False Claims: Using a Registry Cleaner Will Not Speed Up Your PC (Actually Does)

False Claims: Why Using a Registry Cleaner Will Not Speed Up Your PC …
WE TOTALLY DISAGREE WITH THE FOLLOWING ARTICLE, AND IF AS STATED THAT REGISTRY CLEANERS WERE SNAKE OIL (WORTHLESS, FALSE ADVERTISEMENT AND CLAIM) THERE WOULD BE PLENTY OF COMPLAINTS AND SUITS AND LEGAL ACTION BY CONSUMERS AND GROUPS AND THE LAW BROUGHT AGAINST THEM IN ALL THESE YEARS FOR SUIT AND CEASE AND DESIST TYPE ORDERS FROM A COURT WITH PENALTIES/FINES FOR FALSE ADVERTISING. ……
THIS IS IRRESPONSIBLE AND UNINFORMED AND AS THEY ARE NOT EXPERTS AND PROFESSIONALS PRODUCING PRODUCTS FOR THE WINDOWS PC.
HOWTOGEEK.COM IS RARELY WRONG BUT ATE A BIG FOOT IN THE MOUTH ON THIS ONE. WRITE ONLY ABOUT WHAT YOU KNOW – OLD AXIM.
ARTICLE:
Why Using a Registry Cleaner Won’t Speed Up Your PC or Fix Crashes
We’ve said it again and again: Registry cleaners don’t speed up your PC. At best, they’re a waste of time — and often money. At worst, they can cause problems by removing registry entries they shouldn’t.
READ THEIR ARTICLE AND RETURN HERE AND READ OUR BLOG POSTS ON THE SUBJECT AND CHECK OUT OUR WEBPAGE AT OUR SITE FOR THE WINDOWS REGISTRY HELP…  http://bluecollarpc.us/windows-registry-help/
NO BENCHMARK TESTS?
QUOTE: http://www.howtogeek.com/171633/why-using-a-registry-cleaner-wont-speed-up-your-pc-or-fix-crashes/ “…No legitimate benchmarks showing a performance increase as a result of a registry cleaner have ever been released. If a registry cleaner offered boosted performance, we would have some benchmarks by now.”
BENCHMARK RESULTS…
New jv16 PowerTools 2014 software delivers over 20% improved benchmark
scores and Windows startup times.
The new 2014 edition improves performance and cleans errors from
Windows-based systems with ease. The 2014 version was released alongside a
benchmark study which shows that this latest edition can deliver over 20%
improvement to system benchmark scores and Windows startup times.
For more information, please see:
BLUECOLLARPC.US BLOGPOST
Restricted Sites Utilities Softwares Fraud,Potentially Damaging Windows Registry
By bluecollarpcLast updated: Sunday, May 23, 2010 – Save & ShareLeave a Comment
About Software Utilities Adding Restricted Sites lists to the Registry

THIS IS ABOUT USING RESTRICTED SITES UTILTITIES FOR “BROWSER IMMUNIZATION” OR “BLOCKS POTENTIALLY UNWANTED SPYWARE AND OTHER UNWANTED SOFTWARES” etc.

THIS EXPLAINS WHY THEY ARE A SCAM AND DAMAGING TO COMPUTERS AS WILL EVENTUALLY DESTROY THE COMPUTER SYSTEM RENDERING IT INOPERABLE

ASIDE FROM THE FACT THAT THIS BROWSER SOFTWARE SETTING ENTERS A REGISTRY KEY FOR EVERY WEBPAGE OR SITE BLOCKED AND HAS BEEN CIRCUMVENTED BY MALWARE – WE WILL START HERE WITH THE FACTS THAT CONTINUAL ENTRIES INTO THE WINDOWS REGISTRY WILL DESTROY THE SYSTEM MAKING IT INOPERATIVE…..

YOU MOST LIKELY THINK THEY ARE SOME MAGIC WAND OF PROTECTION — HERE IS ALL THEY DO AS “IMMUNIZATION” OR “PROTECTION” FOR DONATION MONEY…….
How to use security zones in Internet Explorer
http://support.microsoft.com/kb/174360
Restricted Sites Zone
“This zone contains Web sites that you do not trust. When you add a Web site to the Restricted Sites zone, you believe that files that you download or run from the Web site may damage your computer or your data. By default, there are no Web sites that are assigned to the Restricted Sites zone, and the security level is set to High.”
Generally the registry value added is “4″ from 0-4 SEE:   HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsLockDown_zones4
SO THAT ONE KEY WILL BE ENTERED BY THEM FOR EACH BAD SITE THEY ADD TO UPDATE DEFINTIONS…..EXAMPLE:

EACH SITE ADDRESS MUST BE ENTERED HERE AS A “RETRICTED SITE” …..
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet
SettingsZoneMapDomains

EXAMPLE…. We are placing “adult.com” in Restricted Sites to show the key made immediately and written into the Windows Registry (adult.com as example here to block underage users on same PC – not saying it is a bad site at all)
HERE IS THE KEY IMMEDIATELY WRITTEN INTO THE REGISTRY TO BLOCK BROWSER ….
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsadult.com

What Professionals and Experts say…..

You will see below a Professional explanation and why registry cleaners are used to prevent damage to Windows and/or softwares. Whereby certain utilities may add lists of sites and domains – this can be an exact example of “incremental entries” by softwares, or manually, into the Registry constantly per “definitions” Updates (lists of ‘bad’ domains added)….

Product Incrementation of Windows Registry –
Windows Registry Size Limits
http://www.liutilities.com/products/registrybooster/faq/registrycleaner/

“Fragmentation is a serious problem and occurs when application processes modify the registry continually and incrementally .
Eventually registry file sizes may exceed the Registry Size Limits imposed by Windows. This causes subsequent modifications to the registry to fail. Most registry repair software allow you to defrag your registry ensuring that such issues do not occur. This is true prevention.”

…..the constant inordinate or unusual ‘incrementation’ of constantly adding Restricted Sites and domain entries in great mass volume offers no real protection – as malware circumvents the Restricted Sites feature of any browser anyway – and as explained will lead to failure of software running processes and application design as well as the Windows Operating System.

The Windows Registry has an imposed size limit. When this is approached and to succession – Windows will fail to operate as well as other software that relies on normal incremental changes such as definition updates to antivirus and critical Windows Updates as prime example.

What is bottom line is, actually Windows can cease to function at some point of additions to the Windows Registry just like regular hard drive memory runs out at some point of continual downloads of files, media, etc.

SEE: Microsoft – Windows Registry Size Limits Imposed
Below are the Experts and creators of Windows facts….

Windows Registry Size Limits Imposed / Microsoft…
http://msdn.microsoft.com/msdnmag/issues/01/12/XPKernel/
There is a limit on the size of the System hive (the file that stores the HKEY_LOCAL_MACHINESystem key and its descendants) of 200MB, because of restrictions placed on the operating system boot loader by the environment in which it runs (the boot loader reads the System hive into memory very early in the boot process), but the limit for the System hive was just 12MB in previous versions of Windows…..

MORE:
Registry Size Limit functionality has been removed from Windows Server 2003 and from Windows XP
http://support.microsoft.com/kb/292726
Windows Registry Size Limits
http://msdn2.microsoft.com/en-us/library/ms724872.aspx
Registry Size Limit
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/r

Don’t listen to hackers – and this is extremely crucial with all systems released before Windows XP. The XP size limit was increased but has an imposed Size Limit by Microsoft. Some say “don’t worry about it”… and those are just the persons you remember when your computer fails. Too late then.

Hackers may tell you to set up “registry folders” for Windows 98 and 95 to place these downloads (lists) in that would save or add registry room which would be preposterous. Hackers will tell you if and when you run out of room in XP you can “increase the paged pool size – no problem”. Neither of these work or are true – and are bad hacks and they may be intentionally attempting these malicious pranks at your expense to destroy peoples machines like the “kiddie script” malware writers for “bragging rights” achieved. DUMP IT !

Did you know that antispyware programs like Webroot Spysweeper and Trend Micro Antispyware and the free Microsoft Windows Defender have real time active shields that block all “drive by” threat installations at all sites – not just “the bad ones – Restricted Sites” ?

This is what those that run donate forums and repair shops do not tell you so that they continually derive profit at the expense of the unknowing consumer. It is very simple – for 30 dollars a year you are good to go. End of story. Do it and dump it now before you injure your machine.

THE FRAUD OF THESE UTILTITIES

FACT – WELL OVER 25 BILLION WEBPAGES ……
World Wide Web
http://en.wikipedia.org/wiki/World_Wide_Web
Statistics
A more recent study, which used Web searches in 75 different languages to sample the Web, determined that there were over 11.5 billion Web pages in the publicly indexable Web as of the end of January 2005. As of March 2009, the indexable web contains at least 25.21 billion pages.

