Saturday, November 8, 2014

Virus Laden Troll Links at ENENEWS, Trojan Nuke Troll

FINALLY!

The trolls at ENE have really helped again.   Read this nightmare, but don't worry, there is a happy ending.

A few weeks ago, a troll had placed a link supposedly to a research paper, on ENENEWS.    Indeed, the paper was there, but apparently a pretty sophisticated payload consisting of virus "Smart Guard" and others viral forms also infected my main computer.   I was only running AVG which is a free virus scanner at the time.      This was a pretty nasty virus.    It would change the security settings on my browser, so even to view a PDF you were forced to reconfigure your security settings, which were incidentally toggled to the "custom range" in which it would be easy for someone to open up way to much security in an effort to get the download or view the file they want.    Once your security settings were "loosened" then the virus would use that opening to inject even more nasty stuff.   Ya, they got me.

BEWARE OF TROLLS BEARING GIFTS and LINKS



The virus also prevented the installation of virus removal software like Malware Bytes, and prevented a drive imaging program from making a backup copy of the OS drive.    I am sure it was preventing other things from running also, but those were so of my main tools to protect data and extract the nastys.

So this post is about informing people of some basic computer tools that really work, and are relatively low cost compared to spending days fixing a computer or limping along with decreased functionality, aka  poorly name "workarounds".

Another surprising aspect of this latest infection is that it deleted all my restore points!    These are the Restore Points builts into Windows 7.      It is amazing that Windows 7 would allow anything other than "full control" over your computer from an admin account to delete restore points.

1) Restore Points is used by Windows to revert to a previous time, when you weren't having problems.   You lose no data either, just the system files are Restored.   This is a powerful and simple tool that anyone can use, and you should know about it.       Well its powerful unless your nuke industry virus providers found a way to delete your restore points!   LOL, ouch.

The virus also partly took over Outlook 2010 and created a folder within Outlook that said "Infected Items"  in which there was one email bolded within there.   That was surprising and of course I did not click it.    Hmmm, maybe Bill Gates ought to spend a little on hardening our basic communications systems rather than filling the world with vaccines.

The virus also created millions of files in my Operating System drive in a user "Temp" file which bloated the hard drive with hundreds of gigabytes of junk data, literally millions of files.    This made the hard drive highly fragmented and HUGE.    The massive size made it impossible to a "Drive Image" which is a form of backup.

Finally, the virus seemed to want to do two things that I know of.    It would try to send packets of information out (to Russia).       I had installed ESET NOD32 Antivirus 6 (this program was unable to remove the viruses in their entirety, FYI) and ESET was able to prevent these outgoing packets, sometimes 2 or 3 in 5 seconds, thousands a day.     I tagged the intended IP address and it appeared to be a location in Russia, although these type of things can be faked, especially by those capable of deploying and creating such a broadbased and capable virus.

And the last effect was created primarily from taking over a legitimate windows process, the process that windows uses to show thumbnail display of images in your computer, this process would replicate itself over and over again, with varying waves of taking up some or all your computer processing power.    This would bring the computer to a crawl.     But sometimes the computer would work OK also.    Also with this, the viruses would rev up and rev down the DVD drive (in Stuxnet fashion), just making an annoying background noise.    Stuxnet is a high level virus purportedly developed within the military/intelligence/nuclear community (may I say Cartel) meant to rev up and rev down centrifuges for nuclear fuels to destroy them.     Certainly running your drives fast up and down, and running processors at top speed is not going to be good for them.  

OK sounds pretty horrible right?    Indeed, I have seen persistent malware / viruses before, but not as far reaching as this.     None that tried to use my computer as a zombie transmitter.

Neither ESET nor Malwarebytes nor AVG was able to extract this beast, although they did seem to be able to knock off a few of the Medusa heads, but then the heads would them grow back in a fashion.
-------------------------------------------------------------------------------------------------------------------

In a future post I am going to introduce people to some important tools that are easy enough for everyone to use.  

Acronis True Image - Can completely restore your computer, even if all of the Windows restore points have been destroyed.
  1. Malwarebytes -- a free and purchasable software program that is more capable than most
  2. TOR - a way to surf the internet with nearly complete anonymity (caveats apply)
  3. Backup my PC
OK The Outcome?    It is always "annoying" to have to revert to an earlier "Drive Image" and find you have some unintended consequences, so you don't do so unless you have a real problem, if you have decent work arounds, you probably do those rather than "Ghost back" (an old school term for recreating your computer drive using a drive image, back in the day when Norton's 'Ghost' program was all the rage)

So faced with a "real problem" I Ghosted back my computer to June 2013 state, when it was pretty new.      Whallah!     Tons of problems that had built up over 1.5 years all went away, and the computer is clean and fast.     Everything loads fast, windows opens fast, and it is a joy to use.

Thanks to the Nuclear Asshat Trolls who motivated me to take this simple step.      Now I have full functionality on using TOR, I also regained the ability to modify Nukepro blog from my main computer, which incidentally was lost exactly as I was exposing the coverups at WIPP.

So thank you Virus laden trolls of the nuke industry at ENENEWS.     Ya fixed it!   LOL

Be careful of trolls bearing gifts and links.    At least make sure you have some real virus and malware running.
=====================================
Apparently I wasn't the only one to get hit

obewanspeaks
I lost 2 hard drives connected to the same computer within 24 hours of each other..what are the chances of that one?
Slim to none. :(
Evil walks tall these days..
===================================================
Another testimonial of the intentional damage caused by the nuke cartel

ISPC
Yes. stock. My machine was infected from pigman's links. You may have noticed he bragged about his criminal asshosiates in the basement of the ciansa building cooking it up for us. The malware/trogans/viruses were extremely extensive on my machine. They completely took out IE. Firefox worked longer; but that lead to more misdirected links, and more trogans, malware, and virus info downloaded when pages were closed out. It/they destroyed the Startup File. It took out the Startup Repair. It took out the Restore Points. It shut down the Antiviral Software(Microsoft's was first to go). I do not believe all this damage was done by simply one link, and one virus, trogan, or malware. I think it was cumulative. It/they tracked usage prior to disabling, and forwarded this info. I think it is best to run Anti Malware like Spybot and Malwarebytes, and Antiviral Software Scans,(I like AVG) before shutting down. I did not format the hdd, and reinstall the OS. I defeated all their malware, trogans, and viruses manually. Now, I think it is best to be prepared to re-format and re-install the OS; given all the time it took to remove their "above the law" criminal ELEtist distractions. We must be doing something right here on ENEnews. No Nukes. Peace
---------------------------------------------------------
From the Good Doctor

There is a law that is backed up felony conviction potential, regarding site terms of service.
Violating that opens a troll up to felony fines and jail terms.
Details in this article;
SOPA Whistleblower; Aaron Swartz; Bringing Public Access To The Public Domain – Documentary Movie Synopsis And Commentary
http://agreenroad.blogspot.com/2014/11/whistleblower-aaron-schwarts-bringing.html

0000000000000000000000000000
HoTaters
My e-mail got hacked while the MBP was operating. So were two of my family's bank accounts. Coinkydink?


Report comment

HoTaters
And that was my private e-mail, not the one I post here.

VanneV
My computer got more than 180 mal files when I linked to WesternKyMan's links at ATS. I'm having to scan everyday now, although I think I got rid of the mess from WKM's links. I go into control panel and look at the date a program got added and delete anything new that I can't identify. Also I restored Firefox to original defaults and got rid of junk that way. Also I look for any toolbar programs to delete and and any unwanted add-on .


Report comment

VanneV VanneV
I scan with Malwarebytes and Malware, and Microsoft Security Essentials with full scans both.

Jebus
Heads up peeps. I just killed a hidden cmd.exe process earlier today, with no applications running. Did a full root kit scan and an attempt was made to root my box. All the other boxes on my lan are clean.
I'm fairly savvy at this, but I killed the hidden command window before I could look at it.
It is interesting that this is the route chosen…
I see it as an opportunity to log some offenses.
Those of you who are tech savy know that this change of tactics is easily logged and easily analyzed.
It is a federal offense to maliciously tamper with a computer over the internet.
I'm off to scan some logs and enable some more tools…
===================================
Bungalow Phil
stock,
Yes, indeed. The primary system I use is virtually handicapped past few weeks. It takes sometimes 30 seconds for a dialog box to respond to a command or simple keystroke. If you say it is troll linx I wouldn't know, but suggesting a robust detection and prevention program would be helpful. By the way my system says it is functioning normally.
Thanks


Report comment

Bungalow, If on windows, you can do ctrl=alt=del and then select task manager, this will show you what is running, and another tab shows you how much CPU is being used.
Thats a start.
Download Malwarebytes (the free version works fine) and run it, might take an hour even.
What other antivirus AV are you running?
---------------------
Check your internet....is the virus sending out packets from your computer?     This is the most disturbing.     


84 comments:

  1. Either my comments have been sent to moderation, or you might still be infected Stock.
    I spent over an hour and a half on that!

    ReplyDelete
    Replies
    1. http://nukeprofessional.blogspot.ca/2014/11/virus-laden-troll-links-at-enenews.html?showComment=1415509380340#c8615808408591716540

      Delete
    2. ... use an ad-blocking &/or JavaScript blocking plugins such as No$cript, Ghostery, Adblock, etc. (Your Milage May Vary - YMMV)

      Delete
  2. http://enenews.com/new-snowden-docs-reveal-govt-agents-attempting-to-control-infiltrate-manipulate-online-discourse-deliberately-spreading-lies-on-the-internet-using-false-flag-operations-and-em/

    ReplyDelete
    Replies
    1. Some of my smart very educated friends think Snowden is a traitor. I guess they benefit from the "system"

      Delete
    2. Get a "junk" computer.
      Yard out the hard drive, as you won't need it.
      Clean with compressed air from oil-less compressor.
      After all, there are minute particles that generate their own static charges (manmade radionuclides), or have conductive &/or capacitive properties which can throw some "bits" off.
      As you are aware, money need not always be the basis for solutions.

      Quote: "Brill: In guerrilla warfare, you try to use your weaknesses as strengths.

      Robert Clayton Dean: Such as?

      Brill: Well, if they're big and you're small, then you're mobile and they're slow. You're hidden and they're exposed. You only fight battles you know you can win. That's the way the Vietcong did it. You capture their weapons and you use them against them the next time."
      http://www.imdb.com/title/tt0120660/quotes?ref_=tt_ql_3

      Delete
    3. As in audio, your power supply is the most critical piece of hardware inside.

      If you have a crap power supply, usually light as a feather, expect no end of grief. That is one way Obewan might have lost both HDD's at once, that is, if it was a Desktop he was using. Perhaps viral infections were the "feather" that broke his system's back.

      Delete
    4. Those temp files are better deleted from a linux live disc.

      Well, i would assume emails, accounts, passwords, etc. may be compromised. That would seem true for at least HoTaters.

      People here think am a little paranoid for not trusting the internet until the last couple of years. Then they thought i was off my rocker about Fukuppy. Now, i don't here that very often. I wonder why? I wasn't expressing concern for myself.

      Delete
  3. I use a Linux Mint live disc for general internet access now, not Windows.
    http://www.linuxmint.com/download.php

    I do this on a machine that i have designated "at risk".

    ReplyDelete
    Replies
    1. Wish I had that luxury. good on you.

      Delete
    2. Also, i use a barcode reader with my own offline generated Code 128 barcodes, which allow a combination of numbers, symbols, & upper & lower case letters. The fun part is calculating the checksum value.

      It does allow me to use very lengthy passwords that can be entered in seconds.

      Delete
  4. A lot of your stuff goes to mod, then I see it in a day or 5. Maybe because of links....whatever, keep linking.

    ReplyDelete
  5. Previous personal attacks on Anne:
    by itsanukularwar

    Quote: "Agreed, 59.5 Rockwell, I've often wondered how much h/she was getting paid and what other message boards were used the same way."
    http://enenews.com/govt-experts-fuel-rods-melting-75-minutes-after-tsunami-hit-fukushima-reactor-core-longer-covered-water-10-minutes-after-power-blackout-plant-worker-before-explosion-unit-1-filled-looked-like-steam/comment-page-1#comment-564709

    Quote: "It is you, the self described "disabled one", that is lying."
    http://enenews.com/govt-experts-fuel-rods-melting-75-minutes-after-tsunami-hit-fukushima-reactor-core-longer-covered-water-10-minutes-after-power-blackout-plant-worker-before-explosion-unit-1-filled-looked-like-steam/comment-page-1#comment-564701

    Quote: "Even for you vanne, that is about the most stupid post yet."
    http://enenews.com/guardian-children-navy-sailors-suffering-after-fukushima-exposure-couldnt-move-body-pain-doctor-leukemia-other-kids-diagnosed-thyroid-cancer-video/comment-page-1#comment-566617

    I think somebody owes Anne an apology.

    ReplyDelete
    Replies
    1. For above list: http://enenews.com/top-secret-fukushima-interview-all-nuclear-fuel-will-melt-escape-containment-vessel-fear-nuclear-annihilation-entire-eastern-part-japan/comment-page-1#comment-575047


      Previous personal attacks on Sickputer:
      by itsanukularwar

      Quote: "@SICKPUTER, the story about the guy turning back because of to high of radiation was not the truth. So here you are promoting their lies and fabricating your own. It seems that some people are falling for it. Why the lies?"
      http://enenews.com/top-secret-fukushima-interview-all-nuclear-fuel-will-melt-escape-containment-vessel-fear-nuclear-annihilation-entire-eastern-part-japan/comment-page-1#comment-574415

      Quote: "Kind of shot yourself in the foot there. Do you just make it up as you go? And we are to take you seriously?"
      http://enenews.com/top-secret-fukushima-interview-all-nuclear-fuel-will-melt-escape-containment-vessel-fear-nuclear-annihilation-entire-eastern-part-japan/comment-page-1#comment-574031

      I think somebody owes Sickputer an apology.

      Personal attack on Razz:
      by itsanukularwhore

      Quote: "No, not that simple. You have left out much. But don't let the facts get in the way of a false story, one that supports the hidden agenda you keep pushing!"
      http://enenews.com/top-secret-fukushima-interview-all-nuclear-fuel-will-melt-escape-containment-vessel-fear-nuclear-annihilation-entire-eastern-part-japan/comment-page-1#comment-574042

      I think somebody owes Razz an apology.



      Personal attack on Crickets:
      by itsanukularwhore

      Quote: "I question the intent of anyone that acts as if this is the truth, especially those here at enenews."
      http://enenews.com/top-secret-fukushima-interview-all-nuclear-fuel-will-melt-escape-containment-vessel-fear-nuclear-annihilation-entire-eastern-part-japan/comment-page-1#comment-574040

      I think somebody owes Crickets an apology too.



      Personal attack on CodeShutdown:
      by itsanukularwhore

      Quote: "I would not waste my time on this whatsoever if I didn't believe this. I haven't heard anyone else come up with anything that sounds like a good idea. For you to write this off without even looking at it is ass nine."
      http://enenews.com/tokyo-press-conference-officials-committing-crimes-against-humanity-fukushima-children-living-war-zone-evacuate-childhood-cancer-developing-faster-chernobyl-rate-14-times-higher-parent-im-reveal/comment-page-2#comment-566548

      I think somebody owes everybody on enenews an apology.


      Personal attack on WeNotTheyFinally:
      by itsanukularwhore

      Quote: "You can't be serious. May be you should read the info on Codex again, it must not have registered with your brain."
      http://enenews.com/tokyo-press-conference-officials-committing-crimes-against-humanity-fukushima-children-living-war-zone-evacuate-childhood-cancer-developing-faster-chernobyl-rate-14-times-higher-parent-im-reveal/comment-page-1#comment-566421

      I think somebody owes WeNotTheyFinally an apology, but that is my humble opinion.

      Delete
    2. Tanks for the inspiration, MBP/MBHP/WKM/MoFoe/MFX/aunavoz/FactChecker/Niall/Atoms4Peace!

      The more YOU squeeze your grip on this community, the more systems i solemnly swear will slip through your grubby protuberances.

      ZING! :)

      Delete
    3. Quote of "Jack Burton": "Son of a bitch must pay!"
      http://www.imdb.com/title/tt0090728/quotes

      Quote of itsanukularwhore: "You are an idiot vannev, my post is not off topic, and is on topic with Dr Goodheart's post that I replied too. I have been away for a while, you must be foaming at the mouth for a chance to attack me, you and stock both. Both shills that work for TPTB, USEFUL IDIOTS!"

      http://enenews.com/nytimes-doctors-call-banning-thyroid-cancer-screening-tsunami-thyroid-cancer-stop-diagnosis-decrease-screening-need-actively-discourage-early-detection/comment-page-1#comment-600393

      Wasted no time attacking Anne after a lengthy absence.
      Now i think he/she owes Stock an apology too.

      Delete
  6. Title: "Darknet Sweep Casts Doubt on Tor" - http://cryptome.org/2014/11/darknet-sweep.pdf

    ReplyDelete
  7. There is no apology for those that do not apologize themselves.

    ReplyDelete
    Replies
    1. Quotes: "It is the highest form of self-respect to admit our errors and mistakes and make amends for them. To make a mistake is only an error in judgment, but to adhere to it when it is discovered shows infirmity of character. - Dale Turner"
      ...
      "Mistakes are always forgivable, if one has the courage to admit them. - Bruce Lee"
      ...
      "When we are really honest with ourselves we must admit our lives are all that really belong to us. So it is how we use our lives that determines the kind of men we are. - Cesar Chavez"
      ...
      "No one should be ashamed to admit they are wrong, which is but saying, in other words, that they are wiser today than they were yesterday. - Alexander Pope"
      ...
      "To err is human; to admit it, superhuman. - Doug Larson"
      ...
      "Strong people make as many mistakes as weak people. Difference is that strong people admit their mistakes, laugh at them, learn from them. That is how they become strong. - Richard J. Needham"
      ...
      "I am... stubborn, and I admit it, so it's OK. - Mila Kunis"
      ...
      "No parent is perfect; we all can look back and think of things we could've done to help our children be better prepared for adulthood. And sometimes it's best to admit it to them and encourage them to learn from our mistakes. - Billy Graham"
      ...
      "Love may not make the world go round, but I must admit that it makes the ride worthwhile. - Sean Connery"
      ...
      "I don't see the point of doing an interview unless you're going to share the things you learn in life and the mistakes you make. So to admit that I'm extremely human and have done some dark things I don't think makes me unusual or unusually dark. I think it actually is the right thing to do, and I'd like to think it's the nice thing to do. - Angelina Jolie"
      ...
      "I pick my nose and I'm not ashamed to admit it. If there's a bogey then just pick it, man. - Justin Timberlake"
      ...
      "No one escapes being haunted by something that absolutely terrifies them to the core, but very few feel it's okay to admit what it is that haunts us. - Nicholas Brendon"
      ...
      "Swallow your pride and admit that we all need help at times. - Huston Smith"
      ...
      "Unlike some politicians, I can admit to a mistake. - Nelson Mandela"
      ...
      "My natural-born sarcasm, when it's unimpeded, can be a bit overbearing at times and I'm the first to admit that. - Tom Bergeron"
      ...
      "I do all the evil I can before I learn to shun it? Is it not enough to know the evil to shun it? If not, we should be sincere enough to admit that we love evil too well to give it up. - Mahatma Gandhi"
      ...
      "If we're really honest with ourselves, most of us will admit that we want to impress people, and this is what's causing us to do what we do. - Joyce Meyer"
      ...
      "No one really wants to admit they are lonely, and it is never really addressed very much between friends and family. But I have felt lonely many times in my life. - Bill Murray"
      ...
      "I will be the first to admit I am not perfect and I make mistakes. - Alberto Gonzales"


      http://www.brainyquote.com/quotes/keywords/admit.html

      Delete
  8. I am not responsible for all the newsers misfortune. I just post contrarian views. Maybe they all imagined it, like most of the stuff they make up.

    ReplyDelete
    Replies
    1. You don't simply post contrarian views. That appears to me to be only based upon your own bias, and not factual, from what i have witnessed over the last year. Note that i need not an IP address to ID you.

      What you and your "crew" have done and what you do will soon unravel. Wittingly or otherwise, it matters not to the police. 24000 + thousands of lurker complaints to one PD cannot be ignored. I don't desire this, yet you are bringing it down upon yourselves.

      Before contacting police, we will ensure adequate and conclusive evidence is gathered, so as to not be seen to "waste their time".

      Much akin to a neutered dog, it appears that you don't get it. If you won't be quiet, the least you can do is behave, and advise the same of your "crew". You do realize that you are making the anti-nuke argument for 'newsers. Skeptics are coming around due to your misbehavior, intentional or not.

      Am not interested in a bunch of "yes-people" arguments, and i do see that varied perspectives can illuminate any subject. However; you continue to demonstrate that you and your "crew" could only do so on a single day or two out of a whole year. I miss that day. We did agree to disagree. Remember the "Radioactive Boy Scout"?

      Otherwise, i can't wait to witness Anne virtually kick your illogical argumentative ass as usual Ron. :)
      Do you regret calling her a "cat lady" yet?

      Please stop the Ad hominem attacks.
      You don't even have to change your viewpoint. I am appealing to you before it is too late. I do not hate you, yet you do seem to have some "tough love" coming your way.

      Also, it would be nice if your "crew" would cease and desist from claiming "cures" for cancer on enenews. I know the effect you are gunning for, and i don't like it.


      Thank you for your time and consideration.

      Delete
  9. ... also - Do create any "Rescue" or linux media on an uninfected computer.
    ... AND disconnect internet(incl. WiFi) access before attempting to fix
    ... and beware of "false positives"

    May the Living Force be with you! :|

    ReplyDelete
  10. @stock - Quote: "At least make sure you have some real virus and malware running."
    That appears in err. (anti-)?

    ReplyDelete
  11. We have had quite a few inexplicable Internet outages. It was so bad last week that we replaced both the router and the modem. Its been a bit better but we are still have temporary outages. Not sure of the cause???

    ReplyDelete
    Replies
    1. ... that is the "center pin" of the power jack on the back of the router.

      Delete
    2. ... WiFi appliances should be installed away from electric breaker panels.

      Also, CHANGE THE DEFAULT PASSWORD!!!! Do avoid reusing passwords. Configure your network before connecting to the internet.

      http://kb.linksys.com/Linksys/ukp.aspx?pid=80&vw=1&articleid=4031
      http://kb.netgear.com/app/answers/detail/a_id/23655/~/troubleshooting-intermittent-wireless%2Fdropped-wi-fi-connections

      Many of the above troubleshooting steps can be used irregardless of router/modem manufacturer, although default admin addresses may differ.


      Now that i have finished telling people what to do, if i have offended anyone, or am wrong, you have my permit to tell me where to go. ;)


      Remember the eleventh day at the eleventh hour. Lest we forget.

      Delete
    3. A note about passwords.

      http://www.vh1.com/celebrity/2012-02-08/spaceballs-comes-true-syrian-presidents-hacked-password-was-1-2-3-4-5/

      http://www.quepublishing.com/articles/article.aspx?p=1338067&seqNum=2

      Choose something with at least twenty characters, including upper case, lower case, numerals & symbols.

      With 128 character possibilities (like Code 128 barcodes), a twenty-character password calculates as 291,113,021,422,017,421,452,856,827,170,390,016,000,000 permutations or about 2.91e+41 permutations! That might take some time (travel) to brute force. :)

      Delete
    4. Note that my own personal passwords have 3.4e+100 permutations (minimus). With a barcode scanner, i can easily enter that 50(+) character password in less than 3 seconds on any device.

      My aim is not to keep glovemints out, just crims that dabble.

      Delete
    5. Once again, it might be an idea to scan with AntiVirus boot disc whilst the machine is disconnected from network. Create CD/DVD media from computer known not to be infected.
      Note that "generic" "infections may be false-positives.

      Good call though Stock. I miffed 'dat.

      Delete
  12. Title: "Should I use the 2.4 GHz or 5 GHz wireless band?"
    http://kb.netgear.com/app/answers/detail/a_id/24246/related/1

    ReplyDelete
  13. What follows is a quote concerning WiFi as an addendum to the above paragraph titled "WEP, WPA, WPS & WPA2 have been cracked".

    Quote: ... "users should continue to use the strongest encryption protocol available with the most complex password and to limit access to known devices via MAC address. It might also be worth crossing one's fingers…at least until a new security system becomes available."

    http://phys.org/news/2014-03-wpa2-wireless.html

    ReplyDelete
  14. Here is hoping ene Admin isn't sunk in a quagmire too.

    Having overlooked the obvious, it seems clear to me now that the Fockers that continue to ad homenim attack are doing so because of the content of the article.

    Maybe we should be spreading this information far and wide. Hmm...

    ReplyDelete
  15. Thanks to MBP/MBHP/WKM/MoFoe/MFX/aunavoz/FactChecker/TurdFergusson/Niall/Atoms4Peace, i will be posting links to that story at every site i can in nations that are considering "nukular" power. :)

    We should be doing this anyway! :angry:

    ReplyDelete
  16. The Mutated Tomato here...I've had 2 computers "go south" in the last year, the most recent on 11/7/14...I can't even get it to a blue screen. Fan comes on, but that is it! Running XP. Might be BIOS related?

    ReplyDelete
    Replies
    1. Yes Matt. Might be "soft bricked", but also could be a DDR memory stick or other hardware failure. Hardware failure is the first thing to rule out, and most common.
      Testing generally involves removing as much internal peripherals as possible, then looking for "signs of life" so-to-speak.
      They might only be "mostly dead". Beware that static electricity can render a "mostly dead" device utterly useless.

      Quote: "Miracle Max: [...] It just so happens that your friend here is only MOSTLY dead. There's a big difference between mostly dead and all dead. Mostly dead is slightly alive. With all dead, well, with all dead there's usually only one thing you can do.
      Inigo Montoya: What's that?
      Miracle Max: Go through his clothes and look for loose change."
      http://www.imdb.com/title/tt0093779/quotes

      Is that similar to what happened to the other two?

      Delete
    2. ... and do you still have them?

      Laptops need battery removed FIRST, before removal procedures.

      Laptop or Desktop, remove the HDD/SSD before attempting to diagnose & ensure they are kept away from kids, cats, dog, dirt, dust, static or magnets (HDD). Anti-static bags (free from 'puter store) are handy. Put 'em on the shelf until you figure out what the hell went wrong.

      Delete
    3. Uh ... do pull the plug first, then hold the power button on the front for 10 seconds to discharge the power supply, if it is a Desktop.

      Delete
    4. Easy2Boot XP DPMS update procedure, by SteveSi
      http://www.easy2boot.com/make-an-easy2boot-usb-drive/adding-latest-dpms/

      (ignore DPMS_Z87.zip - DP_MassStorage_wnt5_x86-32_1405176.7z supersedes it. A new member, Symbios24, posted a potential fix for Lenovo G405/G505, yet it has not been verified.)

      For WinSetupFromUSB, enable the Advanced Options & deselect "use DPMS.iso")

      Delete
  17. Speaking of Tor, i found an old article on Cryptome that was illuminating.

    Quote: "Date: Sun, 02 Mar 1997 18:20:49 -0800"
    ...
    "At the FC'97 rump session, Paul Syverson from NRL presented a paper titled "Onion Routing"."
    ...
    "http://www.itd.nrl.navy.mil/ITD/5540/projects/onion-routing/"

    quoted from: http://cryptome.org/jya/onion.htm

    Quote: "Onion routing was developed by Michael G. Reed, Paul F. Syverson, and David M. Goldschlag [...] and patented by the United States Navy in US Patent No. 6266704 (1998). As of 2009, Tor is the predominant technology that employs onion routing."
    https://en.wikipedia.org/wiki/Onion_routing

    Tails apparently puts one on a list. http://www.theregister.co.uk/2014/07/03/nsa_xkeyscore_stasi_scandal/

    Freenet might be another possibility, but am loathe to run java. Am not certain how OpenJDK differs from java.
    https://freenetproject.org/whatis.html https://en.wikipedia.org/wiki/Freenet

    ReplyDelete
    Replies
    1. ... though there may yet be hope for Tor.
      http://www.theregister.co.uk/2014/11/11/mozilla_polaris/

      Delete
  18. WTF? I can post without entering the correct letters from CAPTCHA.
    That used to only happen with the horizontal letters, not the jumble.
    All i need do is ensure the number of characters is the same.
    Not hacking, nor cracking; just odd.

    ReplyDelete
  19. Now, it seems we need a topic for the malvertising links.
    I have some hardware i would be honored to risk for confirmation. :D

    Time to build that class-action case & police file(s).

    ReplyDelete
    Replies
    1. @ stock too -
      Quote: " 6 November 2014

      SiteLock Removed from Cryptome After One Day

      SiteLock removed after reader noted it spies on visitors. A reminder that all site security programs spy on visitors and the host as does any "security" service, from personal to national and beyond.

      SiteLock is a service recommended by Web.com (Network Solutions), Cryptome's host, to daily check for malware."

      http://cryptome.org/2014/11/sitelock-removed.htm


      If we could just overcome all the bullshit, what a wonderful world it could be.

      Delete
    2. What a wonderful world ...
      https://www.youtube.com/watch?v=2HW-eCUmZqw

      Delete
    3. Though two tribulations come first, looking forward to that first dawn of the third age ...
      https://www.youtube.com/watch?v=muFOeZSIC2U

      Delete
    4. ... because i cannot and will not do this alone.
      Don't risk clicking suspect links, let those willing to research this do so.

      I have a sense that the greater community needs to see what Oak Ridge has been up to. Lets help make their actions world-infamous.

      Their employers love that kind of publicity!

      Please help. Publicly outing this malefactory crew seems paramount.

      Whom is it we need to help? The following Fukushima worker knows whom.
      https://www.youtube.com/watch?v=oGGVdB_tm9Y

      We need YOU!!!

      Delete
    5. WHPPSS! That should have been in reply to:
      @Stock"Now, it seems we need a topic for the malvertising links.
      I have some hardware i would be honored to risk for confirmation. :D

      Time to build that class-action case & police file(s)."

      If this site isn't the best place for this, i know of a place or two that should be beyond their reach.

      Delete
    6. Links to the links would be very helpful ... even a general date ... edit links so nobody can click on them by accident, s'il vous plaît.

      simple example: https ://startpage.com

      Delete
    7. better example: https ://startpage .com (just add two spaces)

      Otherwise, the preceding is all i will share of my own "digital karate". Yes, there is much more.

      Delete
  20. Calling in the cavalry. https://www.schneier.com/blog/archives/2014/11/narrowly_constr.html#c6682762

    ReplyDelete
    Replies
    1. @stock - may i link to this topic & http://nukeprofessional.blogspot.ca/2014/07/low-quality-troll-invades-enenews.html ?

      Some evidence beyond anonymous eyewitness reports is needed now.

      The REAL Voice of "G": Deut.32:21
      Quote: "They have moved me to jealousy with that which is not God; they have provoked me to anger with their vanities: and I will move them to jealousy with those which are not a people; I will provoke them to anger with a foolish nation.
      For a fire is kindled in mine anger, and shall burn unto the lowest hell, and shall consume the earth with her increase, and set on fire the foundations of the mountains."
      Jer.16:17: "For mine eyes are upon all their ways: they are not hid from my face, neither is their iniquity hid from mine eyes."

      Delete
    2. What an interesting lack of response on Schneier's site.
      Neither commenters, nor the EFF board member himself seem to care.
      Maybe they have found a way to eat money.

      Delete
    3. “Let me tell you something you already know.
      The world ain't all sunshine and rainbows.
      It's a very mean and nasty place and I don't care how tough you are it will beat you to your knees and keep you there permanently if you let it.
      You, me, or nobody is gonna hit as hard as life.
      But it ain't about how hard ya hit. It's about how hard you can get hit and keep moving forward. How much you can take and keep moving forward.
      That's how winning is done!” ― Sylvester Stallone, Rocky Balboa

      http://www.goodreads.com/work/quotes/10446115-rocky-balboa

      Delete
  21. According to the EFF, Hushmail might not be as secure as one would hope.
    https://www.eff.org/secure-messaging-scorecard

    Title: "ISPs Removing Their Customers' Email Encryption"
    https://www.eff.org/deeplinks/2014/11/starttls-downgrade-attacks

    From the following page, it would appear that HM does support STARTTLS protocol.
    https://ssl-tools.net/mailservers/hushmail.com

    ReplyDelete
    Replies
    1. EFF's Surveilance Self-Defense
      https://ssd.eff.org/en/index

      https://www.eff.org/deeplinks/2014/10/eff-relaunches-surveillance-self-defense

      EFF them before they F you!

      Delete
  22. Quote of "Good Plutonium": "I am" ... "gay" ...

    "Good Plutonium" has come out of the closet, so-to-speak.
    Congratulations Good, Bad & Ugly Plutonium. I admire your bravery, whether or not i agree with your lifestyle choices.

    http://enenews.com/fukushima-student-documentary-japan-going-insane-like-about-killed-gotten-better-government-abandoned-anyone-please-please-save-lives-fukushima-people-children-video/comment-page-1#comment-602814

    "you tell 'em, Johnny... you tell the WORLD."

    ReplyDelete
  23. Quote: "Time for a new name. I only have 17 registered so far."

    That's odd, i count 23 at minimum. Not that i would expect any truth from Oak's lunatic Ridge.

    ReplyDelete
    Replies
    1. Mr. Ad hoc has become Mr. FUD

      Are we certain the malicious links came from MBP??
      Was it a pdf??? Was itsanukularwhore's links to "cancercures" involved?

      @anne - Quote: "My computer got more than 180 mal files when I linked to WesternKyMan's links at ATS."
      Is it possible that your 'puter got more than 180 mal files before linking to WKM's ATS shite? I checked one link so far, & VT says "nyet". Am of mind that links must be checked on live system on "real iron".

      Quote of ISPC(i see 'em too, bud): "You may have noticed he bragged about his criminal asshosiates in the basement of the ciansa building cooking it up for us."
      http://enenews.com/nytimes-doctors-call-banning-thyroid-cancer-screening-tsunami-thyroid-cancer-stop-diagnosis-decrease-screening-need-actively-discourage-early-detection/comment-page-2#comment-600228

      A link to that would be very helpful. Anybody, anybody, anybody???


      Somebody throw me a frickin' bone here. I sense time slipping away ...

      Send the info to Stock for him to vet properly first, if he agrees.

      Perhaps what GP really meant to say was "I only have 17 victims registered so far"...?

      Delete
    2. ... save logs from antivirus cleaning for evidence.

      Matt; if it was a BIOS attack, which is reputedly very very rare, even reflashing the BIOS might not remove it.

      Put it on a shelf. Tag it as evidence, if you agree.

      Delete
  24. Quote of anne: "My computer went crazy when I clicked on the reply button to Good Plutonium's porn post. Is he now using these terrible comments of his to infect someone's computer?"

    http://enenews.com/fukushima-student-documentary-japan-going-insane-like-about-killed-gotten-better-government-abandoned-anyone-please-please-save-lives-fukushima-people-children-video/comment-page-1#comment-602905

    It would appear that she may have been either reinfected, or was not entirely successful in removal.

    If you are still using Window$ for internet access & activism, give your head a shake.

    If you were a "viral" author, which OS/browser would you target?
    http://www.w3schools.com/browsers/browsers_os.asp

    ReplyDelete
    Replies
    1. Quote: "My computer is now acting extremely strange showing my computer is being routed through many, many servers according to the hand bottom of the screen."

      http://enenews.com/fukushima-student-documentary-japan-going-insane-like-about-killed-gotten-better-government-abandoned-anyone-please-please-save-lives-fukushima-people-children-video/comment-page-1#comment-603029

      A disconnect from the internet & backup of data prior to cleaning seems IMPERATIVE if one suspects infection. Readers here might recognize that relying on MSE, Malwarebytes, etc. is like relying upon a sieve to retain water in it's liquid phase.

      Do clean from a boot CD/DVD or three. Retain your logs for evidence.

      Rise above.

      Delete
    2. Quote: "If you are still using Window$ for internet access & activism, give your head a shake."

      Correction: Windows 8.1.1 might be the way to go, if Windows is necessary , but only if you agree to MS Terms.

      Title: "Redmond is patching Windows 8 but NOT Windows 7, say security bods, New tool checks differences, could lead to 0-day bonanza"
      By Darren Pauli, 6 Jun 2014

      Quote: ""Why is it that Microsoft inserted a safe function into Windows 8 [but not] Windows 7? The answer is money - Microsoft does not want to waste development time on older operating systems ... and they want people to move to higher operating systems," Joseph said in a presentation at the Troopers14 conference.

      Microsoft has been contacted for comment.

      Together with malware analyst Marion Marschalek (@pinkflawd), the duo developed a capable diffing (comparison) tool dubbed DiffRay which would compare Windows 8 with 7, and log any safe functions absent in the older platform.

      It was "scary simple", Marschalek said, and faster than finding vulnerabilities by hand."

      http://www.theregister.co.uk/2014/06/06/patch_piker_redmond_means_win_8_fixes_skip_7_researchers_say

      Delete
  25. In an effort to reduce infighting, please remember the Modus Operandi of the "malefactory crew".

    Among other things, they seem to love to spread Fear, Uncertainty & Doubt (FUD), and aim to discredit all 'newsers (prolly prefer 'newsers to unwittingly do it for them).

    For that "malefactory crew", i submit that "a shit-leopard cannot change it's spots".
    Nuker thinking 101 (for educational purposes only) - https://www.youtube.com/watch?v=6Q0FskQ1Nk8

    You should be able to spiritually discern them, even over the interweb.
    If you suspect, keep your cool. Take 5. The truth will out.
    Be proactive, not reactive.

    'newsers are made of sterner star-stuff, imho.
    I swear, it doesn't take rocket appliances to figure the "malefactory crew" out.

    Please don't play into their shit.
    You never know, someday they too may even get promoted to Trailer Park Supervisor. Just pray it isn't your trailer park!!! ;)

    ReplyDelete
    Replies
    1. Dud, received message, yes a complete list of mal-troll comments could be quite useful. Although I am headed off for 1.5 months of solar super crunch work. Will be quite busy. stock out

      Delete
    2. One more try.
      https://www.schneier.com/blog/archives/2014/11/friday_squid_bl_450.html#c6682967

      One link was viral at minimum. May i post here for their benefit?
      I will edit potential viral links by adding spaces, so as not to directly link.

      No word back from Matt?

      Delete
  26. posted, yet moderated perhaps, but with no "moderation" message AGAIN!

    MBP#1 - http ://pastebin.com/dTtJwKDe - size: 4.52 KB
    MBP#2 - http ://pastebin.com/9vBVjx88 - size: 11.28 KB

    ReplyDelete
  27. MBP quote: October 20, 2014 at 11:49 pm

    "I only reply before I leave and after I come home from work. I talked to my bosses and colleagues today and they really want me to stick it to your kind. Make you squirm. Squeal like a pig."

    quoted from: http://enenews.com/govt-report-reveals-fukushima-radioactive-release-larger-chernobyl-japan-reactors-could-emitted-four-times-cesium-137/comment-page-1#comment-591781

    Here are those links: http://pastebin.com/sE8n0fRQ & http://pastebin.com/70KxbBD

    ReplyDelete
  28. Quote of ISPC: "Yes. stock. It was not just the trollware, our computers were hacked. The Administration and Owner File Permissions were deleted, and new Permissions were added, that is, another person was permitted to access and modify files. File Sharing and Remote Access were turned on, and Registry Entries were modified or deleted. I too was eventually forced to install a new operating system, well, two, as I partitioned for a dual boot Open Source Operating System. Both work smoothly, and I am quite happy and secure now. Thanks trollbothacks. I wouldn't have done it without you. Peace"

    http://enenews.com/nuclear-professor-fukushima-really-major-event-washington-radioactive-aerosols-100000-times-above-normal-thought-wow-bigger-accident-hearing-audio/comment-page-1#comment-604109

    Reply by VanneV: "One scan I did this week found 1175 mal files. No one can comment if they are working on their computers."

    ReplyDelete
    Replies
    1. Ya, I saw that, let the civil suit data build up.

      Delete
  29. One would think Oak Ridge Nuke employees would recognize that all humanity has potential to make mistakes. Can you confirm that ManBearPig was from 50.142.165.12 too?

    "People tend to make mistakes, and repeat them over and over until one finally learns from those mistakes. Eventually one might not make many repeated mistakes and tend to learn from other people's mistakes"

    That was how i managed to avoid ever having a Workman's Compensation claim, or injured fellow employees.


    They appear to be part of an industry that considers not their own humanity (or lack therof). It appears to be management policy. They appear extremely irresponsible (and prolly infected themselves too, though i don't see nary a one of them admit to such - Android AV cannot autoremove malware, iirc)

    So, as that activity relates directly to employment, if any of them get so much as a hangnail during such malicious posting, are they not entitled to Workman's Compensation? If so, have any made previous claims?

    ReplyDelete
  30. http://www.av-comparatives.org/comparatives-reviews/

    Quote from AV-Comparatives:
    "a letter recently sent to 20 of the world's largest antivirus companies by Bits of Freedom, a Netherlands-based organization focused on digital rights. In that letter, the group asked whether the vendors had whitelisted government-authored malware. Most of those companies gave a prompt response in the negative, but U.S-based AV giants McAfee Inc. and Symantec Corp. never replied”.
    It is possible that intelligence/law-enforcement agencies in some countries prohibit vendors (security or otherwise) from revealing any co-operation with them.
    Some people may ask why malware such as Stuxnet and R2D2 remained undetected for many years. "

    quoted from: http://www.av-comparatives.org/wp-content/uploads/2014/04/avc_datasending_2014_en.pdf

    ReplyDelete
  31. From Russia with love?
    http://mirror.yandex.ru/linuxmint/stable/17/

    ReplyDelete
    Replies
    1. Clem Lefebvre's LinuxMint v17.1 has reached RC.
      http://distrowatch.com/table.php?distribution=mint

      Got Yandex? http://mirror.yandex.ru/linuxmint/testing/

      Opera Browser apparently integrates Yandex safebrowsing. There are also plugins for other browsers powered by the Yandex API.

      Yandex being the only AV product out of 63 listed on VirusTotal that successfully detected the initial vector.

      Every other AV product can go hang, as far as i'm concerned, though i do like a variety of AV repair discs.

      Delete
    2. WHPPSS! The Yandex mirror link is apparently for unmodified distros, not ones integrating Yandex API, if i have that correct.

      One question people might ask of their viral pollution solutions is "Got Yandex?"

      Delete
    3. Доверяй, но проверяй. (via https://translate.yandex.com/)

      Delete
  32. Curious. Coinkydink?
    http://nuclear-news.net/?s=roger+helbig

    ReplyDelete
  33. This seems beyond DU subject for him, for instance.
    https://ja-jp.facebook.com/FamiliesForSafeEnergy
    https://www.facebook.com/FamiliesForSafeEnergy?hc_location=timeline

    Oh, look. It's a retired pentagram bully!
    https://aotearoaawiderperspective.wordpress.com/2008/07/18/the-pentagon-bullies-meet-roger-helbig/

    I have some ideas for a "Honey-Pot" to draw out some pus, and prove criminality.

    ReplyDelete
  34. https://www.virustotal.com/en/url/8513cc7e1f366c5e6f74e7b2a27709a51bd9bdec9a502f11925bc84bf40fa526/analysis/1418583396/
    https://www.virustotal.com/en/url/d45d9103feaf0279d1c6d2a77fa2cc08b6b49bdde9f56d505d3e2c73d2d88137/analysis/1418583920/

    VirusTotal's "Autoshun" is the only detection as a "malicious site". Curious there is no explaination of what it is that is supposedly "malicious".

    Securi says "Unable to properly scan your site." Awww.

    Quttera seems to hate many of Dr. Goodheart's links.
    Quote: "List of blacklisted external links: 92"
    "List of referenced blacklisted domains/hosts: 7"
    http://quttera.com/detailed_report/agreenroad.blogspot.com

    There's that dreaded www.cnn.com blacklisted domain, and feedproxy.google.com, www.youtube.com, www.dailymotion.com, dl.dropboxusercontent.com, among others! WTF?

    https://www.virustotal.com/en/url/ef1a4a585d81edba35e203ba0dc616ce96d80fb5deafcf36dd990b5556eebb07/analysis/1418584475/

    Again, clean; WTF???

    http://quttera.com/labs-data-url/feedproxy.google.com

    It's labelled as malicious, yet no explaination, no proof, no way to confirm or deny, no way to reproduce their results, other than to say it is "guilty" of linking to (hold on to your hat) www.google.de

    https://www.virustotal.com/en/url/876bce8dd786d8da60f1174c61e0f24554e339c5664238ecfa3e9c1723fcc8af/analysis/1418584675/

    google.de - clean.

    Note that Quttera didn't detect any previous MBP infection vector.
    Fockers @ Quittera don't seem to know their asses from their eyebrows!
    Virustotal says it's clean, & Securi concurs.


    24 January 2013 Quote: "We found the program would quite often report innocent pages as "potentially suspicious" for one reason or another, and you'll need some web development and security experience to properly understand its reports."

    http://www.downloadcrew.com/article/29410-quttera_url_scanner

    http://whois.domaintools.com/quttera.com

    Mr. Novofastovsky might be of assistance, that is, if he wasn't in Isreal.

    That just brings up more questions. WTF????

    ReplyDelete
  35. http://quttera.blogspot.co.il/2013/09/my-site-is-blacklisted-what-next.html

    Quote: "Quttera's support team is being constantly contacted by website anti-malware monitoring customers whose website(s) were blacklisted."

    No fucking doubt in my mind! What a load of crap! Contact us. Fuk that.

    ReplyDelete
  36. Hold the phone.

    VirusTotal uses a voting/reporting system to determine that google.de is malicious or not.
    So, does Quttera use heuristics, or are they just expressing "corporate free speech"?

    What can a blogger do? (an exposé, no?)
    Quote of anreas007: "site is good. Its a fault of VT that it will be submitted. A malwaresite uses a redirect to google when not accessed by a browser to try tomake it more hardfor automated analyzing tools like VT to analyze the page."

    https://www.virustotal.com/en/url/876bce8dd786d8da60f1174c61e0f24554e339c5664238ecfa3e9c1723fcc8af/analysis/1418584675/
    (quoted from Comments tab)

    ReplyDelete
  37. PS: I leave it up to you what to post & what to moderate, at your entire discretion.

    ReplyDelete
  38. Hedge bets & double-down on "virus". Watt can it hurt?
    Yandex one out of ... that seemed to pick up your viral vector down to the effects, maybe Quttera is exceeding the sum of it's programming???

    Perhaps that might explain why YouBoobTube Vidz "disappeared", not GloveMint "direction". (possible to retrieve vidz someday soon, then, if "infection" cleared?)
    Now the possible viral/malware presence ... can we rule out grimy glovemitts?

    Maybe proof of which would actually piss off Mr. Helbig. WTF do i know? I'm just the (obnoxious) schmuck typing this, in hopes of help.

    ReplyDelete
  39. VT & Securi see your site as clean. However;
    http://quttera.com/detailed_report/nukeprofessional.blogspot.ca

    A list of "usual suspects" in common w. Dr. GH, includes www .cnn .com; 1. bp. blogspot. com; feedproxy .google .com; www .youtube .com & www .who .int ???

    Maybe Quttera is better than i gave credit for earlier. They don't trust the WHOres either??? Every answer seems to breed more questions!

    Note that majia's site has some of those listed domains, yet resolves as "clean". WTF??? Is it evidence of something symptomatic and not directly causal?


    Am done for now. Aloha. (teach some Hawaiian, please)

    ReplyDelete