...............Best Tools Here...............

0110 · 16-May-2005, 11:04 PM #1

HOW TO DELETE STUBBORN FILES?
First, a brief explanation on why this happens. This is usually because an active process has an open handle to the file which prevents it from being deleted. Normally if you close down all running programs you'll find that most files will then be free to delete, but that's not always the case, and in some cases it may even be a trojan that's preventing itself from being deleted.

BASIC REGISTRY RULE: Any changes made to the registry file are crucial to the running of Windows and if damaged or misconfigured, could cause severe problems.
Follow Microsfot's recommended instructions to "BackUP" all important data first. It's recommended to save the backup on a CD, DVD or seperate HD due to the size factor (large)

Code:

h**p://search.microsoft.com/search/results.aspx?st=b&na=88&View=en-us&qu=backup

This option is not installed in Windows XP Home Edition. To install you will need the XP Home CDRom. Navigate to %CDROM%\VALUEADD\MSFT\NTBACKUP\. Look for Ntbackup.msi and double-click it to execute the install wizard.

MoveFileEx - A Windows function that moves an existing file or directory
1. WARNING: editing the registry can be dangerous if you don't know what you're doing, make sure to USE YOUR HEAD, if you removed something you didn't want to, don't worry, just use the back up in this program
2. The MOVEFILE_DELAY_UNTIL_REBOOT option places an entry under the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\PendingFileRenameOperations and the file is moved or deleted (if destination NULL) when the system next reboots. Unfortunately as this is not supported under Windows95/98 an application must use entries in WININIT.ini to achieve the same effect.
3. BOOL MoveFileEx (LPCTSTR pExistingFilePath, LPCTSTR pNewFilePath, DWORD dwFlags)
  - TRUE if function succeeded
    
    pExistingFilePath.......Source path to an existing file
    pNewFilePath............New location for the file
    dwFlags....................Optoions controlling the move
  - Move or rename a file
    
    Move or rename a file to a new location.
    Only meaningfully implemented on NT. Windows95 returns
    ERROR_CALL_NOT_IMPLEMENTED, use MoveFile instead.
    The source and destination path should be on the same drive as the system can then just change folder entries without actually copying the file contents. If MOVEFILE_COPY_ALLOWED is supplied and the system needs to copy the file it will require the additional disk space for the temporary file, in this case the original file is deleted only after the copy is successful.
4. The flags allow more control over the move, it can be zero or a combination of the following values :
  MOVEFILE_REPLACE_EXISTING.......The destination can be overwritten if it exists
  MOVEFILE_COPY_ALLOWED.............Allow a copy if destination on a different drive to the source
  MOVEFILE_DELAY_UNTIL_REBOOT...The move takes place on reboot (NT only)
  MOVEFILE_WRITE_THROUGH...........Do not return until changes flushed to disk (NT only)
OR
Using Windows InProcServer32 process
1. WARNING: editing the registry can be dangerous if you don't know what you're doing, make sure to USE YOUR HEAD, if you removed something you didn't want to, don't worry, just use the back up in this program
2. Open notepad, copy and paste the code below. Then save the file as "avifix.inf" without the quotes
  ; Windows XP explorer movie fix.
  ;
  ; WARNING - Use this file at your own risk.
  ;
  ; Executing this file will remove a registry key which makes explorer load shmedia.dll.
  ; Simply put, this removes the annoying "permission denied" errors when trying to
  ; move/copy/delete AVI files.
  ;
  ; To use this fix, right-click on the file and select install. Done.
  ;
  ; Information about the registry key from multiple sources.
  ; Inf-file compiled by Moo (2002-03-22).
  ; Idea by Duxus. Thanks to the kind people of "[BBB] Sweden #01", you know who you are!
  ;
  
  [version]
  signature="$Windows NT$"
  
  [DefaultInstall]
  DelReg = Reduce.Reg
  
  [Reduce.Reg]
  HKLM, "SOFTWARE\Classes\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850DC73E}\InProcServer32"
3. Right-click "avifix.inf" and select install
OR
Delete the file in DOS mode (99.99% success ratio)
1. Download & install DOS Here (197kb) - "An Explorer Shell Extension to provide easy and quick access to the DOS Prompt in the requested folder"
  Code:
```
h**p://user.tninet.se/~fgo483j/files/ch20.zip
```
2. Open Explorer and go to the directory where the stubborn file resides (DO NOT HIGHLIGHT THE FILE)
3. Right Click and select "CMD here"
4. Close all open applications
5. Open the Task Manager and click on the Processes tab, select "explorer.exe" under Image Name, click "End Process"
6. You will only have the command prompt and the task manager open
7. In the Command Prompt, DEL the offending files (DEL *.mpg, DEL mus*.avi, DEL test.wmv, etc.)
8. The files should now delete without a problem. Now go back to the task manager and click on the Applications tab. Click the "New Task..." button. in the dialog, type explorer.exe and click OK
OR
Delete the file association first
1. WARNING: editing the registry can be dangerous if you don't know what you're doing, make sure to USE YOUR HEAD, if you removed something you didn't want to, don't worry, just use the back up in this program
2. Start >Run >regedit {enter}
3. Navigate to this key HKEY_CLASSES_ROOT\SystemFileAssociations\.avi\shellex\PropertyHandler
4. Delete the "Default" key
5. Close regedit
6. Follow the above test again, is a simple del doesn't work
AND
Delete the file in DOS mode
1. Start >Run >cmd {enter}
2. Navigate to the folder the file is in, i.e. if its in c:\folder\anotherfolder\file, type "cd c:\folder\anotherfolder" {enter} The coomand prompt should change to let you know you are in the correct directory.
3. Type "dir /x" {enter}
4. The offending file will be listed like (filena~1.xxx)
5. Type attrib -r -s -a -h filename.extension {enter}
6. Take note of the name and type "del filena~1.xxx" {enter}
OR
Try to take ownership of the file
1. Right click the file
2. Select the security Tab
3. Select properties
4. Select Advanced
5. Select Owner
6. Find the User or group you wish to give ownership to and select it
7. Click apply
8. now try deleting it.
OR
If the file is Media (MP3, MPG, AVI, etc...)
1. Remember the filename (X) and location
2. Run another file (Y) with the same extension
3. now Delete the file (X)
  This occurs sometimes when windows thinks that the file (X) ur trying to delete is still open, eventhough u closed the app and the file.
OR
Try one of these small programs
1. FreeFile - "FreeFile will free a file by finding the process that holds the lock, and allow you to terminate it"
  Code:
```
h**p://www.skrubbeltrang.com/Tools.aspx?Tool=FreeFile
```
2. ZAP - "deletes files that are either in use or otherwise cannot be deleted" (works with XP & 2K)
  Code:
```
h**p://helpdesk.kixtart.org/Download/Utils/zap.exe
```
3. DELLATER (3kb) - "DelLater is the ideal program to use when you can't delete a file, no matter how hard you try" - This tool does the same as above in Option 1
  Code:
```
h**p://www.diamondcs.com.au/downloads/dellater.zip
```
4. DeepDelete (15kb) - "DeepDelete is a file shredder designed to totally delete files on your hard drive. It works by overwriting files many times before deleting them, making them almost impossible to recover. DeepDelete uses a standard of stredding that is more powerful than the official US DoD standards." - This tool is no longer updated/developed
  Code:
```
h**p://www.methlabs.org/deepdelete_r3.zip
```

RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.

NOTE: Mods/Admins, if you feel this thread belongs in another area, kindly either let me know or move it accordingly and I'll continue from there. cheers.

0110 · 16-May-2005, 11:06 PM #2

HOW TO TROUBLESHOOT YOUR PC? (Guide)

The challenge with a problem is not so much the solution but figuring out what the actual problem is. For instance: if your internet connection is lost you might automatically assume it's a problem your ISP, yet the problem might actually be a cable connection problem, a corrupted software file, a conflict with another software program running at the same time, a virus or any number of other problems. By doing some basic troubleshooting you can effectively identify problems and get farther down the path to an actual solution. Also, if you need to call a manufacturers help-line, the call will be much more productive if you've done some troubleshooting before hand.