These products claim to….
“secures browser against dangerous sites and their unwanted malware” and explain their features as “preventing installation of spyware and other unwanted software, exploitation of security vulnerabilites, …”
IS THE FANCY DECEPTIVE WAY OF SAYING……
The product enters the entire list to date they have compiled as bad content websites and/or webpage addresses into Restricted Sites CREATING AN INDIVIDUAL REGISTRY KEY FOR EACH “DEFINTION” UPDATE FOR EACH WEBPAGE OR WEBSITE DOMAIN – one Windows Regsitry Key for each “automatic update” — and CONTINUALLY as new ones emerge, which is the activity of professional industry antivirus and antispyware companies attend continually to block threats from ALL.

NOW a collection of webpages makes up the website. Each website is a domain such as microsoft.com and is called the microsoft.com domain. If we use a simple number like most of the sites will use 10 webpages and divide that into the 25 Billion number of webpages plus – we can chop it down to 2.5 Billion Websites as very general. If we take just one percent of those as malicious content bad websites THEN these utiltiies claiming protection must have in the neighborhood of 25 Million bad domains out here as defintions in your computer or it is fraud and we just read this is physically impossible because of registry size.

CONCLUSION AS FAKE PRODUCT …… REMEMBER THEY SAY THEY “WILL PROTECT” AS ADVERTISING FOR DONATIONS….

So the defintions needed to support their claims of protection then has to be in the same ballpark as the 25 million bad websites added as Restricted Sites by their utilities. Now remember we just read at Microsoft that the Windows Registry has a 200M (million bits) size restriction. Now they are talking they are going to insert 25 million multi letter name domain words in the least, as new registry keys to fulfill their advertising and donation requests when in reality it may be in the hundreds if that.

So it is a compound or double deception. Number one, they have not possibly attained their advertised protection as they would have to have a minimum of at least in the tens of millions of known bad sites in their “Updates”, which are not updates at all but simply a new list of additional bad sites added to Restricted Sites.

And two, if they did as advertisied – simply the computer would cease to function from ‘incremental damage to the registry” – exceeding the “Registry Size Limit”.

FURTHERMORE…. If you don’t believe this – play this mediacast showing that the Restricted Sites does not even work ! …. (Webmaster of http://pdamobileCLOSEDcafe.net/ )
“Reticted Sites Circumvented – Does Not Block Successfully”
http://pdamobilecafe.net/CLOSED2010/04/27/reticted-sites-circumvented–does-not-block-successfully.aspx

POINT OF THIS EXERCISE – ? …..
WE DO NOT PROMOTE FEEL GOOD IN-SECURITY AND KNOW HOW DUMB YOU MAY FEEL RIGHT NOW AS WE DID WHEN WE WERE NEWBIES AND WENT TO THE SAME PLACES AND DOWNLOADED THE SAME FREE STUFF YOU ARE DOING. THE POINT OF THIS EXERCISE IS TO WAKE UP TO REALITY AND GET HIGH QUALITY PROFESSIONAL PRODUCTS THAT ACTUALLY PROTECT YOUR COMPUTER AND LIFE (ID THEFTS) A.S.A.P. ! ! !

Webmaster,

BLOG ENTRY:
http://blogcasts.bluecollarpc.orCLOSEDg/2010/05/23/restricted-sites-utilities-softwares-fraud-potentially-damaging-to-windows-registry.aspx
 

About Software Utilities Adding Restricted Sites lists to the Registry

THIS IS ABOUT USING RESTRICTED SITES UTILTITIES FOR “BROWSER IMMUNIZATION” OR “BLOCKS POTENTIALLY UNWANTED SPYWARE AND OTHER UNWANTED SOFTWARES” etc.

THIS EXPLAINS WHY THEY ARE A SCAM AND DAMAGING TO COMPUTERS AS WILL EVENTUALLY DESTROY THE COMPUTER SYSTEM RENDERING IT INOPERABLE

ASIDE FROM THE FACT THAT THIS BROWSER SOFTWARE SETTING ENTERS A REGISTRY KEY FOR EVERY WEBPAGE OR SITE BLOCKED AND HAS BEEN CIRCUMVENTED BY MALWARE – WE WILL START HERE WITH THE FACTS THAT CONTINUAL ENTRIES INTO THE WINDOWS REGISTRY WILL DESTROY THE SYSTEM MAKING IT INOPERATIVE…..

YOU MOST LIKELY THINK THEY ARE SOME MAGIC WAND OF PROTECTION — HERE IS ALL THEY DO AS “IMMUNIZATION” OR “PROTECTION” FOR DONATION MONEY…….
How to use security zones in Internet Explorer
http://support.microsoft.com/kb/174360
Restricted Sites Zone
“This zone contains Web sites that you do not trust. When you add a Web site to the Restricted Sites zone, you believe that files that you download or run from the Web site may damage your computer or your data. By default, there are no Web sites that are assigned to the Restricted Sites zone, and the security level is set to High.”
Generally the registry value added is “4″ from 0-4 SEE:   HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionInternet SettingsLockDown_zones4
SO THAT ONE KEY WILL BE ENTERED BY THEM FOR EACH BAD SITE THEY ADD TO UPDATE DEFINTIONS…..EXAMPLE:

EACH SITE ADDRESS MUST BE ENTERED HERE AS A “RETRICTED SITE” …..
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet
SettingsZoneMapDomains

EXAMPLE…. We are placing “adult.com” in Restricted Sites to show the key made immediately and written into the Windows Registry (adult.com as example here to block underage users on same PC – not saying it is a bad site at all)
HERE IS THE KEY IMMEDIATELY WRITTEN INTO THE REGISTRY TO BLOCK BROWSER ….
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet SettingsZoneMapDomainsadult.com

What Professionals and Experts say…..

You will see below a Professional explanation and why registry cleaners are used to prevent damage to Windows and/or softwares. Whereby certain utilities may add lists of sites and domains – this can be an exact example of “incremental entries” by softwares, or manually, into the Registry constantly per “definitions” Updates (lists of ‘bad’ domains added)….

Product Incrementation of Windows Registry –
Windows Registry Size Limits
http://www.liutilities.com/products/registrybooster/faq/registrycleaner/

“Fragmentation is a serious problem and occurs when application processes modify the registry continually and incrementally .
Eventually registry file sizes may exceed the Registry Size Limits imposed by Windows. This causes subsequent modifications to the registry to fail. Most registry repair software allow you to defrag your registry ensuring that such issues do not occur. This is true prevention.”

…..the constant inordinate or unusual ‘incrementation’ of constantly adding Restricted Sites and domain entries in great mass volume offers no real protection – as malware circumvents the Restricted Sites feature of any browser anyway – and as explained will lead to failure of software running processes and application design as well as the Windows Operating System.

The Windows Registry has an imposed size limit. When this is approached and to succession – Windows will fail to operate as well as other software that relies on normal incremental changes such as definition updates to antivirus and critical Windows Updates as prime example.

What is bottom line is, actually Windows can cease to function at some point of additions to the Windows Registry just like regular hard drive memory runs out at some point of continual downloads of files, media, etc.

SEE: Microsoft – Windows Registry Size Limits Imposed
Below are the Experts and creators of Windows facts….

Windows Registry Size Limits Imposed / Microsoft…
http://msdn.microsoft.com/msdnmag/issues/01/12/XPKernel/
There is a limit on the size of the System hive (the file that stores the HKEY_LOCAL_MACHINESystem key and its descendants) of 200MB, because of restrictions placed on the operating system boot loader by the environment in which it runs (the boot loader reads the System hive into memory very early in the boot process), but the limit for the System hive was just 12MB in previous versions of Windows…..

MORE:
Registry Size Limit functionality has been removed from Windows Server 2003 and from Windows XP
http://support.microsoft.com/kb/292726
Windows Registry Size Limits
http://msdn2.microsoft.com/en-us/library/ms724872.aspx
Registry Size Limit
http://www.microsoft.com/technet/prodtechnol/windows2000serv/reskit/r

Don’t listen to hackers – and this is extremely crucial with all systems released before Windows XP. The XP size limit was increased but has an imposed Size Limit by Microsoft. Some say “don’t worry about it”… and those are just the persons you remember when your computer fails. Too late then.

Hackers may tell you to set up “registry folders” for Windows 98 and 95 to place these downloads (lists) in that would save or add registry room which would be preposterous. Hackers will tell you if and when you run out of room in XP you can “increase the paged pool size – no problem”. Neither of these work or are true – and are bad hacks and they may be intentionally attempting these malicious pranks at your expense to destroy peoples machines like the “kiddie script” malware writers for “bragging rights” achieved. DUMP IT !

