Homepage and search changed mysteriously?

Homepage and search changed mysteriously?

Has your Homepage and chosen default search engine changed mysteriously? You may have even tried to change them back but they keep going to the new one?

 

The culprit is the usual suspects – malware. Here are the examples of what does this…. (sometimes an installed toolbar suddenly appears that you did not install or you may have installed a bad malware toolbar that changed settings to theirs)….

 

Browser Hijackers
http://en.wikipedia.org/wiki/Browser_hijacker
http://www.microsoft.com/protect/terms/hijacking.aspx
http://us.trendmicro.com/us/threats/enterprise/threats-summary/browser-hijackers/

Browser Hi-Jackers BHO
http://en.wikipedia.org/wiki/Browser_Helper_Object

Page hijacking
 http://en.wikipedia.org/wiki/Page_hijacking

DANGER: These may set a new homepage and it may be a malicious website that just visiting it, or any link on it, will infect the system even worst with viruses, worms, trojans, or install spyware etc etc etc.

 

RECOMMENDED…
You may first want to install antimalware (antivirus plus antipsyware) and then run a scan for infections. These will detect them and quarantine them – placing them in a special quarantine section to prevent them from further infecting and ongoing infection –  and they safely repair any files or software infected simply by stripping the bad malware code from them automatically in the bat of an eye.

Try installing antimalware with Real Time Protection that PREVENTS these infections from ocurring in the first place and you can add some free home version extra scanners that may get what is missed….

 

Microsoft Security Essentials
http://www.microsoft.com/security_essentials/
“Provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software. Microsoft Security Essentials is a free* download from Microsoft that is simple to install, easy to use, and always kept up to date so you can be assured your PC is protected by the latest technology. It’s easy to tell if your PC is secure — when you’re green, you’re good. It’s that simple. Microsoft Security Essentials runs quietly and efficiently in the background so that you are free to use your Windows-based PC the way you want—without interruptions or long computer wait times.”

Free Internet Security and Free Antivirus from Comodo
http://www.microsoft.com/security_essentials/
Best free antivirus software with complete protection, Download free antivirus software now to make your PC 100% safe and secure, top rated free antivirus from comodo

 

Add….. any of these…. FREE home versions

Lavasoft Ad-Aware
http://www.lavasoftusa.com/software/adaware/

SUPERAntiSpyware
http://www.superantispyware.com/

Malwarebytes
http://www.malwarebytes.org/

Improve performance by defragmenting your hard disk

Improve performance by defragmenting your hard disk
The computer disk becomes fragmented, and occurs with use over time such as a month or a couple months – depending on how heavily it is used, as daily, etc. Generally, defragging the disk can be performed like once a season or once a month depending on usage. Over time, usage will kind of scatter locations of various file parts across the disk until it takes even that extra time to do things – a few nano seconds all the way up to an actual actual couple seconds even. Running the defragging of the disk moves all files back to where they should be, and now a tight disk with improved performance. Kind of like an automobile fan belt getting a little loose and not charging the battery well enough fast enough, and even the engine heating a little more.

Improve performance by defragmenting your hard disk
http://windows.microsoft.com/en-US/windows-vista/Improve-performance-by-defragmenting-your-hard-disk
“Fragmentation makes your hard disk do extra work that can slow down your computer. Disk Defragmenter rearranges fragmented data so your hard disk can work more efficiently. Disk Defragmenter runs on a schedule, but you can also defragment your hard disk manually.
Open Disk Defragmenter by clicking the Start button Picture of the Start button, clicking All Programs, clicking Accessories, clicking System Tools, and then clicking Disk Defragmenter. Administrator permission required If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Click Defragment Now.
Disk Defragmenter might take from several minutes to a few hours to finish [Takes about 20 to 40 minutes usually], depending on the size and degree of fragmentation of your hard disk. You can still use your computer during the defragmentation process.”

(Takes about 20 to 40 minutes usually)

It has been my experience from Windows XP through Windows 8 that the built in Windows Disk Defrag utility works best and safest. This is found at….
Start > All Programs > Windows Accessories > System Tools > Defrag
…..there is no need to install one. Tech persons may have actually not known that, you would be surprised, and actually install a free one and run it. In this particular case – defragging the disk – we do NOT recommend using any other defrag utility software other than the built-in Windows defragger!

