Please share far and wide!

Search This Blog

Saturday, November 8, 2014

Virus Laden Troll Links at ENENEWS, Trojan Nuke Troll


The trolls at ENE have really helped again.   Read this nightmare, but don't worry, there is a happy ending.

A few weeks ago, a troll had placed a link supposedly to a research paper, on ENENEWS.    Indeed, the paper was there, but apparently a pretty sophisticated payload consisting of virus "Smart Guard" and others viral forms also infected my main computer.   I was only running AVG which is a free virus scanner at the time.      This was a pretty nasty virus.    It would change the security settings on my browser, so even to view a PDF you were forced to reconfigure your security settings, which were incidentally toggled to the "custom range" in which it would be easy for someone to open up way to much security in an effort to get the download or view the file they want.    Once your security settings were "loosened" then the virus would use that opening to inject even more nasty stuff.   Ya, they got me.


The virus also prevented the installation of virus removal software like Malware Bytes, and prevented a drive imaging program from making a backup copy of the OS drive.    I am sure it was preventing other things from running also, but those were so of my main tools to protect data and extract the nastys.

So this post is about informing people of some basic computer tools that really work, and are relatively low cost compared to spending days fixing a computer or limping along with decreased functionality, aka  poorly name "workarounds".

Another surprising aspect of this latest infection is that it deleted all my restore points!    These are the Restore Points builts into Windows 7.      It is amazing that Windows 7 would allow anything other than "full control" over your computer from an admin account to delete restore points.

1) Restore Points is used by Windows to revert to a previous time, when you weren't having problems.   You lose no data either, just the system files are Restored.   This is a powerful and simple tool that anyone can use, and you should know about it.       Well its powerful unless your nuke industry virus providers found a way to delete your restore points!   LOL, ouch.

The virus also partly took over Outlook 2010 and created a folder within Outlook that said "Infected Items"  in which there was one email bolded within there.   That was surprising and of course I did not click it.    Hmmm, maybe Bill Gates ought to spend a little on hardening our basic communications systems rather than filling the world with vaccines.

The virus also created millions of files in my Operating System drive in a user "Temp" file which bloated the hard drive with hundreds of gigabytes of junk data, literally millions of files.    This made the hard drive highly fragmented and HUGE.    The massive size made it impossible to a "Drive Image" which is a form of backup.

Finally, the virus seemed to want to do two things that I know of.    It would try to send packets of information out (to Russia).       I had installed ESET NOD32 Antivirus 6 (this program was unable to remove the viruses in their entirety, FYI) and ESET was able to prevent these outgoing packets, sometimes 2 or 3 in 5 seconds, thousands a day.     I tagged the intended IP address and it appeared to be a location in Russia, although these type of things can be faked, especially by those capable of deploying and creating such a broadbased and capable virus.

And the last effect was created primarily from taking over a legitimate windows process, the process that windows uses to show thumbnail display of images in your computer, this process would replicate itself over and over again, with varying waves of taking up some or all your computer processing power.    This would bring the computer to a crawl.     But sometimes the computer would work OK also.    Also with this, the viruses would rev up and rev down the DVD drive (in Stuxnet fashion), just making an annoying background noise.    Stuxnet is a high level virus purportedly developed within the military/intelligence/nuclear community (may I say Cartel) meant to rev up and rev down centrifuges for nuclear fuels to destroy them.     Certainly running your drives fast up and down, and running processors at top speed is not going to be good for them.  

OK sounds pretty horrible right?    Indeed, I have seen persistent malware / viruses before, but not as far reaching as this.     None that tried to use my computer as a zombie transmitter.

Neither ESET nor Malwarebytes nor AVG was able to extract this beast, although they did seem to be able to knock off a few of the Medusa heads, but then the heads would them grow back in a fashion.

In a future post I am going to introduce people to some important tools that are easy enough for everyone to use.  

Acronis True Image - Can completely restore your computer, even if all of the Windows restore points have been destroyed.
  1. Malwarebytes -- a free and purchasable software program that is more capable than most
  2. TOR - a way to surf the internet with nearly complete anonymity (caveats apply)
  3. Backup my PC
OK The Outcome?    It is always "annoying" to have to revert to an earlier "Drive Image" and find you have some unintended consequences, so you don't do so unless you have a real problem, if you have decent work arounds, you probably do those rather than "Ghost back" (an old school term for recreating your computer drive using a drive image, back in the day when Norton's 'Ghost' program was all the rage)

So faced with a "real problem" I Ghosted back my computer to June 2013 state, when it was pretty new.      Whallah!     Tons of problems that had built up over 1.5 years all went away, and the computer is clean and fast.     Everything loads fast, windows opens fast, and it is a joy to use.

Thanks to the Nuclear Asshat Trolls who motivated me to take this simple step.      Now I have full functionality on using TOR, I also regained the ability to modify Nukepro blog from my main computer, which incidentally was lost exactly as I was exposing the coverups at WIPP.

So thank you Virus laden trolls of the nuke industry at ENENEWS.     Ya fixed it!   LOL

Be careful of trolls bearing gifts and links.    At least make sure you have some real virus and malware running.
Apparently I wasn't the only one to get hit

I lost 2 hard drives connected to the same computer within 24 hours of each other..what are the chances of that one?
Slim to none. :(
Evil walks tall these days..
Another testimonial of the intentional damage caused by the nuke cartel

Yes. stock. My machine was infected from pigman's links. You may have noticed he bragged about his criminal asshosiates in the basement of the ciansa building cooking it up for us. The malware/trogans/viruses were extremely extensive on my machine. They completely took out IE. Firefox worked longer; but that lead to more misdirected links, and more trogans, malware, and virus info downloaded when pages were closed out. It/they destroyed the Startup File. It took out the Startup Repair. It took out the Restore Points. It shut down the Antiviral Software(Microsoft's was first to go). I do not believe all this damage was done by simply one link, and one virus, trogan, or malware. I think it was cumulative. It/they tracked usage prior to disabling, and forwarded this info. I think it is best to run Anti Malware like Spybot and Malwarebytes, and Antiviral Software Scans,(I like AVG) before shutting down. I did not format the hdd, and reinstall the OS. I defeated all their malware, trogans, and viruses manually. Now, I think it is best to be prepared to re-format and re-install the OS; given all the time it took to remove their "above the law" criminal ELEtist distractions. We must be doing something right here on ENEnews. No Nukes. Peace
From the Good Doctor

There is a law that is backed up felony conviction potential, regarding site terms of service.
Violating that opens a troll up to felony fines and jail terms.
Details in this article;
SOPA Whistleblower; Aaron Swartz; Bringing Public Access To The Public Domain – Documentary Movie Synopsis And Commentary

My e-mail got hacked while the MBP was operating. So were two of my family's bank accounts. Coinkydink?

Report comment

And that was my private e-mail, not the one I post here.

My computer got more than 180 mal files when I linked to WesternKyMan's links at ATS. I'm having to scan everyday now, although I think I got rid of the mess from WKM's links. I go into control panel and look at the date a program got added and delete anything new that I can't identify. Also I restored Firefox to original defaults and got rid of junk that way. Also I look for any toolbar programs to delete and and any unwanted add-on .

Report comment

VanneV VanneV
I scan with Malwarebytes and Malware, and Microsoft Security Essentials with full scans both.

Heads up peeps. I just killed a hidden cmd.exe process earlier today, with no applications running. Did a full root kit scan and an attempt was made to root my box. All the other boxes on my lan are clean.
I'm fairly savvy at this, but I killed the hidden command window before I could look at it.
It is interesting that this is the route chosen…
I see it as an opportunity to log some offenses.
Those of you who are tech savy know that this change of tactics is easily logged and easily analyzed.
It is a federal offense to maliciously tamper with a computer over the internet.
I'm off to scan some logs and enable some more tools…
Bungalow Phil
Yes, indeed. The primary system I use is virtually handicapped past few weeks. It takes sometimes 30 seconds for a dialog box to respond to a command or simple keystroke. If you say it is troll linx I wouldn't know, but suggesting a robust detection and prevention program would be helpful. By the way my system says it is functioning normally.

Report comment

Bungalow, If on windows, you can do ctrl=alt=del and then select task manager, this will show you what is running, and another tab shows you how much CPU is being used.
Thats a start.
Download Malwarebytes (the free version works fine) and run it, might take an hour even.
What other antivirus AV are you running?
Check your the virus sending out packets from your computer?     This is the most disturbing.     


  1. There is a law that is backed up by felony conviction potential, regarding violating site terms of service.

    Violating terms of service on any site, including ENENews, opens a troll up to felony fines and jail terms.

    Details in this article;

    SOPA Whistleblower; Aaron Swartz; Bringing Public Access To The Public Domain – Documentary Movie Synopsis And Commentary

  2. Yes. ENEnews was hit with many forms of DNS attacks that MBP was present. These attacks included log in denial, as well as infected site links "News from Region,""Latest Headlines," and "Top Stories" links. This is to say, not only MBP's links were infected. I showed my business partner each of the infections to my machine prior to removing or repairing them. He, nor I, have ever seen infections of this level. At the level of infection my machine had, the normal recourse would be to reinstall the operating system. The next higher level would require replacement of the hard drive. The cost would be $100.00 and up for the new Operating System, and $125.00 per hour computer technician fees. This expense could certainly sway an individual away from ENEnews. More than an attack on a website, or on computers, it is/was an attack on Free Speech. That infuriates me. I am willing to do my part to see the criminals that conspired to stifle free speech are punished. Peace

    November 8, 2014 at 7:14 PM

  3. I use the latest Linux Mint distribution to avoid all that BS using hardware i intend as "at risk".
    It is not a "silver bullet" though.