Did you know that antispyware programs like Webroot Spysweeper and Trend Micro Antispyware and the free Microsoft Windows Defender have real time active shields that block all “drive by” threat installations at all sites – not just “the bad ones – Restricted Sites” ?

This is what those that run donate forums and repair shops do not tell you so that they continually derive profit at the expense of the unknowing consumer. It is very simple – for 30 dollars a year you are good to go. End of story. Do it and dump it now before you injure your machine.

THE FRAUD OF THESE UTILTITIES

FACT – WELL OVER 25 BILLION WEBPAGES ……
World Wide Web
http://en.wikipedia.org/wiki/World_Wide_Web
Statistics
A more recent study, which used Web searches in 75 different languages to sample the Web, determined that there were over 11.5 billion Web pages in the publicly indexable Web as of the end of January 2005. As of March 2009, the indexable web contains at least 25.21 billion pages.

These products claim to….
“secures browser against dangerous sites and their unwanted malware” and explain their features as “preventing installation of spyware and other unwanted software, exploitation of security vulnerabilites, …”
IS THE FANCY DECEPTIVE WAY OF SAYING……
The product enters the entire list to date they have compiled as bad content websites and/or webpage addresses into Restricted Sites CREATING AN INDIVIDUAL REGISTRY KEY FOR EACH “DEFINTION” UPDATE FOR EACH WEBPAGE OR WEBSITE DOMAIN – one Windows Regsitry Key for each “automatic update” — and CONTINUALLY as new ones emerge, which is the activity of professional industry antivirus and antispyware companies attend continually to block threats from ALL.

NOW a collection of webpages makes up the website. Each website is a domain such as microsoft.com and is called the microsoft.com domain. If we use a simple number like most of the sites will use 10 webpages and divide that into the 25 Billion number of webpages plus – we can chop it down to 2.5 Billion Websites as very general. If we take just one percent of those as malicious content bad websites THEN these utiltiies claiming protection must have in the neighborhood of 25 Million bad domains out here as defintions in your computer or it is fraud and we just read this is physically impossible because of registry size.

CONCLUSION AS FAKE PRODUCT …… REMEMBER THEY SAY THEY “WILL PROTECT” AS ADVERTISING FOR DONATIONS….

So the defintions needed to support their claims of protection then has to be in the same ballpark as the 25 million bad websites added as Restricted Sites by their utilities. Now remember we just read at Microsoft that the Windows Registry has a 200M (million bits) size restriction. Now they are talking they are going to insert 25 million multi letter name domain words in the least, as new registry keys to fulfill their advertising and donation requests when in reality it may be in the hundreds if that.

So it is a compound or double deception. Number one, they have not possibly attained their advertised protection as they would have to have a minimum of at least in the tens of millions of known bad sites in their “Updates”, which are not updates at all but simply a new list of additional bad sites added to Restricted Sites.

And two, if they did as advertisied – simply the computer would cease to function from ‘incremental damage to the registry” – exceeding the “Registry Size Limit”.

POINT OF THIS EXERCISE – ? …..
WE DO NOT PROMOTE FEEL GOOD IN-SECURITY AND KNOW HOW DUMB YOU MAY FEEL RIGHT NOW AS WE DID WHEN WE WERE NEWBIES AND WENT TO THE SAME PLACES AND DOWNLOADED THE SAME FREE STUFF YOU ARE DOING. THE POINT OF THIS EXERCISE IS TO WAKE UP TO REALITY AND GET HIGH QUALITY PROFESSIONAL PRODUCTS THAT ACTUALLY PROTECT YOUR COMPUTER AND LIFE (ID THEFTS) A.S.A.P. ! ! !

————–

BLUECOLLARPC.US BLOGPOST

Many times asked “Best Easiest Free Registry Cleaner/Fixer

http://bluecollarpc.us/2011/03/10/many-times-asked-best-easiest-free-registry-cleanerfixer/

By bluecollarpcLast updated: Thursday, March 10, 2011 – Save & ShareLeave a Comment

Many times asked “Best Easiest Free Registry Cleaner/Fixer….

Our Answer…

Whole list here… http://bluecollarpc.us/windowsregistry.php
Uniblue Registry Cleaner Comparison Chart
LINKS/Soure: http://www.liutilities.com/products/registrybooster/comparisions/

For free the two best in the world are ….

(ADVANCED)
RegSeeker 1.55:
http://www.hoverdesk.net/freeware.htm
RegSeeker is a perfect companion for your Windows registry !
RegSeeker includes a powerful registry cleaner and can display various informations like your startup entries, several histories (even index.dat files), installed applications and much more ! With RegSeeker you can search for any item inside your registry, export/delete the results, open them in the registry. RegSeeker also includes a tweaks panel to optimize your OS ! Now RegSeeker includes a file tool to search for duplicate files, bad shortcuts
and more ! RegSeeker is FREE for personal use only !

GREAT FOR NOVICE AND ADVANCED – ALL …. (Use safest user settings)
RECOMMENDED:
PowerTools Lite – The Freeware Registry Cleaner
http://www.macecraft.com/ptlite/
Key Features

•Detects and fixes registry errors
•Finds and cleans unneeded registry junk
•Finds leftover temp files
•Clears History and MRU data
•Safe to use – automatic backup feature
•Multilingual user interface
•Based to the same award-winning engine as jv16 PowerTools

jv16 PowerTools by Macecraft has been consistently about the world’s best for a decade. Very, very, very well known by power users and that trusted. Costs bucks, however, they recently have given back to the community by releasing their Free Home Version no catches for real for all users. It has like four different settings of intensity for cleaning/fixing. Use simply the safest and at most one more click up in a scan/fix. Very fast, very safe. Best !

Also has back up one click button to restore anything deleted. You may want to get a little more familiar, but you can perform the full Registry Back Up BEFORE proceeding to ANY changes by opening the Windows Registry and make a COPY of it before change that can reinstall the full registry in a click.

HowTo….
Click > Start > Run and type in “regedit” without the parenthesis.
This opens the Windows Registry and don’t dare touch anything or you can render Windows/other softwares inoperable by a mistake !
NOW Click > File > Export…. (top left tabs). It will open the dialouge as if you were saving a file or media or software. NAME the file you wish to call it like “Reg_Back_up_Today” or anything you wish to call it so you remember and then Click > Save ….and usually to My Documents.
NOW WAIT about 30 to 60 seconds as it will then copy the ENTIRE Registry to the restore file. It can take even up to 90 seconds if ypou havea lot of stuff installed. Hover your mouse cursor over it to see progress. DO NOT DARE INTERRUPT THE PROCESS UNTIL COMPLETED !!! or you may cause dreaded Registry Damage ! Do NOT mess up with impatience or doubt !

IF USED TO RESTORE THE REGISTRY… you Double Click the Registry back up file created and DON’T DARE INTERRUPT THE PROCESS and can take even up to five minutes for it to rewrite in the Registry.

Note, after any changes to the PC you need to Export the Registry again in a new back up file to restore to current state of the PC such as new softwares added etc. Recommended to do this like weekly or monthly as how many times in a lifetime will this ever need to be done. Every blue moon – but you need the back up like to restore the computer if hit by malware plus files back up correspondingly.

Source(s):
http://bluecollarpc.us/windowsregistry.php

Webmaster, http://BlueCollarPC.US

 

FURTHERMORE READ THIS WHICH INCLUDES INFORMATION ABOUT MODERN REGISTRY CLEANERS THAT SEVERAL YEARS AGO WERE UPGRADED TO NOW ALSO PERFORM REGISTRY DEFRAGMENT TO HEAL REGISTRY FRAGMENTATION THAT OCCURS IN NORMAL USE AND WORSE IN HEAVY USE UNATTENDED…..

 

Why You Should Defragment Your Registry

http://www.maketecheasier.com/why-you-should-defragment-your-registry/2008/01/29

QUOTED:

The Need to Defrag the Windows Registry

If you monitor the registry of your system using a tool, you will see that it is accessed by your Windows operating system and programs installed on it more than a hundred times every second. Therefore, if your registry is fragmented and slow in responding to requests for information, it directly affects the performance of your PC and slows it down. This is the reason why it is important for you to keep your registry free from unwanted files and defrag it regularly to speed up your PC and maintain it at its optimal performance.

Causes for Registry Fragmentation

The registry is one of the most used components of your Windows system because it comprises configuration data of all hardware devices and software programs installed on your PC. Therefore, each and every operation that occurs on your system adds or removes information from the registry. Most of the time, when these entries are no longer required, they are removed from the registry. However, in reality, a lot of information gets left behind causing the registry to bloat up. This registry bloating eventually fragments and damages the registry files.

Registry files also get fragmented due to the accumulation of several empty registry keys within it. These keys are generated when the registry entries that are removed from the registry fail to remove their placeholders. In due course, the number of these empty registry keys increases in the registry and causes registry fragmentation.

How to Defrag the Registry

There is no tool available in your Windows system that you can use to defrag the registry. Therefore, the only way to defrag it is by using a reliable third-party registry cleaner tool. Today, there are a large number of registry cleaner tools available in the market today. You must choose and download the one that meets your requirements, carries good user reviews and is compatible with your operating system.

Registry tools are easy-to-use and enable you can defrag the registry easily in just a few mouse clicks. When you start the registry defragment process, your registry tool consolidates all the fragmented registry files, reindexes them to improve the data access time, and removes all empty registry keys to compress the registry.

When To Defrag the Registry

Because the registry defragmentation process enables you to remove empty registry keys, you must defrag the registry after you have performed any activity that removes a lot of entries from the registry.

For instance, after you clean up the registry using the registry scanner tool, all the invalid keys removed leave behind their empty place holders. In the same way, empty keys may get left behind when you uninstall applications from your PC. So, even if you would have removed all unwanted information from the registry—or uninstalled an application, the size of the registry may remain the same due to the existence of these empty registry keys. This is the reason you may always defragment the registry after registry scan and repair and program uninstall processes.

The registry is an important component of your Windows system and it is important for you to perform regular registry maintenance to ensure yourself a healthy, high-performance PC. You can do this easily using your registry cleaner tool. In addition to repairing registry errors and defragging the registry, you may also use the tool to backup the registry. It is quite useful to make regular registry back-ups, because if despite of all your maintenance activities the registry fails, you can easily restore it using the back-up you would have taken earlier.

This article is a guest post by James Ricketts

James Ricketts is a full time writer who loves to write about the errors, solutions, and various tips, tweaks, and nuances of the Windows Vista and XP registry. With his background in computers and writing he’s blended both his talents into writing helpful articles relating to various Windows and computer issues

http://www.maketecheasier.com/why-you-should-defragment-your-registry/2008/01/29

FURTHERMORE… ROOTKITS SEARCH FOR LEFT OVER FILES AND REGISTRY KEYS FROM UNINSTALLS TO USE THEM TO HIDE BEHIND TO AVOID DETECTION AND THESE ORPHAN FILES AND KEYS ARE SOMETIMES CALLED POTENTIAL SLEEPER FILES AND KEYS.

Advertisements

Forensics: “Unknown Flash Movie Virus”

(((FORENSICS~BUILD)))

Forensics: “Unknown Flash Movie Virus”

For a friend….

ESTIMATE: Embedded Flash Movie Malware Payload
NOTE: Possible Network Attack Associated – Botnet/Botmaster
SEE: Common Types of Network Attacks – TechNet – Microsoft
http://technet.microsoft.com/en-us/library/cc959354.aspx
(According to payload that executed, spoofed PC Identity apparent, unsuccessful)

DEVICE: Windows Vista HP (Home Premium) SP2 (Service Pack 2, Fully Patched) / IE9 (Internet Explorer Version 9) – on Home Network / Microsoft Security Essentials installed/running.

SYMPTOMOLOGY:
Viewing Flash Movie in embedded webpage player. Best description from user was sudden turbulence of browser and disconnection and system crashings and then the WGA (Windows Genuine Advantage) panel pop up on restart identifying PC as an illegitimate copy of Windows was running. Connectivity was not further possible.

SUSPENDED FORENSICS:
A full payload forensics was suspended citing any in-the-wild attack or proof-of-concept – and is not being posted publicly. Operating System was reinstalled to Factory Fresh – wiping the disk – now fully patched to current operation.
HISTORY: New virus first to infect Macromedia Flash (January 8, 2002)
http://news.cnet.com/New-virus-first-to-infect-Macromedia-Flash/2100-1023_3-803829.html

SYNOPSIS:
Apparently malware payload (not just a virus) executed on Windows Vista HP SP2 / IE9 while viewing flash movie in an embedded player at website. This was the only affected computer on a Home Network with other computers unaffected. Other peripherals and router were not affected. This may constitute as specific targeting of the IP via Network Attack. It seems possible a botnet infection was unsuccessful as connectivity was destroyed, yet the operating system was spoofed and identified as now a pirated copy of Windows via WGA technologies apparently. There were no ransomware activities observed http://en.wikipedia.org/wiki/Ransomware_(malware) …thus the spoofing of the Windows OS (operating system) itself as now a pirate copy indicates the WGA notification window/panel was valid and not a fake shell as some ransomware scam. Note it is possible it was simply a targeted payload to simply destroy the system from further use as the intended malware malicious intent.

DIAGNOSIS:
Apparent multi-malware payload executed through infected flash movie possibly originating from Apple/Mac computer as possibly an iFrame Movie.

iFrame (video format)
http://en.wikipedia.org/wiki/IFrame_(video_format)

Universally and historically Apple/Mac users are in ‘caveman’ days as not using antimalware. Recently things have changed, as infections have increased dramatically in infancy for this operating system. Linux even more so, their users are now told it is “polite” to use antivirus to protect uploading or exchanging any Windows infecting files from a Linux computer that do not affect Linux – but will infect Windows PCs. Newer Community guidelines. Years ago…..

Microsoft JPEG Vulnerability and the Six New Content Security Requirements
http://whitepapers.silicon.com/0,39024759,60129423p-39000575q,00.htm
In November 2004, a critical Microsoft security vulnerability (MS04-028) was discovered which could allow attackers to embed malicious code inside JPEG image files. Until that time, JPEG image files were considered immune to attack. To effectively deal with this vulnerability, security and IT professionals need to incorporate six new and critical content security requirements into their networks.

…..so that this is the idea with an infected flash movie. Simply visiting a website with the infected picture (JPEG) would infect the unprotected PC. Same with infected flash files is apparent here as source of infection.

NOTE…. Was a novice user and is believed there were possible additional clicks not mentioned possible that caused the malware payload execution.

REMEDY:
With a multi-malware payload as opposed to just a virus, the operating system was reinstalled / restored to Factory Fresh condition – wiping the disk first of all data. A much higher quality paid subscription antimalware product was installed and absolutely recommended! Note that Microsoft Security Essentials was the installed and active protection on the PC…. HOWEVER:

Is Microsoft Security Essentials adequate protection?
http://bluecollarpc.us/2013/04/21/is-microsoft-security-essentials-adequate-protection/
Review: Microsoft Security Essentials
http://www.expertreviews.co.uk/software/1295698/microsoft-security-essentials
Microsoft Security Essentials bombs AV-TEST, loses certification
http://www.geek.com/articles/geek-pick/microsoft-security-essentials-bombs-av-test-loses-certification-20121129/
Microsoft Security Essentials Fails Tests, Loses Antivirus Certificate
http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1
Microsoft Security Essentials fails AV-TEST again
http://www.bit-tech.net/news/bits/2013/01/17/ms-security-av-test/1
Microsoft fights back on antivirus certification fail, claims malware tests …
http://www.zdnet.com/microsoft-fights-back-on-antivirus-certification-fail-claims-malware-tests-arent-realistic-7000009998/

PLEASE REVIEW THE FOLLOWING INFORMATION AND RECOMMENDATIONS….

How to Fix a Flash Virus | eHow.com
http://www.ehow.com/how_5998536_fix-flash-virus.html

Adobe Flash
http://en.wikipedia.org/wiki/Adobe_Flash

SWF (ShockWave Flash)
http://en.wikipedia.org/wiki/SWF

What Is a Flash Cookie?
http://www.ehow.com/info_10020896_flash-cookie.html

Can Flash Extensions Be Harmful?
http://www.ehow.com/info_12229878_can-flash-extensions-harmful.html

How to Check & Uninstall Flash Cookies
http://www.ehow.com/how_5943906_check-uninstall-flash-cookies.html

How to Clear Macromedia Flash Shared Objects
http://www.ehow.com/how_6182429_clear-macromedia-flash-shared-objects.html

Website Storage Settings panel
http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

Visit the Adobe Flash Player Settings Manager http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager06.html

It is recommended to be aggressive here and deny all actually, especially noting that nefarious hackers break into microphones and webcams to spy. If having trouble after choosing to block all from being stored on computer go back and make adjustments. Any ‘faster’ use of allowing storage is antiquated and ancient as pertaining to 56K Dial Up years and years ago – as the vast majority have switched to broadband/dsl where available – not quite everywhere though (rural etc).

