re-downloading then over the internet each time which makes the loading of the website page a tad faster. In real world – it is like nano seconds of no real noticeable speed to the naked eye. )
Delete ALL cookies ALL the time EVERY time Facebook malware reminds us
Delete ALL cookies ALL the time EVERY time Facebook malware reminds us
December 27, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/12/27/236/
Delete ALL cookies ALL the time EVERY time Facebook malware reminds us
Having an e-convo with a friend reminds us to always delete ALL cookies ALL the time EVERY time and all histories and temporary internet files. Simply if you are kind of new just get CCleaner which does it all and is Genuine Freeware (no ads, no adware, no spyware) and has been downloaded and used by millions and millions. You can also donate to them (freeware/donateware). LINKS AT BOTTOM….
DANGERS – - – COOKIES HAVE BEEN BROKEN INTO BY MALWARE / HACKERS HALF A DECADE AGO AND RECENTLY TOOK OVER MANY COMPUTERS THROUGH FACEBOOK COOKIES….. READ ON….
Although I am becoming an ol’ timer (LOL) without being an old timer on PC – I began at the release of XP Home Edition in the Fall, 2001. At that time, spyware and antispyware where virtually unheard of. As well, the same with personal software firewalls. All in all – of all the days and efforts and intrusions of having to install and maintain a security suite (all three – antivirus, antispyware, personal firewall) and all the great rise of infected websites and phishing and pharming sites and all the combative browser technologies – all tripping over themselves scanning everything all the time just to use a computer — well it has been quite a diminished experience of joy of use and strictly because of security. The threat of of infection continually with every breath is the annoyance of the world web, the dangers, and the earned term of cyber ghetto.
The point here – more inconvenience – is that it has been taught by the prudent in security a couple of years ago, including myself as webmaster of the BlueCollarPC.US (originally .Net), and forward to absolutely delete ALL internet tracks and cookies EVERY session of browsing per particular activity – and now to NEVER go outside of Facebook when logged into account and when logging out to completely delete ALL cookies before proceeding ANY further as Facebook connects through cookies to ALL sites that have their little plug-ins such as “Like This” everywhere on the world wide web and broadcasts EVERYTHING from your account to them in all variance.
All things considered you maintain an attitude that it is like “Pinball Wizard” – you are playing against the worst case scenario – botnets – as automatic machines. By thus shredding all possible personal information that at any time an infection may occur, is thus minimizing ANYTHING that can be immediately broadcasted by the botnet or virus or worm. As well this is minimizing their chances of malicious entry and take over. It HAS to be done.
The added “clean internet tracks” scenario of deleting ALL cookies along with surf history and temporary internet files stored from browsing is one more complete inconvenience. A couple of years ago there started the reports and findings that cookies were being broken into by malware. Recently of course has been the great catastrophe of the Facebook cookies break in and hijacking by the major botnet/worm ‘Koobface’ ….. no doubt the affected are those that play dumb ostrich with security information, alerts, and advice and recommendations – or are oblivious to events around them on the world web such as complete newbies as we all were, and there are those that refuse security products as loss of speed and those that live by the attitude that it is all phony stuff for a dollar bill or they (security products) are like internet mafia charging “milk money” (protection extortion) as the hoodlums they are to allow you on the internet and not infected for a price. Others simply refuse to spend a dime on security and try to live with the free products that offer no real time protection.
COOKIES NIGHTMARES
Koobface Variant Hits Facebook, Targets Other Social Networks…2009-03-02
Mar 2, 2009 Once installed, the worm searches for cookies created by a number of social networking sites, including MySpace.com, Hi5 Networks, …
http://www.eweek.com/c/a/Security/New-Koobface-Variant-Hits-Facebook-Targets-Other-Social-Networks/
How the Koobface Botnet Made $2 Million in a Year – Security …
http://www.eweek.com/c/a/Security/How-the-Koobface-Botnet-Made-2-Million-in-a-Year-247376/
Worms Wriggling Their Way Through Facebook
Aug 27, 2011 Malware Blog >
Worms Wriggling Their Way Through Facebook … these worms search for a string or set of strings in cookie files related to the…
http://blog.trendmicro.com/worms-wriggling-their-way-through-facebook/
Koobface Variant Hits Facebook
Mar 3, 2009 Now the Koobface worm is back again, with an eye toward stealing cookies for … Once installed, the worm searches for cookies created by a number of social … Koobface Now Using Christmas Theme – Facebook botnet risk …
http://www.pcsympathy.com/2009/03/03/koobface-variant-hits-facebook/
Facebook Cookies Work Even If You’re Logged Out
Sep 26, 2011 ….The only solution to Facebook not knowing who you are is to delete all Facebook cookies. (MORE: How the European Cookies Are Crumbling …
http://techland.time.com/2011/09/26/facebook-cookies-work-even-if-youre-logged-out-for-your-own-good/
New Web Order – Logging out of Facebook is not enough
Sep 25, 2011 The only solution is to delete every Facebook cookie in your browser, or to use a separate browser for Facebook interactions. Here is what is …
http://nikcub.appspot.com/posts/logging-out-of-facebook-is-not-enough
Facebook explains why it tracks you even when you’re logged out …
Sep 26, 2011 This is possible because when you log out of Facebook the associated cookies are not deleted off your machine. So, any site you visit that has …
http://www.geek.com/articles/geek-pick/facebook-explains-why-it-tracks-you-even-when-youre-logged-out-20110926/
The bottom line here is in real world when we go back to years 2001,2,3 — when a large majority of XP users and others went practically berserk over and witchhunt on spyware – we at that time would have defined Yahoo as an adware network and now we would have described Facebook as a spyware network. You visit them, use them, log into them – you get what you get, tracked – spammed – infected. As practically all decided to continue at Yahoo – well they are worst now and stay with Facebook. The practical use Safe Practices and hope for the best.
I myself have set up websites with their own lawful legal protected email list services and chat rooms too after finding out about Yahoo years and years ago – read their policies. A handful of people joined up – respecting their own privacy. Most others it seems gave it an evil eye and imagined I was some evil person with their own agenda. So I am guilty myself in returning to Yahoo and with the idea that I used to help as best I could with the very popular Yahoo destinations were so many have flocked to for help and questions (Yahoo Groups, Yahoo Answers – Yahoo Boards kind of got spammed to death). It was the only place to help people because it is where they flocked to for help being ignorant of Yahoo policy of like web beacons et al.
If this seems tooooo long or stringent on “what’s your point or trying to make” —- the whole point is especially if you have already been hit by worst offenders – by botnets and destruction of equipment or worst – ID Theft scenarios — then you go back to your first love of understanding and completely avoid these and remain as invisible as possible in the internet for the rest of your life. The flip side of that coin is the warriors and how about all the businesses. You decide to stay and help and fight your butt off against them all and take it personal that cyber crime is trying to make the world wide web their territory forever and we just ain’t gonna let that happen ! ! ! with a vengeance.
I used to use a phrase in some security podcasts I did….. “It is my soap box and I’m keeping it”.
Ooops – forgot the other point about cookies and staying logged in – “Remember Me”…..
That was a convenience that came out a decade ago. Security-wise, is the same. It is living in cave man days since about 2003-5 if actually using it (they should remove this feature worldwide). If a hacker gains entry, or malware that is remotely controlled (such as wost case scenario – botnets as “Command and Control live) – then they are already logged into your accounts conveniently and may do as they please obviously. That is why you NEVER leave any account logged into by saving log-in cookies (Remember Me) on the computer/browser. If they do not have the passwords – obviously they can not log into the accounts. You treat ALL accounts as if you were on public internet is one view to keep which you would not leave your account logged into for the next person to access.
You leave the internet the way you start up and engage it. Nothing logged into automatically or remotely. You do your session and COMPLETELY log out everywhere and erase all history. Now you can leave the internet and shut down the computer for the day – no histories, NO cookies. About ALL browsers have added this feature to completely delete histories and cookies and temporary internet files several years ago with a click to delete all when closing browser. Internet Explorer via Microsoft have unfortunately temptingly left that click that preserves favorite sites log-in cookies and delete all else. Again they have condescended from common sense and security because soooo many middle and upper middle class users bidch about it all. They allow them to sacrifice personal security for ease and convenience of use rather than loose a sale of Windows on that next computer they buy. That IS the entire Windows 7 creation and release because of all THEIR bidching over Vista and its fantabulous security abilities.
These are the dark little secrets of a majority of users in security circles and also this knowledge by the cyber criminals who coined the phrase “Socially Engineered”. Security circles still try common sense use with them including Microsoft. Such laziness…. just shaking the head.
CCleaner Links….
CCleaner – Wikipedia, the free encyclopedia (very popular, safe, freeware/donate)
CCleaner supports the cleaning of temporary and unneeded files from certain …
http://en.wikipedia.org/wiki/CCleaner
CCleaner http://www.ccleaner.com/
ADD FOR FIREFOX….
BetterPrivacy :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/6623
Customize Firefox, Thunderbird, and other Mozilla products with thousands of … Better Privacy serves to protect against not deletable longterm cookies,…. http://addons.mozilla.org/
….deletes flash cookies that none others generally delete. Cookies should only be given session cookies permissions as a privacy and security issue (cookies have been broken into by malwares) and only if necessary.
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
December 27, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/12/27/236/
Delete ALL cookies ALL the time EVERY time Facebook malware reminds us
Having an e-convo with a friend reminds us to always delete ALL cookies ALL the time EVERY time and all histories and temporary internet files. Simply if you are kind of new just get CCleaner which does it all and is Genuine Freeware (no ads, no adware, no spyware) and has been downloaded and used by millions and millions. You can also donate to them (freeware/donateware). LINKS AT BOTTOM….
DANGERS – - – COOKIES HAVE BEEN BROKEN INTO BY MALWARE / HACKERS HALF A DECADE AGO AND RECENTLY TOOK OVER MANY COMPUTERS THROUGH FACEBOOK COOKIES….. READ ON….
Although I am becoming an ol’ timer (LOL) without being an old timer on PC – I began at the release of XP Home Edition in the Fall, 2001. At that time, spyware and antispyware where virtually unheard of. As well, the same with personal software firewalls. All in all – of all the days and efforts and intrusions of having to install and maintain a security suite (all three – antivirus, antispyware, personal firewall) and all the great rise of infected websites and phishing and pharming sites and all the combative browser technologies – all tripping over themselves scanning everything all the time just to use a computer — well it has been quite a diminished experience of joy of use and strictly because of security. The threat of of infection continually with every breath is the annoyance of the world web, the dangers, and the earned term of cyber ghetto.
The point here – more inconvenience – is that it has been taught by the prudent in security a couple of years ago, including myself as webmaster of the BlueCollarPC.US (originally .Net), and forward to absolutely delete ALL internet tracks and cookies EVERY session of browsing per particular activity – and now to NEVER go outside of Facebook when logged into account and when logging out to completely delete ALL cookies before proceeding ANY further as Facebook connects through cookies to ALL sites that have their little plug-ins such as “Like This” everywhere on the world wide web and broadcasts EVERYTHING from your account to them in all variance.
All things considered you maintain an attitude that it is like “Pinball Wizard” – you are playing against the worst case scenario – botnets – as automatic machines. By thus shredding all possible personal information that at any time an infection may occur, is thus minimizing ANYTHING that can be immediately broadcasted by the botnet or virus or worm. As well this is minimizing their chances of malicious entry and take over. It HAS to be done.
The added “clean internet tracks” scenario of deleting ALL cookies along with surf history and temporary internet files stored from browsing is one more complete inconvenience. A couple of years ago there started the reports and findings that cookies were being broken into by malware. Recently of course has been the great catastrophe of the Facebook cookies break in and hijacking by the major botnet/worm ‘Koobface’ ….. no doubt the affected are those that play dumb ostrich with security information, alerts, and advice and recommendations – or are oblivious to events around them on the world web such as complete newbies as we all were, and there are those that refuse security products as loss of speed and those that live by the attitude that it is all phony stuff for a dollar bill or they (security products) are like internet mafia charging “milk money” (protection extortion) as the hoodlums they are to allow you on the internet and not infected for a price. Others simply refuse to spend a dime on security and try to live with the free products that offer no real time protection.
COOKIES NIGHTMARES
Koobface Variant Hits Facebook, Targets Other Social Networks…2009-03-02
Mar 2, 2009 Once installed, the worm searches for cookies created by a number of social networking sites, including MySpace.com, Hi5 Networks, …
http://www.eweek.com/c/a/Security/New-Koobface-Variant-Hits-Facebook-Targets-Other-Social-Networks/
How the Koobface Botnet Made $2 Million in a Year – Security …
http://www.eweek.com/c/a/Security/How-the-Koobface-Botnet-Made-2-Million-in-a-Year-247376/
Worms Wriggling Their Way Through Facebook
Aug 27, 2011 Malware Blog >
Worms Wriggling Their Way Through Facebook … these worms search for a string or set of strings in cookie files related to the…
http://blog.trendmicro.com/worms-wriggling-their-way-through-facebook/
Koobface Variant Hits Facebook
Mar 3, 2009 Now the Koobface worm is back again, with an eye toward stealing cookies for … Once installed, the worm searches for cookies created by a number of social … Koobface Now Using Christmas Theme – Facebook botnet risk …
http://www.pcsympathy.com/2009/03/03/koobface-variant-hits-facebook/
Facebook Cookies Work Even If You’re Logged Out
Sep 26, 2011 ….The only solution to Facebook not knowing who you are is to delete all Facebook cookies. (MORE: How the European Cookies Are Crumbling …
http://techland.time.com/2011/09/26/facebook-cookies-work-even-if-youre-logged-out-for-your-own-good/
New Web Order – Logging out of Facebook is not enough
Sep 25, 2011 The only solution is to delete every Facebook cookie in your browser, or to use a separate browser for Facebook interactions. Here is what is …
http://nikcub.appspot.com/posts/logging-out-of-facebook-is-not-enough
Facebook explains why it tracks you even when you’re logged out …
Sep 26, 2011 This is possible because when you log out of Facebook the associated cookies are not deleted off your machine. So, any site you visit that has …
http://www.geek.com/articles/geek-pick/facebook-explains-why-it-tracks-you-even-when-youre-logged-out-20110926/
The bottom line here is in real world when we go back to years 2001,2,3 — when a large majority of XP users and others went practically berserk over and witchhunt on spyware – we at that time would have defined Yahoo as an adware network and now we would have described Facebook as a spyware network. You visit them, use them, log into them – you get what you get, tracked – spammed – infected. As practically all decided to continue at Yahoo – well they are worst now and stay with Facebook. The practical use Safe Practices and hope for the best.
I myself have set up websites with their own lawful legal protected email list services and chat rooms too after finding out about Yahoo years and years ago – read their policies. A handful of people joined up – respecting their own privacy. Most others it seems gave it an evil eye and imagined I was some evil person with their own agenda. So I am guilty myself in returning to Yahoo and with the idea that I used to help as best I could with the very popular Yahoo destinations were so many have flocked to for help and questions (Yahoo Groups, Yahoo Answers – Yahoo Boards kind of got spammed to death). It was the only place to help people because it is where they flocked to for help being ignorant of Yahoo policy of like web beacons et al.
If this seems tooooo long or stringent on “what’s your point or trying to make” —- the whole point is especially if you have already been hit by worst offenders – by botnets and destruction of equipment or worst – ID Theft scenarios — then you go back to your first love of understanding and completely avoid these and remain as invisible as possible in the internet for the rest of your life. The flip side of that coin is the warriors and how about all the businesses. You decide to stay and help and fight your butt off against them all and take it personal that cyber crime is trying to make the world wide web their territory forever and we just ain’t gonna let that happen ! ! ! with a vengeance.
I used to use a phrase in some security podcasts I did….. “It is my soap box and I’m keeping it”.
Ooops – forgot the other point about cookies and staying logged in – “Remember Me”…..
That was a convenience that came out a decade ago. Security-wise, is the same. It is living in cave man days since about 2003-5 if actually using it (they should remove this feature worldwide). If a hacker gains entry, or malware that is remotely controlled (such as wost case scenario – botnets as “Command and Control live) – then they are already logged into your accounts conveniently and may do as they please obviously. That is why you NEVER leave any account logged into by saving log-in cookies (Remember Me) on the computer/browser. If they do not have the passwords – obviously they can not log into the accounts. You treat ALL accounts as if you were on public internet is one view to keep which you would not leave your account logged into for the next person to access.
You leave the internet the way you start up and engage it. Nothing logged into automatically or remotely. You do your session and COMPLETELY log out everywhere and erase all history. Now you can leave the internet and shut down the computer for the day – no histories, NO cookies. About ALL browsers have added this feature to completely delete histories and cookies and temporary internet files several years ago with a click to delete all when closing browser. Internet Explorer via Microsoft have unfortunately temptingly left that click that preserves favorite sites log-in cookies and delete all else. Again they have condescended from common sense and security because soooo many middle and upper middle class users bidch about it all. They allow them to sacrifice personal security for ease and convenience of use rather than loose a sale of Windows on that next computer they buy. That IS the entire Windows 7 creation and release because of all THEIR bidching over Vista and its fantabulous security abilities.
These are the dark little secrets of a majority of users in security circles and also this knowledge by the cyber criminals who coined the phrase “Socially Engineered”. Security circles still try common sense use with them including Microsoft. Such laziness…. just shaking the head.
CCleaner Links….
CCleaner – Wikipedia, the free encyclopedia (very popular, safe, freeware/donate)
CCleaner supports the cleaning of temporary and unneeded files from certain …
http://en.wikipedia.org/wiki/CCleaner
CCleaner http://www.ccleaner.com/
ADD FOR FIREFOX….
BetterPrivacy :: Add-ons for Firefox
https://addons.mozilla.org/en-US/firefox/addon/6623
Customize Firefox, Thunderbird, and other Mozilla products with thousands of … Better Privacy serves to protect against not deletable longterm cookies,…. http://addons.mozilla.org/
….deletes flash cookies that none others generally delete. Cookies should only be given session cookies permissions as a privacy and security issue (cookies have been broken into by malwares) and only if necessary.
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
How Do I Know The Disk Has Been Fully Wiped (Privacy/Security Disk Wiper Software)
How Do I Know The Disk Has Been Fully Wiped (Privacy/Security Disk Wiper Software)
December 20, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/12/20/how-do-i-know-the-disk-has-been-fully-wiped-privacysecurity-disk-wiper-software/
How Do I Know The Disk Has Been Fully Wiped (Privacy/Security Disk Wiper Software)
Good orientation here …… we are talking….
Data remanence
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Data_remanence
This all depends on what and why you want to do this. If simply passing the PC on to a family member or friend and want all your data wiped off – you can use any disk wiper. It is assumed they are not going to go snooping in some manner with a file recovery software in other words. Simply erase the disk is the procedure without security being a concern.
If you are going to donate the PC or recycle it – then you should absolutely only use a military grade disk wiper (eraser). This guarantees your data is NOT recoverable. I don’t know your sources to the contrary, but that is apparently indisputable. No data period – using military grade wiping software. That’s why it is called military grade. The best available to the public is a military grade software disk wiper. [ 35-pass Gutmann uber-paranoid erasure ]
The paranoia stops here……
(Has this been circumvented ? Not to knowledge)….
“UltraSentry was designed to delete file and folder data to United States Department of Defense standards, which is why we call it a military-grade cleaning application. What does this mean? Well, many electronic files and data are highly-sensitive or private, and when deleted, the data itself still remains on the disk, making it recoverable or accessible by anyone. UltraSentry eliminates that risk by overwriting the file data repeatedly, completely destroying all traces of the sensitive file data, making it completely unrecoverable. The standards to which the data is overwritten are compliant with Department of Defense standards, and are the same standards the U.S. military and government use when deleting top-secret or proprietary electronic information.” http://www.ultraedit.com/products/ultrasentry.html
Mac PCs have this type utility built in I have read.
If you are seeking other, than I think it goes into the area of manually doing things. This is an interesting subject and I am kicking it around on some sites for information.
Of course the oldest security joke about how to never get an infection is to not plug in the computer. Along the same lines, paranoia has to enter the picture somewhere here – such as any type disk wiper can be thought to be performing a “hex dump” of the erased material to be recoverable either for the OS owner (Windows) or the Law or the actual software writer to capture any data involved as of interest for whatever reason. Paranoia can lead to manually performing the task and perhaps with a hex editor. Simply using ” 00 ” overwrite seems less than thorough enough as I have seen it recommended to use three different passes with two different sets the 00 first and last.
IF YOU ARE TALKING DISPOSAL….. PHYSICALLY DESTROY THE COMPUTER DISK…. HEALTH RISK ! …..
Learn how to effectively delete all of the data on your hard drive – and permanently
IN FULL
http://www.digitaltrends.com/how-to/how-to-completely-erase-your-hard-drive/
“….. Get Physical
Another brutally effective way to destroy data on your hard drive is to properly destroy the internal parts of the drive itself. There are several ways to do this, each of which requires physical methods of destruction that can be dangerous and may expose particles or chemicals hazardous to your health. If you are not able to maintain a safe environment, do not attempt these methods. Find a qualified company to assist.
Your data is stored on the spinning platters inside the drive. It is these platters that need targeting. Popular and effective methods for destroying the platters are: 1) industrial shredding, whereby the entire hard drive is fed into a powerful automobile-sized shredder that makes mincemeat of the drive; 2) drilling through the platters a few times with a titanium drill bit (easily found at Home Depot).
Of course, if the CIA, FSB and Mossad are all after your data, you may want to
a) selectively nuke folders and files,
b) write zeros at least seven times,
c) physically disable the drive and
d) get a safer, calmer life.
Summary
Protect your Social Security number and credit card e-bills from getting into the hands of 8-Ball Ernie down at the rehab center. Do not ruin the innocence of those kids at the community center by accidentally exposing them to the contents of your intentionally mislabeled though ineffectively deleted “Personal Budgets” folder. Make your donation of an old computer truly a win-win, good-karma situation for everyone involved. Free tools exist to perform even the most thorough cleaning of a hard drive. Use them. ….”
MORE
http://en.wikipedia.org/wiki/Anti-computer_forensics
http://en.wikipedia.org/wiki/Data_remanence
December 20, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/12/20/how-do-i-know-the-disk-has-been-fully-wiped-privacysecurity-disk-wiper-software/
How Do I Know The Disk Has Been Fully Wiped (Privacy/Security Disk Wiper Software)
Good orientation here …… we are talking….
Data remanence
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Data_remanence
This all depends on what and why you want to do this. If simply passing the PC on to a family member or friend and want all your data wiped off – you can use any disk wiper. It is assumed they are not going to go snooping in some manner with a file recovery software in other words. Simply erase the disk is the procedure without security being a concern.
If you are going to donate the PC or recycle it – then you should absolutely only use a military grade disk wiper (eraser). This guarantees your data is NOT recoverable. I don’t know your sources to the contrary, but that is apparently indisputable. No data period – using military grade wiping software. That’s why it is called military grade. The best available to the public is a military grade software disk wiper. [ 35-pass Gutmann uber-paranoid erasure ]
The paranoia stops here……
(Has this been circumvented ? Not to knowledge)….
“UltraSentry was designed to delete file and folder data to United States Department of Defense standards, which is why we call it a military-grade cleaning application. What does this mean? Well, many electronic files and data are highly-sensitive or private, and when deleted, the data itself still remains on the disk, making it recoverable or accessible by anyone. UltraSentry eliminates that risk by overwriting the file data repeatedly, completely destroying all traces of the sensitive file data, making it completely unrecoverable. The standards to which the data is overwritten are compliant with Department of Defense standards, and are the same standards the U.S. military and government use when deleting top-secret or proprietary electronic information.” http://www.ultraedit.com/products/ultrasentry.html
Mac PCs have this type utility built in I have read.
If you are seeking other, than I think it goes into the area of manually doing things. This is an interesting subject and I am kicking it around on some sites for information.
Of course the oldest security joke about how to never get an infection is to not plug in the computer. Along the same lines, paranoia has to enter the picture somewhere here – such as any type disk wiper can be thought to be performing a “hex dump” of the erased material to be recoverable either for the OS owner (Windows) or the Law or the actual software writer to capture any data involved as of interest for whatever reason. Paranoia can lead to manually performing the task and perhaps with a hex editor. Simply using ” 00 ” overwrite seems less than thorough enough as I have seen it recommended to use three different passes with two different sets the 00 first and last.
IF YOU ARE TALKING DISPOSAL….. PHYSICALLY DESTROY THE COMPUTER DISK…. HEALTH RISK ! …..
Learn how to effectively delete all of the data on your hard drive – and permanently
IN FULL
http://www.digitaltrends.com/how-to/how-to-completely-erase-your-hard-drive/
“….. Get Physical
Another brutally effective way to destroy data on your hard drive is to properly destroy the internal parts of the drive itself. There are several ways to do this, each of which requires physical methods of destruction that can be dangerous and may expose particles or chemicals hazardous to your health. If you are not able to maintain a safe environment, do not attempt these methods. Find a qualified company to assist.
Your data is stored on the spinning platters inside the drive. It is these platters that need targeting. Popular and effective methods for destroying the platters are: 1) industrial shredding, whereby the entire hard drive is fed into a powerful automobile-sized shredder that makes mincemeat of the drive; 2) drilling through the platters a few times with a titanium drill bit (easily found at Home Depot).
Of course, if the CIA, FSB and Mossad are all after your data, you may want to
a) selectively nuke folders and files,
b) write zeros at least seven times,
c) physically disable the drive and
d) get a safer, calmer life.
Summary
Protect your Social Security number and credit card e-bills from getting into the hands of 8-Ball Ernie down at the rehab center. Do not ruin the innocence of those kids at the community center by accidentally exposing them to the contents of your intentionally mislabeled though ineffectively deleted “Personal Budgets” folder. Make your donation of an old computer truly a win-win, good-karma situation for everyone involved. Free tools exist to perform even the most thorough cleaning of a hard drive. Use them. ….”
MORE
http://en.wikipedia.org/wiki/Anti-computer_forensics
http://en.wikipedia.org/wiki/Data_remanence
New Portable – Microsoft releases Windows Defender Offline tool beta (create bootable CD,DVD,USB flash drive)
New Portable – Microsoft releases Windows Defender Offline tool beta (create bootable CD,DVD,USB flash drive)
December 9, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/12/09/new-portable-microsoft-releases-windows-defender-offline-tool-beta-create-bootable-cddvdusb-flash-drive/
New Portable – Microsoft releases Windows Defender Offline tool beta (create bootable CD,DVD,USB flash drive)
New Portable – Microsoft releases Windows Defender Offline tool beta (create bootable CD,DVD,USB flash drive)
Microsoft releases Windows Defender Offline tool beta
The H
Users can choose to create a bootable CD, DVD or USB flash drive
Microsoft has published a public beta of an offline version of its
Windows Defender spyware removal software, formerly known as Microsoft
AntiSpyware. Using the Windows Defender Offline …
http://www.h-online.com/security/news/item/Microsoft-releases-Windows-Defender-Offline-tool-beta-1392853.html
GET IT FREE HERE ……
What is Windows Defender Offline Beta?
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
NOTES…. A big plus here is the antimalware product runs before a bootkit can apparently, which coincides with the new security technology in Windows 8 which unfortunately has already been cracked….
” Windows 8 Boot Security Cracked”
http://www.crn.com/news/security/231903295/windows-8-boot-security-cracked.htm;jsessionid=NZjzL4QedChUWf+VUz6Tyg**.ecappj02
THREAT http://en.wikipedia.org/wiki/Bootkit#bootkit
\sarcasm\ …So Micro$oft will be passing out a free Windows Defender Anti-Bootkit USB Drive stick and a Norton CD with each new Windows 8 purchase ? ! LOL ….sounds eerily like a Microsoft apology or the
opposite being offering the same type technology for XP users as conceivably a bootkit can not run on Vista because rootkits can not.
Since Vista UAC has reportedly been cracked
https://bluecollarpcwebs.wordpress.com/2011/08/26/vista-user-account-control-uac-finally-cracked/ ;
…THEN it would seem this is indeed the next attack vector as creating the bootkit to then circumvent Vista security to attempt running the very first rootkit on Vista which means a payload described as a
“blended threat” http://en.wikipedia.org/wiki/Blended_threat ; as massive, is necessary, and will no doubt be tracked back by Cyber Security agencies (FBI et al) and the antimalware industry and possibly private citizen groups that go botnet hunting. BUT the obvious question is hot to upload the payload to Vista ? Only those that could care less about security or love to run Vista without UAC (turning it into a XP or 98 0r ME) are the ones that can even be infected with the payload to even attempt to deliver the payload and attempt reports back as to how well they did. Massive hit and miss circumstances for this ever to become reality. Since Vista has not climbed too much above 10 to 12 percent of sales seems it would be missed by this pipe dream to date.
Still, food for thought – and I am still in the “I love my Vista” crowd for life ! ! ! She will be most secure even over and above Windows 8.
REFERENCE ….
Techworld.com – Vista’s UAC spots rootkits, tests find
http://www.techworld.com/security/news/index.cfm?newsid=101583
I personally called Vista as the crown of security software for the decade (2000-2010) as the operating system itself achieving what NO other defense software did…..
QUOTES
AV-Test.org, which set out to find out how well anti-virus programmes fared against known rootkits….
The answer was not particularly well at all, either for Windows XP, or Vista-orientated products. Of 30 rootkits thrown at XP anti-malware scanners, none of the seven AV suites found all 30, a similar story to
the six web-based scanners assessed. Only four of the 14 specialised anti-rootkit tools managed a perfect score. The best of the all-purpose suites was Avira AntiVir Premium Security Suite, which found 29 active rootkits, with Norton finding as few as 18.
The anti-rootkit tools fared better, with AVG Anti-Rootkit Free, GMER, Rootkit Unhooker LE, and Trend Micro Rootkit Buster achieving perfect scores. The scores for removal were patchy, however, with all failing to remove 100 percent of the rootkits they had found.
The results for Vista products were harder to assess because only six rootkits could run on the OS, but the testers had to turn off UAC to get even this far. Vista’s UAC itself spotted everything thrown in front of it.
Only three of the 17 AV tools for Vista managed to both detect and successfully remove them, F-Secure Anti-Virus 2008, Panda Security Antivirus 2008, and Norton Antivirus 2008. That UAC can tell a user when a rootkit is trying to install itself is not in itself surprising, as Vista is supposedly engineered from the ground up to intercept all applications requests of any significance.
OTHERS ——–>
Emsisoft Emergency Kit 1.0 [FREE]
http://www.emsisoft.com/en/software/eek/
[Software collection]
Version 1.0.0.25 – 6/8/2011
Your emergency kit for infected PCs!
Detects and removes Malware
>4 million known dangers
100% portable – perfect for USB sticks
HiJackFree and BlitzBlank included
ClamWin Portable (Antivirus, more) [FREE]
http://portableapps.com/apps/utilities/clamwin_portable
Antivirus to go…. ClamWin Portable is the popular ClamWin antivirus packaged as a portable app, so you can take your antivirus with you to scan files on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind.
NEWS: ClamWin Portable 0.97.1 (anti-virus) Released PortableApps.com …
ClamWin Portable 0.97.1 (anti-virus) Released. Submitted by John T.
Haller on June 17, 2011 – 7:46pm. logo ClamWin Portable 0.97.1 has been released. …
http://portableapps.com/news/2011-06-17_-_clamwin_portable_0.97.1_released
Microsoft Standalone System Sweeper (Beta) [FREE]
http://connect.microsoft.com/systemsweeper
Note “beta” means it is actually still a test version with ability of feedbacks from the community for any bugs found they need to correct. It then is released as normal “alpha” version.
NEWS: Microsoft ships free malware cleaner that boots from CD or USB
ZDNet (blog)
June 1, 2011, 10:15am PDT In a move aimed at cutting down on support call costs, Microsoft has released a malware recovery tool that boots from a CD or USB stick. Ryan Naraine is a journalist and social media enthusiast specializing …
http://www.zdnet.com/blog/security/microsoft-ships-free-malware-cleaner-that-boots-from-cd-or-usb/8712
SUPERAntiSpyware Portable Scanner (Antispyware) [FREE]
http://www.superantispyware.com/portablescanner.html
Follow the instructions below to download the SUPERAntiSpyware Portable Scanner. The scanner features our complete scanning and removal engine and will detect AND remove over 1,000,000 spyware/malware infections. The scanner does NOT install anything on your Start Menu or Program Files and does NOT need to be uninstalled. The scanner contains the latest definitions so you DO NOT need Internet Access on the infected system to scan.
Comodo Cleaning Essentials
Comodo Cleaning Essentials is a set of portable antivirus tools that will help you to detect and remove malware from an infected PC.
http://www.comodo.com/business-security/network-protection/cleaning_essentials.php
(DESKTOP http://www.comodo.com/ )
ESET SysInspector is a powerful, portable security tool that will inspect your system’s files, running processes, Registry keys and more, looking for and highlighting anything that could be a sign of malware.
(Makers of famous Eset NOD32 Antivirus – most awarded in history)
http://www.downloadcrew.com/article/20672-eset_sysinspector_12026_32-bit
(DESKTOP http://www.eset.com/us/ )
Norman Malware Cleaner is an interesting portable antivirus tool which will scan your PC, detecting and removing any malware that it uncovers.
http://www.downloadcrew.com/article/23283-norman_malware_cleaner
(DESKTOP http://www.norman.com/en-us )
The AVG Rescue CD is a portable environment that comes with a range of tools to help you clean up a virus-infected PC, fix hard drive problems, and get an unbootable system working again. This variant of the rescue CD is intended for installation on a USB flash drive. After downloading, you should extract the archive contents directly to the root folder of the USB drive you’d like to use. (If you don’t have a tool that can read RAR files, then try 7-ZIP).
http://www.downloadcrew.com/article/4650-avg_rescue_cd_usb_flash_drive_edition
(DESKTOP http://www.avg.com/us-en/homepage
CCleaner Portable (Internet Tracks Cleaner, More)
CCleaner Portable is a compact version of CCleaner that you can store on a CD, USB flash drive, microSD, or even two floppy disks if you still use those.
http://www.softpedia.com/get/PORTABLE-SOFTWARE/Security/Secure-cleaning/Windows-Portable-Applications-CCleaner-Portable.shtml
(DESKTOP http://www.piriform.com/ccleaner )
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
December 9, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/12/09/new-portable-microsoft-releases-windows-defender-offline-tool-beta-create-bootable-cddvdusb-flash-drive/
New Portable – Microsoft releases Windows Defender Offline tool beta (create bootable CD,DVD,USB flash drive)
New Portable – Microsoft releases Windows Defender Offline tool beta (create bootable CD,DVD,USB flash drive)
Microsoft releases Windows Defender Offline tool beta
The H
Users can choose to create a bootable CD, DVD or USB flash drive
Microsoft has published a public beta of an offline version of its
Windows Defender spyware removal software, formerly known as Microsoft
AntiSpyware. Using the Windows Defender Offline …
http://www.h-online.com/security/news/item/Microsoft-releases-Windows-Defender-Offline-tool-beta-1392853.html
GET IT FREE HERE ……
What is Windows Defender Offline Beta?
http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
NOTES…. A big plus here is the antimalware product runs before a bootkit can apparently, which coincides with the new security technology in Windows 8 which unfortunately has already been cracked….
” Windows 8 Boot Security Cracked”
http://www.crn.com/news/security/231903295/windows-8-boot-security-cracked.htm;jsessionid=NZjzL4QedChUWf+VUz6Tyg**.ecappj02
THREAT http://en.wikipedia.org/wiki/Bootkit#bootkit
\sarcasm\ …So Micro$oft will be passing out a free Windows Defender Anti-Bootkit USB Drive stick and a Norton CD with each new Windows 8 purchase ? ! LOL ….sounds eerily like a Microsoft apology or the
opposite being offering the same type technology for XP users as conceivably a bootkit can not run on Vista because rootkits can not.
Since Vista UAC has reportedly been cracked
https://bluecollarpcwebs.wordpress.com/2011/08/26/vista-user-account-control-uac-finally-cracked/ ;
…THEN it would seem this is indeed the next attack vector as creating the bootkit to then circumvent Vista security to attempt running the very first rootkit on Vista which means a payload described as a
“blended threat” http://en.wikipedia.org/wiki/Blended_threat ; as massive, is necessary, and will no doubt be tracked back by Cyber Security agencies (FBI et al) and the antimalware industry and possibly private citizen groups that go botnet hunting. BUT the obvious question is hot to upload the payload to Vista ? Only those that could care less about security or love to run Vista without UAC (turning it into a XP or 98 0r ME) are the ones that can even be infected with the payload to even attempt to deliver the payload and attempt reports back as to how well they did. Massive hit and miss circumstances for this ever to become reality. Since Vista has not climbed too much above 10 to 12 percent of sales seems it would be missed by this pipe dream to date.
Still, food for thought – and I am still in the “I love my Vista” crowd for life ! ! ! She will be most secure even over and above Windows 8.
REFERENCE ….
Techworld.com – Vista’s UAC spots rootkits, tests find
http://www.techworld.com/security/news/index.cfm?newsid=101583
I personally called Vista as the crown of security software for the decade (2000-2010) as the operating system itself achieving what NO other defense software did…..
QUOTES
AV-Test.org, which set out to find out how well anti-virus programmes fared against known rootkits….
The answer was not particularly well at all, either for Windows XP, or Vista-orientated products. Of 30 rootkits thrown at XP anti-malware scanners, none of the seven AV suites found all 30, a similar story to
the six web-based scanners assessed. Only four of the 14 specialised anti-rootkit tools managed a perfect score. The best of the all-purpose suites was Avira AntiVir Premium Security Suite, which found 29 active rootkits, with Norton finding as few as 18.
The anti-rootkit tools fared better, with AVG Anti-Rootkit Free, GMER, Rootkit Unhooker LE, and Trend Micro Rootkit Buster achieving perfect scores. The scores for removal were patchy, however, with all failing to remove 100 percent of the rootkits they had found.
The results for Vista products were harder to assess because only six rootkits could run on the OS, but the testers had to turn off UAC to get even this far. Vista’s UAC itself spotted everything thrown in front of it.
Only three of the 17 AV tools for Vista managed to both detect and successfully remove them, F-Secure Anti-Virus 2008, Panda Security Antivirus 2008, and Norton Antivirus 2008. That UAC can tell a user when a rootkit is trying to install itself is not in itself surprising, as Vista is supposedly engineered from the ground up to intercept all applications requests of any significance.
OTHERS ——–>
Emsisoft Emergency Kit 1.0 [FREE]
http://www.emsisoft.com/en/software/eek/
[Software collection]
Version 1.0.0.25 – 6/8/2011
Your emergency kit for infected PCs!
Detects and removes Malware
>4 million known dangers
100% portable – perfect for USB sticks
HiJackFree and BlitzBlank included
ClamWin Portable (Antivirus, more) [FREE]
http://portableapps.com/apps/utilities/clamwin_portable
Antivirus to go…. ClamWin Portable is the popular ClamWin antivirus packaged as a portable app, so you can take your antivirus with you to scan files on the go. You can place it on your USB flash drive, iPod, portable hard drive or a CD and use it on any computer, without leaving any personal information behind.
NEWS: ClamWin Portable 0.97.1 (anti-virus) Released PortableApps.com …
ClamWin Portable 0.97.1 (anti-virus) Released. Submitted by John T.
Haller on June 17, 2011 – 7:46pm. logo ClamWin Portable 0.97.1 has been released. …
http://portableapps.com/news/2011-06-17_-_clamwin_portable_0.97.1_released
Microsoft Standalone System Sweeper (Beta) [FREE]
http://connect.microsoft.com/systemsweeper
Note “beta” means it is actually still a test version with ability of feedbacks from the community for any bugs found they need to correct. It then is released as normal “alpha” version.
NEWS: Microsoft ships free malware cleaner that boots from CD or USB
ZDNet (blog)
June 1, 2011, 10:15am PDT In a move aimed at cutting down on support call costs, Microsoft has released a malware recovery tool that boots from a CD or USB stick. Ryan Naraine is a journalist and social media enthusiast specializing …
http://www.zdnet.com/blog/security/microsoft-ships-free-malware-cleaner-that-boots-from-cd-or-usb/8712
SUPERAntiSpyware Portable Scanner (Antispyware) [FREE]
http://www.superantispyware.com/portablescanner.html
Follow the instructions below to download the SUPERAntiSpyware Portable Scanner. The scanner features our complete scanning and removal engine and will detect AND remove over 1,000,000 spyware/malware infections. The scanner does NOT install anything on your Start Menu or Program Files and does NOT need to be uninstalled. The scanner contains the latest definitions so you DO NOT need Internet Access on the infected system to scan.
Comodo Cleaning Essentials
Comodo Cleaning Essentials is a set of portable antivirus tools that will help you to detect and remove malware from an infected PC.
http://www.comodo.com/business-security/network-protection/cleaning_essentials.php
(DESKTOP http://www.comodo.com/ )
ESET SysInspector is a powerful, portable security tool that will inspect your system’s files, running processes, Registry keys and more, looking for and highlighting anything that could be a sign of malware.
(Makers of famous Eset NOD32 Antivirus – most awarded in history)
http://www.downloadcrew.com/article/20672-eset_sysinspector_12026_32-bit
(DESKTOP http://www.eset.com/us/ )
Norman Malware Cleaner is an interesting portable antivirus tool which will scan your PC, detecting and removing any malware that it uncovers.
http://www.downloadcrew.com/article/23283-norman_malware_cleaner
(DESKTOP http://www.norman.com/en-us )
The AVG Rescue CD is a portable environment that comes with a range of tools to help you clean up a virus-infected PC, fix hard drive problems, and get an unbootable system working again. This variant of the rescue CD is intended for installation on a USB flash drive. After downloading, you should extract the archive contents directly to the root folder of the USB drive you’d like to use. (If you don’t have a tool that can read RAR files, then try 7-ZIP).
http://www.downloadcrew.com/article/4650-avg_rescue_cd_usb_flash_drive_edition
(DESKTOP http://www.avg.com/us-en/homepage
CCleaner Portable (Internet Tracks Cleaner, More)
CCleaner Portable is a compact version of CCleaner that you can store on a CD, USB flash drive, microSD, or even two floppy disks if you still use those.
http://www.softpedia.com/get/PORTABLE-SOFTWARE/Security/Secure-cleaning/Windows-Portable-Applications-CCleaner-Portable.shtml
(DESKTOP http://www.piriform.com/ccleaner )
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
Unbelievable! – Windows 8 Boot Security Cracked already before released (Bootkit malware)
Unbelievable! – Windows 8 Boot Security Cracked already before released (Bootkit malware)
November 18, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/11/18/unbelievable-windows-8-boot-security-cracked-already-before-released-bootkit-malware/
Unbelievable! – Windows 8 Boot Security Cracked already before released (Bootkit malware)
Windows 8 Boot Security Cracked
CRN
By Antone Gonsalves, CRN
An Austrian security analyst has built the first known bootkit that bypasses Windows 8′s defenses against installing malware while the operating system is booting.
Peter Kleissner, an independent programmer and recognized …
http://www.crn.com/news/security/231903295/windows-8-boot-security-cracked.htm;jsessionid=NZjzL4QedChUWf+VUz6Tyg**.ecappj02
( HATE TO BE I TOLD YOU SO BUT THE BLUECOLLARPC.US PREDICTED THIS THAT WINDOWS 8 BOOT UP SECURITY FEATURE WILL BE CRACKED AS FAST AS IT HITS THE STREETS….. LOOKS LIKE WE WERE A LITTLE OFF – IT HAS BEEN CRACKED EVEN BEFORE IT HIT THE STREETS ! ! ! …..LOL )
We can expect Windows 8 to be launched sometime in mid-late 2012, however, it’s too early to predict the Windows 8 release date, since it is still under development. Nevertheless, the only question that haunts each and every one of us – Will Windows 8 win the battle against Apple which it had lost several years back? SOURCE http://www.thetechlabs.com/tech-news/windows-8-features/
Bootkits http://en.wikipedia.org/wiki/Bootkit#bootkit
"A kernel-mode rootkit variant called a bootkit is used predominantly to attack full disk encryption systems, for example as in the “Evil Maid Attack”, in which a bootkit replaces the legitimate boot loader with one controlled by an attacker; typically the malware loader persists through the transition to protected mode when the kernel has loaded.[35][36][37][38] For example, the “Stoned Bootkit” subverts the system by using a compromised boot loader to intercept encryption keys and passwords.[39] More recently, the Alureon rootkit has successfully subverted the requirement for 64-bit kernel-mode driver signing in Windows 7 by modifying the master boot record.[40]
The only known defenses against bootkit attacks are the prevention of unauthorized physical access to the system—a problem for portable computers—or the use of a Trusted Platform Module configured to protect the boot path.[41]...."
HISTORY TO DATE…..
Windows 8 Spells Trouble for Linux, Hackintosh Users and Malware Victims
http://tech.groups.yahoo.com/group/LinuxDucks/messages/523
Windows 8 won’t dual-boot Linux?
http://tech.groups.yahoo.com/group/LinuxDucks/message/539
Microsoft, Red Hat Spar Over Secure Boot-loading Tech
http://tech.groups.yahoo.com/group/LinuxDucks/message/541
Windows 8 Dual Boot Possible If ‘Secure Boot’ Disabled
http://tech.groups.yahoo.com/group/LinuxDucks/message/544
How to change the boot order of a dual-boot Linux PC
http://tech.groups.yahoo.com/group/LinuxDucks/message/550
Linux Licensing in Conflict with Secure Boot Support
http://tech.groups.yahoo.com/group/LinuxDucks/message/565
FSF warns of Windows 8 Secure Boot (Sign Petition)
http://tech.groups.yahoo.com/group/LinuxDucks/message/626
Linux Foundation, Canonical and Red Hat Weigh In On Secure Boot
http://tech.groups.yahoo.com/group/LinuxDucks/message/650
The right to dual-boot: Linux groups plead case prior to Windows 8
http://tech.groups.yahoo.com/group/LinuxDucks/message/662
Linux Foundation: Secure Boot Need Not Be a Problem
http://tech.groups.yahoo.com/group/LinuxDucks/message/671
Linux Community Offers Secure Boot Ideas
http://tech.groups.yahoo.com/group/LinuxDucks/message/672
Leading PC makers confirm: no Windows 8 plot to lock out Linux
http://tech.groups.yahoo.com/group/LinuxDucks/message/673
Linux Advocates protest ‘Designed for Windows 8′ secure boot policy
http://tech.groups.yahoo.com/group/LinuxDucks/message/679
Linux Community Counters Microsoft’s Windows 8 Secure Boot Mandate
http://tech.groups.yahoo.com/group/LinuxDucks/message/696
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
November 18, 2011 — bluecollarpc
https://bluecollarpcwebs.wordpress.com/2011/11/18/unbelievable-windows-8-boot-security-cracked-already-before-released-bootkit-malware/
Unbelievable! – Windows 8 Boot Security Cracked already before released (Bootkit malware)
Windows 8 Boot Security Cracked
CRN
By Antone Gonsalves, CRN
An Austrian security analyst has built the first known bootkit that bypasses Windows 8′s defenses against installing malware while the operating system is booting.
Peter Kleissner, an independent programmer and recognized …
http://www.crn.com/news/security/231903295/windows-8-boot-security-cracked.htm;jsessionid=NZjzL4QedChUWf+VUz6Tyg**.ecappj02
( HATE TO BE I TOLD YOU SO BUT THE BLUECOLLARPC.US PREDICTED THIS THAT WINDOWS 8 BOOT UP SECURITY FEATURE WILL BE CRACKED AS FAST AS IT HITS THE STREETS….. LOOKS LIKE WE WERE A LITTLE OFF – IT HAS BEEN CRACKED EVEN BEFORE IT HIT THE STREETS ! ! ! …..LOL )
We can expect Windows 8 to be launched sometime in mid-late 2012, however, it’s too early to predict the Windows 8 release date, since it is still under development. Nevertheless, the only question that haunts each and every one of us – Will Windows 8 win the battle against Apple which it had lost several years back? SOURCE http://www.thetechlabs.com/tech-news/windows-8-features/
Bootkits http://en.wikipedia.org/wiki/Bootkit#bootkit
"A kernel-mode rootkit variant called a bootkit is used predominantly to attack full disk encryption systems, for example as in the “Evil Maid Attack”, in which a bootkit replaces the legitimate boot loader with one controlled by an attacker; typically the malware loader persists through the transition to protected mode when the kernel has loaded.[35][36][37][38] For example, the “Stoned Bootkit” subverts the system by using a compromised boot loader to intercept encryption keys and passwords.[39] More recently, the Alureon rootkit has successfully subverted the requirement for 64-bit kernel-mode driver signing in Windows 7 by modifying the master boot record.[40]
The only known defenses against bootkit attacks are the prevention of unauthorized physical access to the system—a problem for portable computers—or the use of a Trusted Platform Module configured to protect the boot path.[41]...."
HISTORY TO DATE…..
Windows 8 Spells Trouble for Linux, Hackintosh Users and Malware Victims
http://tech.groups.yahoo.com/group/LinuxDucks/messages/523
Windows 8 won’t dual-boot Linux?
http://tech.groups.yahoo.com/group/LinuxDucks/message/539
Microsoft, Red Hat Spar Over Secure Boot-loading Tech
http://tech.groups.yahoo.com/group/LinuxDucks/message/541
Windows 8 Dual Boot Possible If ‘Secure Boot’ Disabled
http://tech.groups.yahoo.com/group/LinuxDucks/message/544
How to change the boot order of a dual-boot Linux PC
http://tech.groups.yahoo.com/group/LinuxDucks/message/550
Linux Licensing in Conflict with Secure Boot Support
http://tech.groups.yahoo.com/group/LinuxDucks/message/565
FSF warns of Windows 8 Secure Boot (Sign Petition)
http://tech.groups.yahoo.com/group/LinuxDucks/message/626
Linux Foundation, Canonical and Red Hat Weigh In On Secure Boot
http://tech.groups.yahoo.com/group/LinuxDucks/message/650
The right to dual-boot: Linux groups plead case prior to Windows 8
http://tech.groups.yahoo.com/group/LinuxDucks/message/662
Linux Foundation: Secure Boot Need Not Be a Problem
http://tech.groups.yahoo.com/group/LinuxDucks/message/671
Linux Community Offers Secure Boot Ideas
http://tech.groups.yahoo.com/group/LinuxDucks/message/672
Leading PC makers confirm: no Windows 8 plot to lock out Linux
http://tech.groups.yahoo.com/group/LinuxDucks/message/673
Linux Advocates protest ‘Designed for Windows 8′ secure boot policy
http://tech.groups.yahoo.com/group/LinuxDucks/message/679
Linux Community Counters Microsoft’s Windows 8 Secure Boot Mandate
http://tech.groups.yahoo.com/group/LinuxDucks/message/696
SENDER:
Webmaster/malware removal help
HOME http://bluecollarpc.us/
Alternate https://sites.google.com/site/pcsecurityhelper/
HELP http://tech.groups.yahoo.com/group/BlueCollarPCSecurity/
Membership/Join List:
Subscribe: BlueCollarPCSecurity-subscribe@yahoogroups.com
Free Malware Removal Help / A Community Website Since 2005
Medical Entities as targets of malware
Medical Entities as targets of malware
November 15, 2011 — bluecollarpc
Medical Entities as targets of malware….
Another disturbing report of how malware can affect our very lives at Medical Facilities and related operations (paramedic transport etc. ) …..
Malware disables ambulance response systems
An unspecified malware variant recently disabled the automated response systems of a New Zealand-based ambulance service. The service – which provides 90% of the emergency and non-emergency …..
FULL http://www.tgdaily.com/security-features/59635-malware-disables-ambulance-response-systems
Well the one view is Bill Gates has ruined the world with software computers. Defenses for this type attack – intentional or otherwise – are very complex and the future holds a couple security upgrades which one is that Microsoft plans to completely dump the Windows Operating System and create an entire new one at the 25 year anniversary. The other is one towards some of my recommendations and views in security for entities I hold and have recommended - to move towards setting up their own servers and be their own ISP (Internet Service Provider like AOL, MSN, Earthlink, Juno etc) even using dimished special ”web applicances” with limited access (i.e. set up for database access only etc.
SEE DEFINITION http://www.pcmag.com/encyclopedia_term/0,2542,t=Internet+appliance&i=45195,00.asp#fbid=mZ9KI5RdBTu …..as opposed to business computers . The servers would be the major investment but American upper class shareholders are to greedy most likely for profit’s sake to ever invest.
But, being their own ISP owning and operating their own servers leaves out all other internet traffic and being at the mercy of the defense abilities of the current world wide web servers and ISPs – which we plainly see are responsible for this fiasco that has occurred. YES they did have a “default” manual system they were able to fall back to very very very luckily.
QUOTED “Back-up systems immediately took over when it was detected and the workload was managed manually.”
Had it not been the medical system, no doubt the malware attack would have targeted and comprimised many personal data accounts for purposes of ID Theft and may have been the actual target of the malware but was an ooops by malware dummies.. These type attacks when intentional many times direct intentional attacks at entities and is frightening as they can move towards like the past “interstate shooters” in Maryland I think it was a couple years ago where the two, father and son, were shooting and killing people on the interstate and then called into Police to demand ransom to stop it. There is not enough Agency (internet cops) in America yet to police these things with hard sentences and even death penalties where deserved such as this one where obviously lives were put at risk by them – and all in all if death (s ) had occurred and because of them with precoignitive malice for illicit profit via murder and voluntary and involuntary manslughter.
QUOTED “Although the malware did not seem to specifically target the ambulance service, the incident is obviously not the first time a medical entity has been affected by viruses or worms.
As Sophos security expert Graham Cluley notes, the Mytob worm hit a number of London hospitals in 2008, while the Northwest Hospital and Medical Center in north Seattle was affected by a 2005 attack which shut down computers in the facility’s intensive care unit and prevented pagers from working properly. “
webmaster http://bluecollarpc.us/
BlueCollarPC.US Malware Removal / Amatuer Forensics / Since 2005
November 15, 2011 — bluecollarpc
Medical Entities as targets of malware….
Another disturbing report of how malware can affect our very lives at Medical Facilities and related operations (paramedic transport etc. ) …..
Malware disables ambulance response systems
An unspecified malware variant recently disabled the automated response systems of a New Zealand-based ambulance service. The service – which provides 90% of the emergency and non-emergency …..
FULL http://www.tgdaily.com/security-features/59635-malware-disables-ambulance-response-systems
Well the one view is Bill Gates has ruined the world with software computers. Defenses for this type attack – intentional or otherwise – are very complex and the future holds a couple security upgrades which one is that Microsoft plans to completely dump the Windows Operating System and create an entire new one at the 25 year anniversary. The other is one towards some of my recommendations and views in security for entities I hold and have recommended - to move towards setting up their own servers and be their own ISP (Internet Service Provider like AOL, MSN, Earthlink, Juno etc) even using dimished special ”web applicances” with limited access (i.e. set up for database access only etc.
SEE DEFINITION http://www.pcmag.com/encyclopedia_term/0,2542,t=Internet+appliance&i=45195,00.asp#fbid=mZ9KI5RdBTu …..as opposed to business computers . The servers would be the major investment but American upper class shareholders are to greedy most likely for profit’s sake to ever invest.
But, being their own ISP owning and operating their own servers leaves out all other internet traffic and being at the mercy of the defense abilities of the current world wide web servers and ISPs – which we plainly see are responsible for this fiasco that has occurred. YES they did have a “default” manual system they were able to fall back to very very very luckily.
QUOTED “Back-up systems immediately took over when it was detected and the workload was managed manually.”
Had it not been the medical system, no doubt the malware attack would have targeted and comprimised many personal data accounts for purposes of ID Theft and may have been the actual target of the malware but was an ooops by malware dummies.. These type attacks when intentional many times direct intentional attacks at entities and is frightening as they can move towards like the past “interstate shooters” in Maryland I think it was a couple years ago where the two, father and son, were shooting and killing people on the interstate and then called into Police to demand ransom to stop it. There is not enough Agency (internet cops) in America yet to police these things with hard sentences and even death penalties where deserved such as this one where obviously lives were put at risk by them – and all in all if death (s ) had occurred and because of them with precoignitive malice for illicit profit via murder and voluntary and involuntary manslughter.
QUOTED “Although the malware did not seem to specifically target the ambulance service, the incident is obviously not the first time a medical entity has been affected by viruses or worms.
As Sophos security expert Graham Cluley notes, the Mytob worm hit a number of London hospitals in 2008, while the Northwest Hospital and Medical Center in north Seattle was affected by a 2005 attack which shut down computers in the facility’s intensive care unit and prevented pagers from working properly. “
webmaster http://bluecollarpc.us/
BlueCollarPC.US Malware Removal / Amatuer Forensics / Since 2005
Subscribe to:
Posts (Atom)