If you are on Windows Vista, the default is that the defrag runs automatically and is best left as such for Vista. You can manually run a defrag of the disk anytime by clicking the shortcut link in the Start Menu above shown.

ALSO you can access this by clicking My Computer on the Start Menu and then when the C Local Disk icon appears – you right click that for the menu and click Properties. Then click Tools Tab (up top tabs). This has the several maintenance options to perform a Disk Defrag and you can first click Analyze the Disk (for the need to defrag it) and is quick – in a moment or two. This will show you the degree of present defragmentation on the disk and may also display that “A defrag of this disk is not neccessary” if it is nominal fragmentation.

There, too, you can perform a disk check for “Volume Errors” which is a disk check run to “Scan For and Attempt to Correct” any bad areas of the sectors automatically and safely. Sometimes this will correct some major boo-boos going on in the system areas and files.

SEE
The How-To Geek Guide to Using Check Disk in Windows 7 or Vista
http://www.howtogeek.com/howto/windows-vista/guide-to-using-check-disk-in-windows-vista/
The chkdsk or “Check Disk” utility is used in Windows to scan through your entire hard drive … This volume will be checked the next time the system restarts …

(Choose “Scan For and Attempt Recovery of Bad Sectors – and it runs right now and takes about 5 minutes. You can schedule it to perform on the next start up of the computer and it will run at start up showing results in black screen and Don’t Touch anything, as when done will automatcally start the PC as normal when done in about 2-5 minutes. It shows you the progress. For this click “Automatically Fix File System Errors” )

How to perform disk error checking in Windows XP – Microsoft …
http://support.microsoft.com/kb/315265
Discusses how to check your hard disk drive for errors in Windows XP.

Summary
Chkdsk (Chkdsk.exe) is a command-line tool that checks volumes on your hard disk drive for problems. The tool then tries to repair any problems that it finds. For example, Chkdsk can repair problems related to bad sectors, lost clusters, cross-linked files, and directory errors. To use Chkdsk, you must log on as an administrator or as a member of the Administrators group.

Posted in BlueCollarPC WordPress Blog. Tags: , , , , , , , . Comments Off on Improve performance by defragmenting your hard disk

How And Where To Report Cyber Crime

How And Where To Report Cyber Crime

REPORT CYBER CRIME

Internet Crime Complaint Center (IC3)
http://ic3.gov/
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). IC3’s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >> http://ic3.gov/

Federal Trade Commission (USA) Complaint Input Form
https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03
If you believe you have been the victim of identity theft, you may use the form below to send a complaint to the Federal Trade Commission (FTC). The information you provide is up to you. However, if you don’t provide your name or other information, it may be impossible for us to refer, respond to, or investigate your complaint or request. To learn how we use the information you provide, please read our Privacy Policy.

Federal Bureau of Investigation – Cyber Investigations – Cybercrime
http://www.fbi.gov/cyberinvest/cyberhome.htm

Computer Crime & Intellectual Property Section
http://www.cybercrime.gov/

WiredSafety.Org
http://www.wiredsafety.org/911/
Our Cyber911 Help tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement…

ReportCybercrime.Com (Private)
http://www.reportcybercrime.com/
Also, through our interactive forum you can get opinion of specialist attorneys and lawyers. Each lawyer in practice will give his opinion on matters, which are raised in the forum. You Can post queries view answers from experts and improve upon your knowledge base…

How to Report Cybercrime
http://www.katiesplace.org/report_cybercrime.html
WiredSafety’s Cyber911 Emergency tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement.

Take a Bite Out of Cyber Crime
ByteCrime.Org
http://www.bytecrime.org/

Posted in BlueCollarPC WordPress Blog. Tags: , , , , , , , . Comments Off on How And Where To Report Cyber Crime

What is .sys, is the file csc.sys malware?

What is .sys, is the file csc.sys malware?