WEBMASTER BLUECOLLARPC.US
http://bluecollarpc.us/

The BlueCollarPC.US (and former domain extensions) has always been a free Community Help Site and here is a mock severe billing if able to work from an official PC Repair Shop…… LOL

————

JOB BILL / TICKET #001

# Bench Charge………………….$75.00

# Forensics Basic / Suspended…….$25.00
(Normally $150.00 with full reporting)
Discounted!

# Reinstall Factory Fresh Windows…$50.00
…Discounted !

# Fully Patched and Reinstalled
softwares, 18 hours (Vista SP2)….$100.00

TOTAL ……..$250.00

Catch Up With Java Malware Information

Catch Up With Java Malware Information….. Day after day seemingly, week after week, for about 100 days or more it seems cyber crime has declared war on Java a handful of ‘zero days’ as well have been suffered. For security reasons it has been actually advised to disable Java in ALL browsers and even uninstall Java from the computer. This has been no joke if you have not been keeping up with all the security warnings and actual INFECTIONS occurring via exploiting Java ! READ ON TO CATCH UP IF YOU MUST ! ! ! FOLLOW THE TIMELINE TO DATE….

CLICK THE MESSAGE LINKS TO GO TO THE WEBSITE AND FULL STORY DETAILS….

 Aug 29, 2012

US-CERT Alert – Oracle Java 7 Security Manager Bypass Vulnerability
Fw: US-CERT Alert TA12-240A – Oracle Java 7 Security Manager Bypass Vulnerability…System US-CERT Alert TA12-240A Oracle Java 7 Security Manager Bypass Vulnerability…Yet * Let’s start the week with a new Java 0-day in Meta…..

Critical Java 0-day flaw exploited in the wild
Critical Java 0-day flaw exploited in the wild Posted on Aug 27, 2012 06:11 pm Researchers…security firm FireEye have discovered targeted attacks exploiting a zero-day Java vulnerability to deliver the Poison Ivy RAT onto the unsuspecting victims…

Aug 30, 2012

Unpatched Java exploit spreads like wildfire
Unpatched Java exploit spreads like wildfire Naked Security Sophos customers are proactively protected against the malware payload as Troj/Agent-XNE and the malicious Java applet as Mal/JavaKnE-H. Sophos endpoint customers using our web protection…

Java 7 Under Attack: Researchers Advise It Be Disabled During The Interim
Java 7 Under Attack: Researchers Advise It Be Disabled During The Interim CRN…thereof. “IT administrators’ only defense at the moment is to limit the use to Java,” wrote Wolfgang …

Disable Java NOW, users told, as 0-day exploit hits
web

Disable Java NOW, users told, as 0-day
exploit hits web Register The vulnerability allows…keylogger or some other
type of malware . The payload does not need to be a Java app itself. In
the form in which it …

Java 0-day exploit added to Blackhole kit, still no news
about patch

Java 0-day exploit added to Blackhole kit,
still no news about patch Posted on Aug 29, 2012 12:20 pm The recently
discovered Java zero-day flaw that has been spotted being used in limited
targeted attacks in…

Aug 31, 2012

Zero-day Java flaw exploited in targeted tax email malware attack
Zero-day Java flaw exploited in targeted tax email malware attack by Paul Baccas on August…cybercriminals have taken advantage of the critical zero-day flaw vulnerability in Java, sending out malicious emails which pretend to come from an accountancy firm…

Java Zero-Day Malware Attack: 6
Facts

Java Zero-Day Malware Attack: 6 Facts
InformationWeek Businesses are growing worried about drive-by infections by
malware that exploits two zero-day Java vulnerabilities. Attackers,
apparently operating from China, chained the two…

Java is Insecure and Awful, It’s Time to Disable It, and
Here’s How

Java is Insecure and Awful, It’s Time to
Disable It, and Here’s How As usual, there’s yet another security hole in the
Java Runtime Environment, and if you don’t disable your Java
plugin, you’re at risk for being infected with malware. Here…

Sep 1, 2012

Java 0-day exploit served from over 100 sites
Java 0-day exploit served from over 100 sites Posted on Aug 30, 2012 03:23 pm The problem of the two unpatched Java zero-day vulnerabilities that are actively exploited in the wild by attackers…

US-CERT Releases Oracle Java JRE 1.7 Security Advisory
Fw: US-CERT Current Activity – US-CERT Releases Oracle Java JRE 1.7 Security Advisory —–Original Message—– From…Awareness System US-CERT Current Activity US-CERT Releases Oracle Java JRE 1.7 Security Advisory Original release date: Tuesday…

Oracle releases patches for Java vulnerability CVE-2012-4681
http://thehackernews.com/2012/09/oracle-releases-patches-for-java.html
21
hours ago – Oracle has released a new patch which kills off a
vulnerability
in Java 7 that was being exploited by malware developers. “Due
to the high
severity of these …

Encyclopedia entry:
Exploit:Java/CVE-2012-4681.DM – Learn more
http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Exploit%3AJava%2FCVE-2012-4681.DM
12
hours ago – Summary. This threat is detected by the Microsoft
antivirus
engine. Technical details are not currently available for this
threat. Top

Unpatched Java Vulnerability Exploited in Targeted
Attacks, Researchers Say

Unpatched Java Vulnerability Exploited in
Targeted Attacks, Researchers Say PCWorld (blog…has been … 

Oracle fixes Java 7 web browser flaw
Oracle fixes Java 7 web browser flaw IT PRO Software giant Oracle has finally released a patch…malware . The US government warned end users to be on their guard against Java 7 zero-day vulnerabilities … 

Oracle provides early patch for
Java

Oracle provides early patch for Java iTWire
The next Java update was scheduled for October 16…also includes fixes
for two other vulnerabilities affecting Java running …

Update Java in Control Panel ! Oracle releases security
patch for Java vulnerability

Oracle releases security patch for
Java vulnerability Siliconrepublic.com Before now, the only way to
protect computers from potential malware attacks exploiting this…

Sep 3, 2012

Oracle patches Java 0-day, researchers say there is
another one

Oracle patches Java 0-day, researchers say
there is another one Posted on Aug 31, 2012 02:09 pm Oracle has finally issued
an update for Java 7 (v 1.7.0_07) which solves the problem of the
CVE-2012-4681 vulnerability…

After patch, researchers find another Java vulnerability
After patch, researchers find another Java vulnerability SC Magazine Australia Hours after the company that maintains…

Oh No Not Again! New Java Vulnerability Uncovered In
Latest Java Update

Oh No Not Again! New Vulnerability Uncovered In
Latest Java Update Forbes Adam Gowdiak, CEO and founder of Security
Explorations, has…

Sep 5, 2012

Fake Amazon emails open the way for
malware

Fake Amazon emails open the way for malware Posted
on Sep 04, 2012 01:15 pm The CVE-2012-4681 Java zero-day vulnerability
might have been patched, but because it was added to the popular Blackhole
exploit kit and because most…

Fw: Another Java Security Flaw Appears After Oracle Patch
Another Java Security Flaw Appears After Oracle Patch TechWeekEurope…Researchers have uncovered another potentially Java security flaw, which could be used by hackers…Current Activity – US-CERT Releases Oracle Java JRE 1.7 Security Advisory ….

Rogue Microsoft Services Agreement emails lead to latest Java exploit
Rogue Microsoft Services Agreement emails lead to latest Java exploit Computerworld IDG News Service – Hackers are distributing…

Article: Thanks ever so much Java, for that biz-wide
rootkit infection

Thanks ever so much Java, for that biz-wide
rootkit infection Register Shortly after I awoke to…client called to inform me
his computer had contracted some malware . Java has, if you’ll forgive
the anthropomorphization of a bytecode virtualization…

Sep 14, 2012

Oracle confirms existence of another critical Java
flaw

Oracle confirms existence of another critical
Java flaw Posted on Sep 11, 2012 03:45 pm When Oracle finally patched the
CVE-2012-4681 Java 0-day that was being actively exploited…

Nov 2, 2012

Jacksbot Java malware can take control of Windows, Mac,
and Linux systems

Jacksbot Java malware can take control of
Windows, Mac, and Linux systems The Next Web…software company Intego
discovered malware which it classified as “a new Java backdoor trojan
called Java/Jacksbot.A.” New threats are discovered all…

Nov 24, 2012

Warning out vs new cross-platform
malware

…vendors warned computer users over the weekend
against a new malware that can potentially affect various platforms that support
Java. In a blog post, Trend Micro pointed out …

Jan 3, 2013

Java server malware targets Windows systems
Java server malware targets Windows systems SC Magazine Researchers have discovered a backdoor delivered by a malicious JavaServer Page (JSP), which targets vulnerable Java-based HTTP servers and allows an attacker to hijack infected systems. The malware…

Jan 12, 2013

New malware exploiting Java 7 in Windows and Unix systems
New malware exploiting Java 7 in Windows and Unix systems CNET The malware has currently been seen…OS X, may be able to do so given OS X is largely similar to Unix and Java is cross-platform. Additionally, the exploit is currently being …

Java flaw poses malware threat to PC users
Java flaw poses malware threat to PC users Financial Times A serious flaw in the Java software found on most personal computers could expose the machines to being…

