Computer (mostly Microsoft) Virus Info
Off-Site Links
Security and Abuse
10 immutable laws

Stop Badware
Malwarebytes (download)
PC Pit Stop
(top 25 spyware)
Rogue anti-spyware
Super AntiSpyware
Test (2004-10)

Antivirus Comparisons
West Coast Labs
Virus Bulletin
AV Comparatives

Virus Checkers
AV Test (comparison)
Trend Micro
linkscanner fix)
Clam AV
(ClamWin for Windows
Clam Sentinel,
ClamXav for Macs)
EZ Armor
Kaspersky ($)
Nod32 $ (trial)
Norton ($)
(Removal tools 1,
Removal tools 2)
MicroWorld scanner
Virus Bulletin~

AuditMyPC firewall checker
Zone Alarm

Rootkit Detectors
Sec Tools
Windows Ref.

Win Processes
Process Library
Startup List
Task List
Windows Startup

Virus info
removal tools

MS (threats)
Virus Total (upload)

DNS Checker
Mike's HOSTS file
Nirsoft (password & network utils)
Phishing sites
Port Scanner
View Passwords
What is that file

Truth or Fiction
Rapport Trusteer

Security Sites:
Health Report
Computer Security Now
Data Loss DB
DSL Reports
dsniff (network tools)
Government Security
GR Security (linux)
The Hacker's Choice
IE holes
Insecure (tools)
Lance's Security
Microsoft Technet
(malware portal)
Offensive Computing
PC Hubs
Security Tools
SecuriTeam (blog)
SiteTruth (phishes)
Spyware investors
Wilders security forums
0-day initiative
Security Certs: CISSP
Top Tools:
  1. Malwarebyte's Anti-Malware: run in Safe Mode (see above; for a few malware versions this may have to be renamed before installing; cnet displays tempting banner ads so look for the link that says "Download Now")
  2. Home:
  3. Business (Win Pro and Enterprise):
  4. Unchecky: uncheckmarks possibly undesirable programs from installing
  5. Windows Firewall Control: monitor what programs are using the Internet (not a Microsoft product)
  6. RiseUp: email, VPN, chat, and document collaborating services
  7. ComboFix: run in Safe Mode (start pressing F8 a few times before Windows boots; may have to be renamed for certain viruses)
  8. Adware Cleaner: removes browser toolbars
  9. Microsoft Fix It: force program uninstallers to work
    • In the Filter Solutions search box type: uninstall
    • Select the option that says: Fix problems with programs that can't be installed or uninstalled
  10. Antivirus comparisons (chart)
  11. Your browser should warn you about a revoked certificate when you visit this site:
  12. If you're paying for a yearly subscription: don't upgrade until a week before the antivirus ends.
  13. PhotoRec: recover deleted files from USB drives or hard drives (also: Recuva)
  14. Fix “DNS server not responding” errors
  15. Backup Review: hard drives, online, & cloud
Recent & Long-term Outbreaks:

Expert (disable antivirus, malware checkers, consider booting into safe mode):

  1. Rootkits:
    1. TDSSKiller
    2. RKill
    3. Malwarebytes Anti-Rootkit
    4. GMER
    5. Rogue Killer (32 & 64 bit versions)
  2. Malware:
    1. Malwarebytes Anti-Malware
    2. Microsoft Safety Scanner - weekly download for Vista and Win 7 (32 & 64)
    3. Hitman Pro - malware & virus finder (32 & 64)
    4. Emsisoft Emergency Kit
    5. Super Antispyware
  3. Utilities:
    1. Combofix
    2. Security Check
    3. Microsoft Security Essentials (Vista & Win 7; 32 & 64)
  4. Adware:
    1. AdwCleaner
    2. CCleaner
    3. Junkware Removal Tool
  5. Info:
    1. HijackThis - see what programs are running in the background
    2. Farbar recovery scan tool
  6. Trojans:
    1. Unhide - unhides files and folders hidden by some trojans (e.g. trojan.FakeHDD pretends to be anti-spyware)
  7. Antivirus (free versions roughly ordered by good, fast, and easy) as of 2015-01-03:
    1. Avira
    2. Bit Defender
    3. Avast
    4. AVG
    5. Sophos virus removal tool (does not run all the time)
    6. for more thorough comparisons, see: AV-Test, AV Comparatives; and links in the upper-right

Other pretty good programs to run on a regular basis:
(Note: The following are not a substitute for a virus checker.)

  1. Spyware Blaster & Spyware Guard - spyware blocker & real-time monitor
    • Blaster inoculates Internet Explorer, Guard prevents installation of spyware
  2. Hijack This - check for hijackers
    • Checks for programs that change your browser's homepage, and other nuisances
    • Log file analyzers (you can copy and paste your HijackThis log into one of the following):
  3. Cassandra: checks your software for security updates, including Secunia
  4. ComboFix
  5. Housecall - online check for viruses and spyware
  6. Stinger (McAfee) - check for viruses
    • check for the 40 or so most popular/recent viruses
  7. USB stick tester: check flash drive for errors
  8. Malware tips: pretty good instructions on removing problem programs
  9. KillBox: terminate and delete any running process and it's file
  10. MS Defender spyware/adware blocker
  11. Super AntiSpyware (?)
  12. Spybot Search & Destroy - check for spyware
    • Homepage
    • After installing, click the "Search for updates" button to get the latest update
    • (not to be confused with the similarly named worm)
  13. How to disable Windows 8 smartscreen: reports your program installations


Spyware Checkers, Hijackers, Parasites, Anti-Spyware, Adware, & Malware

Spyware Lists and Tools:

  2. Spyware Warrior: testing & comparison guide
  3. GlobalNet
  4. Steve Gibson's Shields Up and Spyware checker
    • Be sure to check: File Sharing, Common Ports, and All Service Ports
  5. Trapware's Who's Watching Me?
  6. Pest Patrol
  7. CW SHredder

Adware & Anti-Adware, Malware

  1. Ad Muncher - ad and popup blocker
Home Router/Firewall:
  • Hardware:
  • Configuring routers
  • Passive ethernet trap: to monitor for rootkits
  • Slashdot discussion (old) Tips:
    • Disable autorun:
    • Minimizing Windows 2K & XP network services
    • MS on spyware; also: Enhanced Mitigation Experience Toolkit
    • Disable Malicious Software Reporting Tool (MRT) phone home: (scroll down to FAQ Q3)
    • Password recovery for XP & NT
    • PhishNet, Phishing IQ test
    • Preventing ssh dictionary attacks with denyhosts (unix variants)
    • Securing Windows XP
    • SpyLawg - spyware and the law
    • Security CD from Microsoft
    • Places that Viruses and Trojans hide on startup
    • Internet Cafe:
    • Securing against key loggers (keystroke monitors)
    • Windows XP:
      • Bart's PE Builder - “...helps you build a BartPE (Bart Preinstalled Environment) bootable Windows CD-Rom or DVD from the original Windows XP or Windows Server 2003 installation/setup CD, very suitable for PC maintenance tasks.”
      • Event ID 4226 Patcher
      • Hardening WinXP
      • Installing WinXP (slightly humorous)
      • Running as limited user
      • Running as Non Admin
      • XP2 file sharing bug fix
      • Problem with XP running extremely slowly?
      • Lost password:
        1. Network users:
          • Contact your system administrator
        2. Personal computer:
          • Reboot the computer and before the operating system loads, press F8 every second or so
          • Choose Safe Mode from the menu, then press Enter
          • At the login screen, choose Administrator
          • Go to Start, and then Run
          • In the little text box, type:
            • control userpasswords2
          • Select the user whose password needs changing, then click Reset
          • In the New and Confirm boxes, type in the new_password, then click “OK”
          • Reboot the computer normally (Start, Shutdown, Restart)
        3. Alternate:
          • Reboot the computer and before the operating system loads, press F8 every second or so
          • Choose Safe Mode with command prompt from the menu, then press Enter
          • At the mostly blank screen with the black background, type:
            • net user user_name_to_be_changed *
              • (Note: don't really type user_name_to_be_changed, instead type in the user name with the lost password, don't forget the space asterisk “*”)
            • Type in the new_password, then press Enter
            • Type in the new_password a second time, then press Enter
          • Reboot the computer normally (press and hold down the Control and Alt keys, then press the Delete key
    • Tips from Slashdot users on removing stubborn spyware and are for experienced users only. Use at your own risk.
      1. Warning: some steps are risky and may cause damage to your system; most can be repaired by reinstalling. Always backup vital data before making big changes to your system.
      2. Go through each Users directory in Documents and Settings
        • Delete the contents of the Cookies directory
        • Delete every directory in the Local Settings except Application Data.
      3. Go to the Windows directory:
        • Delete the contents of: Downloaded Program Files, Prefetch, and Temp.
        • Pay very close attention to any DLL and EXE files in the Windows directory. With a few important exceptions, only malware places libraries and executables in the Windows directory. Generally, if you right click the file and choose Properties and it shows detailed copyright info for a legitimate company, the file is safe; if not, change the extension to .BAD and remember to change it back if your software has problems.
      4. Go to the root directory and delete the contents of System Volume Information and Recycle folders.
        • This will clear out the majority of the places malware hides and code that reactivates on bootup.
      5. Start Regedit PE and load the remote registry files including all user hives. It will launch regedit after they are loaded.
        • Remove all spyware keys in the Software subkeys
        • Remove the Autorun strings from Run, RunOnce, and RunOnceExec locations.
        • Do NOT close regedit when you're done or it will save the changes. While regedit is still running, run a complete system scan with Ad Aware. When adaware is done, close it then close regedit.
      6. Run your virus checker of choice (e.g. Avast, AVG, McAfee, Symantec) to get trojans and viruses.
      7. Run ChkDsk.
      8. Reboot in Safe Mode No Network Support
        • Run LSPfix and remove any bad LSP entries (such as newdotnet)
          • Google suspicious entries, but be aware that deleting the wrong entry could destroy your network layer.
        • Run WinSockFix to repair WinSock.
        • To see what's running, run AutoRuns and perhaps ProcessExplorer, then research (Google) suspicious applications. Do not remove antivirus, antispyware, or firewall entries.
        • LogOut then LogIn as each User (don't just Switch Users) and run HijackThis in each User's account.
      9. Reboot in Safe Mode With Networking:
        • Install, update, and run Spybot and AdAware.
        • Update any installed antivirus software, and run a final scan.
      10. Reboot in Normal Mode
        • Run scans again to verify you don't have any persistent malware.
        • If the scans come up clean, your work is done; if not, remove them, reboot, scan again, and if they still come back, it's probably time to restore the machine to a pristine condition (i.e. install Windows from scratch).
    Windows XP Startup & Services:
    Update: These instructions are mostly no longer needed since the release of Service Pack 2.
    Warning! The following is quite terse, and may or may not apply or be useful on your machine. Use at your own risk.
    1. Startup: Go to Start » Run » msconfig - Use msconfig to remove all non-essential startup items
      1. Go to the Services tab and check (√) "Hide All Microsoft Services"
      2. Leave checked everything related to your antivirus and firewall (e.g. McAfee, Norton, Symantec, and such)
      3. Uncheck any unnecessary services.
        • (How can you tell what's necessary and what's unnecessary? That's what we're trying to find out.)
      4. If some software or hardware doesn't work properly after doing the above, revisit start»run»msconfig and uncheckmark items associated with the particular software/hardware.
      5. Repeat steps 3 & 4 above under the Startup tab.
    2. Services: Go to Start » Run » services.msc and disable a few (1-5) unnecessary items at a time, then test your computer for a while. Disabling a few at a time makes tracking down problems much easier. Some commonly unnecessary services:
      1. Alerter - Announces administrative alerts to network users
      2. Automatic Updates - Instead visit on a regular basis for any updates
      3. ClipBook - Used to share clipboard info (cut/copy/paste) with other PCs
      4. COM+ Event System (MANUAL?) - Few apps use COM+, put on manual and it'll start if needed
      5. COM+ System Application (MANUAL?) - See above
      6. Computer Browser - List to share files on a network
      7. Distributed Link Tracking - Maintains NTFS file links on your PC or domain
      8. Distributed Transaction Coordinator - Multiple resource transactions (e.g. databases)
      9. Error Reporting Service - Alerts Microsoft when software fails
      10. Fax Service - Send/receive faxes
      11. FTP Publishing Service - runs the FTP Server
      12. Help and Suport - This will re-activate if you access Start/Help or press F1
      13. Human Interface Device Access (AUTOMATIC?)- Set to AUTO if peripherals have problems
      14. IIS Admin - Local web server or FTP
      15. Indexing Service - Makes searches quicker, but makes PC slower when not searching
      16. IPSEC Services - Leave on AUTO if you like security
      17. Logical Disk Manager - Only required for Disk Management MMC dynamic volume console
      18. Logical Disk Manager Administrative Service - See above
      19. Messenger - Send messages between network clients and servers
      20. MS Software Shadow Copy Provider - Used with Volume Shadow Copy Service
      21. Net Login - Used to login to a Domain Controller on a network
      22. NetMeeting Remote Desktop Sharing - Shares your desktop with others (yikes!)
      23. Network DDE - Facilitates Clipbook (see above) sharing
      24. Network DDE DSDM - See above.
      25. NT LM Security Suport Provider - Used for Message Queueing or Telnet server
      26. Performance Logs and Alerts - Maintains performance info and logs
      27. Portable Media Serial Number - Maintains serial numbers of music players; may not be required
      28. QoS RSVP - Does some monitoring of network usage
      29. Remote Access Auto Connection Manager (MANUAL?) - Creates an internet connection for some apps, put on MANUAL for dial-up
      30. Remote Access Connection Manager (MANUAL?) - See above
      31. Remote Desktop Help Session Manager - Lets others control your computer (yikes!)
      32. Remote Procedure Call (RPC) Locator - Logs RPCs
      33. Remote Registry Service - Lets others edit your Registry (yikes!)
      34. Routing and Remote Access - LANs and WANs
      35. Secondary Logon - Old method for logging in
      36. Security Accounts Manager - Stores security info (yikes?)
      37. Server - Share files, printers, etc.
      38. Shell Hardware Detection - For most memory cards
      39. Smart Card - For Smart Cards
      40. Smart Card Helper - See above.
      41. SSDP Discovery Service - UPnP device finder (yikes!)
      42. System Event Notification - Used with COM+ (see above), for power on/off or log on/offs; probably not required.
      43. Task Scheduler - Runs scheduled events, probably not required
      44. TCP/IP NetBIOS Helper Service - Only required if you use NetBIOS
      45. Telephony - For dial-up
      46. Telnet - Lets others use your computer (yikes!)
      47. Terminal Services - Allows multiple users to connect this or other machines (yikes?)
      48. Uninterruptible Power Supply - Useful if you have a UPS
      49. Upload Manager - Old file transfer manager
      50. Volume Shadow Copy - MS-Backup utility
      51. Software Shadow Copy Provider Service - See MS Software Shadow above.
      52. Webclient - Edit internet files on another server
      53. Windows Time - Gets correct time from network
      54. Wireless Zero Configuration - For wireless devices
      55. WMI Performance Adapter - Logs HiPerf performance info
    3. Some XP and 2K privacy, services, and security resources:

    Older Trojans, Virus, & Worm Outbreaks
    :: Mostly Microsoft-specific Outbreaks ::

  • Misc:
      Adware, Spyware & Virus info:
  • DataFellows
  • MS
  • Scumware
  • Symantec
  • V/bugs
  • V/db
  • Disable Windows Scripting Host
  • Attrition
  • Bugnet
  • BugTraq
  • CERT
  • Counterpane
  • Insecure
  • (tools)
  • Iron Geek
  • Lance's Security
  • l0pht
  • Microsoft
  • NIPC
  • NoCatNet
  • (802.11b)
  • NSA security guides
  • (PDFs)
  • NTbugtraq
  • PacketStorm
  • PC Mag tips
  • Phrack
  • Port Scanner
  • Risks Digest
  • rootprompt
  • rootshell
  • SANS
  • SecurityFocus
  • SecurityPortal
  • Snort sigs
  • SpyKing
  • Steganography resources
  • 2600
  • Win95/98
  • W3
  • Astalavista
  • Wireless & WEP:
  • Broken in minutes
  • Dead Again (part 2)
  • Securing guide
  • WiFi intro
  • WiFi Finder
  • (free & fee hotspots)
  • Wireless tips
  • | 6 dumbest ways to secure wireless
    SSH: Tips
  • Tunneling part 1
  • , part 2
      Freedom & Privacy:
  • dmoz~
  • EFF
  • EPIC
  • (tools)
  • Privacilla
  • PrivacyRightsNow
  • Protection
  • Vortex
  • (forum)
  • WebVeil
  • AdCops
  • AnonSurf?
  • Interception?
  • ZeroKnowledge
  • Somewhat private and anonymous communications:
  • the Cloak
  • Freenet
  • GNUnet
  • Invisible Internet Project
  • JAP
  • Tor
  • Recording Laws
    Large copiers contain hard drives, which save your copies
      Networking & Wifi:
  • Cat5 DIY
  • Ethernet & phone wiring
  • Free Antennas
  • ( Deep Dish Cylindrical Parabolic Template)
  • Fundamentals of Communication
  • (Flash)
  • Linux Advanced Routing and Traffic Control
  • Municipal broadband map
  • (USA)
  • PlaceLab
  • (location finder)
  • Port Forward
  • (router and firewall help)
  • Practically networked
  • Public spectrum
  • Router guide
  • SAMBA setup
  • (ubuntu)
  • USB WiFi
  • (USB adaptors & DIY antenna)
  • WiFi biquad antenna
  • Wifi maps

  • ^top of page^ | Search | Site Map | UseWisdom