Is the file csc.sys malware?
From a real question at Yahoo Answers > Security I fielded here….
http://answers.yahoo.com/question/index?qid=20130524200015AA81DJP

MY ANSWER (as yahoo handle antibotnet)
This is…..

Other applications associated with file type SYS:
http://filext.com/file-extension/SYS

# PlayStation 2 (Icon) by Sony Corporation of America The identifying characters used for this association are – Hex: 50 53 32 44 , ASCII: PS2D
# SYGRAPH/SYSTAT/SPSS/PC (Data File)
# System Configuration
# System Device DriverNote: This file type can become infected and should be carefully scanned if someone sends you a file with this extension.
# Unknown Apple II File ((found on Golden Orchard Apple II CD Rom))

It is most likely referrring to a Device Driver. It can be a driver installed by malware and even a rootkit. It may be a malware piggy back using a valid driver. When you say Now Hidden – that is exactly what a rootkit infection does – it hides behind fake file name to avoid detection and are most times hard to remove. This is the one instance Microsoft themselves actually advise reinstalling the Windows Operating System that will have wiped the disk clean first automatically. Rootkits were the greatest threat and feared malware infection in the Windows XP Years. Since, Vista does not allow rootkits to run and now Windows 8 has antirootkit/antibootkit Secure Boot technologies as well.

Drivers need very very very careful treatment as certain ones being corrupted can leave you with the dreaded BSoD (Blue Screen of Death)! I recommend a higher quality antivirus product and note also that the top quality antivirus companies incorporated detecting rootkits also as the traditional antivirus catagory threats – virus, worm, most trojans.

EXAMPLE – MALWARE DRIVER INSTALL:
Symantec Identifies New Duqu Trojan Driver Variant
http://www.infosecisland.com/blogview/20762-Symantec-Identifies-New-Duqu-Trojan-Driver-Variant.html

RECOMMENDED…
I would recommend installing an anti-rootkit software and scanning for these. You did not mention your OS (operating system) – Win7 or XP ? There is a good chance it was simply a driver added in a malware payload which means you should be detecting trojans and other malware such as spyware packages. Do note that neither of the products you are using are known superior products and especially Spybot S&D which has chronically been reported as one of the worst security products as far as detecting and blocking malware.

Spybot – Search & Destroy – Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/Spybot_%E2%80%93_Search_%26_Destroy
Spybot-S&D was written by the German software engineer Patrick Michael … PC Magazine initially rated it highly in 2003, their rating declined to “poor” in 2008: …

TRY (insted of Spybot SD)
Mamutu [$20USD Year]
http://www.emsisoft.com/en/software/mamutu/

BEFORE deciding to reinstall Windows I would recommend a known forum that is staffed that can help (free community help) BleepingComputer.Com
http://www.bleepingcomputer.com/

Source(s):

POSSIBLE INFECTIONS LISTS (2):

SEARCH TERM: csc.sys
http://www.spywareremove.com/search/?q=csc.sys&sa=Search&cx=009694213817960318989%3Ai1ojzq28m_4&cof=FORID%3A10%3BNB%3A1&ie=UTF-8&siteurl=http%3A%2F%2Fwww.spywareremove.com%2Fmalware-programs%2F
SEARCH TERM: csc.sys
http://www.microsoft.com/security/portal/threat/encyclopedia/search.aspx?query=csc.sys

Please click our new Thank You Buttons

Please click our new Thank You Buttons!

We have just added our new Thank You Buttons that appear on all blog posts and webpages. If you have found that any of our informative blog posts have been helpful , please click the Thank You Button! As well, on our individual webpages here at our website – Help Center, Threats FAQs, Forensics, PC Help, Wireless, About etc – if you have found information here has been helpful please click the Thank You Button at the bottom of the webpage!

The Thank You Button is a simple counter that increase one number each time clicked. There is NOTHING recorded like IP Numbers – nothing identifiable about the User at all – just a simple counter button.

The BlueCollarPC has been a free Community Help Website since 2005. We have never solicited Donations or charged anything at all. All is personally learned information and all other sources as freely shared help information over the Net.

Again, We thank you for choosing us as an additonal PC Security destination!