New Java 0-day exploited in the wild
New Java 0-day exploited in the wild Posted on Jan 10, 2013 04:45 pm A new Java zero-day being exploited in the wild has been found. With the files we were…

Disable Java! Recent 0-day exploit is included in exploit kits
Disable Java! Recent 0-day exploit is included in exploit kits Posted on Jan 11, 2013 06:00 pm The Java zero-day that has recently been spotted being exploited in the wild has turned…

Jan 13, 2013

US-CERT Releases Oracle Java 7 Security
Advisory

Fw: US-CERT Current Activity – CERT Releases Oracle
Java 7 Security Advisory…Vulnerability Note VU#625617 to address a
vulnerability in Oracle Java Runtime Environment (JRE) 7 and earlier that
is currently…

Jan 15, 2013

Week in review: Java 0-day wreaking havoc, hiding
messages in Skype silences, Apple prevents popular app scam
tactic

Week in review: Java 0-day wreaking havoc,
hiding messages in Skype silences, Apple prevents popular app scam tactic Posted
on Jan 14, 2013 06:00 am…

US-CERT – Out-of-Band Patch to Address Java 7
Vulnerability Released

…Current Activity – Oracle Releases Out-of-Band
Patch to Address Java 7 Vulnerability…band patch to address the
recently announced vulnerability in Java Runtime Environment (JRE) 7.
US-CERT encourages users and…

Security: Homeland Security Warns About Java
Malware

Homeland Security Warns About Java Malware
DrJays.com Live A newly-discovered vulnerability
in…

How To disable Java in my web
browser

How do I disable Java in my web browser?
http://www.java.com/en/download/help/disable_browser…Macintosh OS X
•Browser(s): Internet Explorer, Firefox, Chrome, Safari •Java version(s):
7.0, 7u10+ FULL INSTRUCTIONS (easy) …..

Jan 16, 2013

Oracle patches critical 0-day with new Java
update

Oracle patches critical 0-day with new Java
update Posted on Jan 14, 2013 01:05 pm Oracle has released Java 7 Update
11, the computing platform’s newest version that patches…

Oracle delivers 86 security
fixes

…fixes Posted on Jan 16, 2013 10:06 am Oracle has
had two major updates in the last 2 days. On Sunday, Jan. 13 a new version of
Java 7 was released that addresses the 0-day vulnerability that has been
exploited in the wild. The Oracle C…

Surprised? Old Java exploit helped spread Red October
spyware

Surprised? Old Java exploit helped spread Red October spyware Register Unpatched Java installations…October on
Monday, …

Malware masquerades as patch for
Java

Malware masquerades as patch for Java
ITworld.com Hackers often disguise their malware as a legitimate…

Jan 21, 2013

Java Security ‘Fix’ Is Disguised Malware
Attack

Java Security ‘Fix’ Is Disguised Malware
Attack InformationWeek The malware may be…against browsers. The attack begins
with a Web page warning that a newer version of Java is required to …

Newest Java update doesn’t fix fresh critical
vulnerabilities

Newest Java update doesn’t fix fresh
critical vulnerabilities Posted on Jan 21, 2013 03:26 pm Another week, another
zero-day threatening millions of Java users. As you might remember, last
week Oracle released Java 7 Update 11, which…

Jan 28, 2013

Beware of fake Java
updates

Beware of fake Java updates CNET January 22,
2013 9:30 AM PST. Following recent security vulnerabili…vulnerabilities in
Java, malware developers are taking a new approach to exploit the
Java platform by issuing false updates that pose as legitimate updates
for the…

Java’s new “very high” security mode can’t protect you
from malware

Java‘s new “very high” security mode can’t
protect you from malware Ars Technica Security researchers have uncovered a
newly discovered bug in Oracle’s Java framework that allows attackers to
bypass important security protections designed…

Feb 2, 2013

US-CERT- Oracle Releases Out-of-Band Patch to Address
Java 7 Vulnerabilities

…Current Activity – Oracle Releases Out-of-Band
Patch to Address Java 7 Vulnerabilities —–Original Message—– From:
Current…out-of-band patch to address multiple vulnerabilities in the
Java Runtime Environment (JRE) 7 Update 11 and earlier. These
vulnerabilities…

Security: Firefox will block by default nearly all
plugins

Firefox will block by default nearly all plugins
Posted on Jan 30, 2013 08:08 pm Following the recent debacle of the critical
Java 0-day that was being actively exploited in the wild, in an attempt
to minimize its users’ attack surface Mozilla has enabled “Click…

Feb 6, 2013

Oracle rushes out emergency Java
patch

Oracle rushes out emergency Java patch
Posted on Feb 04, 2013 01:44 pm If you’re still among the users…computer, be
advised that Oracle has released a critical patch update for Java SE
(Java 7 Update 13) on Friday. …

Feb 18, 2013

Facebook disables Java after
hack

Facebook disables Java after hack
VentureBeat The malware came through another issue with Java…Department
of Homeland Security even recommended that people uninstall Java since
hackers were finding new …

Feb 20, 2013

Apple issues malware removal tool today,
attacked

…tool today The Verge “Apple has identified
malware which infected a limited number of Mac systems through a vulnerability
in the Java plug-in for browsers,” the company said in its statement.
“The malware was employed in an attack against Apple and other companies…

Apple victim of malware
attack

…malware attack. A small number of systems inside
the company were compromised. The malware attack was tied to a vulnerability in
a Java plug-in for browsers, Apple said in a statement sent via email.
“There is …

Feb 22, 2013

US-CERT Updated Release of the February 2013 Oracle Java
SE Critical Patch Update

…Current Activity – Updated Release of the
February 2013 Oracle Java SE Critical Patch Update —–Original
Message—– From…an updated February 2013 Critical Patch Update for Oracle
Java SE to address a vulnerability. This vulnerability could allow…

Apple Releases Code To Remove Java Hack
Malware

Apple Releases Code To Remove Java Hack
Malware Fast Company In the wake of this attack Apple…malware. The Apple hacks
happened when a vulnerability in Java, …

Latest Mac malware attack shows that Windows 8 is more
secure ?

…blog) Apple has admitted that Macs inside the
company were recently victimized by a malware attack. They were hacked in a
drive-by Java exploit. In response, Apple patched the security hole in
older systems vulnerable to the attack, and also released a tool …

Uninstalling the Terrible Ask
Toolbar

…your computer, don’t be ashamed – it could
happen to anybody. Especially considering that is bundled with the equally awful
Java runtime. Those people should be ashamed of themselves. ….

Mar 2, 2013

Java malware sets its sights on your Minecraft
passwords

Java malware sets its sights on your
Minecraft passwords Geek This piece of malware is quite a bit more
sophisticated, too. It’s made of multiple Java applets that are hidden
after being dropped onto a compromised system. The tool…

New Java 0-day exploited in ongoing
attacks

New Java 0-day exploited in ongoing attacks
Posted on Mar 01, 2013 03:48 pm FireEye has detected yet another Java
zero-day vulnerability being exploited in attacks in the wild. Affected
updates…

How To Use HiJackThis to find Malware infection Part One

How To Use HiJackThis to find Malware infection Part One

HijackThis – Trend Micro USA (Genuine Freeware) [wrkx w/ Netbooks]
Trend Micro HijackThis is a free utility that generates an in depth report of registry and file settings from your computer.
http://free.antivirus.com/hijackthis/
http://en.wikipedia.org/wiki/Hijackthis
http://sourceforge.net/projects/hjt/
HiJackThis UPDATED:
Trend Micro Releases HijackThis Source Code to sourceforge.net
MarketWatch (press release)
http://www.marketwatch.com/story/trend-micro-releases-hijackthis-source-code-to-sourceforgenet-2012-02-17

RUNNING A HJT LOG ANALYSIS PART ONE

There is always this need to review this magic utility – how to use it responsibly and SAFELY.

( FYI…. (for your information) The niks [nick names] are “HJT” and “HJT Log Help” and “HJT Log Analysis” – HiJackThis Log help – you may see around at forums etc. )

If you have never performed a HiJackThis Analysis, they are a simple quick look at start up items which may reveal malware installed that is starting up with the computer system and other softwares installed, and set to run every start up. An HJT Log may show a resident threat in some areas. It can reveal malware toolbars installed and possibly other threats misusing an Active X item. HJT generates a sort of system read out snapshot in a text log file that can be examined in depth.

HiJack This was NEVER designed to be a malware remover. It is NOT to be used as one or as a substitute for one. It is always mentioned to the average user to NEVER make changes to the computer with HiJackThis, but rather go to an Advanced User or Professional help online or elsewhere as a friend in the know and savvy at malware removal help. Mistaken use may cause damage to the system and/or other softwares rendering them inoperable.

IF YOU WERE TO CHOOSE “FIX THIS” ….. UH-OHH

If you clicked “Fix This” on any valid process or software – it may delete or corrupt that part of the Windows OS (operating system) or other softwares – now rendering them inoperable. NEVER click “Fix This” unless you are an Advanced User or Professional or have been directed to do so by one.

This may delete the executable file and possibly a “run” registry key, etc.

It can not delete/uninstall malware payload files and registry key entries – the FULL threat – and these left overs can be re-used by malware and potentially hide from antimalware products now. They may also, being orphaned (executable deleted, payload remnant = orphans), being orphaned may be used by a rootkit to hide from detection as an inert file not deemed as a threat during antimalware scans. At best, quality antimalware products may detect these possibly – possibly – as variants and quantine / remove these during a scan. Proabaly not.
 
In cases of in the wild threats or other severe threats rifling and hijacking control of the PC, their executable showing up in the scan/log HJT Log —- to regain control of the computer for the User it may possibly be used to delete the start up entry – the executable generally – “malware.exe” fantasy example. If it is a known malware threat (s) – their payload installation files can be found in full from online malware databases. Having regained control of the computer by deleting the executable from start up, the rest of the payload can now be manually removed. In cases of in’the-wild threats’ – the executable deleted can give control back of the PC, and a follow up to delete the entire installation manually will have to be performed when the payload is known and posted publicly. It should be cautioned to the user in this state to either not use the PC or just very sparingly as instability may occur or further infection activity.

That/this is all because generally the user has no Emergency Repair CD to reinstall Windows and needs the hail mary scenario to save their Computer from the trash – purchased by their hard earned sawbucks and as not being able to replace in the near future – stuck without a PC. It may be used in cases just to regain control of the PC to be able to access private files one wishes to back up – make a copy of – before reinstalling the system to Factory Fresh – wiping the entire disk first, another hail mary to save important files or documents, pictures, movies, etc. If the User is aware of that, proceed with that understanding.

Bottom line….. If you irresponsibly use, or give instructions to irresponsibly use, HJT – ignoring example hazards and damge warnings above – you may find it all come back on you by some smear blitz over the internet about “so and so destroyed my computer that creep ! ” to say the least. If you are a professional or company, you may be sued for damages for gross negligence and deceptive practices and destruction of computer equipment. That would have to be defined by Lawyers and the Court.

PART TWO WILL SHOW THE ACTUAL ANALYSIS. >>>
Click > Do System Scan and Create Log File

Webmaster:
Malware Removal / Amateur Forensics
Membership/Join List:
Free Malware Removal Help / A Community Website Since 2005

Typical Question – How did I get infected with trojan and virus

Typical Question – How did I get infected with trojan and virus…

http://answers.yahoo.com/question/index?qid=20110923202712AAmHzZF
(I am antibotnet Yahoo ID as webmaster www.bluecollarpc.us)

It

may help a little with orientation with the behavior of malware. A trojan takes control and wants to do something and will rifle actions to get it done. A crash may occur because it is not normal expected behavior of the healthy system as is giving control command in an underhanded way as brute force. Trojans have evolved greatly and they have security software disabling trojans which disable free products and some shareware products as well. There are now Downloader Trojans that install more and more malware as the rootkit usually does. There are backdoor trojans that affect connectivity and control vital areas.

The crash you mention probably did occur from the trojan infection and spyware does this too as opposed to a computer virus or worm. AVG did indicate a trojan infection found.

Viruses take over files to spread themselves. Some are specifically created to destroy computer files, systems, or drive itself. Newer ones have been crafted to steal passwords.

Your problem seems to be you are using the free AVG version which will NOT protect the computer because Real Time Protection is only activated in paid subscription antivirus and antispware products. If you had AVG paid antivirus – it would have blocked the trojan infection from occurring. NOTE today there are many newer and sophisticated trojans that simple antivirus no longer detects all. Antispyware will detect many of these and particularly ones used in spyware installations.

These can happen anywhere on the world wide web at any infected website whether hacked or intentionally a malicious content website. This is called a “drive by infection” meaning the unprotected computer will get infected just by visiting a bad website. This can include and is not limited to virus, trojan, spyware, and botnet infections. You MUST have Real Time Protection activated or there is NO protection.

The free home version scanners are called stand alone on demand scanning as “reactive” protection. Paid subscription security softwares have all this plus the “proactive” Real Time Protection processes (heuristics) that block all infections from occurring in the first place. All that gets past this is generally embedded malware in some software download that can be found by scanning the package FIRST before clicking to install OR will detect it trying to execute when the installer package is double clicked to execute the installation.

Threatfire is great as just the Real Time Protection processes protection themselves for both ativirus and antispwyare catagory threats. You can add that and scan regularly with AVG free. http://www.threatfire.com/
You forgot antispware with Real Time Protection – get free from Microsoft, Windows Defender to add to this package….. http://www.microsoft.com/athome/security/spyware/software/default.mspx

There are only two or three known antivirus and antispwyare programs in the world that have offered free Real Time Protection products, and fortunately they are far from dog programs. They have won several prestigious awards that the big companies have such as the VB100 Award and West Coast Certification to name a couple. I would pick one and install it immediately and keep AVG off to the side as a secondary stand alone scanner.

Microsoft Security Essentials
http://www.microsoft.com/security_essentials/

Comodo Free Anti Virus
http://antivirus.comodo.com/

ALSO
Spyware Terminator
(Antispyware and antivirus. Real time protection added ! )
http://www.spywareterminator.com/
* Fast spyware scanning
* 100% real-time protection
* HIPS protection
* Antivirus protection
* Multilanguage Support

Source(s):

http://bluecollarpc.us/Threats_FAQs.html

Lavasoft Ad-Aware back in the News

Lavasoft Ad-Aware back in the News….

Lavasoft Ad-Aware was one of the pioneers in antispyware defense program software applications. I remember it well and was one of the ‘first loves’ way back in the beginning of the Windows XP years. Originally it was obviously among the top defenders. Graciously they offered a free home version to the public along with gaining more defenses by purchasing the full version. Along the way, the industry leaders kind of left it in the dust – among some Trend Micro Antispyware,  Spysweeper, CounterSpy, to name the few. Surprisingly, they are back in the news but I rely on independent labs results rather than ‘newbie hype’ or perhaps tainted news editors departments ‘test results’. ….for what it is worth…

ARTICLE: Lavasoft’s Ad-Aware Awarded PC Magazine Editors’ Choice

Zawya (press release)

Respected PC Magazine lead security analyst Neil Rubenking, who recently reviewed both versions of Ad-Aware said, “This latest Ad-Aware remains very effective at keeping malware out of a clean system and adds new technology that improves its ability to …

http://www.zawya.com/story.cfm/sidZAWYA20110327064724

___Next they will have to catch up to “Cloud Computing” products as industry leaders Trend Micro and Webroot have innovated…. I have a short blog blast here on that subject…

Desktop/Laptop Cloud Computing – new “super antivirus” for the New Decade

March 8, 2011 — bluecollarpc

https://bluecollarpcwebs.wordpress.com/2011/03/08/desktoplaptop-cloud-computing-new-super-antivirus-for-the-new-decade/

ALWAYS OBSERVE BAD PRODUCTS LISTS

Title: The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites

Description: Bad, False, Fake products

URL: http://www.spywarewarrior.com/rogue_anti-spyware.htm

LavaSoft — The Rogue Gallery

http://www.lavasoft.com/mylavasoft/rogues/latest

The Rogue Gallery, powered by the Malware Labs at Lavasoft, is a resource dedicated to keeping computer users safe from rogue security software. By providing a comprehensive database of current rogue security applications, you have the ability to clearly see what programs are considered rogue – and avoid them.

