Category: security

Reasons not to Aprove the H.R.6123

Posted onAuthorTech News

For those who do not know what the H.R.6123 bill is, let me break it down for you.
There was a girl who was stalked , and flirted with by a woman pretending to be a boy the same age as the girl. The woman was the mother of another girl who lost a cheer leading contest to the stalked girl. The woman flirted with the stalked girl then one day got very cold and mean to the girl. Girl killed herself. Here is the bill on Open Congress.
I totally agree that the family of the child who killed herself need some sort of comfort knowing the death of their child can be turned into something good. I would want the same, but these people who are backing this do not understand how the internet works. The description is to broad and vague. There are tons of boys and girls who learn so much every day with just a simple battle of witts. Arguing, flaming and trolling on the internet. It opens their minds to a new range of thought. Without conflict and contrast, we all agree. If we all agree we do not learn from each other. Some people learn from a pleasant suggestion, many learn from brute force. Telling someone they are a moron for thinking the world is flat, pretty much tells the world ” hey don’t bother with this thread, this guys is a joke” . If it was not for the flamers, our world would only be trolls.
Here is an explanation of a troll .
Trolls are people who post false information, not always to harm anyone, but to just get some sort of thrill out of confusing people, or misleading and or misinforming. Flamers are people who tell them to “stfu gtfo” if “H.R.6123″ is passed, then the trolls are left and the flamers are lobotomized. The problem of the troll or some corrupt evil rude person is left to the owner of the site to liable for.
The last frontier will have a flag in it that claims ” you can not argue, you can not fight you will go to jail”.

This bill needs to be scrapped. In fact, any bill that The ex president’s wife tries to pass is a publicity stunt and needs to be looked at again, she is the one who backed jack Thompson, and then stopped associating as soon as she ran for president. She just used that Censorship stunt to get the attention of the elderly who have no idea what computers are good for . People who lived full happy lives without it. But forgot that by the time she hit the polls, the kids she turned against, where old enough to vote now.

This “H.R.6123” needs to be rejected and a statue of the girl harmed needs to be put up at her school in her memory. The school is where it started. Let’s not remove the world’s freedom for the satisfaction of revenge on one lady. What one calls a bully, others call em a punk. Know there are things going on that balance it 90% of the time.

Notice I say no one’s name.. In case this bill is accepted.

Fire Alarm Technology In Houston

Posted onAuthorTruXter

I had some time to sit and listen to the people from HiTech Integrated Solutions, a fire alarm, security and sprinkler company in Houston Texas, about a new product that amazed me. See I was looking for close to home technology that I could locate and not have to quote someone’s website and basically repeat someone who has sales pitched their news article. Soooo I called around and asked if I could ask a few places some questions. Of course I am a bit simple minded when using a telephone book (if it does not have a screen, my imagination is quite limited). So I headed straight to looking for anything with the word tech in it’s name that was located here in Houston. I stumbled upon ” HiTech Integrated solutions” . I called and spoke to a little lady ( I forget her name) and she sent me right through to the owner of the company, Mr Dan Cooley.
I asked Dan If he could give me ideas as to what makes his company High Tech . You could hear the smile in his voice and tiny chuckle when he said ” Well, simply we have nothing in beta, but we do have Focal Point“.
Yeah Right away I hit google. Came across the only documentation on it, pdf .
Seems like no one actually has it yet.
Wait you will see why this is High Tech! ..
This is some sort of Monitoring software for fire alarms and what seems to be security also. I had to call back later and ask a few questions after the conversation with Dan, i got in touch with “Eric” the CEO of HiTech. Eric Told me that The owner of companies that purchase the plan, get this little tablet pc thing , so they themselves can see and monitor alarm activity on their location. This thing is amazing.
It allows the owner see specifically what room and what device is causing the alarm. I am not talking text notification. i mean an actual detailed blueprint of the building with devices properly located in simulation to the real alarm installation. if there is a smoke detector in the far east hall of the building two feet passed the last door on the left, you see that device on the blue print. If that specific device is detecting an alarm, it will notify the Fire Alarm Control Panel, The panel will then activate the “gateway card”, the gateway card (it’s in a pci slot looking thingy, on the control panel) will then notify the Focal Point Tablet Pc ViA Internet connection.
This Tablet Pc has Microsoft Windows Xp on it. Kinda cool. Has a start button and everything.
ok so far this fire alarm company is turning out pretty HiTech.
The signal is sent to the Tablet Pc In data Form and Translated back for the user to activate the images on the screen, showing the owner of the location exactly what device in what location is going into alarm.
So yeah, I had to drive up there, I wanted to see this thing in action.
Looks
Other than the glass being on the face of the machine, it looks really tough.big Rubber bumper pads on the corners and a leather casing that wraps around it. Some big pen stylus with a button on the side of it. I would prefer that large of a stylus anyway, would hate losing the little tiny stylus’ that comes with pdas.
Just had to test the protective casing (evil grin). for starts , I laid it face down to see how much clearance there was, to see if the screen is easy to scratch up. Exactly 1/2 an inch. That’s pretty good. You could lose a pen under there and not scratch the screen..
Weight and feel
I give this about 4-6 pounds of solid durable hard plastic, encasing steel.This thing is not a little mini laptop, this thing is not some little kid’s video game machine . This is made for the working people who are in the dirt (minus the exterior screen). Just keep it in it’s case while you are not using it.

While I was there, I spoke more with Dan Cooley and he showed me how the thing works. Dan walked me to this little tiny demo room they had near the Accounting Manager’s office. In this room they had smoke detectors, Horn/Strobes and plain strobes and multiple pull stations mounted on the wall. Mr Cooley then booted up the tablet pc and showed the scoop. He had this imaginary building drawn up looking like a futuristic castle. Dan then pulled down on the pull station and instantly we got notification that the pull station in the butler’s chamber had been triggered. That was cool. Right then, Dan’s phone rang and I could hear the guy on the end of the line laughing saying “our castle is burning up!” . It was HiTech’s IT guy, 400 miles away in Corpus Christi. He had notification at the exact same time as we did. Very impressive. They seemed like a happy bunch.
So basically the owner of the property will have notice to his tablet, before the monitoring company has a chance to call him, but not faster than the emergency teams can be contacted. i learned that the monitoring company is automated to make all contacts the instant a warning is made. This sounds like it saves lives and property a whole lot faster than just some dude named bubbah saying ‘hey you alright?” .
I have made requests for further interviews. The guys at HiTech said they would be happy to entertain, and may point me straight to Fci, so I can see more HiTech exclusive products before it can be advertised.
Focal Point was an amazing set up, but man, i swear that sounds like it used to be a M$ product.

My research of Finallyfast

Posted onAuthorTruXter

There has been an advertisement on Television lately that I have seen coming up repeatedly. The advertisement talk of a program called “finallyfast” from a website called “finallyfast.com” .
So as usual I do my research before I download anything. then after I download the program i will scan it with as many different virus scanners as I can find.

On first analysis, I find that finally fast is actually hosted on a site “ascentive.com”. That site and it’s files have been noted as being malware with recurring charges to your credit card, that are really hard to get out of.
Site adviser website has noted that the content from ascentive.com is not safe . Siteadviser.

Ok so I went to the website anyway and started reading. They say it’s free from the get go. so I downloaded the file.

REALLY If you want to do a check up of your pc. I advise pcpitstop.com the only thing you need from there is an active x file and I find that activex file very safe.

but anyway I got the file and imediatly headed to Virscan.org and did a quick scan for any kind of computer cooties. This program is supposed to speed up your computer. Let’s just see. Well it turns out that all online scanners for single files, have a 10mb limit. This file from finallyfast.com or let’s say ascentive.com was 10.2 mb. Looks like they are a tad to large . So I compressed the file in a rar and proceeded to scan :-) .
one virus scanner found “Net-Worm.Win32.Bobic.k” could be a false positive but I found that other people found the same thing after the install. here are the results for finallyfast+worm and here are the results of finallyfast+trojan

Here is a forum that talks about the software and solutions.

The phone calls to suport
1st call
2nd call
3rd call
4th call is to ascentive, the mother company.
( They mention spyware striker)
pc speedscan pro I do not recommend installing this!!!!
activespeed Credit card issues.
Scan and sweep useless on xp, bad for vista.

What is Google Analytics

Posted onAuthorTruXter

If you have ever  clicked in to see a website and noticed that by you launch/start button you notice your browser says that you are waiting for  some program to start up from google. If you have ever said ” Hmmm should I be scared?”

If you are looking for a simple answer,

It’s a program you link with code on your website. The code in your  website sends information to google. Th information gathered is really thorough.  Types of data gathered are about the people surfing your website, such as point of origin, screen resolution, operating system, Exact search query, time on site, exit location.

For me some of this information is pretty useful. It tells me what size pictures I can put on my site to please the common public, what browser and operating system is my target to please. What content people where looking for and if I have exactly what they want or should I cover that content also or should I give a link to someone who does.

Google’s Version of the story

Not to be super conspiracy filled, but.

Um, that’s to much info about me. I am not comfortable with that much data. I really wouldn’t want the guy’s on the adopt a pet, website seeing that I whent straight to their site from an athlete’s foot site, and when I left I whent to a site about people who liked to eat with their feet.

Why is it that the google urchin gathers personal info about  us, kinda adware info. I mean really isn’t it for advertisement purposes….. why doesn’t my spybot ,asquared and addaware find it?  it is a js file so it does have beef.

Other than the issue with my personal self not liking the monitoring, I love being able to  tweak my site with the info I gather.

eBay and Nigerian Scam

Posted onAuthorTruXter

For starts, I was selling a PlayStation Portable on eBay.

Total went all the way to $150, the total was increased to 152. The winning bidder of this auction that was specified as U.S. only and PayPal only, decided to tell me to send the item to his/her son in Nigeria. I send a request to eBay to inspect the account and stated the situation. of course eBay screwed it up by canceling my auction and sending me an email that says I owe $2.

Great.

Well I did a search for  “john_milo500@yahoo.com” and removed the 500 and put a space between and after  the @ symbol.

Found his name came up a few times.  Sooooo I went to Self Destruct Email and sent him a few messages. One from Nigerian police, one from Internet police, one from international police, and another from the Wal-Mart security association. just for kicks.

The Wal-Mart one told him of hordes of overweight grannies storming his village in golf carts .

I also sent a threat of explosives possibly being in one of seven packages intercepted by us.

I have no idea what to with this dude just yet.

The guy is steadily sending me these emails.

Subject: ** John Milo sent you an Auction Payment with PayPal (Routing
Code:C826-L003-Q-T-S111)***
Date: Sat, 5 Jul 2008 01:01:07 +0000
>  [image: PayPal]
>       *Protect Your Account Info*   Make sure you never provide your
> password to fraudulent websites.
>
> To safely and securely access the PayPal website or your account, open
a new
> web browser (e.g. Internet Explorer or Netscape) and type in the
PayPal URL
> ( https://www.paypal.com/row/) to be sure you are on the real PayPal
site.
>
> PayPal will never ask you to enter your password in an email.
>
> For more information on protecting yourself from fraud, please review
our
> Security Tips at https://www.paypal.com/row/securitytips
>     Protect Your Password  You should *never* give your PayPal
password to
> anyone, including PayPal employees.
>
>  *You've got new funds!*
> *
> * [image: Payments by PayPal]Dear truxter,
>
> John Milo  just sent you money with PayPal.
> John Milo is a *Verified Buyer.*
>  ------------------------------
>    Payment Details
>   Amount: US $300.00
>
>   Transaction ID: 5TV18003RU451511S   Subject:  Pls Shipping before
> 05/07/2008   Note: You have been paid for one
> #270250209172, Psp, 1gb & 32mb, 2 gta games, 1001
>
>
>
>
>
>
>
>
> ------------------------------
>    Shipping Information
>
>  Address:   Name:Tunde Ogunleye
> Address:# 6 Okadigbo Street
> State:Ogun
> City :Sagamu
> COUNTRY:Nigeria
> Zip Code:23403
> Tel No:+2348063864900
>
>    Address Status:  Confirmed

Phishing For Suckers

Posted onAuthorTruXter

 Ok I got junk mail from a scammer, So I decided to share
this with you. I advise that you do not respond to this
trash in any way shape or form. I surely will not. I hope
you see that I am posting this so you can see a type of
phishing scam that comes up all the time. Never ever do
what they ask, this is total crap. If you have ever
fallen for this scam or one of it's kind Please post here.
I really want to know that you exist.








"Hello Dear Friend,

Your name and e-mail address came up in a random draw conducted by
our law firm, (Adetokunbo & Co. Law Chambers.) in Lagos , Nigeria . I
am Barrister Adetokunbo Kayode (Esq), the legal adviser and counsel
to a deceased expatriate contractor,who used to work with
Chevron/Texaco Nigeria Limited here in Nigeria thereafter shall be
referred as my late client. On the 27th of January 2002, my client,
his wife and their three children were involved in Ikeja bomb blast
here in my country. Hence I contacted you.

Please view these websites below to confirm what I am telling you.
http://news.bbc.co.uk/1/hi/world/africa/2718295.stm
http://news.bbc.co.uk/1/hi/world/africa/2698081.stm

I have contacted you to assist me in repatriating the money and
property left behind by my client before they get confiscated or
declared unserviceable where these huge deposits were lodged.
Particularly, where my client deposited US$3.7Million Dollars. I was
issued a notice to provide the next of kin or have the account
confiscated within two weeks. All I require is your honest co-
operations to enable us see this deal through.

You should send to my private email address  adetokunbo44@gmail.com
Your full names: -
Your private phone number/ fax (if any): -
Your age: -
Your occupation: -
Your home address: -

I am particularly interested in securing this money from the bank,
because they have issued a notice instructing us to produce the
beneficiary of this will within two weeks or else the money will be
credited to the government treasury as per law here. It is my utmost
desire to execute the will of our late client in your favor and
therefore, you are required to contact me immediately to start the
process of sending this money to any or your designated official
account, I urge you to contact me immediately for further details
bearing in mind that the bank has given us a date limit.

Regards,
Adetounko Kayode (Esq)."






Oh, I did report this as phishing to my email carrier.

									

			
			
		

	



			
				


	

		
		

			

				
How Can I Use A Hosts File To My Advantage?


				
					
Posted onAuthorTruXter

							


							

					
[tags]ip adress,malware,virus,trojan,security,computer,hack,intrusion,backdoor,safety,privacy,protection,prevention[/tags]


A hosts file is a file located in the ETC folder of almost every operating system (with some  exceptions).  The hosts file is a file that is scanned at the first accesses of a network.  Be it a program that you expect to go to the internet or not.  Your computer will first try and resolve the dns with the host.  It does this by checking the hosts file.


In your hosts file, you can tell your computer what IP address to assign web addresses.  By doing this, you bypass all network look ups on the internet for specific addresses.  It is impossible to knock out every single website there is.  You can how ever knock out all sites submitted, reported, and confirmed as malware sites.


You can also stop your kid from hitting sites you do not want her/him going to.  The way it works is you move to the lowest section in the hosts file and type in the IP address you would like that website to go to.  Like this:


127.0.0.1        a_site_you_do_not_want_to_go_to.com


This blocks that site from ever loading on your computer.


If you have a program that goes to  “a_site_you_do_not_want_to_go_to.com” by default, the program will not be able to update.  This can be used to your advantage if the site that the program is trying to connect to is a virus site, and the program is a virus, trojan or a malware notification type program (like a spider).  We call them adware and spyware these days, the program will not be able to contact it’s owner, this hides you from the owner and increases your security.  Some malware updates itself by connecting to its owner’s location, unless it is specificly assigned an IP address to connect to.  That, of course, would be a mistake on the writer’s part.  Much easier to locate that way, and you could actually block that IP address if you took the time.


I use mvps host    because he has a much larger list than I do.  I just add my stuff to his when i download it and set up my hosts file.  If you have a list of bad sites, do what I and a few others do, email it to mvps site.  I do suggest that you read everything on the wiki and mvps site before you do anything to change your hosts.  Really, if you block yourself from the interenet (god only knows how that could ever happen) you just clear out all IP addresses and domain names in the list and you are back to the way it was.


If you have any questions related to this topic feel free to ask them.


TruXter


Owner and writer of :


iworkwithtech.com  and iworkwithpeople.com 

									

			
			
		

	



			
				


	

		
		

			

				
How Safe Is Mobile Internet?


				
					
Posted onAuthorTruXter2 Comments

							


							

					
From Whistle Blowers:


“A U.S. government office in Quantico, Virginia, has direct, high-speed access to a major wireless carrier’s systems, exposing customers’ voice calls, data packets and physical movements to uncontrolled surveillance, according to a computer security consultant who says he worked for the carrier in late 2003.”


Verizon has a finger pointed at it.


This information I got from Slashdot Review.


Of course, I followed up with a search in Google.


Doesn’t sound good and doesn’t sound like a right to privacy.


The part that gets me the most is the government’s ability to track you.  Then again, it has been able to track your cell phone for years.  Maybe, this will just get swept under the carpet, forgotten, and/or never mentioned again.  I’m assuming we will hear nothing of this again.


TruXter


Owner and writer of :


iworkwithtech.com  and iworkwithpeople.com 

									

			
			
		

	



			
				


	

		
		

			

				
Re-Evaluation of Dr.Web


				
					
Posted onAuthorTruXter1 Comment

							


							

					
After years of not touching Dr.Web, I could not remember, in full, why I did not like it. I could not remember why I did not trust it. It has been at least five years since I tried it and someone I see is trusted by quite a few people recommends it. I gave it a go. Well the first download is 14 MB. Quite tiny and happens in a blink — although the file downloaded was actually just a tool to download the actual program. After the download was complete and the install was nearly finished, it asked for a verification key (I did not have one). So the program allowed me to press a button and have a key automatically inserted. Why?  Dunno. The scan seemed pretty smooth; I didn’t see the scanner get hung up on anything. The list of files being scanned was pretty steady. Boots and reboots of the system were smooth and there was no delay or hang time from Dr.Web.


I consider any program that you have to find a program from a second party to remove to be malware. If the program does not allow me to see the size of the actual install until after it is finished installing (I had to navigate to the folder it was contained in), I consider it to be deceptive.


Granted, this is a workplace computer. I am not the first employee to use this computer and formatting it is not an option. I did find traces of Limewire once installed on this machine, so you should have a pretty good idea how beat down this machine is because of misuse. Since this program found nothing and ran smoothly, I decided to break out some of the tried and true programs: Ad-Aware, Spybot, and A-Squared. All three found something, and no, it was not all cookies. Ad-Aware found what it labeled as a w32.novarg.a@mm (aka MY DOOM) file. A-Squared found a few hijackers, and Spybot found, like, 60 things.


Now here comes the issue. I decided I do not need this program to start when I start my computer. Since it never found anything, I was not impressed enough that I could leave it on the workplace computer throughout the trial period. I went to un-install Dr.Web, but it wasn’t happening.  The un-install actually tries to install the program again. I went through the whole step of seeing if it would say “before we can install you must un-install; would you like to un-install?” Never happened. Full install right over the current.


So I did a Google search on it. The best information I found was sad and scary, all in one. Delete all registry entries and then go back to the directory of install and delete all signs of Dr.Web. I really do not suggest you do that. I mean, it did not damage this machine. I booted fine afterwards with no errors, but if you are new to ‘regedit,’ stay out. It is much safer that way.


After 14 years of doing this online and nine years on local networks (before the Internet), you would think I learned my lesson. Well, I have learned that sometimes you just have to try stuff and be prepared to put things back together. Good thing I do and can.


Here’s an alternative.


TruXter


Owner and writer of :


iworkwithtech.com  and iworkwithpeople.com 

									

			
			
		

	



			
				


	

		
		

			

				
What to do when infected with spyware/adware


				
					
Posted onAuthorTruXter7 Comments

							


							

					
[tags]adaware, adware, asquared, computer, hijacker, hijackthis, hosts, infected, infection, log, maliciouse program, malware, popup, redirect, scanner, spybot search and destroy, spyware, trojan, virus[/tags]


We all have had infestations, pop ups that never go away, something that changes your home page, or something that redirects the site you type to a totally different site.  Even worse than all that, when there is a combination of those problems.


Well, I have some good news and some help for you.


Next time, you might want to consider this stuff first before you even go anywhere on the internet.


For starters, I would begin stopping most malware from even connecting to the net from your computer, this step stops your computer from ever going to the sites where malware is created, uploaded, and/or updated.  Fix your “hosts” file by going to MVP’s site and reading up on the subject.  I actually just scroll down like 20 lines and he has a zipped file with  5 or so items in it.  Extract the contents to the desktop, double click the batch file, and in a blink, I am Protected from tons of malware servers.  http://www.mvps.org/winhelp2002/hosts.htm


Please read mvps site to get a full understanding and to be on the same page as me. Yes the hosts project started out as a way to block banner ads, but it was later found that you can do much more. PLEASE READ THE MVPS SITE.


Before installation of new “hosts” file, I head to my existing “hosts” file and open it with Notepad to see if there are any changes made to it that are located here “C:WINDOWSsystem32driversetc”


There is a line that should say “127.0.0.1  localhost” which means local host is YOU.  If it says anything other than 127.0.0.1, then your machine has been routed to someone else’s server and everything you do and type is being passed through them first.  They filter through it and crack what they want. If you have anything different there, please post it here as a comment so I, and others, can help take care of someone like this.


Next, let’s go scan your machine.  If you can, install this, “http://www.emsisoft.com/en/software/download/”  and install  a-squared Free 3.1


Run that program and remove anything and everything it finds.  Let the scan finish before you start the next step.  If both scanners try to remove the same files, it could cause problems.


Next, go get Spybot-Search and Destroy, you will find it here “http://www.safer-networking.org/en/download/index.htmlspybot – Search & Destroy 1.5.2


Now, go get Ad-Aware “http://www.lavasoftusa.com/single/trialpay.php


Run Ad-Aware after Spybot.  The same rules apply.


If your issue persists, HJT that stands for “hijack this” found here “http://www.spywareinfo.com/~merijn/programs.php


You can join their forums “http://www.spywareinfo.com/~merijn/forums.php”  and get help from people who spend all day, every day just helping people decipher what HJT finds in it’s logs.  They all will tell you what to keep and what to kill. They are an excellent group.


In most cases, you would have prevented this from ever happening if you would have started with MVP’s “hosts” file.  That is a very good practice.  Also, it would be wise prevention to not install anything and everything you find on the internet.  First thing you must always do when you download anything is scan it with as many virus scanners as possible.  I use Jotti’s site for the online single file scanner.  It scans with like 20 different virus scanners at one time and shows you a real time results area at the bottom of the page.  If you watch the scan result, you can see what scanners are worth a darn and what scanners are worth being cup holder…..  AVG is garbage..  See for yourself. “http://virusscan.jotti.org/


If anyone has protection tips of the malware kind, drop a note here ..


Good free firewall to prevent this kind of thing:


Sygate firewall:


http://smb.sygate.com/products/spf_standard.htm


Trojan killers:


http://swatit.org/download.html


Trojan Hunter trial version:


http://www.misec.net/


Do this immediately:


Disabling system restore in Win Xp

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001012513122239?Open&src=sec_doc_nam&docid=2001111912274039&nsf=tsgeninfo.nsf&view=docid&dtype=∏=&ver=&osv=&osv_lvl


More Xp resource:


XP resource info:


www.blackviper.com


http://grc.com/dos/xpsummary.htm


http://www.annoyances.org/exec/forum/winxp

If you do not have SpyBot and Adaware, do this:


Spybot:


Download and Read the SpyBot tutorial here:


http://s89223352.onlinehome.us/mirror/spybot/index1.php


Download it, Unzip the program, and immediately check for updates, install the updates and then do the scan.


Let it fix everything marked in red. Reboot but not with restart, shut it down for two full minutes. You�ve got two measely minutes and it�s worth it, and let Spybot run if it indicates.


To add an item to your �Ignore List� click on the little �+� sign next to the item and left click it to highlight it, then right click it and a menu appears, select the function you want.


When you are done reboot again same way. Two full minutes shut sown is best.


Tea Time discussed by designer here:


http://forums.net-integration.net/index.php?showtopic=13433


Also, go to the update page. Notice 3 icons across the top. Between “Search For Updates” and “Download Updates” there is an icon for the download mirror location. After you click on �search for updates,� the one in the middle will change. If it doesn’t say “Spybot.US by Rootboxen.net USA” click on the dropbox arrows and click on Rootboxen, and use only that one. If you got a “checksum error” trying to download –that’s why.


Ad-Aware:


Download AdAware from http://www.lavasoft.de/


check for updates at “webupdate”.


I use these settings   (green check)


From main window click “Start” then make sure ” Activate in-depth scan” has a green check next to it.


Put a black dot nest to “Use custom scanning options� and click Customize” next to it, then green check these options:

“Scan within archives” ,”Scan active processes”, “Scan registry”,

“Deep scan registry” ,”Scan my IE Favorites for banned URL”

“Scan my host-files”


At the top of the �STATUS�  page notice the Tweak (gear) icon.  Click on it.


The first setting is �Scanning Engine.� Click on the little plus sign next to it, and in the drop-down green check “Unload recognized processes during scanning”, and �include basic Ad-Aware settings in log file�. Next click on the �+� next to “Cleaning Engine” and in the drop-down green check “Let windows remove files in use at next reboot” and Delete quarantine objects after restoring�


Click “proceed”, that will save those settings.


Click “Scan”


When the scan finishes, mark everything for removal and delete it. Right-click the window and choose “select all” from the drop down menu, press �next� and then �yes� to the prompt: �remove all these entries�.


However, if you have certain programs running that will give a false indicator of a browser hijack attempt, such as Script Sentry, which places a monitoring function in the registry and looks like a browser hijacker but is not, then you may want to add that to the ignore list because you want to keep it there to do it�s job. To add an item to the ignore list, put the a cursor on the file it reveals and left click it to highlight it, then right click it and a menu appears. Click on �ignore list.�


Shut down, two minute shut down is best, and let Adaware run on reboot if it indicates.

When you are done all that, go into Safe Mode and run Adaware, SpyBot, and Av. Then go to ‘search files and folders’ and search for the file name of the trojan and delete it in Safe Mode. If you are clean there, that’s about it. Re-enable your system restore.


I also use these:


Spyware Blaster


http://www.javacoolsoftware.com/spywareblaster.html


MRU Blaster


http://www.javacoolsoftware.com/mrublaster.html


and Script Sentry.


Run Adaware, SpyBot and your AV in normal mode. Clean? good. Go here:


Jason�s Browser Security Test:


http://www.jasons-toolbox.com/BrowserSecurity/


Gibson tests:


http://www.grc.com/default.htm


I use LeakTest, DCOMbobulator, ShieldUp, and plugnpray.


Love for the tech community.