Webmaster, free Malware Removal Help since 2005 (former Webmaster of the BlueCollarPC.Net)

We added some new Counters (Visitors Hits etc)

We added some new Counters (Visitors Hits etc)….

Hello all, we have added several Counters again to our site so our Users and Visitors can take a glance at fellow traffic. As mentioned, I was the former webmaster of our original site – BlueCollarPC.Net – since 2005 / closed 2010. The original site had just passed the 6 million Visitors/Users mark before closing. This was added to our main Hits Counter (Visitors / Users) and can be found all the way at the bottom of the homepage on the left. To see our BlueCollarPC.US hits by Visitors and Users, just subtract 6 million.

The gizmo thingamagib towards the top of the homepage on the left shows a kind of static simple count of Today/Yeseterday hits and some more info. This can help show perhaps if there is a spike during times of unique worldwide event type malware outbreak such as the Conficker Worm botmnet not very long ago that even hit TV News stations.

Of course these are simple basic counters with NO identifiable information recorded or tracked of any of our Users and Visitors, naturally. Note that some counters will display IP Numbers of visitors and so on and we do NOT use any of these of course with the amount of cyber crime anymore and those were from a more innocent age years and years ago. The IP Number of a computer (kind of like a Caller ID number) actually have the parts of the number showing country location and is why they would be displayed in ages old times. Just another interesting ditty of viewing Visitor info.

Today, hackers use pinging of IP Numbers to attempt to learn about a PC and perhaps break into one. In emails, the sender IP Number is always included so watch who you send email to! Basically, if you have truly quality paid antimalware installed on your computer – you are good to go.

Webmaster, BlueCollarPC.US

Malware Removal Help Since 2005

Posted in ANNOUNCE, BlueCollarPC WordPress Blog. Tags: , , , , . Comments Off on We added some new Counters (Visitors Hits etc)

BlueCollarPC Passes 8 million vistors

Welcome all, our BlueCollarPC.US (formerly BlueCollarPC.Net) passes the 8 Million Visitors mark!

Our original domain, the BlueCollarPC.Net, had just passed the 6 Million Visitors mark from 2005 until we moved to our present home – the BlueCollarPC.US in 2010. Originally, we started as a spyware information and free removal Commuity Help site in 2005. As malware became even more sophisticated, trojans trojans trojans, botnet infections were increasing and becoming more sophisticated as well.

In response, we simply expanded our site to be the full blown malware information and free removal Community Help Site. The term malware means simply all the catagory threats – both antivirus and antispyware catagories. Traditionally, viruses and worms and most trojans, and then rootkits added, were detected by traditional antivirus. Adware and then various and many spyware pacakages were then in the antispyware catagory of threats and detected, blocked, and removed by same – antispyware products.

So we then transferred our domain to the now BlueCollarPC.US for the new decade with a full emphasis in removal help of botnet infections – the new worst feared infection (massive payloads) surpassing rootkits. The greatest feared malware – rootkits – were unable to run on Windows Vista, but were always a dreaded infection for Windows XP. Now with Windows 8 and the new Secure Boot technology, rootkits are not able to start up and run on Win8. So the great botnet plague is now the worst feared enemy for the community of computer users and including all from Small Business all the way through Corporates etc. These are intensive massive payloads that need much removal diagnosis and help. There is generally always several areas of damage needing repair and resetting. They can even bypass traditional antimalware products if not up on their game – they walk through in seconds like it was not even there!

 

FROM OUR ABOUT PAGE….. HELP http://bluecollarpc.us/sample-page/

Webmaster of the BlueCollarPC.US
Former webmaster of BlueCollarPC.Net / BlueCollarPC.Org and BlueCollarPC.Webs.Com. We have moved to www.BlueCollarPC.US for the new decade 2010 ongoing. Data Processor Certificate 1970  (IBM029,Univac026 – Sperry Rand Univac 9200/9300 Series COBAL). Novice to Advanced User to Amatuer Computer Forensics on Windows PC. Advanced Linux User also now.
Location: USA

Welcome to the BlueCollarPC ……    A Community Help Website

BlueCollarPC.US Launched June 14 2010 Personal Website for General Audiences with Computing Safety and Malware Removal Help and Information as main theme which includes memberships available for live help – at our Groups and Forums. Formerly Webmaster of BlueCollarPC.Net from 2005 -2009 (over 6 million Visitors) and back up BlueCollarPC.Org [closed]

Welcome to the www.BlueCollarPC.US We Thank You for choosing us as your additional Computing Security destination !

For the record….. I began the BlueCollarPC Computing Security Community Website in 2005 at the original .Net website. I believe at that time, the .Com website was actually a PC Repair Shop which I was not connected with. Towards the end of 2009, the BlueCollarPC .Net created by me had enjoyed just over 6 Million Vistors/Users! – and are proud to have helped and indeed actually had “discovery” in the security industry concerning the malware RASautodial registry entries discovered by Yours Truly. Never be afraid to ‘take a look under the hood’ of your PC ! You never know what you’ll find.

 

How And Where To Report Cyber Crime
REPORT CYBER CRIME 


Internet Crime Complaint Center (IC3)

http://ic3.gov/
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). IC3′s mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >> http://ic3.gov/

Federal Trade Commission (USA) Complaint Input Form
https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03
If you believe you have been the victim of identity theft, you may use the form below to send a complaint to the Federal Trade Commission (FTC). The information you provide is up to you. However, if you don’t provide your name or other information, it may be impossible for us to refer, respond to, or investigate your complaint or request. To learn how we use the information you provide, please read our Privacy Policy.

Federal Bureau of Investigation – Cyber Investigations – Cybercrime
http://www.fbi.gov/cyberinvest/cyberhome.htm

Computer Crime & Intellectual Property Section
http://www.cybercrime.gov/

WiredSafety.Org
http://www.wiredsafety.org/911/
Our Cyber911 Help tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement…

ReportCybercrime.Com (Private)
http://www.reportcybercrime.com/
Also, through our interactive forum you can get opinion of specialist attorneys and lawyers. Each lawyer in practice will give his opinion on matters, which are raised in the forum. You Can post queries view answers from experts and improve upon your knowledge base…

How to Report Cybercrime
http://www.katiesplace.org/report_cybercrime.html
WiredSafety’s Cyber911 Emergency tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement.

Take a Bite Out of Cyber Crime
ByteCrime.Org
http://www.bytecrime.org/

Security product vendors
Links to developers and vendors of computer and network security products and services…
http://www.virusbtn.com/resources/links/index?ven

AEC (Trustport)
AVG (formerly Grisoft)
Agnitum (Outpost)
AhnLab (V3Net)
Aladdin (eSafe)
Alwil Software (avast!)
ArcaBit (ArcaVir)
Authentium (Command)
Avira (AntiVir)
BitDefender (formerly Softwin)
Bullguard
CA (Corporate)
CA (Home user)
Central Command (Vexira)
Check Point (ZoneAlarm)
ClamAV (open source)
Comodo (BOClean)
Cybersoft (VFind/VTSK)
Doctor Web
ESET (Nod32)
Ewido
F-Secure
Filseclab (Twister)
Fortinet
Frisk Software (F-PROT)
G DATA (AVK)
Ggreat
HAURI (ViRobot)
IBM ISS (Proventia)
Ikarus
Intego (Mac specialist)
Iolo
K7 Computing
Kaspersky Lab
Kingsoft
Lavasoft (AdAware)
McAfee, Inc. (formerly Network Associates)
MicroWorld Software (eScan)
Microsoft (Forefront)
Microsoft (OneCare)
Moon Secure (open source AV for Windows project)
New Technology Wave Inc. (VirusChaser)
Norman Data Defense Systems
PC Tools (Spyware Doctor)
Panda Software
Per Systems
Proland Software (Protector Plus)
ProtectMac (Mac specialist)
Quick Heal Technologies
Rising
SecureMac (MacScan)
Sophos
SpyBot – Search & Destroy
Sunbelt Software (CounterSpy, Vipre)
Symantec Corporation (Norton)
Trend Micro Inc.
VirusBlokAda (VBA32)
VirusBuster Ltd.
Webroot (Spy Sweeper)
eEye Digital Security (Blink)

%d bloggers like this: