Archive for the ‘CCleaner’ Category

Final Post

October 2, 2009

No – I’m not dead yet!!

This is a final post at Tigerstail.wordpress.com because I am tired of seeking knowledge and bitching about that which is. It is time to use my skills to develope the solutions to all of the problems I have discovered.

Join Me at jimmicap.wordpress.com

Screwing up XP!

January 6, 2008

I’ve sort of been suggesting that part of the reason that Vista has not been universally accepted is because Windows XP is a mature, sable and secure operating system which has no need for a replacement except perhaps in the gaming community. There are many independent companies that understand the system and are writing independent security software to defend you against Virus, malware and to secure your privacy against unwanted preservation of sensitive data or images.

The truth is you can do a pretty good job of defending your machine by using Firefox as your browser with settings that insure your privacy and erase all surfing history. Naturally, you can back this up with Ccleaner and an independent antiviurus and your in pretty good shape. You may want to use your traditional XP search function to check for cookies that may have been missed and to check the images in all hidden and back-up files. After everything unwanted has been eliminated, defragment your system and overwrite your unused space with a seven pass disk wipe.

From what I know of forensics, that is probably enough to prevent the repairman at your computer repair shop from reporting you to Homeland Security and may be enough to prevent recovery of images and files after you reformat your hard drive. (However, if it were my freedom at stake, I would give the drive the Lot’s wife treatment and buy a new drive.) Overall, I am fairly well convinced that XP is a defendable operating systems for mere mortals that follow a set routine and pay attention to security.

Since this belief is probably true, it leaves, Microsoft and the government out in the cold when you choose to observe their nefarious connections. No, you cannot stop unwanted predators from connecting to your machine and probing you but you can keep your machine clean enough that there is little there to find. Now with Vista, this is clearly not the case. There are back-ups of everything as the default and many are complaining that that use of Vista will be a one way ticket to jail or unemployment as your total computer use is an open book.

So what is the answer for Microsoft and the Government to threats from a protectable XP operating system? Simple, introduce an unavoidable SP3 service pack. I mean I avoided the upgrade for IE7 forever or at least until there were so many vulnerabilities that were left unplugged until I down loaded it even though I use Firefox. I suspect avoiding SP3 will eventually leave me so exposed that I will have to do it and ultimately upgrade myself to a system as unknown and undefendable as Vista. Once this happens I may as well switch to Vista.

Oh well, shit happens.

Resistance is Futile, Knowledge is Soporific!

Is Google Spying?

December 30, 2007

Seventy seven percent (77%) of Google Users are not aware that Gogle is spying on them and neither was I.

I tried researching the topic but didn’t find much information. I knew that Google used email filters and linked advertising to the content so that when Cousin Ed told you that Auntie Mame died, your email might include an advertisment for coffins and flowers. While that may be cool technology, I avoided it by avoiding a Gmail account.

Even after I read accounts that I would be 92 when my Google cookie expired and their new privacy policy would delete all records after 2 years unless requested to retain them longer by law enforcement, I wasn’t terribly concerned. I mean I have seen the use of Google Cookies which contain my IP, Hotmail account, my surfing habits to other sites and all my porn cookies so fore warned is fore armed and defend yourself. After all these are browser side records and can be erased and wiped when you close your Browser (with quite a bit of effort).

All this changed when I had the need to sign up for an email account under my own name instead of Mr. Daimon, fatsavage or other ficticious names. I cleverly opted out of email advertising so I could avoid coffin offers when my mother dies and did a minimal sign-up with minimal information even avoiding address and location. I didn’t think much about it and only used it for commercial activity under my own name. I only signed up with GoogleTalk to track my email because that’s faster than signing in on their web page and going to their rather slow site only to find you have no mail.

Last week I had the need to sign up as a Google Developer so I paid more attention to their site. Seems there is a button in the upper right that allows you to sign in to Google and that happens rather automatically when you sign in to GoogleTalk or at least it did for me. It showed I have an account and a history which I know I never signed up for.

The history has been keeping track of me more or less since the day I signed in for my Gmail account. It is the default option which you have to work to turn off. Naturally, I checked my history and was appalled. I’m doing a Sans Security Course and am looking up various penetration tools. I am also blogging about some pretty nasty sites. Of the hundreds of searchs I do a day, my Google history only registered the ones which make me out to be a pervert or a security risk.

Of course, I deleted the records but all that means is that I will no longer see them. They already have my IP, my email account, cookies from all accounts, the record of cookies from sites visited etc. I really didn’t accomplish anything by turning off their blatent record keeping. They still have all the rest and have publically stated they will keep it for two years.

It would appear my only real option is to stop using their services. To many that would be a tough choice, but if they have already blocked access to your site and Ask.com is doing a pretty good job of searching and you have no commercial revenues from the web, I can’t think of a serious downside.

Netstat – My New Best Friend!

October 7, 2007

If your gonna be a hacker, you have to use netstat to figure out who’s hacking you and if you can’t defend yourself, you better not start an attack.

I have grow accostomed to having netstat open and sometimes even running in background. I never much thought about the fact that it is operating on a totally different operating system than Windows. One day while surfing, my whole Windows system froze (Firefox on Windows XP)and for no particlular reason I clicked on the DOS window and found netstat up and running and monotoring my system. There were connections to cnn.com and a content delivery system called Limelite which could be explained by being from the last site I visited.

There was also 66.228.208.169 which turned out to be registered to adtaq.com which was not an invited guest.

The next morning, I turned on my machine and immediately started a DOS window running “netstat -ano 7” which means it refreshes every 7 seconds. Before anything could even update, I had two intruders, the FBI and adtaq.com

Since I couldn’t find very much on adtaq.com and didn’t feel like wasting time I blocked them at my firewall.

Oh well, shit happens.

Vista – More Lost Tools!

September 25, 2007

Every physical move I ever made caused a loss. When I moved from a condo to a house I lost the built in security and lawn maintenance, but I gained a senses of privacy and independence. The losses were real and important but so were the gains.

So far with Vista, I’m recognizing and counting my losses but have not discovered any gains. I finally gave up on an independent anti-virus and did the Microsoft thing just to get the installation done. This was a major loss for my well developed paranoia and I have yet to discover an offsetting gain.

I lost innumerable hours trying to install favorite programs and when done, I am back to an inferior XP clone and some programs just don’t work. As previously discussed, the new improved solitaire sucks so my enjoyment is reduced but at least their is an offsetting saving of wasted time.

Today’s discovery is that Index.dat Analyzer and Spybot Search and Destroy no longer work. The latter program is much more popular than Index.dat Analyzer but I consider it less powerful and not too great a loss.

Index.dat Analyzer is clumsy to use but an extremely powerful tool. Quite simply it finds every single record of your surfing history and allows you to eliminate them. It finds stuff that Ccleaner and AdAware miss.

In the end, more lost tools, and so far I’m still looking for the offsetting gains that make my switch to Vista worthwhile.

Netstat, the Vulcan Mind Probe and spying on Akamai

August 17, 2007

Now I’m pretty sure that I have Military Strength Malware on the machine that went wild, so I changed anti Virus to PCcillin. Yeah, I know it’s not the best, but at least it does a good job of documenting known and even unknown Microsoft Vulnerabilities. I did the install off line and then updated as soon as I went online. The installation seemed large as disc usage rose from
3,801,989,120 bytes to 4,101,541,888 bytes.

I then went to tigerstail.wordpress.com and entered netstat through a dos command while the page was loading and it lit up like a Christmas tree. There were connections on 85 different ports. There were alot of internal connections but I will focus on the external connections trying to probe my computer memory. I used Firefox Browser and Ccleaner before I started.

The connections delivering the material and probing my machine were:

One (1) from layered technology, the original host for WordPress.
One (1) from Google which does a lot of stat work and tracking.
three (3) from Akamai who is the new distributed hosting company for big sites

Now all of those are expected along with snap.com who provides that cool mouse over service to show what other web pages look like before you go there.

Regular readers will know that the FBI spy tools are hosted by your ISP and it,s not surprising to find 17 connections to my computer from an IP number owned by my Virgin Islands ISP.

Saving the best for last, It’s unexpected but not unbelievable to find two connections from unknown.leve3.com. These are the fine people who are profiting from serving domestic kiddie porn and I have presented evidence of their involvement in domestic spying.

So while I’ really didn’t expect them it’s also no big surprise.

The excessive number of connections from the same visitors is reproducible. I can shut the browsers and return with more or less the same visitors with the same multiple connections.

Seems like as long as netstat works, Its going to be hard for people spying on you to do it anonymously and at least I can document domestic spying.

Cool Tool – Netstat!!!!

Simple Tools for Simple Minds.

August 16, 2007

One of my favorite new tools for monotoring my machine is simply the disk usage number. Open up my computer, right click on the hard drive and then click on:
“properties”
A cute looking disk shows up and in Blue it gives you the used disk space.

If you think about it for a minute, there should be no changes in disk space if nothing is saved after you surf the Internet. Moreover, after you use Ccleaner, there should be no change from before you started online. No virus, botnet or trojan can operate without storing something somewere.

So with my new epithiny, I decided to evaluate The combination of Firefox and Ccleaner.
With all systems installed and updted,
disk usage was 3,821,203,456 bytes

I then went online to thehun.net, a porn portal which uses sextracker cookies, and surfed nothing but legal porn to the best of my ability – who really knows with this crap is? Firefox had been set to save nothing and destroy all session cookies on exit.
Not bad 3,821,207, 552
That’s barely enough of an increase to save one thumbnail to cache memory.
After cleaning with Ccleaner,
usage was 3,821,146,112.

At this point all systems are go, and I’m almost willing to endorse the combination of Firefox and Ccleaner as safe.

