|
Spyware Removal Center:  New May, 2007 Dial Up Users Go To: BlueCollarPC.Org Much faster navigation website for Dial Up Users !
Spyware Removal Center .... a central place to detect, discover, and remove any threats present on your computer. There are malware search engines and file process search engines to identify valid files and malware files, aiding as well in manual removals and to rule out 'false positives' in scan results. Free scans links, and many information links. Links included to free removal utilities and free home versions of known trusted antispyware programs for immediate removal of threats, though you will want to make purchase to prevent infections. "Free stuff" does not offer real time protection.
Search Engines Online  (Check out software list below)
Search for adware/spyware by a name/file/registry key, .DLL files, .exe files, Malware, etc.
Search for and Identify Files and Processes - valid files/processes or threats ?
MALWARE SEARCH ENGINES:
 Quick Check - type in item at http://www.microsoft.com/ Microsoft.Com to see if it is part of Windows
CA Spyware Information Center (Search Engine) 
http://www3.ca.com/securityadvisor/pest/
CA Spyware Information Center search engine.
CounterSpy Research Center
http://research.sunbelt-software.com/WhatYouShouldKnow.aspx
CounterSpy Research Center (search engine for threats)
Webroot Threat Research Center
http://research.spysweeper.com/search.php
Database Search: Know the name of a specific spyware threat? Search our comprehensive spyware database for all the details including method of infection, program characteristics, consequences and recommended course of action.
2-Spyware.Com Spyware Directory
http://www.2-spyware.com/directory
Spyware-net http://www.fbmsoftware.com/spyware-net/index.html
.... your Internet security resource for all things spyware, bringing you the latest spyware trends, updating you on the latest security vulnerabilities, and serving as a one-stop spyware information guide. (Online Search Engine for threats).
Microsoft Malware Protection Center
http://www.microsoft.com/security/portal/default.aspx
Threat Research and Response
Microsoft opens security 'portal'
New site carries prevalence data, updates and malware resources.
http://www.microsoft.com/security/portal/default.aspx
Spyware Terminator Software Database
(Malware Search Engine)
http://www.spywareterminator.com/stdata/default.aspx
A-Squared Process List
a-squared Process List (Online Threats Search Engine)
http://www.hijackfree.com/en/processlist/
PROCESS / FILE SEARCH ENGINES:
File Research Center - Free File and Process Information
http://www.fileresearchcenter.com/
The File Research Center provides a free scanning service to identify what is running on your computer. We also provide free information about safe and unsafe files, processes, services, spyware, adware, malware, trojans, and other programs that may be on your computer.
ProcessLibrary.com - Search
http://www.processlibrary.com/directory/
Search engine.
WinTasks Process Library
http://www.liutilities.com/products/wintaskspro/processlibrary/
In the recesses of your computer, 20-30 invisible processes run silently in the background. Some hog system resources, turning your PC into a sluggish computer. Worse yet, other useless processes harbour spyware and Trojans - violating your privacy and giving hackers free reign on your computer. WinTasks Process Library is an invaluable resource for anyone who wants to know the exact purpose of every single process. The categories available online are: * Top Security Risks * Top System Processes * Top Applications* Other Processes.
WinTasks DLL Library 
WinTasks DLL Library
http://www.liutilities.com/products/wintaskspro/dlllibrary/winsock/
Search engine is about mid-page. Look up .dll information - whether valid .dll files.
BleepingComputer.com
http://www.bleepingcomputer.com/startups/
Search engine
CastleCops - CLSID / BHO List / Toolbar Master List
http://castlecops.com/bhonew.html
(Identify Malware Toolbars) This is the Master BHO and Toolbar list copyrighted by Tony Klein and CastleCops.
CastleCops ActiveX Objects List
http://castlecops.com/atx-925.html
Software and Utilities: 
 A Very Important Message about anti-spyware software:
It is very sad to mention that this sector of Computing Security is a jungle. Not like others, anti-virus or firewalls. There are many bad or fake anti-spyware softwares out here that actually hi-jack your web browsers for one to try to force purchase to get your PC back. This is a must website to view before purchasing any anti-spyware software ! Note that there are legal liabilities for professionals in reporting bad software and this is a compliant website and very known at forums and groups:
Title: The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites
Description: Bad, False, Fake products
URL: http://www.spywarewarrior.com/rogue_anti-spyware.htm
NOTE: Shareware is generally at a price. Freeware can come with bundles added with various adware offered at risk to user by people who do that. The freeware here has none of these and is called "Working Freeware". I give the term 'working freeware' noting that it is not "Trialware" which is usually a limited version software that expires, or ceases to function, after a set time - usually 15 or thirty days. Working freeware means just that - it is a fully operational software authored, in the case here, by various community help oriented persons that are very talented - I use them myself. These are offered by some as free who also have other softwares for sale - and are not bundled with adware. Some may also have a "premium version" (meaning for sale) activating a proactive version - running in background like anit-virus protectection. Generally, the working freewares have manual updates and manual scans - although some may also contain scheduled scans.
 
Microsoft AntiSpyware is now Windows Defender
[working-freeware from Microsoft]
http://www.microsoft.com/athome/security/spyware/software/default.mspx
Windows Defender is a free program that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected, and a new streamlined interface that minimizes interruptions and helps you stay productive.
AVG Anti-Spyware Free Edition
http://free.grisoft.com/doc/20/us/frt/0
http://www.grisoft.com/
SUPERAntiSpyware [working-freeware, and premium version]
http://www.superantispyware.com/
SUPERAntiSpyware scans your computer for known Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers and many other types of threats, and allows you to remove or quarantine them. It offers daily (manual) definition updates, as well as home page hijack protection and customizable scan options. Furthermore, the program includes a Repair feature that allows you to restore various settings which are often changed by malware programs, but usually not corrected by simply removing the parasite. The free version lacks real-time blocking and protection as well as several other advanced options.
a-squared trojan remover (Free Working Version for life and Proactive Premium Version)
http://www.emsisoft.com/en/software/free/
a-squared (a-squared) is a complementary product to antivirus software and desktop firewalls on MS Windows computers. Antivirus software specializes in detecting classic viruses. Many available products have weaknesses in detecting other malicious software (Malware) like Trojans, Dialers, Worms and Spyware (Adware). a-squared fills the gap that malware writers exploit. Automatic updates: In a-squared Free the updater must be run manually. The auto-update feature of a-squared Personal checks hourly for new available updates and installs them automatically. a-squared Free is freeware! You can download and use it completely for free. You are also allowed to distribute it to third parties. To be able to use it, you only must set up a free a-squared Account, to get access to the update server. (Note you register by simple sign up to activate definitions downloads free).
Spyware Terminator [working-freeware] (Antispyware and antivirus. Real time protection added ! )
http://www.spywareterminator.com/
Millions of users worldwide rely on Spyware Terminator, winner of many awards and high ratings
from industry experts and users. Its free comprehensive protection is comparable to competitors' paid versions!
Number of Installations: 15,229,973 (June,2008)
Ad-Aware [working-freeware, personal use - and premium version]
http://www.lavasoftusa.com/software/adaware/
Ad-Aware Personal provides advanced protection from known data-mining, aggressive advertising, Trojans, dialers, malware, browser hijackers, and tracking components. This software is downloadable free of charge for personal use.
