tag:blogger.com,1999:blog-7692618868459767600Wed, 11 Nov 2009 12:40:31 +0000http://www.onwindowsregistry.com/registryy@gmail.com (Elidija)Blogger144125registryy@gmail.comnotag:blogger.com,1999:blog-7692618868459767600.post-1071910386471904039Wed, 11 Nov 2009 12:36:00 +00002009-11-11T04:40:31.845-08:00BEWARE! Although the hackers are advertising BlockProtector as the tool to aid you, the only thing this fake application can accomplish is to block your computer totally!While removing the malware, do not forget to get rid of this key:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “BlockProtector.exe”Otherwise, you might get into a real trouble. Be careful!http://www.onwindowsregistry.com/2009/11/blockprotector-is-useful-for-blocking.htmlregistryy@gmail.com (Elidija)0tag:blogger.com,1999:blog-7692618868459767600.post-1438852264374696139Fri, 06 Nov 2009 10:57:00 +00002009-11-06T04:08:00.998-08:00Hackers seem to be on the way to take your money. Don't let them do that. Recently, these bastards created a new rogueware under the name of MaCatte, similar to McAffe, isn't it? But MCATTE is nothing more than a scam. If you have this threat on your machine, be sure to get rid of it totally. Do not forget to remove this entry:In addition, remove all the registry values mentioned here.If you wanthttp://www.onwindowsregistry.com/2009/11/macatte-antivirus-2009-unrelated-to.htmlregistryy@gmail.com (Elidija)2tag:blogger.com,1999:blog-7692618868459767600.post-5639636241166947309Tue, 03 Nov 2009 12:50:00 +00002009-11-05T23:25:03.468-08:00Personally, I just know that this Windows Enterprise Suite, similar to real products of Windows, isn’t worth a penny. The hackers are just throwing dust in our eyes and looking for more ways to fool us. Luckily, I wasn’t thrown to their game this time.Be sure to remove this registry value from your registry:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “Windows Enterprise Suitehttp://www.onwindowsregistry.com/2009/11/what-do-you-know-of-windows-enterprise.htmlregistryy@gmail.com (Elidija)0tag:blogger.com,1999:blog-7692618868459767600.post-834823094713952753Tue, 03 Nov 2009 12:34:00 +00002009-11-05T23:24:07.911-08:00Just recently my friend Tom from New Jersey called and begged for help. It looks like he was visiting some forbidden sites and bang! Now he has it! BlockWatcher has blocked the total system and he is stuck with his PC. I tried to help him. Here is what I found. The instructions on removal are available on this site. And I am waiting what these guys are to discover on this rogueware.I just know http://www.onwindowsregistry.com/2009/11/blockwatcher-is-attacking.htmlregistryy@gmail.com (Elidija)0tag:blogger.com,1999:blog-7692618868459767600.post-7468920081265831121Wed, 22 Apr 2009 09:34:00 +00002009-04-22T02:40:11.100-07:00malware cleanermalwarecleanerJust when I thought these guys would be finished after all of the troubles with their gateway. Brian Krebs had this great article about how much money these clowns were making with their scareware http://voices.washingtonpost.com/securityfix/2009/03/obscene_profits_fuel_rogue_ant.html Anyway, I was sure these guys were bust. But nope. They are up to their old tricks again.Yesterday I was http://www.onwindowsregistry.com/2009/04/oh-no-another-malware-cleaning-rogue.htmlregistryy@gmail.com (Elidija)5tag:blogger.com,1999:blog-7692618868459767600.post-2739601921074738540Tue, 24 Mar 2009 13:33:00 +00002009-03-24T06:56:02.672-07:00computer dangermalwaretrojandllloss of dataEach day brings me something new, interesting or amazing. And one of unknown things I come with lately is iehelper.dll being recognized as pwsteal.tarno.k trojan iehelper. I have discovered that my computer has a dll file called 'iehelper.dll' on it which points to the fact that my PC has a trojan. iehelper.dll is a security risk alongside it is pwsteal.tarno.k trojan is said to be a Trojan.In http://www.onwindowsregistry.com/2009/03/be-aware-of-iehelperdll-and-dont-lose.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-3156133774693954761Mon, 23 Mar 2009 16:12:00 +00002009-03-23T09:19:29.132-07:00malwarewormsecuritymytobDid you know as I didn't that W32.Mytob.PI@mm being a mass-mailing worm uses its own SMTP engine to send an email to addresses that it gathers from the compromised computer.The worm tries to open a back door and lower security settings.I also found that this worm opens certain ports, decreases security settings on affected systems and blocks security websites. It has the ability to stop the http://www.onwindowsregistry.com/2009/03/mass-mailing-worm-mytob.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-3562110044500678826Fri, 20 Mar 2009 15:16:00 +00002009-03-20T08:30:50.726-07:00trojanantivirusmalicious urlFile sharingTrojan.Brisv.A is a Trojan horse that I am now aware of and which infects media files causing Windows Media Player to access a malicious URL. The Trojan horse attempts to search the compromised computer for .asf, .mp2, .mp3, .wma and .wmv files, which it then corrupts. Also, I am careful as when opened in Windows Media Player the infected files make the program to connect to a malicious URL that http://www.onwindowsregistry.com/2009/03/what-is-trojanbrisva.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-267587916709227154Thu, 19 Mar 2009 13:40:00 +00002009-03-19T06:46:31.195-07:00netsky virus removalantiviruswormNetskyTo continue the topic of computer infections like viruses, spyware or worms I want you to pay attention to W32/Netsky.D-mm , a mass-mailing worm. Netsky.D spreads through e-mail only with spoofed "from" addresses. Altogether, it transmits copies of itself to addresses gathered from an infected machine's local and mapped (C: through Z:) network drives. In order to avoid this kind of threat I do http://www.onwindowsregistry.com/2009/03/injurious-computer-worm-w32netskydmm.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-9216960220770013426Wed, 18 Mar 2009 13:49:00 +00002009-03-18T07:00:06.195-07:00malwareconhooktrojanwinlogon.exesecurityAs malware and other computer threats are rising each month I want to introduce Win32/Conhook, a family of Trojans that installs themselves as Browser Helper Objects (BHOs), and are able to connect to the Internet without user acceptance . Altogether, they determine specific security services, and download additional malware to the computer.I discovered that this Trojan injects its code into http://www.onwindowsregistry.com/2009/03/malware-continues-to-multiply.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-5718006951908027803Mon, 16 Mar 2009 15:24:00 +00002009-03-16T08:38:03.622-07:00virusrootkitHooka NTOSKRNL-HOOKThis time I found a NTOSKRNL-HOOK, a virus hooked into the kernel of the operating system, also it is recognized as a "rootkit". However, nothing I do with the actual operating system on the hard drive will make it to be fully erased. Being a technique hooking changes or improves the behavior of an operating system or application, without having access to its source code.Hooking is being used forhttp://www.onwindowsregistry.com/2009/03/warning-ntoskrnl-hook.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-7231990699510752823Fri, 13 Mar 2009 09:09:00 +00002009-03-13T03:39:37.190-07:00virusP2PmalwarelimewireI don’t want my PC to be occupied by malware, viruses and other dangers. Therefore, I am very accurate while choosing various software programs.Lately, I have come across Limewire and it is believed to be a reliable, fast, easy-to-use file sharing program with no spyware, adware or other bundled software. But, some computer users think that it is unsafe and may cause damage to my PC. Still, if I http://www.onwindowsregistry.com/2009/03/is-limewire-considered-to-be-secure.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-7386104381202470351Thu, 12 Mar 2009 13:31:00 +00002009-03-12T06:47:05.924-07:00malwareremovalsecurityconfickerConficker worm, spreading since last November and coming in two variants, has already infected about 12 million computer systems. The initial variant of the worm, Conficker A, used Microsoft Windows vulnerability to spread itself to vulnerable computers. The fact that this variant of the malware did not affect computers that use Ukrainian keyboard layout raised a suspicion that the malware itselfhttp://www.onwindowsregistry.com/2009/03/conficker-worm-spreading.htmlregistryy@gmail.com (Elidija)2tag:blogger.com,1999:blog-7692618868459767600.post-8932525088934835266Wed, 04 Mar 2009 14:55:00 +00002009-03-04T07:01:50.314-08:00virusmalwareBackdoor trojandestroy dataI have a phobia of computer viruses, trojans and other malware. In this particular case I refer to a backdoor Trojan, a program which allows other computer users to gain access to my computer across the internet. Backdoors are said to be the most dangerous kind of Trojans and the most extensive on a user’s computer nowadays. Very often I am not able to see the backdoor in the log of active http://www.onwindowsregistry.com/2009/03/do-you-know-what-is-backdoor-trojan.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-2360774573908715599Wed, 25 Feb 2009 07:13:00 +00002009-02-24T23:23:03.131-08:00SpywaremalwareUtorrentinfected downloadIf I need to download a torrent I use utorrent a program which manages downloads of torrents with caution. As some torrents are fakes and have viruses and spyware incorporated in them. Therefore, before I download torrents I have to be certainly sure they are reliable and I have to check the comments for the guarantee that people don’t say anything bad about the torrent.But if the worst happens,http://www.onwindowsregistry.com/2009/02/utorrent-can-be-virus-hidden-in-your-pc.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-1864944788579501256Mon, 23 Feb 2009 15:39:00 +00002009-02-23T23:02:38.672-08:00virussymevent.systrojanpc securityThis time my eye was caught by the symevent.sys file which is located in a subfolder of "C:\Program Files“. Apart from the fact that this file is a verisign signed file and it is certified by a reliable company, it can be malware either. Particularly, if the file is found in c:\windows or c:\windows\system32 folder the symevent.sys can be treated as a virus, spyware or trojan. Therefore, I http://www.onwindowsregistry.com/2009/02/symeventsys-danger-watching-for-your-pc.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-1934259543732112494Tue, 17 Feb 2009 10:50:00 +00002009-02-17T03:05:04.118-08:00computer virusantivirusfile infectionI am so annoyed with various viruses increasing in today's computer world. One that is worth attention according to Kaspersky Lab’s 2009 antivirus product is Win32/Sality.AA virus. This virus is controlling and together with Sality.z makes Sality one of the most extensive and harmful families of the current past. Win32/Sality.AA is a polymorphic virus that infects Win32 PE executable files. I http://www.onwindowsregistry.com/2009/02/leading-pc-viruse-be-cautious.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-2330881275506635549Fri, 13 Feb 2009 07:38:00 +00002009-02-13T00:01:44.957-08:00Spywarevirusthreatsecuritymalicious softwareI recently found that Trend Micro Inc., the top software company by market share, expects double-digit sales increase in Taiwan this year referring to the need for information technology (IT) security. The company stated that wide use of universal serial bus (USB) devices and the Internet has made USB and Web threats the two main sources of security issues. The top three viruses which affected http://www.onwindowsregistry.com/2009/02/it-security-urgent-case.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-131829125869018128Mon, 02 Feb 2009 14:49:00 +00002009-02-03T04:45:47.163-08:00Rootkitsexecuting programhackermalicious softwareAs rootkits are dangerous programs which I can download from the Internet, or I can find them present in malicious purchased software, that once installed take over my computer without my knowledge. Rootkits can do anything from logging every one of my keystrokes, altogether user names and passwords, email messages or even my word processing documents and sending that data off to hackers, to http://www.onwindowsregistry.com/2009/02/fight-against-rootkits.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-3772085906150775746Fri, 30 Jan 2009 13:00:00 +00002009-01-30T05:35:20.476-08:00steal datamalwaretrojansecurityToday I want to write about Sinowal, especially dangerous and sophisticated type of malware. Because security analysts state that the Sinowal trojan is unique in its attack vector. I also discovered that Sinowal is known as Torpig or Mebroot. In general it is a type of Trojan horse which purpose is to affect computers using Microsoft Windows as their operating system. The Sinowal Trojan turns http://www.onwindowsregistry.com/2009/01/sinowal-trojan-comes-alive.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-5545106147162083305Thu, 29 Jan 2009 12:47:00 +00002009-01-29T06:19:06.938-08:00malwaretrojanantiviruspc protectionI can find various forms of malware spreading widely over the internet. And one of them I have recently encountered is under the name of Trj/Banker.LNO. Actually, it is a cunning trojan which could be the cause of attacks and intrusions. Further, referring to the Annual report PandaLabs 2008 I discover that Trojans are likely to be the most important type of malware. Banker.LNO allows hackers to http://www.onwindowsregistry.com/2009/01/don-t-be-caught-by-trojan.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-7286734557930544431Wed, 28 Jan 2009 12:36:00 +00002009-01-28T05:37:40.548-08:00rootkitmalwaremalicious programanti-spyware protectionspamMalware such as rootkits and other types of threats are invading my computer. With this in mind it doesn’t work properly and I am very furious about all this matter. Therefore, the most important task now for me is to put an end to the rootkit expansion.Unfortunately, I found that rootkits are complicated and ever changing. One of them could be Rootkit.TDss.Gen. It is a rootkit-protected, http://www.onwindowsregistry.com/2009/01/rootkittdssgen-targets-on-your-computer.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-218334220230971794Tue, 27 Jan 2009 09:31:00 +00002009-01-27T02:26:29.772-08:00optimize WindowsWindows registryclean the registryWinASO Registry Optimizer is an advanced registry cleaner and optimizer for Windows allowing me to safely clean and fix registry problems.This registry optimizer is designed to scan the Windows registry and find wrong or obsolete information in the registry. When this obsolete information is fixed in Windows registry, my system will run faster and errors free. Also, I am happy to notice that http://www.onwindowsregistry.com/2009/01/problems-with-your-pc-clean-and.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-1365820003651243309Mon, 26 Jan 2009 12:06:00 +00002009-01-26T06:47:35.062-08:00Spywaremalware protectionadwareRootkit detectionLavasoft gives me the opportunity to experience more improved Ad-Aware Anniversary Edition . Let’s say if I want to find and remove adware and spyware, this new version of Ad-Aware does it excellently. Though it is not perfect, this edition loads faster during my boot cycle. Altogether, I discovered that scans take less time than the previous edition and the Quick Scan is completed in less than http://www.onwindowsregistry.com/2009/01/new-ad-aware-anniversary-edition-80.htmlregistryy@gmail.com (Elidija)1tag:blogger.com,1999:blog-7692618868459767600.post-8916324416335848504Fri, 23 Jan 2009 09:46:00 +00002009-01-23T04:04:53.885-08:00internet securityAnti-Rootkit TechnologyBackup and RestoreYesterday I read about Panda Internet Security 2009. And I discovered that being an average security suite it encompasses a lot of similar features many other suites offer. Still, the suite lacks intuitive menus. Providing a broad feature set and an simple-to-use interface Panda Internet Security comes with its below-average malware detection. Due to this reason the suite faces a problem when http://www.onwindowsregistry.com/2009/01/reviewing-panda-internet-security-2009.htmlregistryy@gmail.com (Elidija)1en-usnonadult