The acid test is of course to surf a known and nasty law enforcement Honeypot, youngmodels.org.

This site is truly nasty shit and once again crap came raining on my computer. I never waited for a full load, because it’s disgusting. This is one of the sites cited at trial used to send a man to jail which is still online publishing kiddie porn in the good old USA. It’s a disgusting site but it does serve as a benchmark for the power of Military Strength Maleware.

After cleaning with Ccleaner, there are
3,821,154,304 bytes or an increase of 8,192 bytes.

Now that’s not much of an increase and certainly not enough to hide images on the machine but it is enough to mark it. And here’s where life gets ineresting.

Overnight, there was a drop to 3,821,101,056 and my antivirus started getting weird. I kept getting notices about needing updates which the update program rejected because it was comming from the wrong URL address. The machine was online but unused for two days and it usage rose to:
3,839,463,424

Four hours later it was about:
3,850,400,000 which was stable for a day

At this point Ccleaner missed cleaning a couple of index.dat files analyzed by Index.dat Analyzer (15 total) and the Windows search function refused to identify any index.dat files at all. Since the search function wasn’t working it was hard to find where all this increased usage was taking place and at a usage level of
3,864,084,480 The machine was taken offline.

That is an incredible 40 MG of programming that was installed in two days without my knowledge or permission and it started 1 full day after I visited a really nasty site. (I never surfed again after that visit but left the machine connected to the Internet.)

For a bunch of reasons, I dumped my anti virus and installed another one, but that’s another story.

How Many Index.dat Files Are There?

August 8, 2007

Your index.dat files keep a complete record of where you surfed, what you searched for and the pictures that you saw. Combine that with your user id and cookies which index.dat does and it’s hard to deny that you are you. On top of that, we have the unique Windows Identification Number and not only are you you, but it’d definately your machine. Finally, the index.dat files are linked to your cache piture file and you are on your way to jail wether it’s perversion, bombs, drugs, guns or extortion.

Now if they can do all that with their domestic spying, its hard to understand why they don’t shutdown spam and malware and the only answer I can think of is that they hide in the muddy waters that they allow or create.

Your only defense is to get a good understanding of index.dat files and where to find them. Unfortunately that is not easy, because you can never be sure you have them all.
I will discuss more about search engines not searching but trust me, the Windows Search function is a piss poor place to start or trust.

First off, you have to remember to search all hidden and protected files to find any. There are three basic index.dat files (History, Cookie and Cache) and each user has three of them including the administrator. In addition, certain programs also use the index.dat files in addition to Windows. On a brand new installation, Windows Search will find most of them but not always all.

It would appear that the more infected the machine the more files are created. I’ve seen as many as 25 on a badly infected machine and as few as six on a clean machine. Prior to any malware infection, CCleaner will find and erase more files than Index.dat Analyxer so you know from jumpstreet that Index.dat analyzer is not perfect? So why keep it?

When you get hit with Military strength Malware, CCleaner seems to become ineffective and Index.dat Anaylizer picks up a lot more problems than CCleaner. Unfortunately, with Index.dat Analyzer, all files have to be manually detected and the stored items manually deleted.

To make this perfectly clear:
Windows Search is brutally ineffective on finding index.dat files.
Index.dat Analyzer doesn’t work well on clean machines.
CCleaner is not effective after you get Military Strength Malware.

So the answer to:

How many Index.dat Files are there is:

Who knows?

You will have plenty of time to ponder it on your way to jail.

IE 7 Sucks

August 5, 2007

In the Tigerstail blog, security and privacy are the only issues. I’m not fond of Window Washer because it doesn’t automatically live up to it’s promise to erase all tracks of your websurfing habits. I finally figured out that it does a fair job of removing tracks from IE 6 if you use a convoluted system of having it fight the browser on start-up and then wipe again when you close it down.

So while I wasn’t comfortable with all thos pop up windows advising me to close my browser because it wasn’t clean, it actually worked to prevent storage of my web surfing tracks if I ignored the message saying the browser couldn’t be cleaned while open.

Then – BAM!!!

In a drive-by download from my automatic upgrade of Windows, I was upgraded to IE 7. Now the reason I stuck with Windows was because I was documenting just how crappy the browser is. However, IE 7 creates and stores those index.dat files in a different way and there was no way for me to get Windows Washer to work in any acceptable manner. Tracks remained and I got random browser error and shutdown messages.

So I switched to CCleaner which I wanted to try anyway based on the recommendation by Shane Fowler in a comment. Now here’s where IE 7 really failed. I mean it simply wouldn’t let CCleaner do its job. There was no way I could get the combination of CCleaner and IE 7 to work. So the choice was stick with my Constitutional right to Privacy or abandon it in favor of supporting Bill Gates and IE 7.

I mean – is this a no-brainer?

In the next couple of blogs, I’ll report on securing Firefox for privacy and the ability of CCleaner to protect me and you.