Google Pack
http://pack.google.com/intl/en/pack_installer.html?hl=en&gl=us
Google Pack is:; Software specifically selected by Google; Always free - no trial versions or ... International versions of Google Pack available in: ... INCLUDES Spyware Doctor, Norton Security Scan, more
Transaction Guard
http://www.trendsecure.com/portal/en-US/tools/security_tools/transaction_guard
Note to Trend Micro Internet Security Users: Trend Micro Internet Security already includes all the functionality of Spyware Monitor, plus the ability to remove spyware. Use Spyware Monitor when you are using a computer that does not have Trend Micro Internet Security installed (for example: at a library or an Internet cafe).
Version 2.0
Transaction Guard is FREE software that protects you against spyware while performing sensitive online tasks on a public computer, like Internet banking or other financial transactions. Transaction Guard has two components:
Spyware Monitor – Monitors for spyware and notifies you of any intrusions.
Password ClipBoard – An on-screen keyboard for securely entering user names and passwords.
Online Tool Developed to Check for Botnet Activity
BotnetChecker.Com
Go To: http://botnetchecker.com/
PRWeb via Yahoo! News Wed, 12 Dec 2007 5:00 AM PST
http://news.yahoo.com/s/prweb/20071212/bs_prweb/prweb575432_1
It is estimated that 1 in 4 computers on the internet today are part of a botnet. After observing bot activity from thousands of compromised computers, local administrator develops easy way to check for botnet activity.
Trend Micro RUBotted (free)
http://www.trendsecure.com/portal/en-US/tools/security_tools/rubotted
Malicious software called Bots can secretly take control of computers
and make them participate in networks known as “Botnets.”
These networks can harness massive computing power and Internet
bandwidth to relay spam, attack web servers, infect more computers,
and perform other illicit activities.
STRONGLY RECOMMENDED: Secunia PSI
Secunia.Com: Secunia Personal Software Inspector [working-freeware]
https://psi.secunia.com/
Scans for software Updates... "Data pulled from our freely available Secunia PSI shows that users have a 1 in 5 ratio of Insecure applications installed on their computers!".... (For over a year now, it's 2008, in the news - cybercrime is hunting these "soft targets" for break in.)
a-squared Anti-Dialer [working-freeware]
http://www.emsisoft.com/en/software/antidialer/
No chance for the Dialer rip off! Protect your PC with a-squared Anti-Dialer from manipulated dial up connections, which can cause a phone bill of several hundred dollars quickly. a-squared Anti-Dialer provides a complete defense against Dialers. Scan all files on your harddisks for Dialer behavior using the Dialer scanner. The integrated background guard protects the PC from new infections. As soon as a potential Dialer creates or manipulates a dial up connection, the a-squared Anti-Dialer will alert it.
CWShredder [working-freeware, install this! worst known threat, only known solution available]
http://www.intermute.com/spysubtract/cwshredder_download.html
CWShredder finds and destroys traces of CoolWebSearch. CoolWebSearch is a name given to a wide range of different browser hijackers. Though the code is very different between variants, they are all used to redirect users to coolwebsearch.com and other sites affiliated with its operators. Learn More: http://www.intermute.com/cwshredder/learn_more_cwshredder.html
(Note: CoolWebSearch has been reported as the worst, and the CWShredder is the only known true remover for all traces, variants - and is constantly updated. CWSredder has been aquired by Trend Micro AntiSpyware now but is still free as a stand alone program from them. Take a look at the extensive variants list of the CoolWebSearch toolbar browser hijacker at CA Spyware Information Center......):
CA Spyware Information Center (List of CWS variants)
http://www3.ca.com/securityadvisor/pest/pest.aspx?id=453076035
Trend Micro RootkitBuster (popular) [working-freeware]
http://www.softpedia.com/get/Antivirus/Trend-Micro-Rootkit-Buster.shtml
Trend Micro RootkitBuster is a rootkit scanner that offers ability to scan for drivers, registry entries, processes, hidden files and hooked system service. Trend Micro RootkitBuster also includes the cleaning capability for hidden files and registry entries. License: Freeware / OS: Windows All
AVG Anti-Rootkit Free [working-freeware]
http://free.grisoft.com/doc/download-free-anti-rootkit/us/frt/0
AVG Anti-Rootkit Free is a powerful tool with state-of-the-art technology for the detection and removal of rootkits.
F-Secure Blacklight (Rootkit Scanner, Vista) [working-freeware]
http://www.f-secure.com/security_center/
F-Secure Blacklight is available free. Provides detection and removal of common rootkits. Commandline version available. Also supports Windows Vista (32-bit only). A standalone BlackLight Utility can be downloaded from our Security Center.
Avira Rootkit Detection Beta
http://betatest.avira.com/products/products.php
Avira Rootkit Detection Beta supports Windows 2000 Server or Workstation, Windows XP Home and Professional, Windows Server 2003 (all versions), and Windows Vista (32-bit only). Available in English language only. Beta is free but registration is required. (NOTE: The term "beta" means still in test stage as opposed to alpha release - normal ready to go.)
Sophos Anti-Rootkit (popular) [working-freeware]
http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html
Eliminates hidden applications and processes. Removing rootkits without compromising system integrity is particularly challenging and needs to be done with care. Our free software, Sophos Anti-Rootkit, finds and removes any rootkit that is hidden on your computer.
Pandar Antirootkit – XP only, at present
http://www.softpedia.com/get/Antivirus/Panda-Anti-Rootkit.shtml
Rootkitrevealer – XP and Vista
http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx
(Note: In Vista, Right click the unpacked RootKitRevealer.exe and select
“Run as Administrator”.)
GMer Free Rootkit Scanner
http://www.gmer.net/
Download: http://www.pcworld.com/downloads/file/fid,64192-order,1-page,1/description.h
License Type: Free Operating Systems: Windows NT, Windows 2000, Windows XP
RegSeeker [working-freeware] (One of world's best registry cleaners)
http://www.snapfiles.com/get/regseeker.html
RegSeeker is a handy tool for managing several popular registry items and searching the registry by keyword. It offers quick access to Startup Entries, Uninstall Information, Color Schemes, History items (URLs, Recent Documents etc) and IE Favorites. The program also includes a registry cleaning feature that finds invalid and unused registry entries, allowing you to delete them. RegSeeker can automatically create a backup before deleting any registry entries. The program comes with an attractive, easy to use interface. Nevertheless it is not intended for complete beginners and you should feel comfortable working with the Windows registry before using it.
SCREENSHOT: (Or just click PC Softwares tab, left margin):
http://d1801000.u31.ourinternet.us/images/regseeker.gif
BHODemon - utility [working-freeware]
http://www.pcworld.com/downloads/file_description/0,fid,23611,00.asp
Internet Explorer has a nasty habit of allowing so-called Browser Helper Objects (or BHOs) to install themselves into IE. Some BHOs are helpful, like the Google Toolbar, but others (especially those planted by viruses or spyware) can be malicious and harmful. BHODemon gives you a quick look at the BHOs installed on your PC, tells you whether a specific BHO is known to be safe or harmful, and gives you the ability to enable or disable individual BHOs with a single mouse click.
a-squared HiJackFree [working-freeware]
http://www.hijackfree.com/en/
a-squared Home: http://www.emsisoft.com/en/
a-squared HiJackFree is a detailed system analysis tool which helps advanced users to detect and remove all types of HiJackers, Spyware, Adware, Trojans and Worms. (Note this is the superior alternative to HiJackThis for advanced users with instant analysis online).
AVG Anti-Virus Free Edition [working-freeware]
Download, Information at this website :
http://www.download.com/AVG-Anti-Virus-Free-Edition/3000-2239_4-10320142.html
http://www.grisoft.com/
AVG Free Edition is the well-known antivirus protection tool. AVG Free is available free of charge to home users for the life of the product. Rapid virus database updates are available for the lifetime of the product, thereby providing the high level of detection capability that millions of users around the world trust to protect their computers. AVG Free is easy to use and will not slow your system down (low system resource requirements). Highlights include automatic update functionality, the AVG Resident Shield, which provides real-time protection as files are opened and programs are run, free Virus Database Updates for the lifetime of the product, and AVG Virus Vault for safe handling of infected files.
ClamWin Free Antivirus [Open Source - working freeware]
http://www.clamwin.com/
ClamWin is a Free Antivirus for Microsoft Windows. ClamWin Free Antivirus comes with an easy installer. You may download and use it absolutely free of charge. It features: High detection rates for viruses and spyware; Scanning Scheduler; Automatic downloads of regularly updated Virus Database. Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer; Addin to Microsoft Outlook to remove virus-infected attachments automatically. The latest version of Clamwin Free Antivirus is 0.88.2.3 . Please note that ClamWin Free Antivirus does not include an on-access real-time scanner. You need to manually scan a file in order to detect a virus or spyware.
Avast AntiVirus Home Edition [working-freeware]
http://www.avast.com/eng/avast_4_home.html
Free avast! 4 Home Edition. avast! 4 Home Edition is a full-featured antivirus package designed exclusively for home users and non-commercial use. Institutions (even non-commercial ones) are not allowed to use avast! Home Edition. However, ALWIL Software provides the full line of avast! antivirus products at special discount prices for non-profit, charity, educational and government institutions. Please see our price lists for details.
ThreatFire AntiVirus
http://www.threatfire.com/
Free Home Version:
http://www.threatfire.com/download/
Windows One-Care (90 Day Free Trial !)
http://onecare.live.com/site/en-us/default.htm?s_cid=sah
Get a free PC safety scan
Windows Live OneCare safety scanner is a free service designed to help
ensure the health of your PC. Check for and remove viruses... Get rid of
junk on your hard disk ... Improve your PC's performance
New: Windows Vista users, try the beta edition of the scanner,
just for Windows Vista.
http://onecare.live.com/site/en-us/default.htm?s_cid=sah
Norton Security Scan (Recommended freeware)
http://security.symantec.com/sscv6/WelcomePage.asp
Try our new Norton Security Scan!
Download and install Norton Security Scan. It will automatically scan your
computer every week, replacing the need for you to manually scan using
Symantec Security Check. It’s quick, easy, and best of all, it’s free!
http://security.symantec.com/sscv6/WelcomePage.asp
(Great back up like if for some reason malware denies entry to computer,
the preset scan may quarantine it.... possible. Settings for this inside).
ESET Mobile Antivirus: ESET Mobile Antivirus delivers proactive and
comprehensive protection for Smartphones and PocketPCs.
FREE 30-Day Trial: Try ESET NOD32 Antivirus, ESET Smart Security
or ESET Mobile Antivirus for free.
Click here. http://www.eset.com/download/
ESET NOD32 Antivirus version 3.0
http://www.eset.com/download/
Award-winning antivirus/antispyware protection.
Named "Best Antivirus Product of 2007" by AV-Comparatives.
ESET Smart Security: Fully integrated security solution-all the protection of
ESET NOD32 plus antispam and a personal firewall. Awarded Consumers
Digest "Best Buy."
CCleaner
http://www.ccleaner.com/
CCleaner is a freeware system optimization and privacy tool. It removes unused
files from your system - allowing Windows to run faster and freeing up valuable
hard disk space. It also cleans traces of your online activities such as your Internet
history. But the best part is that it's fast (normally taking less than a second to run)
and contains NO Spyware or Adware! :)
Cookie Spy Version 3.0 [working-freeware]
http://camtech2000.net/Pages/Cookie_Spy_SE.htm
Cookie Spy SE is the complete manager for all those Cookies installed by web sites you visit. An easy to use interface lets you delete and permanently block Spyware Cookies or allow the ones you want to keep such as those that remember who you are when you log in to a site. Once a site is blocked you will never receive a Cookie from that site again. The Filters Lists makes it easy to change and/or remove those you've blocked or allowed. Some Cookies are harmless and in fact helpful but more sites and programs are using them now to get your email address, shopping habits and other personal details. It's not uncommon for computers to have hundreds and even thousands of Spy Cookies installed and most often when you delete them they're installed again when you revisit the site. Cookie Spy SE allows you to permanently block those you don't want. Camtech 2000 offers many quality programs, freeware and trial for Desktop Enhancement, Internet and System Utilities such as SpySites Plus, XP Icons, SpySites, Meta Tag Enterprise, The Html Directory, CleanEm, T5, MemCheck Pro, DunStats, PopUp Master, IE Logos, DunSpeed, CT Cookie Spy, SpyChaser, Toolbar Wallpaper, Toolbar Skins, Icons, IcoFolder, Clear Desktop, Screen Savers, Themes, and most all the Windows Startup Logos.
SiteAdvisor.Com Information and Download [working-freeware, Internet Explorer and Firefox browsers]
http://www.siteadvisor.com/
We test the Web to help keep you safe from spyware, spam, viruses and online scams.
SiteAdvisor's safety ratings are based on automated safety tests of Web sites (including of our own site) and are enhanced with user feedback from our users and our own manual analysis.
We do not accept payment from sites to be rated, so we have no conflict of interest. We also document our safety tests for every site we analyze. (Now owned by McAfee).
Microsoft Baseline Security Analyzer V1.2.1 [working-freeware, works on home PC]
http://www.microsoft.com/technet/security/tools/mbsahome.mspx
MBSA 1.2.1 is the free, best practices vulnerability assessment tool for the Microsoft platform the tool helps with the assessment phase of an overall security management strategy. MBSA Version 1.2.1 includes a graphical and command line interface that can perform local or remote scans of Windows systems. MBSA 1.2.1 runs on: Windows 2000, Windows XP, and Windows Server 2003 systems. (Run this to find all missing Windows Updates, and security analysis of your installed protection sofware and settings).
Startup Control Panel [working freeware]
http://www.mlin.net/StartupCPL.shtml
Screenshot - picture:
http://www.mlin.net/media/StartupCPL.png
Startup Control Panel (working freeware, prevents malicious start-ups)
Startup Control Panel is a nifty control panel applet that allows you to easily configure which programs run when your computer starts. It's simple to use and, like all my programs, is very small and won't burden your system. A valuable tool for system administrators! Startup Control Panel is compatible with all modern versions of Windows, including Windows 95, 98, 98SE, ME, NT 4.0, 2000, and XP. (GroupOwnerNote: Most excellent, catches all start up executable programs - and option to allow or deny. Stop malicious programs from start up.)
EarthLink Free Software & Tools For All Internet Users [working-freeware security toolbar]
http://www.earthlink.net/software/nmfree/
EarthLink Toolbar: Surf safer and easier with our exclusive ScamBlocker and Pop-Up BlockerSM, plus a convenient Google search added to your browser toolbar. Free download. EarthLink Tools for the Firefox Browser, featuring ScamBlocker: Now you can use the popular Firefox Web browser with our customized EarthLink theme and our own extension—the EarthLink Toolbar featuring ScamBlocker! EarthLink Spy Audit: Do you have spyware on your machine? Find out now—FREE!
EULAlyzer 1.1
http://www.javacoolsoftware.com/eulalyzer.html
EULAlyzer can analyze license agreements in seconds, and provide a
detailed listing of potentially interesting words and phrases.
Discover if the software you're about to install displays pop-up ads,
transmits personally identifiable information, uses unique identifiers
to track you, or much much more.
Information / Help / Removal: 
MORE OPTIONS:
Definately Read This First for reformatting :
Threat Removals: Reformat / Reinstall Windows? Or conventional removal softwares ?
A standard reply...
http://bluecollarpc.wordpress.com/2008/05/18/threat-removals-reformat-reinstall-windows-or-conventional-removal-softwares/
When should I re-format? How should I reinstall? (#10063)
http://www.dslreports.com/faq/10063
OS Reinstallation vs. Virus Removal
http://safecomputing.umn.edu/guides/rebuild_repair.html
Part Two: Reinstall an Infected Operating System
http://safecomputing.umn.edu/studentchecklist.html
Securing a Personal Machine
http://safecomputing.umn.edu/studentchecklist.html
Q:) What are antispyware shields? See what paid subscription real time protection does !
View Picture: http://www.bluecollarpc.org/_mgxroot/page_10748.html (Active Shields Screenshot)
Definition and Explanation of a .DLL file
http://support.microsoft.com/kb/q87934/
Microsoft: Bugbusting, Spyware Removal
http://www.microsoft.com/windows/IE/community/columns/bugbusting.mspx
The Difference Between Adware & Spyware
http://www.webopedia.com/DidYouKnow/Internet/2004/spyware.asp
Microsoft: Unexplained computer behavior may be caused by deceptive software.
http://support.microsoft.com/kb/827315
OnGuardOnline.Gov (USA Government website):
OnGuardOnline.gov provides practical tips from the federal government and the technology industry to help you be on guard against Internet fraud, secure your computer, and protect your personal information.
http://onguardonline.gov/index.html
US-CERT United States Computer Emergency Readiness Team
Securing Your Web Browser:
http://www.us-cert.gov/reading_room/securing_browser/#why
Securing Your Web Browser:
This webpage will help you configure your web browser for safer internet surfing. It is written for home computer users, students, small business workers, and any other person who works with limited information technology (IT) support and broadband (cable modem, DSL) or dial-up connectivity. Although the information in this document may be applicable to users with formal IT support as well, organizational IT policies should supersede these recommendations.
P2P Dangers (Peer to Peer file swapping)
Summary: A peer network used primarily for music file sharing. In an organization, can degrade network
performance and consume vast amounts of storage. Is bundled with many spyware/adware products.
Category: P2P... Any peer-to-peer file swapping program, such as Audiogalaxy, Bearshare, Blubster,
E-Mule, Gnucleus, Grokster, Imesh, KaZaa, KaZaa Lite, Limewire, Morpheus, Shareaza, WinMX and
Xolox. In an organization, can degrade network performance and consume vast amounts of storage.
May create security issues as outsiders are granted access to internal files. Often bundled with Adware or Spyware.
http://www.ca.com/securityadvisor/pest/pest.aspx?id=453088059
US-CERT Cyber Security Tip ST05-007 -- Risks of File-Sharing ...US-CERT: United States Computer
Emergency Readiness Team ... Peer-to-peer (P2P) applications, such as those used to share music files,
are some of the most ...
http://www.us-cert.gov/cas/tips/ST05-007.html
Business Software Alliance - Software Piracy Prevention
Informing the public of the effects of software piracy, and of action that can be taken to curb this ongoing activity.
http://www.bsa.org/usa/antipiracy/
Microsoft: The risks of obtaining and using pirated software
How installing and running pirated software can compromise the security of your computer and your data.
http://www.microsoft.com/protect/promotions/us/wga_idc_us.mspx
NET Act
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/NET_Act
ScamBusters.org
Internet ScamBusters Helps You Protect Yourself From Clever Scams -- Online and Offline...
http://www.scambusters.org/
Spyware Encyclopedia
http://www3.ca.com/securityadvisor/pest/browse.aspx
a-squared Process List
http://www.hijackfree.com/en/processlist/
AuditMyPC.com
http://www.auditmypc.com/
Firewall Test, Port Scan, Spy Ware and Security Audit Choices, and a whole lot more.
Introduction to Spyware Keyloggers
http://www.securityfocus.com/infocus/1829
Trojans - myths & facts
http://www.emsisoft.com/en/kb/articles/tec021007/
Microsoft: 5 steps to help avoid instant message viruses
Published: September 15, 2006
http://www.microsoft.com/athome/security/viruses/imvirus.mspx
ProcessLibrary.com
http://www.processlibrary.com/
ProcessLibrary.com: Free Process Information. Find the latest information about spywares, adwares, trojans, viruses, system processes and common applications.
TestMyFirewall.com - DLL Files
http://www.testmyfirewall.com/dll-files.html
DLL Files are Dynamic Link Library files, a way of writing modular programs that can be shared among several tasks at the same time. This is in comparison to individual programs containing a copy of every module. A DLL file is often considered an essential component without which the relevant application program or device driver would not function.Just what your particular dll files do can be a mystery, so we offer you a list of .dll, .exe, .com and other files with their associated functions..DLL Files - Security Risk: Some of .dll files can be a security risk and often include viruses, Trojans, Spyware, Adware and more. To find out if we have a description or information on your dll file, simply click on the filename or type your dll files into the search above.
WinTasks Process Library
http://www.liutilities.com/products/wintaskspro/processlibrary/
In the recesses of your computer, 20-30 invisible processes run silently in the background. Some hog system resources, turning your PC into a sluggish computer. Worse yet, other useless processes harbour spyware and Trojans - violating your privacy and giving hackers free reign on your computer. WinTasks Process Library is an invaluable resource for anyone who wants to know the exact purpose of every single process. The categories available online are: * Top Security Risks * Top System Processes * Top Applications* Other Processes.
How to Identify Files (file extensions Search Engine) (example: . exe , . dll)
FILExt Home Page, The File Extension Source
http://filext.com/
Welcome to FILExt, the file extension source. FILExt is a detailed database of file extensions and programs that use them. A file extension is simply the end characters after the period in a file name (see here for a detailed description). A search in the database here might result in multiple possibilities. Use the context of where you got the file to help you figure out exactly what it is if there are multiple possibilities. To help, many of the links on this site will open a new browser window so you have constant reference to the FILExt data.
gdargaud dot net
http://www.gdargaud.net/Hack/NoSpam.html
Information site.
PCHell.Com
http://www.pchell.com/
Everyone has been to PC Hell at one time or another. It's that place you visit when your personal computer is driving you insane with problems, glitches, and so on. To try to soothe the frustration, we'll provide some tips, hints, and troubleshooting remedies to help you get out of PC Hell. Be warned however, sometimes there is no exit....
Diagnostics Tools Downloads
http://www.majorgeeks.com/downloads7.html
Spyware Tools
http://www.majorgeeks.com/downloads31.html
Blocking Unwanted Parasites with a Hosts File
(Thanks to Randy Knobloch (aka: Siljaline) Microsoft MVP for providing the update
notices for the HOSTS file.)
This article provides details on blocking Ads, Banners, Parasites, and Hijackers,
web bugs, etc. with a custom HOSTS file.
http://www.mvps.org/winhelp2002/hosts.htm
AntiSpywareCoalition.Org
http://www.antispywarecoalition.org/
Trend Micro Bookmarks
HOME AND HOME OFFICE
>Free Virus Scan - http://housecall.trendmicro.com/
>Free Spyware Scan - http://www.trendmicro.com/spyware-scan/
>Browser Hijacking - http://www.trendmicro.com/cwshredder/
>Security Newsletters - http://www.trendmicro.com/subscriptions/default.asp
LEGAL REASONS TO HAVE PROTECTION IN PLACE
The Legal Risks of Computer Pests and Hacker Tools Jiffy Lube International, 4 CCH Computer Cases para. 46845 (US Dist. Ct. Md. 1993), a corporate telecommunications customer, Jiffy Lube International, ...
http://research.pestpatrol.com/KnowledgeBase/Whitepapers/LiabilityofPests.asp
The Legal Risks of Computer Pests and Hacker Tools
http://www.pestpatrol.com/Whitepapers/LiabilityofPests.asp
FAKE WARNING MALWARE PRODUCTS:
New malware poses as WGA validation and notification
Posted on: 6/29/2006 12:41:35 PM EST
http://blogs.zdnet.com/Spyware/?p=838
A new piece of very nasty malware has been recently discovered on spyware help
forums, first here and again here. The file name is wgavn.exe and it creates a
service named "Windows Genuine Advantage Validation Notification", ....
Microsoft Security Center fake warnings in your task bar...
[NOTE: These started about WMFmetafile exploit 2005, several:
SpyAxe, SpyFalcon, SpywareQuake, and several others now, new SpyLocked]
Example: "How to Remove SpyFalcon" (Review in full at website)
http://www.bleepingcomputer.com/forums/topic43659.html
SpyFalcon is a anti-spyware program that is known to issue fake warnings on
your computer in order to manipulate you into buying its full commercial
version. If you are infected with this program you may receive warnings in
your task bar that appear to be from Microsoft Security Center stating that
you are infected with spyware and to run its special anti-spyware tool. This
tool turns out to be the commercial version of SpyFalcon. These warnings are
fake and are a goad to have you buy the commercial version of this
software.....
|
Free Online Spyware Scans: Some Free Spyware Scans: discover threats...
New ? Have a look - orientation demo: 
Malware Threats - View Demo
http://www.trendmicro.com/en/products/global/malware-demo.htm
"Phishing", "Trojans", "Spyware"... Worried about the threat of computer attack but confused about the terms? View this fun multimedia presentation for an introductory overview of some of the many types of malware and how they can affect you. View Presentation (click at website to see).
Free Spyware Scans 
Free ad-spyware scans offered by reputable companies. These are generally offered for two reasons. One, if you are new to detection and protection you can discover what threats are present on your Computer that you are unaware of. Two, in finding defined threats you will most likely decide on purchasing protection software. NOTE that some software in trial downloads may give "false positives" just to sell their product. You can thoroughly examine results and your Computer to validate a "positive" (ad-spyware found) generally by file look-up of any 'positive' (ad/spyware item present in your PC).
ESET Spyware and Virus Removal
http://www.eset.com/download/
Think your computer is infected? Click here to use our spyware removal and
antivirus tools and find out for free.
http://www.eset.com/download/
Norton Security Scan
http://security.symantec.com/sscv6/WelcomePage.asp
Try our new Norton Security Scan!
Download and install Norton Security Scan. It will automatically scan your
computer every week, replacing the need for you to manually scan using
Symantec Security Check. It’s quick, easy, and best of all, it’s free!
http://security.symantec.com/sscv6/WelcomePage.asp
(Great back up like if for some reason malware denies entry to computer,
the preset scan may quarantine it.... possible. Settings for this inside).
EarthLink Spy Audit
http://www.earthlink.net/software/nmfree/spyaudit/
When you browse the Web, spyware programs can sneak onto your computer. As a result, Web sites can track your browsing habits, corrupt your data, or even steal your identity. To scan your PC for spyware, just run a quick EarthLink Spy Audit.* This free service examines your computer and lists spyware results in minutes. It will not change or harm your system in any way.
Trend Micro AntiSpyware Scan Free Scan
http://www.trendmicro.com/spyware-scan/
Trend Micro Anti-Spyware for the Web is a free online tool that checks computers for spyware, and helps remove any infections found. When the detection process is complete, the tool will display a report describing the result including which if any, spyware were detected, and prompt you before the removal process.
Webroot Spy Audit
http://www.webroot.com/services/spyaudit_03.htm
Quickly scan your PC for spyware - It's free! At no cost or obligation to you, Spy Audit scans your system registry and hard drive space for thousands of known spyware programs. Spy Audit shows you what spyware is on your system. It will not remove or modify any files. Webroot Software respects your privacy - after all, that's our business. Running Spy Audit will not add cookies or harm your computer in any way. Spy Audit takes only seconds to run. Try it now.
Pest Patrol Free Spyscan
http://www.pestpatrol.com/
Windows Live Safety Center - free safety scan for your computer
http://www.microsoft.com/athome/security/update/windows_live_safety_center.mspx
Get a free safety scan for your computer. Windows Live Safety Center helps tune up your computer. Windows Live Safety Center is a new service that lets you scan your computer to help protect, clean, and keep it running at its best. The service is free and available directly from the Internet at http://safety.live.com. You can revisit the Windows Live Safety Center for subsequent tune ups as often as you like.
Panda (free scan)
http://www.pandasoftware.com/products/activescan.htm
Scans, viruses, worms and Trojans from all system devices, hard disks, compressed file and all your email.
Welcome to the CA Security Advisor site
Free Spyware Scan (Makers of PestPatrol)
http://www3.ca.com/securityadvisor/
REPORT CYBER CRIME
Annoying Online Posts Could Be Illegal
Jan 13, 2006 ... Annoying Online Posts Could Be Illegal. ... anyone who uses the
Internet anonymously "with intent to annoy, abuse, threaten, ...
http://abcnews.go.com/Technology/PCWorld/story?id=1503454
http://pcworld.about.com/news/Jan132006id124373.htm
http://www.news.com/Create-an-e-annoyance,-go-to-jail/2010-1028_3-6022491.html
Internet Crime Complaint Center (IC3)
http://ic3.gov/
The Internet Crime Complaint Center (IC3) is a partnership between the Federal
Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C).
IC3's mission is to serve as a vehicle to receive, develop, and refer criminal
complaints regarding the rapidly expanding arena of cyber crime. The IC3
gives the victims of cyber crime a convenient and easy-to-use reporting mechanism
that alerts authorities of suspected criminal or civil violations. For law enforcement
and regulatory agencies at the federal, state, local and international level, IC3
provides a central referral mechanism for complaints involving Internet related
crimes. read more >>
http://ic3.gov/
Federal Trade Commission (USA) Complaint Input Form
https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03
If you believe you have been the victim of identity theft, you may use the form
below to send a complaint to the Federal Trade Commission (FTC). The
information you provide is up to you. However, if you don't provide your name
or other information, it may be impossible for us to refer, respond to, or investigate
your complaint or request. To learn how we use the information you provide,
please read our Privacy Policy.
Federal Bureau of Investigation - Cyber Investigations - Cybercrime
http://www.fbi.gov/cyberinvest/cyberhome.htm
Computer Crime & Intellectual Property Section
http://www.cybercrime.gov/
WiredSafety.Org
http://www.wiredsafety.org/911/
Our Cyber911 Help tipline is not intended to replace law enforcement emergency
911, 999 and other numbers worldwide. It is to help people know where to get help
when they are being victimized online, and to provide help when help is needed.
We work closely with law enforcement around the world, and require that when
offline threats are involved that local law enforcement be notified before we can
offer assistance to the victim or their local law enforcement...
ReportCybercrime.Com (Private)
http://www.reportcybercrime.com/
Also, through our interactive forum you can get opinion of specialist attorneys and
lawyers. Each lawyer in practice will give his opinion on matters, which are raised
in the forum. You Can post queries view answers from experts and improve upon
your knowledge base...
How to Report Cybercrime
http://www.katiesplace.org/report_cybercrime.html
WiredSafety's Cyber911 Emergency tipline is not intended to replace law enforcement
emergency 911, 999 and other numbers worldwide. It is to help people know where
to get help when they are being victimized online, and to provide help when help is
needed. We work closely with law enforcement around the world, and require that
when offline threats are involved that local law enforcement be notified before we
can offer assistance to the victim or their local law enforcement.
Take a Bite Out of Cyber Crime
ByteCrime.Org
http://www.bytecrime.org/
Windows Registry / Registry Cleaners
Description of the Microsoft Windows registry
http://www.support.microsoft.com/kb/256986
Introduction to the Registry
http://www.annoyances.org/exec/show/registry
Windows Registry help
http://www.computerhope.com/registry.htm
Registry cleaner - Comparison Sheets
Uniblue Comparison Charts
http://www.liutilities.com/products/registrybooster/comparisions/
SEE OUR NEW WINDOWS REGISTRY INFORMATION ADDITION:
Windows Registry Information http://www.bluecollarpc.net/registry.html
Registry information and links, tutorials, screen movies, how-to, registry cleaners...
Additional Forums, Message Boards - Compare Results
Online Help Forums
Note: every forum has its own rules. Be sure to read the forum rules before posting.
Spywareinfo Forums: http://forums.spywareinfo.com/
Cexx Forums: http://boards.cexx.org/
D-A-L forums: http://www.d-a-l.com/index.php
CastleCops Forums (formerly ComputerCops): http://castlecops.com/
SpyWare BeWare!: http://forums.maddoktor2.com/index.php
BleepingComputer.com: http://www.bleepingcomputer.com/forums/
TechMonkeys: http://www.techmonkeys.co.uk/
PCHelp Forum: http://pchelpforum.com/
WilkonsonPC (Spanish):
http://www.wilkinsonpc.com.co/cgi-bin/foros/index.cgi?board=HijackThis
A support forum for Spanish-speaking users of South America and Central America.
PCPitstop Forum: http://pcpitstop.ibforums.com/
Tech with dk (dknoppix): http://dknoppix.com/forums/
InfoSpyware (Spanish): http://www.forospyware.com/
CyberTechHelp: http://www.cybertechhelp.com/
AntiSpywareOffensief.nl (English + Dutch): http://www.antispywareoffensief.nl/
Subratam.org: http://www.subratam.org/
BestTechie: http://www.besttechie.net/forums/
GeeksToGo: http://www.geekstogo.com/forum/index.php
NEWS RSS FEEDS:
CA Security Advisor Research Blog
http://www3.ca.com/blogs/rss/default.aspx?id=90744&name=CA+Security+Advisor+Research+Blog
CNET News.com - Threats
http://feeds.feedburner.com/CNETNewsSecurity
Computer Security - Topix.net
http://rss.topix.net/rss/tech/computer-security.xml
Dark Reading: Desktop Security
http://www.darkreading.com/rss_simple.asp?f_n=1946&f_ln=Desktop+Security
eSecurity Planet News
http://www.esecurityplanet.com/icom_includes/feeds/esp/xml_front-10.xml
eWEEK Security
http://rssnewsapps.ziffdavis.com/eweeksecurity.xml
InfoWorld: Security
http://www.infoworld.com/rss/security.xml
IT News headlines
http://feeds.reedbusiness.co.uk/0ac94b78-3177-43d3-936c-ae5e60aaa69d/CW360/The%20latest%20IT%20News%20headlines.xml
PCWorld Latest Spyware News
http://rss.pcworld.com/rss/syndication2.rss?feedid=1159
Malware Help.Org - Spyware Removal and Prevention Help
http://feeds.feedburner.com/MalwareHelporg
Microsoft At Home
http://www.microsoft.com/athome/community/rss.xml
Microsoft Security Bulletins
http://www.microsoft.com/technet/security/bulletin/secrss.aspx
SearchWindowsSecurity.com
http://feeds.feedburner.com/techtarget/Searchwindowssecurity
SecurityFocus News
http://www.securityfocus.com/rss/news.xml
2-Spywasre.com Spyware news
http://www.2-spyware.com/news.xml
SpywareGuide Articles
http://www.spywareguide.com/rss/sg_articles.xml
Spyware-Net
http://www.fbmsoftware.com/spyware-net/blog/?feed=rss
Techworld.com Security News
http://www.techworld.com/rss/techworld-security.xml
TrendLabs | Anti-Malware Blog - by Trend Micro
http://feeds.feedburner.com/Anti-MalwareBlog?format=xml
Virus.Org - Computer Security news
http://www.virus.org/component/option,com_rss/Itemid,0/feed,RSS1.0/no_html,1/
ZDNet News - Security
http://www.zdnet.com/2509-1009_22-0-5.xml
 My Own Story ?: In first becoming aware of an extra toolbar all of a sudden (the notorious and worst "CoolWebSearch) I attempted to find out how to remove it. In becoming an Earthlink.net customer, I began using the free Webroot anti-spyware scanner included. This all lead finally to trying the top ten trial anti-spyware softwares - "trialware". My result was that both Webroot Spysweeper (over 120,000 definitions) and Trend Micro AntiSpyware tied as finding the most items with no false positives. These two actually found up to ten times as many badware items as ALL others !!! I decided on both - and they both have shields running at all times like a firewall. Note that a "false positive" is actual safe software or registry items that the bad software often reports in a scan just to get you to buy their software, common tactic and SEE:
The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites 
Bad, False, Fake products
http://www.spywarewarrior.com/rogue_anti-spyware.htm
 ALL good anti-spyware is known for virtually no false positives.
Advanced Users: 
About Remote Access Service
http://windowssdk.msdn.microsoft.com/library/default.asp?url=/library/en-us/rras/rras/about_remote_access_service.asp
RAS AutoDial (clean dialers out of windows registry)
http://windowssdk.msdn.microsoft.com/library/default.asp?url=/library/en-us/rras/rras/ras_autodial.asp
Examples: RAS Autodial (my own finds Jan/Feb 2006 - and I believe I have discovered these first in spyworld, would like the credit mentioned, and found all software does not ! I am trying my best to get software developed immediately so I can copyright the invention, but I need a writer. For more check out the unknown "anti-dialer softwares available, and I doubt if they stop these). (There were actually 10-20 different ones of these examples)
HKEY_CURRENT_USER\Software\Microsoft\RASAutodial\Addresses\bannerserver.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RASAutodial\Addresses\fm2.imesh.com
 For IP number Look-Up, use a DNS service. The one below is handy and fast with Reverse Look Up - which means you can look up the IP number to find out the domain involved with the RASautodial present in your registry:
Web Based DNS Lookup (NSLookup) (ZoneEdit.com)
DNS Network Information via nslookup, yet another free service from ZoneEdit.
http://www.zoneedit.com/lookup.html
EXAMPLE: HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\207.46.106.123 is a typical Microsoft key for apparently hotmail or msn.com. NOTE: If you find something strange that may be a porn dialer or spyware - make sure you really search out exactly what domain is associated and why before considering deleting one of these keys !
More Examples of RASAutodial entries:
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.clickspring.net
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\gatorcme.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\gs.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\ss.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.clickthebutton.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.imesh.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.imesh.net
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.vcatch.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\istechno.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.mediacharger.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.musicex.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.tbrpr.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.zdnet.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\localhost
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\istechno.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\upgrade.newdotnet.net
ARP Cache (clean windows registry arp cache items)
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/arp.mspx
|
 |
Enter a search term and press Go! | |
PC Maintenance: 
Macromedia Flash Global Storage Security Settings 
(Note: This is only place to adjust these settings - online for your PC. Wait for the Panel to load - it does take a long moment).
Macromedia Flash Global Storage Security Settings Panel
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html
Cookies and PIE (Secure Settings - MacroMedia Flash).....
Source: http://www.pcmag.com/article2/0,1759,1879765,00.asp
Disk C and D Defragmentation: 
Disk Defragmenter in Windows 2000:
http://www.microsoft.com/windows2000/techinfo/administration/fileandprint/defrag.asp
Fragmentation and Defragmentation:
http://www.pcguide.com/ref/hdd/file/ntfs/relFrag-c.html
Perform a Disk Defragmentation:
http://www.theeldergeek.com/disk_defragmenter_utility.htm
Perform a Disk Volume Check For Errors on a regular basis:
http://support.microsoft.com/default.aspx?scid=kb;en-us;315265
Restore Your Computer's Performance with Windows XP:
http://www.microsoft.com/windowsxp/using/setup/expert/northrup_restoreperf.mspx
How to Defragment Your Hard Disk
http://www.earthlink.net/elink/issue13/tech.html
Horror stories ? "SVKP.sys"
NOTE: Software hackers  and pirates  might re-write legitimate monitoring software to produce threatwares.
The SVKP.sys LEGACY_SVKP mystery... Created at every start up in my
incidence, and I am trying to discover that culprit - whether program
or malware or worm or rootkit - or valid program. Any help will be appreciated,
and you may have cracked this. Manual Removal with all reports of trojans or
viruses reveal nothing present as reported, except the actual
C:\WINDOWS\system32\SVKP.sys mention. HiJackThis reveals nothing.
(NOTE That it is not found anywhere at Microsoft.com which raises a
real question of the forged entry in Properties of SVKP.sys in
windows system32 >>> Copyright (C) Microsoft Corp. 1981-1999 as/
SVKP driver for NT) See: Photo:
Identified as TSPY_Joiner.AV (Trend Micro AntiSpyware)
Obscure: If purchased as a valid software, it may be employed
as "trialware protection" for various products: SEE: "The presence of
SVKP.SYS does not necessarily mean that this trojan is installed.
SVKP.SYS is part of SVK Protector, which this trojan is packed with.
SVK Protector is used in innocent programs as well.
http://vil.nai.com/vil/content/v_101134.htm"
Apparent related websites selling "AntiCracking" or "SVK Protector"
or related:
SVKP Website - [ Translate this page ]
www.svkp.ch/
AntiCracking Software Protecion Systems: Copy protection, Software ...
Software security protection solutions for software corporations,
distributors
and developers. Software and Hardware based copy licensing protection
via SVK ...
http://www.anticracking.sk/
shows : "© 2001 AntiCracking. All Rights Reserved" (which could be a
clue as to the date of any download - and shows 2003-08-17 New
Distributor for Serbia and Montenegro - Relikon d.o.o.).
SVKP
SVK Protector. SVK Protector is suitable for all companies and
professional
software developers, who need easy, fast, and efficient protection
for their ...
www.anticracking.sk/products_svkp.html
CD Media World - Commercial CD/DVD Protections: SVK Protector
Protection, :, SVK Protector (SVKP) - Slovak Protector. Versions, :,
1.43.
How to Detect, :, Use Protection ID. Backup Solution, :, Unknown as
of yet! ...
www.cdmediaworld.com/hardware/ cdrom/cd_protections_svkp.shtml
SVK Protector
http://www.anticracking.sk/products_svkp.html
"SVK Protector is suitable for all companies and professional
software developers, who need easy, fast, and efficient protection
for their products. SVK Protector was designed with ease of
protection implementation into your product as a basic feature. All
users, also the less experienced, can do it in just couple of
minutes. Despite the ease of use, programs are protected with the
highest level of security and this protection will stop software
pirates from unauthorized copying and distribution of your
work...... " .
Help offered websites: (google results)
File.Net - How to remove SVKP.sys error problem
SVKP.sys file information on Windows XP. If you have a SVKP.sys
problem or error
or want to remove this file, check it out.
www.file.net/process/svkp.sys.html
"How to remove SVKP error
The free File.Network forum can help you find out if SVKP.sys is a
virus, trojan, spyware, adware which you can remove, or a file
belonging to a Windows system or an application you can trust.
SVKP.sys file information
The process SVKP driver for NT [ http://www.google.com/search?q=%
22SVKP driver for NT%22 ] belongs to the software SVKP driver for NT
[ http://www.google.com/search?q=%22SVKP driver for NT%22 ] by
AntiCracking [ http://www.google.com/search?q=%22AntiCracking%22 ] .
Description: SVKP.sys is located in the folder C:\Windows\System32.
The file size on Windows XP is 2368 bytes.
The driver can be started or stopped from Services in the Control
Panel or by other programs. The program has no visible window. There
is no detailed description of this service. File SVKP.sys is not a
Windows system file. SVKP.sys seems to be a compressed file.
Therefore the technical security rating is 6% dangerous, however also
read the users reviews.
Important: Some malware camouflage themselves as SVKP.sys,
particularly if they are located in c:\windows or c:\windows\system32
folder. Thus check the SVKP.sys process on your pc whether it is
pest. We recommend Security Task Manager for verifying your
computer's security. It is one of the Top Download Picks of 2005 of
The Washington Post and PC World...... Other processes odhost.exe
btwdins.exe tcpsvcs.exe SVKP.sys idrivert.exe gearaspiwdm.sys
photoshopelementsfileagent.exe hplun.dll pchbutton.exe pqntdrv.sys
support.exe [all] " .
SVKP that wont go away - TechSpot Troubleshooting
Still everytime on startup i get a svkp that is found in my system32.
I attached
my most recent hijackthis results if anyone can help ...
www.techspot.com/vb/all/windows/ t-35824-SVKP-that-wont-go-away.html
CastleCops.com
Described as from malware / worms:
W32/Rbot-AGP http://www.sophos.com/virusinfo/analyses/w32rbotagp.html
W32/Spybot-FB
http://www.sophos.com/virusinfo/analyses/w32spybotfb.html
W32/Rbot-AJR http://www.sophos.com/virusinfo/analyses/w32rbotajr.html
http://castlecops.com/o23list-852.html
McAfee AntiVirus: defines as- IRC-Deport trojan
http://vil.nai.com/vil/content/v_101134.htm
Sophos virus analysis: W32/Rbot-AJR
http://www.sophos.com/virusinfo/analyses/w32rbotajr.html
When W32/Rbot-AJR is installed it creates the file <Windows system
folder>\svkp.sys.
Symantec Security Response - W32.Loxbot.A
Service Name: SVKP Display Name: SVKP. Creates the following registry
subkeys
for the two ...
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SVKP ...
securityresponse.symantec.com/ avcenter/venc/data/w32.loxbot.a.html
Symantec Security Response - W32.Spybot.RDW
www.sarc.com/avcenter/venc/data/w32.spybot.rdw.html
Viruslist.com - Email-Worm.Win32.Wurmark.a
www.viruslist.com/en/viruses/encyclopedia?virusid=66726
"Workstation Service Buffer Overrun (Microsoft Security Bulletin MS03-
049) DCOM RPC (Microsoft Security Bulletin MS03-026) Microsoft SQL
Server 2000 or MSDE 2000 audit (Microsoft Security Bulletin MS02-061)
Microsoft Windows LSASS (Microsoft Security Bulletin MS04-011)."
Microsoft searches ; no such thing, as the SVKP.sys file in Windows
system32 properties claim it is copyrighted by Microsoft (Copyright
(C) Microsoft Corp. 1981-1999 )
microsoft.public.security.virus: Re: hacktool.rootkit
SVKP.sys file - sometimes it is good and sometimes not. I am using
TweakUI ...
file C:\wimdows\system32\SVKP.sys is infected with the
Hacktool.Rootkit ...
www.derkeiler.com/Newsgroups/microsoft. public.security.virus/2005-
10/0310.html
Additional Registry entries found concerning: TSPY_Joiner.AV (Trend
Micro AntiSpyware)
If you are having trouble finding these, simply download the
adware/ads free fully working freeware RegSeeker which has multiple
functions and searches entire Windows Registry very quickly. Keyword
Search: SVKP
C:\WINDOWS\system32 SYKP.sys (((PROPERTIES))):
Company Name: AntiCracking
File Version 4.0.1381.1
Description: SVKP driver for NT
Copyright (C) Microsoft Corp. 1981-1999
Other Version Information:
Value: 4.00
Internal Name: SVKP.sys
Language English
Original File Name: SVKP.sys
Product Name: SVKP driver for NT
Product Version: Value 1.00
(NOTE That it is not found anywhere at Microsoft.com which raises a
real question of the forged entry in Properties)
Additional Registry entries found concerning: TSPY_Joiner.AV (Trend
Micro AntiSpyware)
Additional Registry Entries:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP\0000
(Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP\0000
(DeviceDesc SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP\0000
\Control
(Active Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SVKP]\??
\C:\WINDOWS\system32\SVKP.sys
(ab ImagePath)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SVKP
(Display Name SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001
\Services\SVKP\EnumRoot\LEGACY_SVKP\0000
( ab 0 )
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SVKP
(Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SVKP
(DeviceDesc SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\StillCam\Security
(Note RegSeeker displays this as:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SYMIDSCO\SVKP - with
the backwards letter P and extra line | in it )
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000
(Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP
(DeviceDesc SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000
\Contol
(Active Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP\??
\C:\WINDOWS\system32\SVKP.sys
(image path)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP
(DisplayNameSVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP\EnumRoot\LEG
ACY_SVKP\0000 (ab 0)
NOTE: The "StillCam" is in the "Sparrow" registry folder which lends to possible system snapshot ?
Possible files to search for: [from product information at
AntiCracking: http://www.anticracking.sk/
SVKP_DLL.DLL
SVK Protector
SVKP_GetHWInfo in Visual Basic
SVKP_KillDebugger function against kernel debuggers
(like VC debugger,W32Dasm ...)
File.Net - How to remove SVKP.sys error problem
http://www.file.net/process/svkp.sys.html
Freeware security was a solution - once upon a time…..
Moderator: Freeware security was a solution - once upon a time…..
http://bluecollarpc.wordpress.com/2008/08/29/freeware-security-was-a-solution-once-upon-a-time/
What the problem is, is that professional polls were conducted recently (2008) and it is discovered that a large percentage of users thought they were protected - but in reality were not. THAT IS ALARMING !
The simple knowledge actually is that in the basic computer system security - viruses were invented. So the next logical step was to invent something to destroy or eradicate of safely quarantine and remove them as unwanted installations that are dangerous to computers. Of course that was in the 1990’s. Today, they are more sophisticated and are able to perform much more than simply destroying files or parts of the operating system (Windows).
With the antivirus industry in full swing at currently counted just over one million viruses now (2008) they have what is called heuristics and is real time protection. What ? That means not just scanning email. It means when you are browsing the internet, there are all sorts of viruses at all sorts of bad websites - or “malicious content websites”. When you hit the bad website and a virus launches to infect the computer system - antivirus software programs immediately quarantine the virus (and most trojans).
The difference between email viruses and viruses on the world web are your email itself - and also your files. With email and files, antivirus will attempt to “clean” the virus from the email or file to preserve the email or file content for the User. This works virtually always, as the industry has come a long way and are obviously more sophisticated then “e-street thugs”.
But with malicious websites - the virus (and most trojans) are just that - and have not touched anything on the computer yet being stopped dead in their tracks by the antivirus software program. There are no files to clean. With a malicious download as a software secretly infected intentionally with a virus, again it will try and clean that to protect the intended installation. Sometimes, as cyber crime is tricky anymore, it is just a bogus fake software anyway and you would get the antivirus program pop up “Can not Clean the File” and you simply delete it - if there was an installer downloaded to like “My Documents” or other destination (folder of your choice). And too, if it is in the antivirus program “Quarantine Folder” , in that case, it would generally be in the Temporary Files of the system and is not any actual file on the computer per se except the actual temporary files folder entry. If you would see that extension as part of the file name infected on the quarantined item - you just click Delete. It is no software at all - just malware (virus).
But there is only one way to do the above….. you have to have Real Time Protection. This is not available in free home versions (freeware) . You have to pay for it (shareware). Generally for just antivirus, it has been about 35 dollars (US) yearly. Now the free versions (and this is all basically the same with the antispyware programs - just different threat, malwares) will scan the computer, detect threats, and react appropriately as to whether quarantining for User action (attempt clean or just delete) or deleting trojans. Trojans are a like their own little program to do and control stuff as opposed to a virus infecting - merging into a file. Antivirus will always delete a trojan because there is nothing to clean to salvage. A trojan is malicious malware period.
EXAMPLE… of why free protection is worthless:
SEE
Security software disabler Trojan
http://www.webopedia.com/TERM/S/security_software_disabler_Trojan.html
The bottom line is to reiterate (say again) that it was just fine to use the free versions and they do great, but….. The problem and inconvenience used to be getting “hit” while browsing and everything was messed up, and you had to stop everything you were doing to scan the computer for threats to remove the bastard. Very, very time consuming. And you couldn’t do anything else until the system and files were cleaned and safe to use again - or you knew you were risking the spread of its intent - whether a virus or spyware.
So, said all that to say this - to reiterate that today’s malwares and their creators and the cyber criminals behind them have become very, very, very sophisticated. They can easily - in the blink of an eye - totally infect the system unprotected (no real time protection) and now have the ability to disable free security softwares and go further to restrict access to the Windows Registry and other navigation functions like Task Manager with the intent to block the User from attempting to manually remove the malwares (delete their files and registry entries by hand in Windows Explorer and Registry).
So my whole point is as webmaster of www.BlueCollarPC.Net and our groups and lists and forums - I am engaged to warn new and intermediate users that this is simply NOT an option anymore - the freewares as your Security Solution.
Did I make that point well enough ? Even though this is a brief one page writing….
Happy and Safe Computing
www.BlueCollarPC.Net and the dial up friendly www.BlueCollarPC.Org
|