Partial list of rogue security software

http://en.wikipedia.org/wiki/Rogue_security_software

Scareware / From Wikipedia, the free encyclopedia

http://en.wikipedia.org/wiki/Scareware

Rogue security software / From Wikipedia, the free encyclopedia

http://en.wikipedia.org/wiki/Rogue_software

For reference I am webmaster http://BlueCollarPC.US/  (Windows – Community Help malware removal/info)

Since 2005

Rogue Gallery Helps IDentify Scam Software

Rogue Gallery Helps IDentify Scam Software

If you’re trying to figure out whether that “MalwareDefender2009” program is a legit app or a scam, a new listing of the known scams can help. …..
http://www.networkworld.com/news/2009/120109-rogue-gallery-helps-id-scam.html?source=NWWNLE_nlt_security_2009-12-02

SEE

LavaSoft (makers of Ad-Aware, more)
The Rogue Gallery
The Rogue Gallery, powered by the Malware Labs at Lavasoft, is a resource
dedicated to keeping computer users safe from rogue security software. By
providing a comprehensive database of current rogue security applications, you have the ability to clearly see what programs are considered rogue – and avoid them. Navigate the Rogue Gallery by displaying the latest threats or by searching for specific programs, listed in alphabetical order. Use the “Submit a Rogue” link to quickly and easily send any suspicious programs directly to Malware Labs to be analyzed.
http://www.lavasoft.com/mylavasoft/rogues/latest

SEE
Title: The Spyware Warrior List of Rogue/Suspect Anti-Spyware Products & Web Sites 
Description: Bad, False, Fake products 
URL:  http://www.spywarewarrior.com/rogue_anti-spyware.htm 
About This Page – Please Read:
Those who have followed the development of this page since 2004 will have noted that the list of “rogue/suspect” anti-spyware products has not been updated since May 2007. Unfortunately, other time commitments have precluded our efforts to keep that list up to date. Since the last update dozens of “new” rogue anti-spyware programs have hit the ‘Net. The vast majority of them, however, are not really new, but are simply re-branded clones and knockoffs of the same rogue applications that have been around from years. In most cases, they are being pushed through the same deceptive practices by the same parties responsible for earlier versions. See in particular these “families” of anti-spyware products, which continue to live on through shameless re-branding: 15, 18, 19, 21, 22, & 23. 
If you are looking for information on the most recent rogue anti-spyware applications, we recomend visiting these sites:

BleepingComputer.com: Spyware & Malware Removal Guides
MalwareBytes: Newest Rogue Threats
MalwareBytes Blog
Bharath’s Security Blog
VitalSecurity.org
Sunbelt Blog

TO FIGHT FAKE ROUGE PRODUCTS YOU ARE GOING TO HAVE TO BECOME FAMILIAR WITH AGE OLD TRUSTED PUBLICATIONS SUCH AS ARSTECHNICA.COM AND PCWORLD.COM AND CNET.COM AND ON AND ON….. FAMILIAR AND POPULAR DESTINATIONS ON THE WORLD WEB THAT ARE WELL ESTABLISHED AND WELL KNOWN AND HAVE WRITE UPS ABOUT REAL PRODUCTS.

I HAVE JUST SEEN A FAKE PRODUCT VARIANT OF MALWARE VIRUSBURST SITE THAT LOOKS LIKE A REAL ANTIVIRUS PRODUCT WEBSITE WITH SEARCH ENGINE RESULTS CLAIMING IT JUST WAN ITS 4TH VB100 AWARD !!!! 

FBI Releases Warning about Scareware (US-CERT) http://www.us-cert.gov/current/index.html#fbi_releases_warning_about_scareware
KNOW AND ASK ABOUT AGE OLD KNOWN PUBLICATION WEBSITES FOR CROSS REFERENCES OF PRODUCTS – BELOW ARTICLE SHOWS 16 TOP PRODUCT NAMES THAT YOU NOW KNOW ARE NOT ROGUE FAKE ANTIVIRUS PRODUCTS. IT HAS TURNED INTO A NIGHTMARE CURRENTLY !!! BELOW ARE YOUR TOP WORLD PRODUCTS – SHAREWARE ……PRELIMINARY LIST WILL ADD MORE / JAN 2010

Rating the best anti-malware solutions
http://arstechnica.com/security/news/2009/12/av-comparatives-picks-eight-antipua-winners.ars

Here are the results of this particular test:

1.G DATA Antivirus 2010: 99.8 percent
2.Trustport Antivirus 2010: 99.8 percent
3.AVIRA AntiVir Premium 9.0: 98.9 percent
4.McAfee VirusScan Plus 2010: 98.9 percent
5.BitDefender Antivirus 2010: 98.6 percent
6.eScan AntiVirus 10.0: 98.6 percent
7.F-Secure Anti-Virus 2010: 98.6 percent
8.Symantec Norton Antivirus 2010: 98.6 percent
9.Kaspersky Anti-Virus 2010: 96.7 percent
10.ESET NOD32 Antivirus 4.0: 96.5 percent
11.avast! Free 5.0: 96.3 percent
12.Sophos Antivirus 9.0.1: 95.4 percent
13.Microsoft Security Essentials 1.0: 94.6 percent
14.AVG Anti-Virus 9.0: 93.9 percent
15.Norman Antivirus & Anti-Spyware 7.30: 88.5 percent
16.Kingsoft AntiVirus 9 Plus: 87.1 percent

VB100 Award = Perfect scores ! (Top AntiVirus World Prize)
http://www.virusbtn.com/vb100/index
http://en.wikipedia.org/wiki/Virus_Bulletin
About the Virus Bulletin 100% award
The Virus Bulletin 100% awards recognise those products best able to detect viruses known to be ‘in the wild’. Unlike some other similar-sounding schemes, Virus Bulletin uses the most up-to-date WildList in its tests. This means that products that are ‘up with the game’ are the ones most likely to be granted VB100 awards. More information about Virus Bulletin can be found on its website: www.virusbtn.com.

ESET NOD32 Currently 59 VB100 awards !
http://www.eset.com/
http://en.wikipedia.org/wiki/ESET_NOD32
This brings the ESET Antivirus VB100 award total to 59 – still
the highest of any antivirus vendor!
December 2009 – ESET antivirus scoops 59th VB100 Award
http://www.betterantivirus.com/nod32-and-virus-news/archives/1456-December-2009-ESET-antivirus-scoops-59th-VB100-Award.html

Sophos Antivirus (UK)
http://www.sophos.com/
http://en.wikipedia.org/wiki/Sophos
Sophos’s anti-virus engine and identities are now packaged into
Webroot Spy Sweeper with Anti-Virus (Webroot Spysweeper one of world’s best)
http://www.webroot.com/
Sophos wins VB100 on Windows XP
http://www.sophos.com/pressoffice/news/articles/2009/04/vb100.html
…..the 46th VB100 that Sophos has received !
(Note, Sophos is a corporate business application only available to Home Desktop in the new “marriage” combo suite created recently with industry leader Webroot Spysweeper.)

F-Secure
http://www.f-secure.com/
F-Secure Awards – Award-Winning Antivirus and Protection Products
http://www.f-secure.com/en_US/about-us/awards-reviews/2009/

Advanced +++ in AV-Comparatives Performance test
Dec 23, 2009
Anti-virus (Award)
F-Secure Internet Security 2010 receives VB100 award in the latest Virus Bulletin comparative review.
http://www.f-secure.com/en_US/products/home-office/internet-security/
VB100 award
Dec 01, 2009
Internet Security (Award)

Kaspersky (Russia)
http://www.kaspersky.com/
Kaspersky Lab’s antivirus solutions win prestigious VB100 award in testing on Windows 7 platform
http://www.kaspersky.com/news?id=207575987
One of the most popular anti-virus solutions among computer users, Kaspersky Anti-Virus 2009, won a VB100 award from Virus Bulletin on Windows Vista Business Edition.

Avast
http://www.avast.com/
http://www.avast.com/eng/awards.html

PC Tools Spyware Doctor with AntiVirus (PC Tools Spyware Doctor one of world’s best)
http://www.pctools.com/consumer/products/
PC Tools receives prestigious Virus Bulletin VB100 awards
for Spyware Doctor and PC Tools AntiVirus
http://www.pctools.com/news/view/id/177/

Avira
http://www.avira.com/
http://www.avira.com/en/company_news/avira_receives_again_vb_100_award_on_windows_xp.html
Desktop Products
 Avira AntiVir Premium
 Avira Premium Security Suite
 Avira AntiVir Professional

CounterSpy (antispyware) with Vipre Antivirus (CounterSpy one of world’s best)
http://www.sunbeltsoftware.com/
VIPRE® Antivirus + Antispyware from Sunbelt Software Wins VB100 Award for Malware Detection on Windows 7 Platform
http://www.sunbeltsoftware.com/Press/Releases/?id=322
http://www.counterspy.com/

Kingsoft Internet Security
http://www.binarynow.com/
Kingsoft Internet Security 2009 obtains VB100 award from Virus Bulletin for April 2009
http://www.binarynow.com/internet-security/kingsoft-internet-security-2009-obtains-vb100-award-from-virus-bulletin-for-april-2009/
Kingsoft Internet Security 9 Plus
Internet security suite that contains anti-virus, anti-malware, a vulnerability scanner and personal firewall.
Find and fix rootkits, spyware, trojans, virus and malware infections. Protect your PC for less!
Forefront Client Security
http://www.microsoft.com/forefront/clientsecurity/en/us/product-information.aspx
Forefront Client Security wins VB100 award for Windows Server 2008 anti-malware
http://blogs.technet.com/forefront/archive/2008/10/02/forefront-client-security-wins-vb100-award-for-windows-server-2008-anti-malware.aspx

%d bloggers like this: