Computer (mostly Microsoft) Virus Info
Off-Site Links
Overviews:
Security and Abuse
10 immutable laws

Anti-Spyware:
2-Spyware
Stop Badware
Malwarebytes (download)
PC Pit Stop
(top 25 spyware)
Rogue anti-spyware
Super AntiSpyware
  (portable)
Test (2004-10)

Antivirus Comparisons
AV-Test
West Coast Labs
Virus Bulletin
AV Comparatives

Virus Checkers
AV Test (comparison)
Trend Micro
Avira
(boot)
AVG
(download,
linkscanner fix)
Avast
Clam AV
(ClamWin for Windows
Clam Sentinel,
ClamXav for Macs)
Comodo
EZ Armor
Kaspersky ($)
Nod32 $ (trial)
Norton ($)
(Removal tools 1,
Removal tools 2)
MicroWorld scanner
Virus Bulletin~

Firewalls
AuditMyPC firewall checker
Comodo
My-etrust
SmoothWall.org
Sygate
Zone Alarm

Rootkit Detectors
Sec Tools
Windows Ref.

Win Processes
CLSID/BHO list
Process Library
Startup List
Task List
Windows Startup

Virus info
BitDefender
removal tools

CyberCrime
DataFellows
F-Secure
MS
Symantec
V/bugs
V/db

Misc:
DNS Checker
Mike's HOSTS file
Nirsoft (password & network utils)
Panopticlick
Phishing sites
Port Scanner
View Passwords
What is that file

Avoid
Snopes
Truth or Fiction
Rapport Trusteer

Security Sites:
AntiPhishing
Attrition
Bugnet
BugTraq
CERT
CEXX
Computer Security Now
Counterpane
CVE cr.yp.to
Data Loss DB
DSL Reports
dsniff (network tools)
Government Security
The Hacker's Choice
IE holes
Insecure (tools)
Lance's Security
l0pht
Microsoft Technet
(malware portal)
milw0rm
NIPC
NTbugtraq
Offensive Computing
PacketStorm
PC Hubs
Phrack
Rootsecure
rootprompt
rootshell
SANS
Security Tools
SecuriTeam (blog)
SecurityFocus
SecurityPortal
Security-Protocols
SiteTruth (phishes)
SpyKing
Spyware investors
2600
Wilders security forums
Win95/98
W3
0-day initiative
Astalavista
Security Certs: CISSP
CISA
SANS GIAC
Top Tools:
  1. Malwarebyte's Anti-Malware: run in Safe Mode (see above; for a few malware versions this may have to be renamed before installing; cnet displays tempting banner ads so look for the link that says "Download Now")
  2. Avira (free for home use), Comodo (free for home or business), as is Avast (free for home); if you're buying then Nod32 is quite good; AVG's auditing is not so good, Microsoft Security Essentials no longer recommmended as primary AV.
  3. RiseUp: email, VPN, chat, and document collaborating services
  4. ComboFix: run in Safe Mode (start pressing F8 a few times before Windows boots; may have to be renamed for certain viruses)
  5. Adware Cleaner: removes browser toolbars
  6. Microsoft Fix It: force program uninstallers to work
    • In the Filter Solutions search box type: uninstall
    • Select the option that says: Fix problems with programs that can't be installed or uninstalled
  7. Antivirus comparisons
  8. Your browser should warn you about a revoked certificate when you visit this site: revoked.grc.com
  9. If you're paying for a yearly subscription: don't upgrade until a week before the antivirus ends.
  10. PhotoRec: recover deleted files from USB drives or hard drives (also: Recuva)
Recent Outbreaks:

Other pretty good programs to run on a regular basis:
(Note: The following are not a substitute for a virus checker.)

  1. Spyware Blaster & Spyware Guard - spyware blocker & real-time monitor
    • Blaster inoculates Internet Explorer, Guard prevents installation of spyware
  2. Hijack This - check for hijackers
    • Checks for programs that change your browser's homepage, and other nuisances
    • Log file analyzers (you can copy and paste your HijackThis log into one of the following):
  3. Cassandra: checks your software for security updates, including Secunia
  4. ComboFix
  5. Housecall - online check for viruses and spyware
  6. Stinger (McAfee) - check for viruses
    • check for the 40 or so most popular/recent viruses
  7. USB stick tester: check flash drive for errors
  8. Malware tips: pretty good instructions on removing problem programs
  9. KillBox: terminate and delete any running process and it's file
  10. MS Defender spyware/adware blocker
  11. Super AntiSpyware (?)
  12. Spybot Search & Destroy - check for spyware
    • Homepage
    • After installing, click the "Search for updates" button to get the latest update
    • (not to be confused with the similarly named worm)
  13. How to disable Windows 8 smartscreen: reports your program installations

iOS6

Spyware Checkers, Hijackers, Parasites, Anti-Spyware, Adware, & Malware

Spyware Lists and Tools:

  1. SpyChecker.com
  2. Spyware Warrior: testing & comparison guide
  3. GlobalNet
  4. Steve Gibson's Shields Up and Spyware checker
    • Be sure to check: File Sharing, Common Ports, and All Service Ports
  5. Trapware's Who's Watching Me?
  6. Pest Patrol
  7. CW SHredder

Adware & Anti-Adware, Malware

  1. Ad Muncher - ad and popup blocker
  2. Scumware.com
Home Router/Firewall:
  • Hardware:
  • Configuring routers
  • Passive ethernet trap: to monitor for rootkits
  • Slashdot discussion (old) Tips:
    • Disable autorun:
    • Minimizing Windows 2K & XP network services
    • MS on spyware; also: Enhanced Mitigation Experience Toolkit
    • Disable Malicious Software Reporting Tool (MRT) phone home: (scroll down to FAQ Q3)
    • Password recovery for XP & NT
    • PhishNet, Phishing IQ test
    • Preventing ssh dictionary attacks with denyhosts (unix variants)
    • Securing Windows XP
    • SpyLawg - spyware and the law
    • Security CD from Microsoft
    • Places that Viruses and Trojans hide on startup
    • Internet Cafe:
    • Securing against key loggers (keystroke monitors)
    • Windows XP:
      • Bart's PE Builder - “...helps you build a BartPE (Bart Preinstalled Environment) bootable Windows CD-Rom or DVD from the original Windows XP or Windows Server 2003 installation/setup CD, very suitable for PC maintenance tasks.”
      • Event ID 4226 Patcher
      • Hardening WinXP
      • Installing WinXP (slightly humorous)
      • Running as limited user
      • Running as Non Admin
      • XP2 file sharing bug fix
      • Problem with XP running extremely slowly?
      • Lost password:
        1. Network users:
          • Contact your system administrator
        2. Personal computer:
          • Reboot the computer and before the operating system loads, press F8 every second or so
          • Choose Safe Mode from the menu, then press Enter
          • At the login screen, choose Administrator
          • Go to Start, and then Run
          • In the little text box, type:
            • control userpasswords2
          • Select the user whose password needs changing, then click Reset
          • In the New and Confirm boxes, type in the new_password, then click “OK”
          • Reboot the computer normally (Start, Shutdown, Restart)
        3. Alternate:
          • Reboot the computer and before the operating system loads, press F8 every second or so
          • Choose Safe Mode with command prompt from the menu, then press Enter
          • At the mostly blank screen with the black background, type:
            • net user user_name_to_be_changed *
              • (Note: don't really type user_name_to_be_changed, instead type in the user name with the lost password, don't forget the space asterisk “*”)
            • Type in the new_password, then press Enter
            • Type in the new_password a second time, then press Enter
          • Reboot the computer normally (press and hold down the Control and Alt keys, then press the Delete key
    • Tips from Slashdot users on removing stubborn spyware and are for experienced users only. Use at your own risk.
      1. Warning: some steps are risky and may cause damage to your system; most can be repaired by reinstalling. Always backup vital data before making big changes to your system.
      2. Go through each Users directory in Documents and Settings
        • Delete the contents of the Cookies directory
        • Delete every directory in the Local Settings except Application Data.
      3. Go to the Windows directory:
        • Delete the contents of: Downloaded Program Files, Prefetch, and Temp.
        • Pay very close attention to any DLL and EXE files in the Windows directory. With a few important exceptions, only malware places libraries and executables in the Windows directory. Generally, if you right click the file and choose Properties and it shows detailed copyright info for a legitimate company, the file is safe; if not, change the extension to .BAD and remember to change it back if your software has problems.
      4. Go to the root directory and delete the contents of System Volume Information and Recycle folders.
        • This will clear out the majority of the places malware hides and code that reactivates on bootup.
      5. Start Regedit PE and load the remote registry files including all user hives. It will launch regedit after they are loaded.
        • Remove all spyware keys in the Software subkeys
        • Remove the Autorun strings from Run, RunOnce, and RunOnceExec locations.
        • Do NOT close regedit when you're done or it will save the changes. While regedit is still running, run a complete system scan with Ad Aware. When adaware is done, close it then close regedit.
      6. Run your virus checker of choice (e.g. Avast, AVG, McAfee, Symantec) to get trojans and viruses.
      7. Run ChkDsk.
      8. Reboot in Safe Mode No Network Support
        • Run LSPfix and remove any bad LSP entries (such as newdotnet)
          • Google suspicious entries, but be aware that deleting the wrong entry could destroy your network layer.
        • Run WinSockFix to repair WinSock.
        • To see what's running, run AutoRuns and perhaps ProcessExplorer, then research (Google) suspicious applications. Do not remove antivirus, antispyware, or firewall entries.
        • LogOut then LogIn as each User (don't just Switch Users) and run HijackThis in each User's account.
      9. Reboot in Safe Mode With Networking:
        • Install, update, and run Spybot and AdAware.
        • Update any installed antivirus software, and run a final scan.
      10. Reboot in Normal Mode
        • Run scans again to verify you don't have any persistent malware.
        • If the scans come up clean, your work is done; if not, remove them, reboot, scan again, and if they still come back, it's probably time to restore the machine to a pristine condition (i.e. install Windows from scratch).
    Windows XP Startup & Services:
    Update: These instructions are mostly no longer needed since the release of Service Pack 2.
    Warning! The following is quite terse, and may or may not apply or be useful on your machine. Use at your own risk.
    1. Startup: Go to Start » Run » msconfig - Use msconfig to remove all non-essential startup items
      1. Go to the Services tab and check (√) "Hide All Microsoft Services"
      2. Leave checked everything related to your antivirus and firewall (e.g. McAfee, Norton, Symantec, and such)
      3. Uncheck any unnecessary services.
        • (How can you tell what's necessary and what's unnecessary? That's what we're trying to find out.)
      4. If some software or hardware doesn't work properly after doing the above, revisit start»run»msconfig and uncheckmark items associated with the particular software/hardware.
      5. Repeat steps 3 & 4 above under the Startup tab.
    2. Services: Go to Start » Run » services.msc and disable a few (1-5) unnecessary items at a time, then test your computer for a while. Disabling a few at a time makes tracking down problems much easier. Some commonly unnecessary services:
      1. Alerter - Announces administrative alerts to network users
      2. Automatic Updates - Instead visit windowsupdate.microsoft.com on a regular basis for any updates
      3. ClipBook - Used to share clipboard info (cut/copy/paste) with other PCs
      4. COM+ Event System (MANUAL?) - Few apps use COM+, put on manual and it'll start if needed
      5. COM+ System Application (MANUAL?) - See above
      6. Computer Browser - List to share files on a network
      7. Distributed Link Tracking - Maintains NTFS file links on your PC or domain
      8. Distributed Transaction Coordinator - Multiple resource transactions (e.g. databases)
      9. Error Reporting Service - Alerts Microsoft when software fails
      10. Fax Service - Send/receive faxes
      11. FTP Publishing Service - runs the FTP Server
      12. Help and Suport - This will re-activate if you access Start/Help or press F1
      13. Human Interface Device Access (AUTOMATIC?)- Set to AUTO if peripherals have problems
      14. IIS Admin - Local web server or FTP
      15. Indexing Service - Makes searches quicker, but makes PC slower when not searching
      16. IPSEC Services - Leave on AUTO if you like security
      17. Logical Disk Manager - Only required for Disk Management MMC dynamic volume console
      18. Logical Disk Manager Administrative Service - See above
      19. Messenger - Send messages between network clients and servers
      20. MS Software Shadow Copy Provider - Used with Volume Shadow Copy Service
      21. Net Login - Used to login to a Domain Controller on a network
      22. NetMeeting Remote Desktop Sharing - Shares your desktop with others (yikes!)
      23. Network DDE - Facilitates Clipbook (see above) sharing
      24. Network DDE DSDM - See above.
      25. NT LM Security Suport Provider - Used for Message Queueing or Telnet server
      26. Performance Logs and Alerts - Maintains performance info and logs
      27. Portable Media Serial Number - Maintains serial numbers of music players; may not be required
      28. QoS RSVP - Does some monitoring of network usage
      29. Remote Access Auto Connection Manager (MANUAL?) - Creates an internet connection for some apps, put on MANUAL for dial-up
      30. Remote Access Connection Manager (MANUAL?) - See above
      31. Remote Desktop Help Session Manager - Lets others control your computer (yikes!)
      32. Remote Procedure Call (RPC) Locator - Logs RPCs
      33. Remote Registry Service - Lets others edit your Registry (yikes!)
      34. Routing and Remote Access - LANs and WANs
      35. Secondary Logon - Old method for logging in
      36. Security Accounts Manager - Stores security info (yikes?)
      37. Server - Share files, printers, etc.
      38. Shell Hardware Detection - For most memory cards
      39. Smart Card - For Smart Cards
      40. Smart Card Helper - See above.
      41. SSDP Discovery Service - UPnP device finder (yikes!)
      42. System Event Notification - Used with COM+ (see above), for power on/off or log on/offs; probably not required.
      43. Task Scheduler - Runs scheduled events, probably not required
      44. TCP/IP NetBIOS Helper Service - Only required if you use NetBIOS
      45. Telephony - For dial-up
      46. Telnet - Lets others use your computer (yikes!)
      47. Terminal Services - Allows multiple users to connect this or other machines (yikes?)
      48. Uninterruptible Power Supply - Useful if you have a UPS
      49. Upload Manager - Old file transfer manager
      50. Volume Shadow Copy - MS-Backup utility
      51. Software Shadow Copy Provider Service - See MS Software Shadow above.
      52. Webclient - Edit internet files on another server
      53. Windows Time - Gets correct time from network
      54. Wireless Zero Configuration - For wireless devices
      55. WMI Performance Adapter - Logs HiPerf performance info
    3. Some XP and 2K privacy, services, and security resources:

    Older Trojans, Virus, & Worm Outbreaks
    :: Mostly Microsoft-specific Outbreaks ::

  • Misc:
      Adware, Spyware & Virus info:
    CyberCrime
  • DataFellows
  • MS
  • Scumware
  • Symantec
  • V/bugs
  • V/db
  • Disable Windows Scripting Host
      Security:
    AntiPhishing
  • Attrition
  • Bugnet
  • BugTraq
  • CERT
  • Counterpane
  • cr.yp.to
  • Insecure
  • (tools)
  • Iron Geek
  • Lance's Security
  • l0pht
  • Microsoft
  • NIPC
  • NoCatNet
  • (802.11b)
  • NSA security guides
  • (PDFs)
  • NTbugtraq
  • PacketStorm
  • PC Mag tips
  • Phrack
  • Port Scanner
  • Risks Digest
  • rootprompt
  • rootshell
  • SANS
  • SecurityFocus
  • SecurityPortal
  • Snort sigs
  • SpyKing
  • Steganography resources
  • 2600
  • Win95/98
  • W3
  • Astalavista
  • Wireless & WEP:
  • Broken in minutes
  • Dead Again (part 2)
  • Securing guide
  • WiFi intro
  • WiFi Finder
  • (free & fee hotspots)
  • Wireless tips
  • | 6 dumbest ways to secure wireless
    SSH: Tips
  • Tunneling part 1
  • , part 2
      Freedom & Privacy:
    Cryptome
  • dmoz~
  • EFF
  • EPIC
  • (tools)
  • Privacilla
  • Privacy.org
  • PrivacyRightsNow
  • Protection
  • Vortex
  • (forum)
  • WebVeil
  • AdCops
  • AnonSurf?
  • Interception?
  • ZeroKnowledge
  • Somewhat private and anonymous communications: Anonymizer.com
  • the Cloak
  • Freenet
  • GNUnet
  • Invisible Internet Project
  • JAP
  • SafeWeb.com
  • Tor
  • PGPI.com
  • GnuPG.org
  • PGP.com
  • Recording Laws
    Large copiers contain hard drives, which save your copies
      Networking & Wifi:
    Cat5
  • Cat5 DIY
  • Ethernet & phone wiring
  • Free Antennas
  • ( Deep Dish Cylindrical Parabolic Template)
  • Fundamentals of Communication
  • (Flash)
  • Linux Advanced Routing and Traffic Control
  • Municipal broadband map
  • (USA)
  • PlaceLab
  • (location finder)
  • Port Forward
  • (router and firewall help)
  • Practically networked
  • Public spectrum
  • Router guide
  • SAMBA setup
  • (ubuntu)
  • USB WiFi
  • (USB adaptors & DIY antenna)
  • WiFi biquad antenna
  • Wifi maps

  • ^top of page^ | Search | Site Map | UseWisdom