Before you do anything:

Check your mental state and don’t panic! My personal theory to computer problems is that there is a direct connection between the amount of stress a user is under and the number of times a computer will crash. Chances are that when you are in a rush to get a document out the door, you will forget to close open applications, or to save your work and you will send too many commands (like printing, spell-check, etc.) at once. If you're moving fast on the computer, it pays to take a moment, take a deep breath, close unnecessary programs and save your work. Also, if you're trying to solve a problem that your computer is having, you will need full mental capabilities. So if you're feeling frustrated and tired while trying to troubleshoot - take a break! You’ll find you’ll solve your problems much faster if you have a fresh mind and attitude. Don’t panic either. Sometimes computer problems can appear to be much more serious than they really are. Panicking can lead you to jump to a solution of a perceived problem before you’ve actually identified the real problem.

Some initial steps:
1. Check the component's documentation and/or the manufacturer's website: The appendix of most manuals will contain a troubleshooting guide that will identify the most common problems the component may have. Most software installations include placing a readme file in the programs directory that will list all known incompatibilities. Manufacturer websites can be extremely helpful as well, with support pages that will direct you to common problems and solutions that may include a software "patch" that can be downloaded directly from the site and then run on your hard drive
2. Check for Viruses: Any strange behavior on a computer could be due to a virus. Use an anti-viral program to scan your system - and follow the instructions on the use of the anti-viral program closely
3. Use diagnostic utilities: Software crashes can often be caused by corrupted files or registry conflicts. Using a program like Window's Scan Disk (found under System Tools in the Accessories folder on your program menu) can identify and fix corrupted files. Norton Utilities has a program called "System Check" that both checks the integrity of your files and looks for software conflicts and will repair problems
If none of those steps work - it's time to use your brain!
1. Ask yourself - when did the problem I’m experiencing first start? If you made any change, such as installing new software or adding hardware, to the computer and now you are having a problem, chances are the change is the cause. Also, while you're trying to identify problems and solutions remember to make only one change to your system at a time, so you can easily trace your steps.
2. Determine if the problem is repeatable or if it is intermittent: A repeatable problem is one that occurs all the time, or always in response to a specific user action
  - For example, if the computer crashes everytime you print a document - that’s a repeatable problem
  An intermittent problem will appear to happen spontaneously or randomly. An intermittent problem is usually the result of a specific set of circumstances happening occasionally. With these problems it is important to try to establish a pattern involved in the problem. Keep a problem log at the computer and try to write down all the circumstances occurring when the crash occurred, including the most minute detail.
3. Use the process of elimination: Start to remove components from your system one at a time. After you remove a component test to see if the problem still exists. This is a great way to figure out if the problem is caused by a conflict between software programs and/or hardware. Start by removing the most recently installed stuff first
Some Final Tips:
1. If you call the helpline - be patient and prepared: You will have to wait on hold awhile to get to get an actual person on the phone. Like death and taxes that's just a fact of life. If you can review all the troubleshooting steps you took to identify the problem, the technical assistance operator will be able to identify the solution more quickly and effectively
  - Remember: if you get a technical assistance operator on the line don't hang up until you're sure the problem has been solved
2. If the equipment is new, send it back: Most equipment is under warranty and if there is anything severely wrong with it, you should send it back. This may not help your immediate goal, but it will save you plenty of time in the long run. If the equipment is under warranty, the vendor will deal with it

The most important thing to remember while troubleshooting is to be patient and observant. By using these steps you should easily be able to resolve even the most inexplicable problems

original post is by my good friend TWEAKER.

RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.

0110 · 16-May-2005, 11:10 PM #3

HOW TO ELIMINATE BIG PROBLEMS WITH SMALL PROGRAMS?