    Had hoped that my tendency to check links with VirusTotal from those unfamiliar would prove a good example for others.

    DO NOT try cleaning your Windows partition within Windows.
    You might also be in the unenvied position of having to recover data, and "shit happens", so backup your infected HDD first, if possible or practicable, or risk losing data. Acronis boot media are good at this.

    Quote: "Antivirus boot discs deal with this by approaching the malware from outside Windows. Boot your computer from a CD or USB drive containing the antivirus and it loads a specialized operating system from the disc. Even if your Windows installation is completely infected with malware, the special operating system won’t have any malware running within it."

    Use "bootable rescue media" from your AntiVirus provider (et al).
    Make discs, not USB keys for rescue media, or your media might become infected too. Disc usage precludes that possibility.
    Note that this list is incomplete.

    Quote: "TOR - a way to surf the internet with nearly complete anonymity (caveats apply)"
    Allegedly, i would add. Is it? (All your endpoints are belong to US now - - we have a new meme)
    Perhaps such a claim might seem too good to be true, &/or is it a target by prevert governance? ("The more they tighten their grip, the more systems will slip through their uncalloused fingers", imho)

    See comments on Bruce Scneier's site - Quote: "Tor compromised on a massive scale, or was it?"

    By the way, squid is his thing for general discussion on Fridays.
    You, the reader, might like my reply concerning squid & Korea @ November 7, 2014 9:32 PM.

    My suggestion would be to use something other than your main machine for internet activism. Isolate it from other services on your network behind the firewall in your router. Transfer files via CD/DVD as there is no firmware on that type of media to perform "BadUSB" attacks, and no "invisible" controller chip built-in that could perform operations without user knowledge.

    Retro equipment is another way to fight back. Also, most malware will detect if it is being executed in a Virtual environment, and decline execution in an effort to prevent reverse-engineering. STOP, Think. Use the Force!

    Note that it is also possible to change your DNS settings to avoid addresses with malware (porn, etc).

    Quote (as an example): "[5] GreenTeamDNS "blocks 18 categories which include malware, botnets, dangerous websites, adult related content, aggressive/violent sites as well as advertisements and drug-related websites" according to their FAQ page. Premium accounts have more control."

    1. Title: "Darknet Sweep Casts Doubt on Tor" -

    2. ... also - Do create any "Rescue" or linux media on an uninfected computer.
      ... AND disconnect internet(incl. WiFi) access before attempting to fix
      ... and beware of "false positives"

      May the Living Force be with you! :|

  4. There are many people that are attacking "our" banking infrastructure right now. (see video @ bottom)
    Why wouldn't i be surprised that the "crew" allegedly from Tennessee is involved with similar rackets for fat "free" wads of cash, 40 bills at a time?

    Perhaps they were previously aware of this malware and simply linked to it?

    If anybody was infected using Windows XP with the WEPOS or POSReady tweak, please anonymously let me know here. Am also curious about how "the viruses would rev up and rev down the DVD drive". Am assuming there was a disc in the drive, or that would be very noteworthy to me.

    Beware that it might be possible for some code to be injected into a BIOS. Keep that in mind if you are easily reinfected, even after completely wiping your HDD/SSD. The odds of this should be minimal, yet ...

    It would appear "they" have stepped up their "game" and sunk to a new low in the process.
    Let us step up our game and adapt. Also, don't call them "asshats", as an asshat is still useful for something. It is defamatory to asshats, imho.

    I use a BarCode scanner, and my own offline generated Code 128 barcodes, in order to use extremely long passwords that can be entered in seconds. This is not an ideal solution either though.

    Though i am no expert, if there is anything i can do to help, Stock knows where to find me. It pisses me off no end to see a community i love under attack!

    Though i didn't know him, am marking the birth date of Aaron Swartz.
    Quote: "Swartz was involved in the development of the web feed format RSS and the Markdown publishing format, the organization Creative Commons, the website framework and the social news site, Reddit, in which he became a partner after its merger with his company, Infogami."

  5. Either my comments have been sent to moderation, or you might still be infected Stock.
    I spent over an hour and a half on that!


    2. What comment, email to me directly, I do not host nuke pro at my business.

    3. ... use an ad-blocking &/or JavaScript blocking plugins such as No$cript, Ghostery, Adblock, etc. (Your Milage May Vary - YMMV)

  6. Then again, this wouldn't be the first time i have posted information, like on WIPP, and had my reply preempted.
    That is the same affect i witnessed then as i did today.
    I wrote my two replies, posted them, they showed up without the "Moderation" message.
    Then after i left the page, and returned, and my replies were no longer there.
    Thankfully, i was able to retrieve a link to one of my two comments.

    If you have it, hopefully you can retrieve it.
    Otherwise, i will rewrite it.
    Clean Windows without running Windows. Do backup your vital data FIRST.

    1. A lot of your stuff goes to mod, then I see it in a day or 5. Maybe because of links....whatever, keep linking.


    1. Some of my smart very educated friends think Snowden is a traitor. I guess they benefit from the "system"

    2. Get a "junk" computer.
      Yard out the hard drive, as you won't need it.
      Clean with compressed air from oil-less compressor.
      After all, there are minute particles that generate their own static charges (manmade radionuclides), or have conductive &/or capacitive properties which can throw some "bits" off.
      As you are aware, money need not always be the basis for solutions.

      Quote: "Brill: In guerrilla warfare, you try to use your weaknesses as strengths.

      Robert Clayton Dean: Such as?

      Brill: Well, if they're big and you're small, then you're mobile and they're slow. You're hidden and they're exposed. You only fight battles you know you can win. That's the way the Vietcong did it. You capture their weapons and you use them against them the next time."

    3. As in audio, your power supply is the most critical piece of hardware inside.

      If you have a crap power supply, usually light as a feather, expect no end of grief. That is one way Obewan might have lost both HDD's at once, that is, if it was a Desktop he was using. Perhaps viral infections were the "feather" that broke his system's back.

    4. @dud, ya for obewan, I have seen viruses just continously accessing the harddrive...I mean shite the ManBearPig viruses literally wrote millions of files to a temp directory, just the delete time was going to be over a day....

      no offense to asshats

    5. Those temp files are better deleted from a linux live disc.

      Well, i would assume emails, accounts, passwords, etc. may be compromised. That would seem true for at least HoTaters.

      People here think am a little paranoid for not trusting the internet until the last couple of years. Then they thought i was off my rocker about Fukuppy. Now, i don't here that very often. I wonder why? I wasn't expressing concern for myself.

  8. I use a Linux Mint live disc for general internet access now, not Windows.

    I do this on a machine that i have designated "at risk".

    1. Wish I had that luxury. good on you.

    2. Also, i use a barcode reader with my own offline generated Code 128 barcodes, which allow a combination of numbers, symbols, & upper & lower case letters. The fun part is calculating the checksum value.

      It does allow me to use very lengthy passwords that can be entered in seconds.

  9. Previous personal attacks on Anne:
    by itsanukularwar

    Quote: "Agreed, 59.5 Rockwell, I've often wondered how much h/she was getting paid and what other message boards were used the same way."

    Quote: "It is you, the self described "disabled one", that is lying."

    Quote: "Even for you vanne, that is about the most stupid post yet."

    I think somebody owes Anne an apology.

    1. For above list:

      Previous personal attacks on Sickputer:
      by itsanukularwar

      Quote: "@SICKPUTER, the story about the guy turning back because of to high of radiation was not the truth. So here you are promoting their lies and fabricating your own. It seems that some people are falling for it. Why the lies?"

      Quote: "Kind of shot yourself in the foot there. Do you just make it up as you go? And we are to take you seriously?"

      I think somebody owes Sickputer an apology.

      Personal attack on Razz:
      by itsanukularwhore

      Quote: "No, not that simple. You have left out much. But don't let the facts get in the way of a false story, one that supports the hidden agenda you keep pushing!"

      I think somebody owes Razz an apology.

      Personal attack on Crickets:
      by itsanukularwhore

      Quote: "I question the intent of anyone that acts as if this is the truth, especially those here at enenews."

      I think somebody owes Crickets an apology too.

      Personal attack on CodeShutdown:
      by itsanukularwhore

      Quote: "I would not waste my time on this whatsoever if I didn't believe this. I haven't heard anyone else come up with anything that sounds like a good idea. For you to write this off without even looking at it is ass nine."

      I think somebody owes everybody on enenews an apology.

      Personal attack on WeNotTheyFinally:
      by itsanukularwhore

      Quote: "You can't be serious. May be you should read the info on Codex again, it must not have registered with your brain."

      I think somebody owes WeNotTheyFinally an apology, but that is my humble opinion.

    2. Tanks for the inspiration, MBP/MBHP/WKM/MoFoe/MFX/aunavoz/FactChecker/Niall/Atoms4Peace!

      The more YOU squeeze your grip on this community, the more systems i solemnly swear will slip through your grubby protuberances.

      ZING! :)

    3. Quote of "Jack Burton": "Son of a bitch must pay!"

      Quote of itsanukularwhore: "You are an idiot vannev, my post is not off topic, and is on topic with Dr Goodheart's post that I replied too. I have been away for a while, you must be foaming at the mouth for a chance to attack me, you and stock both. Both shills that work for TPTB, USEFUL IDIOTS!"

      Wasted no time attacking Anne after a lengthy absence.
      Now i think he/she owes Stock an apology too.

    4. So nice to see itsanukularwhatsit is back to apologize to Anne, razz, Sickputer, Crickets, WeNotTheyFinally, stock, and others in his or her "bizzaro-world" style.

      Maybe he/she liked my quotes below concerning the "admit" theme enough to reply (again) in typical bizzaro fashion. :lol

      Hey itsanuclearwar, send in your inverse-bizzaro counterpart. That would be coool! Otherwise, please call the SPCA, as there appears to be a rabid dog on the loose!

      "Me and your mom have been noticing lately that you've been having a lot of problems,
      You've been going off for no reason and we're afraid you're gonna hurt somebody,
      We're afraid you're gonna hurt yourself."
      ... "They say they're gonna fix my brain
      Alleviate my suffering and my pain
      But by the time they fix my head
      Mentally I'll be dead"

  10. There is no apology for those that do not apologize themselves.

    1. Quotes: "It is the highest form of self-respect to admit our errors and mistakes and make amends for them. To make a mistake is only an error in judgment, but to adhere to it when it is discovered shows infirmity of character. - Dale Turner"
      "Mistakes are always forgivable, if one has the courage to admit them. - Bruce Lee"
      "When we are really honest with ourselves we must admit our lives are all that really belong to us. So it is how we use our lives that determines the kind of men we are. - Cesar Chavez"
      "No one should be ashamed to admit they are wrong, which is but saying, in other words, that they are wiser today than they were yesterday. - Alexander Pope"
      "To err is human; to admit it, superhuman. - Doug Larson"
      "Strong people make as many mistakes as weak people. Difference is that strong people admit their mistakes, laugh at them, learn from them. That is how they become strong. - Richard J. Needham"
      "I am... stubborn, and I admit it, so it's OK. - Mila Kunis"
      "No parent is perfect; we all can look back and think of things we could've done to help our children be better prepared for adulthood. And sometimes it's best to admit it to them and encourage them to learn from our mistakes. - Billy Graham"
      "Love may not make the world go round, but I must admit that it makes the ride worthwhile. - Sean Connery"
      "I don't see the point of doing an interview unless you're going to share the things you learn in life and the mistakes you make. So to admit that I'm extremely human and have done some dark things I don't think makes me unusual or unusually dark. I think it actually is the right thing to do, and I'd like to think it's the nice thing to do. - Angelina Jolie"
      "I pick my nose and I'm not ashamed to admit it. If there's a bogey then just pick it, man. - Justin Timberlake"
      "No one escapes being haunted by something that absolutely terrifies them to the core, but very few feel it's okay to admit what it is that haunts us. - Nicholas Brendon"
      "Swallow your pride and admit that we all need help at times. - Huston Smith"
      "Unlike some politicians, I can admit to a mistake. - Nelson Mandela"
      "My natural-born sarcasm, when it's unimpeded, can be a bit overbearing at times and I'm the first to admit that. - Tom Bergeron"
      "I do all the evil I can before I learn to shun it? Is it not enough to know the evil to shun it? If not, we should be sincere enough to admit that we love evil too well to give it up. - Mahatma Gandhi"
      "If we're really honest with ourselves, most of us will admit that we want to impress people, and this is what's causing us to do what we do. - Joyce Meyer"
      "No one really wants to admit they are lonely, and it is never really addressed very much between friends and family. But I have felt lonely many times in my life. - Bill Murray"
      "I will be the first to admit I am not perfect and I make mistakes. - Alberto Gonzales"

  11. I am not responsible for all the newsers misfortune. I just post contrarian views. Maybe they all imagined it, like most of the stuff they make up.

    1. You don't simply post contrarian views. That appears to me to be only based upon your own bias, and not factual, from what i have witnessed over the last year. Note that i need not an IP address to ID you.

      What you and your "crew" have done and what you do will soon unravel. Wittingly or otherwise, it matters not to the police. 24000 + thousands of lurker complaints to one PD cannot be ignored. I don't desire this, yet you are bringing it down upon yourselves.

      Before contacting police, we will ensure adequate and conclusive evidence is gathered, so as to not be seen to "waste their time".

      Much akin to a neutered dog, it appears that you don't get it. If you won't be quiet, the least you can do is behave, and advise the same of your "crew". You do realize that you are making the anti-nuke argument for 'newsers. Skeptics are coming around due to your misbehavior, intentional or not.

      Am not interested in a bunch of "yes-people" arguments, and i do see that varied perspectives can illuminate any subject. However; you continue to demonstrate that you and your "crew" could only do so on a single day or two out of a whole year. I miss that day. We did agree to disagree. Remember the "Radioactive Boy Scout"?

      Otherwise, i can't wait to witness Anne virtually kick your illogical argumentative ass as usual Ron. :)
      Do you regret calling her a "cat lady" yet?

      Please stop the Ad hominem attacks.
      You don't even have to change your viewpoint. I am appealing to you before it is too late. I do not hate you, yet you do seem to have some "tough love" coming your way.

      Also, it would be nice if your "crew" would cease and desist from claiming "cures" for cancer on enenews. I know the effect you are gunning for, and i don't like it.

      Thank you for your time and consideration.

  12. @stock - Quote: "At least make sure you have some real virus and malware running."
    That appears in err. (anti-)?

  13. We have had quite a few inexplicable Internet outages. It was so bad last week that we replaced both the router and the modem. Its been a bit better but we are still have temporary outages. Not sure of the cause???

    1. The generic power bricks used for most routers are generally purchased from the lowest bidder. Also, the center pin is generally only riveted and prone to dropping voltage. Unfortunately there is not much the average person can do about that, unless they are handy with a soldering iron (warranty issues too). Brick should supply double the current required (listed on router label) at the same voltage and polarity.

      EMI from other wireless on similar channels can cause problems.
      Broadcom's WiFi software (for Broadcom WiFi module only) can help identify nearby WiFi signals. A "spare" notebook can be handy for this purpose. Other potential sources of EMI are cordless phones & MW ovens. A pocket AM radio might help to detect harmonics of nearby strong EMI sources. (move furthest away from potential sources, tune into strong station about mid-band, then wave it around potential sources)

      Skip WiFi & wire your network to compare, perhaps. Use Linux Mint to compare versus Windows to determine if it is a network problem or a Windows problem.

      WEP, WPA, WPS & WPA2 have been cracked
      see: , &

      Reconsider a wired connection if possible (impedence-matching cabling can be used instead of replaceable antennae)

      It would seem wise to avoid going into much detail here, Professor.

    2. ... that is the "center pin" of the power jack on the back of the router.

    3. ... WiFi appliances should be installed away from electric breaker panels.

      Also, CHANGE THE DEFAULT PASSWORD!!!! Do avoid reusing passwords. Configure your network before connecting to the internet.

      Many of the above troubleshooting steps can be used irregardless of router/modem manufacturer, although default admin addresses may differ.

      Now that i have finished telling people what to do, if i have offended anyone, or am wrong, you have my permit to tell me where to go. ;)

      Remember the eleventh day at the eleventh hour. Lest we forget.

    4. A note about passwords.

      Choose something with at least twenty characters, including upper case, lower case, numerals & symbols.

      With 128 character possibilities (like Code 128 barcodes), a twenty-character password calculates as 291,113,021,422,017,421,452,856,827,170,390,016,000,000 permutations or about 2.91e+41 permutations! That might take some time (travel) to brute force. :)

    5. Note that my own personal passwords have 3.4e+100 permutations (minimus). With a barcode scanner, i can easily enter that 50(+) character password in less than 3 seconds on any device.

      My aim is not to keep glovemints out, just crims that dabble.

    6. @majia, I would definitely run a slew of antivrus scans using different softwares.

      Malwarebytes (good and free version works well)
      AVG (not that good but free)
      Kapersky (purchase)

    7. Once again, it might be an idea to scan with AntiVirus boot disc whilst the machine is disconnected from network. Create CD/DVD media from computer known not to be infected.
      Note that "generic" "infections may be false-positives.

      Good call though Stock. I miffed 'dat.

  14. Stock, All AVG-free users should go into options on the whole and scheduled scans, check every item to scan and save. Check AVG logs that all problems found were removed, some may require attention.

    Best tools at:

    useful tools, links, instros for the average user:
    junk removal tool

    content.ie5 fills and can’t delete:
    "I finally found a way to rid my system of the pesky content.ie5 files!!
    I could not run a virus scan due to the following folder having over 5 million files, totaling about 150 GB of space:
    C:\Windows\sysWOW64\config\systemprofile\appdata\local\microsoft\windows\temporaryinternetfiles\content.IE5 "


  15. Title: "Should I use the 2.4 GHz or 5 GHz wireless band?"

  16. What follows is a quote concerning WiFi as an addendum to the above paragraph titled "WEP, WPA, WPS & WPA2 have been cracked".

    Quote: ... "users should continue to use the strongest encryption protocol available with the most complex password and to limit access to known devices via MAC address. It might also be worth crossing one's fingers…at least until a new security system becomes available."

  17. Here is hoping ene Admin isn't sunk in a quagmire too.

    Having overlooked the obvious, it seems clear to me now that the Fockers that continue to ad homenim attack are doing so because of the content of the article.

    Maybe we should be spreading this information far and wide. Hmm...

  18. Thanks to MBP/MBHP/WKM/MoFoe/MFX/aunavoz/FactChecker/TurdFergusson/Niall/Atoms4Peace, i will be posting links to that story at every site i can in nations that are considering "nukular" power. :)

    We should be doing this anyway! :angry:

    1. Dud, you forgot socref, lol

    2. [OT] Won't it be nice? :P

      (see above, to which you referenced)

      Say ... did you forget Al Bundy's favorite brand of toilet?
      Quote: ... "a FERGUSON. The King of bowls!"

      Somebody, hand the fascist "King" his plunging fascia!

      I bet he looks something like the former Calgary Stampede wrestler Makhan Singh did.
      (pic from: )
      Yup; "Back Asswords".

      What was his nickname (graciously dubbed by Neil MacRae)?
      Step right up to the bowl and give it your best shot, sir.
      You might have "hit the mark" if you said "The Toilet Bowl"! :lol:

      Quote: "Originally, it was supposed to be kind of a sewer creature, gargoyle-type that had a silver outfit, boots, and was supposed to have a big mask with horns coming out of it," Shaw explained.

      Mayhap "King Fergie's" hair was "Fashioned today by the Calgary Zoo", too! :ROTFLMAO

      Owen Hart vs Makhan Singh -

      "In the mean time, and in between time" ... Ed Whalen

      Keep playing him like a Stradivarius!!! [/OT]

    3. As a friendly reminder, perhaps it would be wise to avoid MetaWeird/Turd"KingOfBowls"/Socref/JaANUS' links.

      Have found issue(s) with some of it's few supporting links. Confirmation is a todo. Do i have that correct that PT has a real person to "thank", if and when the next viral "gift" is deposited on ene?

      PS: all lanl links here -->
      see: Website Details - List of Links Found

      I didn't know they had their own email system. Not looking to "hack", only for public info.
      Thanks for the inspiration Ja Anus.

  19. The Mutated Tomato here...I've had 2 computers "go south" in the last year, the most recent on 11/7/14...I can't even get it to a blue screen. Fan comes on, but that is it! Running XP. Might be BIOS related?

    1. Yes Matt. Might be "soft bricked", but also could be a DDR memory stick or other hardware failure. Hardware failure is the first thing to rule out, and most common.
      Testing generally involves removing as much internal peripherals as possible, then looking for "signs of life" so-to-speak.
      They might only be "mostly dead". Beware that static electricity can render a "mostly dead" device utterly useless.

      Quote: "Miracle Max: [...] It just so happens that your friend here is only MOSTLY dead. There's a big difference between mostly dead and all dead. Mostly dead is slightly alive. With all dead, well, with all dead there's usually only one thing you can do.
      Inigo Montoya: What's that?
      Miracle Max: Go through his clothes and look for loose change."

      Is that similar to what happened to the other two?

    2. ... and do you still have them?

      Laptops need battery removed FIRST, before removal procedures.

      Laptop or Desktop, remove the HDD/SSD before attempting to diagnose & ensure they are kept away from kids, cats, dog, dirt, dust, static or magnets (HDD). Anti-static bags (free from 'puter store) are handy. Put 'em on the shelf until you figure out what the hell went wrong.

    3. Uh ... do pull the plug first, then hold the power button on the front for 10 seconds to discharge the power supply, if it is a Desktop.

    4. For laptops, the display is another possibility, but then you might have seen the HDD light flashing whilst the screen remained dark. So that doesn't seem probable either, in your case.

      Quote: ... "BIOS attack renders antivirus useless"
      ... "Excerpt:

      Even if the initial virus was detected and removed the computer would still be under remote control. Even a full wipe of the hard drive and complete reinstallation of the operating system would not remove it they warned.

      If a sophisticated rootkit was put onto the BIOS it could be even more difficult for an administrator to debug the system, said Ivan Arce, chief technology officer at Core Security Technologies." (broken link to reference article - not on internet archive either)

      If you have ruled other hardware failure possibilities out, then hopefully your machine is under warranty. Odds are it is not though, or you might be reluctant to ship your data away for service with it as you might not get it back.

      If warranty is not of issue, we might be looking at a "BIOS Recovery".
      Before doing so, you need to know whom authored the base code.

      Note that the manufacturer/OEM/VAR of your system(s) may have procedures for recovery that are specific to the brand or model. Check their support/driver download page first.

      I would use CD/DVD for restore media instead of USB flash.

      Note this might be a good time to update, but a bad flash might "brick" your equipment. Since you are already "bricked", it seems like a good idea. Since you need to download & burn this stuff from an uninfected machine, this might be a good time to download & burn a couple of AntiVirus Rescue discs & a 32bit linuxMint disc (widest compatibility).

      Note that a firmware or BIOS are generally NOT interchangeable between models. Ensure you obtain the correct BIOS for your hardware, or risk it becoming totally dead.

      If you are able to recover, do go into BIOS & load the factory defaults.
      Put your AV disc in the drive, then power everything down again (remove battery/discharge desktop) & replace the HDD/SSD.

      Note that if it is a SSD, it's controller chip could be infected too. (ARGHH!!!)

      Ensure that you start from Acronis, Macrium (etc) Media to backup your drive. (F9, F10, F12, etc)
      After a backup is created, it is time to start the cleanup from an AntiVirus Rescue disc.

      Are we having fun yet? Fucking socref. RED CARD THAT FOCKER!

    5. Also, true "friends don't let friends run XP for internet access".

      Keep your valid licensed XP, if you like. Don't use it to access the internet though, other than for initial activation.

      harkaz has an unofficial SP4 package for XP that can be integrated into install media.

      If you need drivers, integrate them into install media last with DPs_BASE.

      Here is a search to find all the updated packs.

      Integrate DP_MassStorage_wnt5_x86-32_1405176.7z at minimum for AHCI/RAID/Virtual support in the initial textmode partitioning screen.

      It allows one to install XP on newer intel/AMD controllers that are not officially supported. It also supports installing from bootable USB 3.0 controllers. Either Easy2Boot or WinSetupFromUSB support creating bootable USB media for OS installation.

      I hope something here on this page helps.

    6. Easy2Boot XP DPMS update procedure, by SteveSi

      (ignore - DP_MassStorage_wnt5_x86-32_1405176.7z supersedes it. A new member, Symbios24, posted a potential fix for Lenovo G405/G505, yet it has not been verified.)

      For WinSetupFromUSB, enable the Advanced Options & deselect "use DPMS.iso")

  20. Speaking of Tor, i found an old article on Cryptome that was illuminating.

    Quote: "Date: Sun, 02 Mar 1997 18:20:49 -0800"
    "At the FC'97 rump session, Paul Syverson from NRL presented a paper titled "Onion Routing"."

    quoted from:

    Quote: "Onion routing was developed by Michael G. Reed, Paul F. Syverson, and David M. Goldschlag [...] and patented by the United States Navy in US Patent No. 6266704 (1998). As of 2009, Tor is the predominant technology that employs onion routing."

    Tails apparently puts one on a list.

    Freenet might be another possibility, but am loathe to run java. Am not certain how OpenJDK differs from java.

    1. ... though there may yet be hope for Tor.

  21. WTF? I can post without entering the correct letters from CAPTCHA.
    That used to only happen with the horizontal letters, not the jumble.
    All i need do is ensure the number of characters is the same.
    Not hacking, nor cracking; just odd.

  22. Now, it seems we need a topic for the malvertising links.
    I have some hardware i would be honored to risk for confirmation. :D

    Time to build that class-action case & police file(s).

    1. @ stock too -
      Quote: " 6 November 2014

      SiteLock Removed from Cryptome After One Day

      SiteLock removed after reader noted it spies on visitors. A reminder that all site security programs spy on visitors and the host as does any "security" service, from personal to national and beyond.

      SiteLock is a service recommended by (Network Solutions), Cryptome's host, to daily check for malware."

      If we could just overcome all the bullshit, what a wonderful world it could be.

    2. What a wonderful world ...

    3. Though two tribulations come first, looking forward to that first dawn of the third age ...

    4. ... because i cannot and will not do this alone.
      Don't risk clicking suspect links, let those willing to research this do so.

      I have a sense that the greater community needs to see what Oak Ridge has been up to. Lets help make their actions world-infamous.

      Their employers love that kind of publicity!

      Please help. Publicly outing this malefactory crew seems paramount.

      Whom is it we need to help? The following Fukushima worker knows whom.

      We need YOU!!!

    5. WHPPSS! That should have been in reply to:
      @Stock"Now, it seems we need a topic for the malvertising links.
      I have some hardware i would be honored to risk for confirmation. :D

      Time to build that class-action case & police file(s)."

      If this site isn't the best place for this, i know of a place or two that should be beyond their reach.

    6. Links to the links would be very helpful ... even a general date ... edit links so nobody can click on them by accident, s'il vous plaît.

      simple example: https ://

    7. better example: https ://startpage .com (just add two spaces)

      Otherwise, the preceding is all i will share of my own "digital karate". Yes, there is much more.

  23. Calling in the cavalry.

    1. @stock - may i link to this topic & ?

      Some evidence beyond anonymous eyewitness reports is needed now.

      The REAL Voice of "G": Deut.32:21
      Quote: "They have moved me to jealousy with that which is not God; they have provoked me to anger with their vanities: and I will move them to jealousy with those which are not a people; I will provoke them to anger with a foolish nation.
      For a fire is kindled in mine anger, and shall burn unto the lowest hell, and shall consume the earth with her increase, and set on fire the foundations of the mountains."
      Jer.16:17: "For mine eyes are upon all their ways: they are not hid from my face, neither is their iniquity hid from mine eyes."

    2. What an interesting lack of response on Schneier's site.
      Neither commenters, nor the EFF board member himself seem to care.
      Maybe they have found a way to eat money.

    3. “Let me tell you something you already know.
      The world ain't all sunshine and rainbows.
      It's a very mean and nasty place and I don't care how tough you are it will beat you to your knees and keep you there permanently if you let it.
      You, me, or nobody is gonna hit as hard as life.
      But it ain't about how hard ya hit. It's about how hard you can get hit and keep moving forward. How much you can take and keep moving forward.
      That's how winning is done!” ― Sylvester Stallone, Rocky Balboa

  24. According to the EFF, Hushmail might not be as secure as one would hope.

    Title: "ISPs Removing Their Customers' Email Encryption"

    From the following page, it would appear that HM does support STARTTLS protocol.

    1. EFF's Surveilance Self-Defense

      EFF them before they F you!

  25. Quote of "Good Plutonium": "I am" ... "gay" ...

    "Good Plutonium" has come out of the closet, so-to-speak.
    Congratulations Good, Bad & Ugly Plutonium. I admire your bravery, whether or not i agree with your lifestyle choices.

    "you tell 'em, Johnny... you tell the WORLD."

  26. Quote: "Time for a new name. I only have 17 registered so far."

    That's odd, i count 23 at minimum. Not that i would expect any truth from Oak's lunatic Ridge.

    1. Mr. Ad hoc has become Mr. FUD

      Are we certain the malicious links came from MBP??
      Was it a pdf??? Was itsanukularwhore's links to "cancercures" involved?

      @anne - Quote: "My computer got more than 180 mal files when I linked to WesternKyMan's links at ATS."
      Is it possible that your 'puter got more than 180 mal files before linking to WKM's ATS shite? I checked one link so far, & VT says "nyet". Am of mind that links must be checked on live system on "real iron".

      Quote of ISPC(i see 'em too, bud): "You may have noticed he bragged about his criminal asshosiates in the basement of the ciansa building cooking it up for us."

      A link to that would be very helpful. Anybody, anybody, anybody???

      Somebody throw me a frickin' bone here. I sense time slipping away ...

      Send the info to Stock for him to vet properly first, if he agrees.

      Perhaps what GP really meant to say was "I only have 17 victims registered so far"...?

    2. ... save logs from antivirus cleaning for evidence.

      Matt; if it was a BIOS attack, which is reputedly very very rare, even reflashing the BIOS might not remove it.

      Put it on a shelf. Tag it as evidence, if you agree.

  27. Quote of anne: "My computer went crazy when I clicked on the reply button to Good Plutonium's porn post. Is he now using these terrible comments of his to infect someone's computer?"

    It would appear that she may have been either reinfected, or was not entirely successful in removal.

    If you are still using Window$ for internet access & activism, give your head a shake.

    If you were a "viral" author, which OS/browser would you target?

    1. Quote: "My computer is now acting extremely strange showing my computer is being routed through many, many servers according to the hand bottom of the screen."

      A disconnect from the internet & backup of data prior to cleaning seems IMPERATIVE if one suspects infection. Readers here might recognize that relying on MSE, Malwarebytes, etc. is like relying upon a sieve to retain water in it's liquid phase.

      Do clean from a boot CD/DVD or three. Retain your logs for evidence.

      Rise above.

    2. Quote: "If you are still using Window$ for internet access & activism, give your head a shake."

      Correction: Windows 8.1.1 might be the way to go, if Windows is necessary , but only if you agree to MS Terms.

      Title: "Redmond is patching Windows 8 but NOT Windows 7, say security bods, New tool checks differences, could lead to 0-day bonanza"
      By Darren Pauli, 6 Jun 2014

      Quote: ""Why is it that Microsoft inserted a safe function into Windows 8 [but not] Windows 7? The answer is money - Microsoft does not want to waste development time on older operating systems ... and they want people to move to higher operating systems," Joseph said in a presentation at the Troopers14 conference.

      Microsoft has been contacted for comment.

      Together with malware analyst Marion Marschalek (@pinkflawd), the duo developed a capable diffing (comparison) tool dubbed DiffRay which would compare Windows 8 with 7, and log any safe functions absent in the older platform.

      It was "scary simple", Marschalek said, and faster than finding vulnerabilities by hand."

  28. In an effort to reduce infighting, please remember the Modus Operandi of the "malefactory crew".

    Among other things, they seem to love to spread Fear, Uncertainty & Doubt (FUD), and aim to discredit all 'newsers (prolly prefer 'newsers to unwittingly do it for them).

    For that "malefactory crew", i submit that "a shit-leopard cannot change it's spots".
    Nuker thinking 101 (for educational purposes only) -

    You should be able to spiritually discern them, even over the interweb.
    If you suspect, keep your cool. Take 5. The truth will out.
    Be proactive, not reactive.

    'newsers are made of sterner star-stuff, imho.
    I swear, it doesn't take rocket appliances to figure the "malefactory crew" out.

    Please don't play into their shit.
    You never know, someday they too may even get promoted to Trailer Park Supervisor. Just pray it isn't your trailer park!!! ;)

    1. Dud, received message, yes a complete list of mal-troll comments could be quite useful. Although I am headed off for 1.5 months of solar super crunch work. Will be quite busy. stock out

    2. One more try.

      One link was viral at minimum. May i post here for their benefit?
      I will edit potential viral links by adding spaces, so as not to directly link.

      No word back from Matt?

  29. ---------------------------------------------------------------------------------------------------

    https ://archive .org/details /atomicnucleus032805mbp
    linked by ManBearPig @
    2/61 detections via
    Quote: "Blueliv Malicious site
    Malware Domain Blocklist Malicious site"

    Do bear in mind that none of this should be considered "actionable" until confirmed.
    No sense going off half-Vox'ed. :lol

    Here's an update to the last candidate link, which only scored as a "Malicious site" on 2/61 URL Scanners:
    Quote from "Blacklisting status" --> "Quttera Labs - domain is Malicious. more info"
    That site is long on blacklists, but damn short on details. (Inconclusive)

  30. Here is another candidate (with spaces for sanity's sake):
    http ://www.uefap .com /reading /exercise /ess3 /gamow .htm


    That registers 1/61 detection as a "Malware Site".

    Quote: "Website:
    Status: Site Potentially Harmful. Immediate Action is Required.
    Web Trust: Blacklisted (10 Blacklists Checked): Indicates that a major security company (such as Google, McAfee, Norton, etc) is blocking access to your website for security reasons. Please see our recommendation below to fix this issue and restore your traffic."
    "Site Likely Compromised"..."Outdated Web Server Apache Found: Apache/2.2.3"
    "Domain blacklisted By Yandex (via Sophos): - reference"

    Quote: "Yandex has detected malware on this site that may harm your computer or gain access to your personal information."

    Interesting that only a Russian site puts up red flags.
    Translated Quote: "Yandex periodically checks the page. Last check (less than a week ago) has shown that the site was placed malicious code. This could happen as desired site owners and without their knowledge - as a result of malicious acts. If at the next check code is detected, Yandex stops mark the site in search results as dangerous."
    "Malware: contains Troj/JSRedir-NG (data provided by Sophos)."
    Title: "GNU GPL malware?: Troj/JSRedir-AK" ... "by SophosLabs on December 23, 2009"

    Dud here: Note the differing suffixes.

    Quote: "The next few lines of code do the redirection to a webpage in Russia with the following legitimate strings in its URL:


    I suspect that this code is part of a larger hack and if you find this code on your website please send us samples of other recently modified files."

    Dud here: There might be your Russian web traffic.


    Quote: "Gumblar is a malicious Javascript trojan horse file that redirects a user's Google searches, and then installs rogue security software. Also known as Troj/JSRedir-R this botnet first appeared in 2009."
    "Gumblar.X infections were widely seen on systems running older Windows operating systems.[2] Visitors to an infected site will be redirected to an alternative site containing further malware. Initially, this alternative site was, but it has since switched to a variety of domains. The site sends the visitor an infected PDF that is opened by the visitor's browser or Acrobat Reader. The PDF will then exploit a known vulnerability in Acrobat to gain access to the user's computer. Newer variations of Gumblar redirect users to sites running fake anti-virus software."

    Dud here: There is your fake security software via a malicious pdf.

    Quote: "See also: Malware, E-mail spam, Internet crime"

    Still not a "smoking RPV" on it's own though, imho.

  31. ManBearPig pdf linking history @
    disclosure: direct linked pdf's may be malicious files & possible BIOS attack - BEWARE!!!
    (the odds are extremely low, yet cannot be ruled out yet; space added before ://)
    VirusTotal notes for most files (quote)
    "Probably harmless! There are strong indicators suggesting that this file is safe to use."
    Anubis seems potentially more revealing ...
    October 11, 2014 at 12:24 am -
    http ://

    October 15, 2014 at 8:57 pm -
    http ://

    October 15, 2014 at 10:51 pm -
    http ://
    Quote: "This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers."
    http ://
    Quote: "PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 1 alert and Suricata triggered 3 alert."
    ... "Intrusion Detection System
    Snort 1 alert
    Suricata 3 alerts"
    ... "Wireshark file metadata
    File encapsulation Ethernet
    Number of packets 120
    Data size 89088 bytes"
    ... "Snort alerts Sourcefire VRT ruleset
    BAD-TRAFFIC TMG Firewall Client long host entry exploit attempt (Attempted User Privilege Gain)
    Suricata alerts Emerging Threats ETPro ruleset
    ET POLICY Reserved Internal IP Traffic (Potentially Bad Traffic)
    ET POLICY Internet Explorer 6 in use - Significant Security Risk (Potential Corporate Privacy Violation)
    ET INFO PDF Using CCITTFax Filter (Potentially Bad Traffic)"
    ... ""
    (note: not definative, flagged for further investigation)

    October 17, 2014 at 1:23 am -
    https ://
    Quote: "HTTP Communication error - There was an unexpected error when trying to retrieve the response"

  32. October 17, 2014 at 12:42 pm -
    http ://
    Quote: "This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
    This PDF document contains 17 object streams. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects. "

    October 17, 2014 at 12:48 pm -
    http ://
    as above (copy)

    October 17, 2014 at 11:32 pm -
    http ://
    Quote: "This PDF file contains 1 JavaScript block. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent."

    October 17, 2014 at 11:36 pm -
    http ://
    Quote: "This PDF document contains 9 object streams. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects."
    http ://
    (inconclusive - download & upload to Anubis)
    Quote: "PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 2 alerts and Suricata triggered 2 alerts. "
    ... "Intrusion Detection System"
    ... "Snort 2 alerts
    Suricata 2 alerts"
    ... "Wireshark file metadata
    File encapsulation Ethernet
    Number of packets 63
    Data size 41788 bytes"
    ... " Snort alerts Sourcefire VRT ruleset
    (spp_sdf) SDF Combination Alert (Sensitive Data was Transmitted Across the Network)
    BAD-TRAFFIC TMG Firewall Client long host entry exploit attempt (Attempted User Privilege Gain)
    Suricata alerts Emerging Threats ETPro ruleset
    ET POLICY Reserved Internal IP Traffic (Potentially Bad Traffic)
    ET POLICY Internet Explorer 6 in use - Significant Security Risk (Potential Corporate Privacy Violation)"
    ... "DNS requests,,"
    (note: not definative, flagged for further investigation - 3 seperate IP Addresses though???)

  33. October 17, 2014 at 11:38 pm -
    http ://

    October 17, 2014 at 11:39 pm -
    https ://
    Quote: "This PDF file contains 1 JavaScript block. Malicious PDF documents often contain JavaScript to exploit JavaScript vulnerabilities and/or to execute heap sprays. Please note you can also find JavaScript in PDFs without malicious intent.
    This PDF document contains at least one embedded file. Embedded files can be used in conjunction with launch actions in order to run malicious executables in the machine viewing the PDF."

    October 19, 2014 at 11:35 am -
    http ://
    Quote: "This PDF file contains an open action to be performed when the document is viewed. Malicious PDF documents with JavaScript very often use open actions to launch the JavaScript without user interaction.
    This PDF document contains AcroForm objects. AcroForm Objects can specify and launch scripts or actions, that is why they are often abused by attackers.
    This PDF document has Digital Rights Management or needs a password to be read."

    October 20, 2014 at 11:49 pm -
    http ://

    October 23, 2014 at 5:08 pm -
    http ://
    Quote: "This PDF document contains 1 object stream. A stream object is just a sequence of bytes and very often is only used to store images and page descriptions, however, since it is not limited in length many attackers use these artifacts in conjunction with filters to obfuscate other objects."
    (Adobe Updater triggered)
    http ://
    (inconclusive - download & upload to Anubis)
    Quote: "PCAP file! The file being studied is a network traffic capture, when studying it with intrusion detection systems Snort triggered 0 alerts and Suricata triggered 2 alerts."
    ... "Intrusion Detection System"
    ... "Snort 0 alerts
    Suricata 2 alerts"
    ... "Wireshark file metadata
    File encapsulation Ethernet
    Number of packets 98
    Data size 48564 bytes"

    That is what i have so far ...

  34. posted, yet moderated perhaps, but with no "moderation" message AGAIN!

    MBP#1 - http :// - size: 4.52 KB
    MBP#2 - http :// - size: 11.28 KB

    1. from MBP#1:

      Quote: "The next few lines of code do the redirection to a webpage in Russia with the following legitimate strings in its URL:


      I suspect that this code is part of a larger hack and if you find this code on your website please send us samples of other recently modified files."

      Dud here: There might be your Russian web traffic.

      see http ://

      Quote: "Gumblar is a malicious Javascript trojan horse file that redirects a user's Google searches, and then installs rogue security software. Also known as Troj/JSRedir-R this botnet first appeared in 2009."
      "Gumblar.X infections were widely seen on systems running older Windows operating systems.[2] Visitors to an infected site will be redirected to an alternative site containing further malware. Initially, this alternative site was, but it has since switched to a variety of domains. The site sends the visitor an infected PDF that is opened by the visitor's browser or Acrobat Reader. The PDF will then exploit a known vulnerability in Acrobat to gain access to the user's computer. Newer variations of Gumblar redirect users to sites running fake anti-virus software."

      Dud here: There is your fake security software via a malicious pdf.

      Quote: "See also: Malware, E-mail spam, Internet crime"

  35. MBP quote: October 20, 2014 at 11:49 pm

    "I only reply before I leave and after I come home from work. I talked to my bosses and colleagues today and they really want me to stick it to your kind. Make you squirm. Squeal like a pig."

    quoted from:

    Here are those links: &

  36. Quote of ISPC: "Yes. stock. It was not just the trollware, our computers were hacked. The Administration and Owner File Permissions were deleted, and new Permissions were added, that is, another person was permitted to access and modify files. File Sharing and Remote Access were turned on, and Registry Entries were modified or deleted. I too was eventually forced to install a new operating system, well, two, as I partitioned for a dual boot Open Source Operating System. Both work smoothly, and I am quite happy and secure now. Thanks trollbothacks. I wouldn't have done it without you. Peace"

    Reply by VanneV: "One scan I did this week found 1175 mal files. No one can comment if they are working on their computers."

    1. Ya, I saw that, let the civil suit data build up.

  37. One would think Oak Ridge Nuke employees would recognize that all humanity has potential to make mistakes. Can you confirm that ManBearPig was from too?

    "People tend to make mistakes, and repeat them over and over until one finally learns from those mistakes. Eventually one might not make many repeated mistakes and tend to learn from other people's mistakes"

    That was how i managed to avoid ever having a Workman's Compensation claim, or injured fellow employees.

    They appear to be part of an industry that considers not their own humanity (or lack therof). It appears to be management policy. They appear extremely irresponsible (and prolly infected themselves too, though i don't see nary a one of them admit to such - Android AV cannot autoremove malware, iirc)

    So, as that activity relates directly to employment, if any of them get so much as a hangnail during such malicious posting, are they not entitled to Workman's Compensation? If so, have any made previous claims?

  38. Title: "Is Your Antivirus Tracking You? You’d Be Surprised At What It Sends"
    Quote: "Your antivirus software is watching you. A recent study shows that popular antivirus applications like Avast assign your computer a unique identifier and send a list of all web addresses you visit to the manufacturer. If the antivirus finds a suspicious document, it will send the document to the antivirus company. Yes, your antivirus company might have a list of web pages you’ve visited along with your sensitive personal documents!"

    Quote of sobic: "intersting.
    btw, EFF Privacy Badger sez these sites are tracking us on YOUR page:
    Detected trackers from these sites:

    main. makeuseoflimited….
    www. google. com
    0.gravatar. com com
    platform.twitter. com
    themes. googleuserconte… com
    ssl.gstatic. com com
    oauth. googleuserconten…
    t0.gstatic. com
    t1.gstatic. com
    t3.gstatic. com
    cdn.syndication. twimg….
    s.ytimg. com
    http://www.gstatic. com
    fbstatic-a. akamaihd. ne

    cute, no? (No.)"

    I had noted Avira geolocating installers of it's AV back in 2011, only to be repeatedly threatened to be banned by site moderator marfabilis.
    The other noteworthy misbehavior exhibited by Avira of Germany's geolocating Adware also known as an AntiVirus, was that the geolocation was accomplished during install whilst connected to the internet before the Terms of Service could be read or even acknowledged by whomever was installing it.

    Does anybody want to see that exchange?

    Also see: Warrant Canary (wiki)

    Trust within the interweb is broken. Detrust the interweb.


      Quote from AV-Comparatives:
      "a letter recently sent to 20 of the world's largest antivirus companies by Bits of Freedom, a Netherlands-based organization focused on digital rights. In that letter, the group asked whether the vendors had whitelisted government-authored malware. Most of those companies gave a prompt response in the negative, but U.S-based AV giants McAfee Inc. and Symantec Corp. never replied”.
      It is possible that intelligence/law-enforcement agencies in some countries prohibit vendors (security or otherwise) from revealing any co-operation with them.
      Some people may ask why malware such as Stuxnet and R2D2 remained undetected for many years. "

      quoted from:

  39. From Russia with love?

    1. Clem Lefebvre's LinuxMint v17.1 has reached RC.

      Got Yandex?

      Opera Browser apparently integrates Yandex safebrowsing. There are also plugins for other browsers powered by the Yandex API.

      Yandex being the only AV product out of 63 listed on VirusTotal that successfully detected the initial vector.

      Every other AV product can go hang, as far as i'm concerned, though i do like a variety of AV repair discs.

    2. WHPPSS! The Yandex mirror link is apparently for unmodified distros, not ones integrating Yandex API, if i have that correct.

      One question people might ask of their viral pollution solutions is "Got Yandex?"

    3. Доверяй, но проверяй. (via

  40. Curious. Coinkydink?

  41. This seems beyond DU subject for him, for instance.

    Oh, look. It's a retired pentagram bully!

    I have some ideas for a "Honey-Pot" to draw out some pus, and prove criminality.

  42. Quote: "Dr. Goodheart
    December 9, 2014 at 10:30 am Log in to Reply

    Just found something interesting… Go to youtube and type in search words; Hormesis

    What comes up are all of the hormesis promoting pro nuclear apologists

    Type in hormesis theory debunked
    You get more pro hormesis junk and nothing about anyone debunking the hormesis theory. This was not the case a year ago. A year ago there were plenty of videos debunking the hormesis theory. Could it be that someone is purposely scrubbing the web of hormesis debunker videos, very systematically?

    The new pro nuclear push is promoting hormesis, via people like Wade Allison.

    Over 1,400 videos on Youtube on the AGRP channel were deleted a few days ago, permanently. Is it any coincidence that AGRP was one of the few places where hormesis was debunked via videos?

    Report comment

    December 9, 2014 at 10:50 am Log in to Reply

    You keep at it Doc … put up a Facebook presence, maybe … my son works there … Mark Zuckerberg's money is not necessarily nuclear-tainted, yet, as far as I know … we need some new money presence in the anti-nuclear fight … the control of the "dead hand" from places like GE is vast and far reaching … like the "Eye of Sauron" … battle on … can you not retrieve the lost videos?

    Report comment

    Dr. Goodheart Dr. Goodheart
    December 9, 2014 at 11:18 am Log in to Reply

    Facebook erased all of AGRP as well, except for 1 page.. AGRP group and individual profile is gone there too.

    A Facebook page is what makes the least amount of difference, and has the least amount of connection, participation or influence. Coincidence?

    Facebook group and profile was deleted and had over 1,000 members.
    Youtube channel deleted 4 times, no explanation, now permanently, no way to get it back, also thousands of subscribers.

    There is a World War III going on for peoples hearts and minds. What the pro nuclear apologists like is when people are passive, meek and submissive. Don't say or do anything and let the nuclear industry take whatever it wants."


    VirusTotal's "Autoshun" is the only detection as a "malicious site". Curious there is no explaination of what it is that is supposedly "malicious".

    Securi says "Unable to properly scan your site." Awww.

    Quttera seems to hate many of Dr. Goodheart's links.
    Quote: "List of blacklisted external links: 92"
    "List of referenced blacklisted domains/hosts: 7"

    There's that dreaded blacklisted domain, and,,,, among others! WTF?

    Again, clean; WTF???

    It's labelled as malicious, yet no explaination, no proof, no way to confirm or deny, no way to reproduce their results, other than to say it is "guilty" of linking to (hold on to your hat) - clean.

    Note that Quttera didn't detect any previous MBP infection vector.
    Fockers @ Quittera don't seem to know their asses from their eyebrows!
    Virustotal says it's clean, & Securi concurs.

    24 January 2013 Quote: "We found the program would quite often report innocent pages as "potentially suspicious" for one reason or another, and you'll need some web development and security experience to properly understand its reports."

    Mr. Novofastovsky might be of assistance, that is, if he wasn't in Isreal.

    That just brings up more questions. WTF????


    Quote: "Quttera's support team is being constantly contacted by website anti-malware monitoring customers whose website(s) were blacklisted."

    No fucking doubt in my mind! What a load of crap! Contact us. Fuk that.

  45. Hold the phone.

    VirusTotal uses a voting/reporting system to determine that is malicious or not.
    So, does Quttera use heuristics, or are they just expressing "corporate free speech"?

    What can a blogger do? (an exposé, no?)
    Quote of anreas007: "site is good. Its a fault of VT that it will be submitted. A malwaresite uses a redirect to google when not accessed by a browser to try tomake it more hardfor automated analyzing tools like VT to analyze the page."
    (quoted from Comments tab)

  46. PS: I leave it up to you what to post & what to moderate, at your entire discretion.

  47. Hedge bets & double-down on "virus". Watt can it hurt?
    Yandex one out of ... that seemed to pick up your viral vector down to the effects, maybe Quttera is exceeding the sum of it's programming???

    Perhaps that might explain why YouBoobTube Vidz "disappeared", not GloveMint "direction". (possible to retrieve vidz someday soon, then, if "infection" cleared?)
    Now the possible viral/malware presence ... can we rule out grimy glovemitts?

    Maybe proof of which would actually piss off Mr. Helbig. WTF do i know? I'm just the (obnoxious) schmuck typing this, in hopes of help.

  48. VT & Securi see your site as clean. However;

    A list of "usual suspects" in common w. Dr. GH, includes www .cnn .com; 1. bp. blogspot. com; feedproxy .google .com; www .youtube .com & www .who .int ???

    Maybe Quttera is better than i gave credit for earlier. They don't trust the WHOres either??? Every answer seems to breed more questions!

    Note that majia's site has some of those listed domains, yet resolves as "clean". WTF??? Is it evidence of something symptomatic and not directly causal?

    Am done for now. Aloha. (teach some Hawaiian, please)

  49. IseePinkClouds needs this topic, methinks. WHO's links was he or she clicking?

    Quote: "ENENEWS is under an attack again. I clicked on General Nuclear Issues and got redirected to "Find All You Want" website"

  50. For the benefit of Dr. GoodHeart.

    Quote of VanneV: "Dr. Goodheart, your links are not leading to your articles but just to a summary of many of your links."

    I get that when slowly moving the mouse or trackpad down past the "Pages" bar, and it's extremely annoying, especially because the word "Pages" is damn near invisible.
    A one or two second delay for that "Pages" bar might be an appropriate fix. :)

    My favorite Green Road Ahead link:

    Quote: "Keep using language that connects people and keeps them human, rather than dehumanizing them."

    Quote of stock: "Tip it to the good!"

    1. head's up for majia

  51. (to the tune of Salt-N-Pepa's "Push It") "Tip it real good!"

  52. WTF?

    Quote of califnative: "majia – yesterday I had some McAfee alerts about suspicious activity of all places Enenews and a few other strange things happen."

    "Potentially Suspicious files: 64
    Severity: Potentially Suspicious
    Reason: Detected PDF file containing potentially suspicious instructions
    Details: Detected hidden CSS declaration"

    Can't seem to find the files by filesize noted.

    One post by RogerThat had control-characters "obj-obj-obj-obj" listed below a pdf.

    Head's up! I am struggling here to understand what the hell Quttera is calling "potentially suspicious". It seems to be some .css files? I don't see reference to pdfs there though.

    Nothing conclusive there.

    Damn Quttera's lack of detail!

    Oh, the commonality seems to be the following:
    Threat dump MD5:

    Yup, all 64 of them. Whatever it is, all 64 "potentially suspicious" files have it.

  53. OK. Maybe it's not so bald.

    Quote: "Victims generally fall into the following categories:
    • Governments and diplomatic institutions
    • Telecommunication
    • Aerospace
    • Energy
    • Nuclear research
    • Oil and gas
    • Military
    • Nanotechnology
    • Islamic activists and scholars
    • Mass media
    • Transportation
    • Financial institutions
    • Companies developing cryptographic technologies
    Combining statistics from KSN and our sinkhole, we counted more than
    500 victims worldwide. A lot of infections have been observed on servers, often
    domain controllers, data warehouses, website hosting and other types of servers.
    At the same time, the infections have a self-destruct mechanism, so we can
    assume there were probably tens of thousands of infections around the world
    throughout the history of the Equation group’s operations.
    As an interesting note, some of the “patients zero” of Stuxnet seem to have been
    infected by the EQUATION group. It is quite possible that the EQUATION group
    malware was used to deliver the STUXNET payload."

    I haven't found any coincidence with the above confirmed infection from MBP yet. Your logs, if saved from months ago, might help if i have that correct. Talk to Stock first, if you agree.

    I hope you kept those HDD's, obewan!
    May the farce no longer be with you, yet The Force instead.

  54. Stock,
    …question of whether the Equation Group is the US National Security Agency
    …Kaspersky has identified are two modules that can reprogram more than a dozen different hard drive brands, including big names like Maxtor, Seagate, Hitachi, and Toshiba, basically rewriting the hard drive's operating system. This trick puts the "p" in APT (advanced persistent threat), by allowing the malware to go undetected by antivirus and to remain alive even if the drive is reformatted or the operating system gets reinstalled.
    …the module that infects the hard drive firmware is "state of the art."
    "We're sure there's some Linux malware, too … and probably a lot of other stuff we have not found yet."

    Not just a partition virus, infected firmware, won’t matter the operating system loaded. To get rid of partition virus’ I used Norton’s old Disk Editor on an old computer to zero out the partition and mbr just like a new HDD. Windows then writes a new, clean partition instead of just adding entries to an infected one. As a shortcut, I use Linux to write a new partition table, forcing windows to write a new one. Windows’ underlying DOS has always been vulnerable, and now Linux is vulnerable, I doubt the NSA would leave out Apple. An HDD with infected firmware would need the firmware rewritten or the drive destroyed. Not detected by scanners, you wouldn’t know the HDD firmware was corrupt and needed replacing.

    1. Adding "two and two" & i find an unbalanced "equation".

      Apparently Kaspersky & by default Russia (etc, etc etc) have part of the toxic toolkit now!

      Nice job! Not liking what i see in Numbers concerning Edom & Moab.

  55. Had remembered a post by Bo concerning some trouble trying to comment on this site.
    Have noticed for some time that every time i try to post on your site, stock, i get a "clickjacking or UI redressing attempt" warning via No$cript when the "I am not a robot" image selection process is displayed.

    Arnie Gunderson was a guest on the Coast to Coast show Sunday night. It was hosted by the self-ascribed "not anti-nuclear" weekend host, George Knapp.

    Mahalo, sir.

    1. I will look into the captcha problem. Very annoying Google/Blogger

    2. Or maybe its actually a Disqus problem

    3. I explicitly do not use "disco" Disqus. Am Disqusted with Disqus after commentary disappeared on tomasz86's Windows2000 blog. Noting that he has since changed his site layout as i no longer see Disqus at the bottom.

      Am using LiveDVD (regular distro, simply booted from DVD drive) LinuxMint Debian Edition 2 with FireFox & No$cript plugin.
      Have noted this behaviour on all other versions tested over the last six months. Didn't think to comment on it until reading Bo's post some time back.

      If there is anything i can do to assist in replication of my results please make note here.

      Am using iNet less and less as time goes on, as i trust it even less and less.

      Funny, no problem proving am not a bot on this reply. ???

    4. Huh. Out of all replies today, only one reCapcha netted a warning.
      Must have accidentally it OK, instead of x-ing out of it.
      Will try again another day.

      Careful with that LMDE2, if you decide to give it a go.
      Some configuration need be done through the GUI before it gets to "see" the 'net. Plugins are cool. Would love to make my own images, and make them immutable. Then again, it's probably not this physical machine that might be problematic so much as the medium itself.

      Trust is broken on the 'net. Why do i have to trust (etc, etc, etc) on https sites (not going there), for instance?

      nVidia ships drivers for XP with either expred or soon to be expired certificates that validate their authenticity. Those are loosely similar to https certificates, by-the-by. Probably wise in a way, for them that is, in that if their Cert private key ever got hijacked (or manipulated via a mathematical hash "collision" - two files with same hash value - very loosely similar to "false-positive" in AntiVirus), it would be a very limited window of opportunity. They did change their EULA in the most recent revision (paraphrased) from allowing collection of non-identifying info to permitting both id & non-id info. Funny watching those little bundles of text that few pay any wit to. When shit happens, they likely come across soothesaying like a dove, or as the voice of Christ Himself, asking "Have ye read it not?"

      (in Walter Cronkite voice): "And that's the way the cookie crumbles".

      Spoke too soon. Gotta get a copy of the report one of these times.[]&bg=!T0lHsHR2XC8OstFBtN3AX7j8ni0HAAAAalcAAAAhLwDPcs-dXp3EzoGps_jwCPchDAICs0ME05PGljMcYvMFjiPYz6I90sk1BnHerC7vfr4AI-rq_tUm1dL1cCbp56YUsSEtguS3bnsYZCKh7wnUNZ-8_W1VDSMzuy8FLiQ72kXLugofJ9Wl3RTMSVrzcvCI_D4uN_5mejtcivS6nr5u5GincK7qvhzdtPQeYGvBsTSPMa3EUpHhhfjXzaTczC6tMTHZnLzygMEaHN283zAxPA8e5VIPh_Gckro1bQ7GNkHTCNN28hPjH5dV9o_JT8Ft&chr=[27%2C78%2C0]&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_GB.Z2WoehcEKZk.O%2Fm%3D__features__%2Fam%3DAQ%2Frt%3Dj%2Fd%3D1%2Ft%3Dzcms%2Frs%3DAGLTcCPlwO494D8JSCKC46qIMXWvyG7TpQ#id=I1_1438305992640&

      Google (via 3rd-party) searching didn't net me any info, so far. (of course, of course)

      Did garner another warning. Got a report number, but that doesn't seem to go anywhere. A search did find this though:
      Good thing i kill the whitelist! That ain't it, unless it's googleapis (prolly doubtful). It's likely a simple logical explaination behind it.
      Anyway, another day, another sand dollar (i hope).

      I'm a magnet for that warning now, somehow. Maybe Goebbel doesn't like my content???
      The image difference is very subtle, other than the added horizontal scrollbar. The "V" in the word "Verify" moves a couple of pixels to the left, very distinctly. Strange. Maybe just a Google bug? Qualsys labs might make more sense of the strength (or lack thereof) of those https sites listed. Putting it on the shelf for now.

    5. Am presuming i'm able to replicate this behaviour by ensuring the scroll bar partly covers the "Verify" button. If so, it seems like a bug at minimum. Perhaps also a vulnerability???

      ... and in the news ...

      Quote: "You've probably heard of state-sponsored malware like Flame and Stuxnet. These researchers found a third one that they called "Babar", and they attributed it to France."

      Ah bon ...

  56. Quote: "I've seen Kaspersky slap his staff with a walrus penis – and even I doubt the false-positive claims
    Even his rivals fear this is a smear"
    ... "Kaspersky Lab is strong among antivirus firms for investigating state-sponsored malware, particularly software nasties coming from the Five Eyes nations of the US, UK, Canada, Australia, and New Zealand. It led the way blowing the gaff on Stuxnet, the US-Israeli Iranian nuke-lab cyber-weapon, and its Duqu cousin. None of this will have pleased Uncle Sam's intelligence agencies."

    On a side note, it seems replicable that when one is offered the choice of images via Captcha, if an image is partly obscured whether by scroll-bar or lack of room at the top, a clickjacking warning is proffered. If the image you click on is not obscured, no warning is issued. That includes the "Verify" button.

    Bug at minimum. Have no idea of potential pitfalls, so i will leave this topic.

  57. Imagine my shock after reading Rob's latest article, posted a couple of days later. I didn't speak for Rob, yet i very much regret even mentioning his blog. It was very stupid of me. I don't doubt that Rob hates me now. Had hoped he would receive a "Merry Christmas" greeting from him, the issue would be fixed, and i would never mention it to anyone else. This was the first time i've directly seen anything like this first-hand. What was garnered from my efforts? It would seem like hate-mail to Bobby, whom is very ill!

    It has been well over 30 days since first reporting this via tip submission. It appears no fix is in the works, and am intimidated to visit that site any further, let alone communicate with that site's owner.

    Wondering how long that site has been leaking people's email addresses, seemingly in violation of that site Privacy Policy. I have no answer - whois info might indicate possibly early 2014, maybe earlier.

    Am reminded that everybody is entitled to a bad day. Perhaps he had one. Looking at the industry he deals with, that might explain things, somewhat. "Hi Rob, how are you doing?" How hard would that have been to do??

    Maybe if a few commenters were made aware of this, and verified their own information exposure (and only their own - if that is still legal to do ??), they might comment to him & a fix be implimented.

    I really like the articles there, and his reporting seems excellent. WTF?

  58. As with femfaust's site, the first comment of what should have been two (immediately above) appear to have disappeared.

    This should link to a pastebin article, which may be moderated later by the respective webmaster. I don't want to be a douchebag to him, no matter what hate mail might have occurred, or what was done to my email. BURNED ME. Not happy, yet wish no mischief. Am hoping am found to be a good netizen.

    1. I did the "view" trick and was able to divulge multiple personal emails at Enformable.

      Beyond annoying.

    2. Enformable exposes commenter's email addresses. WARNED OVER 90 DAYS AGO! :( - previously posted details ->
      I did send him a tip via his seemingly insecure tip line on November 27, 2015 - to no avail.

      Since it was "moderated" and apparently ignored, here it is:

      It would seem that i was incorrect about those email addresses not showing up on Internet Archive - The Wayback Machine! :O For Example: (from Jan 29, 2014) CaptD's email address is there. Load the page, right click on a commenter's avatar image, then select "View Image Info" (Firefox). Look at "Associated Text" & voila!

      Say, wasn't Jan 2014 around the time when state secretes act passed like bad gas? :/

  59. Quote: "My name is Lucas Whitefield Hixson, and I am an Information Architect based out of Chicago Illinois." ... "After my education, I joined the United States Army, where I learned how to apply the core Army values to my work ethics." ... "I am very much a product of my environment ..."

    WHOIS info: Quote: "Registrant Name: Lucas Hixson, Registrant Organization: Compass North Development Group, Registrant Street: 1121 W Columbia Ave Ste 3, Registrant City: Chicago, Registrant State/Province: Illinois"

    Further: - comment by antipathy: "Researchgruppen refers to itself as "the Swedish Stasi" and judging by their behaviour their aim appears to be absolute control of the social\political narrative." Does that sound typical of any OTHER group? Hmmm.

    Disqus is NOT the only platform that appears involved. Dated 2009-12-08 !!! -

  60. Quote from Mochizuki's Cbox: "22 Jan 16, 12:11 PM morph: dud, first i didn't get the problem you described about wordpress pages. but after looking at the source code of the page" [Firefox - Highlight area, then Right-Click & select "View Selection Source"] ", i got it.. bad piece of software.. on the other side, i don't use any "important"/private mail addresses when commenting on pages" [sage advice, imho]

    What could one do with merely an email address? IDK. Yikes!!!

    "Goggle" "IRS data breach", or something similar and you might have more appreciation for perhaps why some commenters do not last.

  61. Somebody (else) PLEASE TELL ENFORMABLE TO STOP!!!! I tried, and only minimal changes occurred, for whatever reason.
    Shouldn't he know better?

    Speaking of the so-called Swedish-stasi, the real stasi were outed long ago. "East German Police Officers Who Aided the Stasi"

    Catch those little foxes whom spoil the vines!!!

    Mahalo, sir. :|

  62. It gets worser and worser the more i dig.

    A search utilizing with the terms "captd" revealed that email addresses may be searchable.

    Look at all the pages exposing his email address, for instance!!!

    One could intuit the possibility that a search with terms of simply would produce results, and it does!

    What is most illuminating are the post dates.
    Notice they go back to at least early 2012?

    Internet Archive didn't show any email addresses anywhere near that far back, unless one started on a latter snapshot.
    It would appear that those addresses might have been retained by Enformable, and somehow resurrected later, in early 2014 at the latest. It is still possible this was an accident. Could it be like how Fukushima was an "accident"? Remembering FemFaust, i don't want to jump to conclusions.

    Note that Mr. Hixson was an ENEnewser before the June, 2011 registration blitz by Admin.
    An early user name was something like "CompassNorthDevelopmentGroup", but of course most early comments (before comment-120000) have not been retained.

    Curiouser & curiouser. Somebody PLEASE warn people! :(

  63. Have we got enough verifiable material for an article?

  64. Femfaust still ill?

    Curiously, I haven't found any known troll names when far.
    No "Good Plutonium", no "Atoms4peace1", "MFX 1209", "FactChecker", "Metalbeard", "Turd Ferguson" AKA "Netzsche" AKA "socref", "Loose Puke", etc.

    At least with the short list i have checked, all have managed to have avoided posting any repLIES on that site! :/

    Told diemos on Mz's Cbox that this issue prolly affects both camps, but he never responded. :/

    I know, it's not exactly concrete evidence, but it does seem to perhaps add to some interesting circumstantial circumnavigational circumspection, neh? not bemused.

    Anyway, i hope you actually get all these posts. I should be proactive and actually number them, dammit! (Amd/Ati = dAAmit!) I think this is something like 7/7 today.

    1. If you write it up into one cohesive word doc ideally or pasted into email, I will post up

  65. PS: don't email me. ;|


Insightful and Relevant if Irreverent Comments