INTERNET RELATED
1. AD-AWARE (1.7mb) - "Standard Edition is THE award winning, free, multicomponent detection and removal utility that consistently leads the industry in safety, user satisfaction, support and reliability"
  Code:
```
h**p://lavasoft.element5.com/support/download/
```
2. AOL HIDER (475kb) - "Excellent program that simply hides AOL into the task window in the bottom right corner. Makes it look like you have a real internet connection! Compatable with all versions"
  Code:
```
h**p://www.simbak2k.net/exes/aolhider104.zip
```
3. FPIPE - "FPipe is a source port forwarder/redirector. It can create a TCP or UDP stream with a source port of your choice. This is useful for getting past firewalls that allow traffic with source ports of say 23, to connect with internal servers"
  Code:
```
h**p://www.foundstone.com/resources/proddesc/fpipe.htm
```
4. FPORT - "Reports all open TCP/IP and UDP ports and maps them to the owning application"
  Code:
```
h**p://www.foundstone.com/resources/termsofuse.htm?file=fport.zip
```
5. MAGIC MAIL MONITOR (71kb) - Tiny POP3 compliant Mail Checker: the best choice for checking one or multiple account quickly, at periodic interval. Fully configurable, nice interface
  Code:
```
h**p://www.geeba.org/magic/
```
6. MAILINATOR - "Have you ever needed an email .. NOW? Have you ever gone to a website that asks for your email for no reason (other than they are going to sell your email address to the highest bidder so you get spammed forever)?"
  Code:
```
h**p://www.mailinator.com/mailinator/Welcome.do
```
7. NET LIMITER [614KB) - "NetLimiter is an ultimate internet traffic control tool" *****
  Code:
```
h**p://www.netlimiter.com/
```
8. NESSUS - "A security scanner which will audit remotely a given network and determine whether bad guys (aka 'crackers') may break into it, or misuse it in some way." For Linux ONLY
  Code:
```
h**p://www.nessus.org/download.html
```
9. NETSCAN PRO (925kb) - "NETSCAN PRO is the real advanced TCP/IP monitoring utility which allows you to monitor all network activity at your computer. NETSCAN PRO 3.3 has a graphical and text interface which makes the program unique in its kind! It's very easy to use! All you do is run the program and see all established connections and opened ports at your computer"
  Code:
```
h**p://www.7forces.com/files/ns3setup.exe
```
10. NO ADS (215kb) - "Popup killing at its best! This nifty utility is great when surfing websites. If a popup appears, open the program that is in the task tray and double click it and its gone. It will then store it and kill it in the future too. It is the first one I've seen that supports AOL! Even works great with programs like KaZaA"
  Code:
```
h**p://www.simbak2k.net/exes/NASetup.exe
```
11. Online JPEG compressor - "Can help you to make your pages load faster by reducing the size of your JPEG files. It will display multiple versions of a given image compressed at different levels for you to pick the smallest image at the best possible image quality you require"
  Code:
```
h**p://www.chami.com/jc/
```
12. PCS NETWORK TOOLS (1150kb) - "The PCS Network Tools is a collection of essential network diagnostic tools. These tools include DNS resolution which provides the IP Address, Hostname, Hostname Alias, Mailhost, and Name Server Records for an entered host. In addition, the following tools are also included: IP Scanner, Traceroute, Ping, Whois, Finger, Time, Quote of the Day, and extensive Localhost information. Local information includes the hostname, alias, IP address, MAC address, username, Primary Domain Controller, NetBIOS, memory, windows version and build, and other vital information"
  Code:
```
h**p://www.learnxgroup.com/software/pcsnt.html
```
13. PEER GUARDIAN - PeerGuardian 2 is Methlabs’ premier IP blocker for Windows. With features like support for multiple lists, a list editor, automatic updates, and blocking all of IPv4 (TCP, UDP, ICMP, etc), PeerGuardian 2 is the safest and easiest way to protect your privacy on P2P. Plus, by integrating with Blocklist.org, lists are built custom just for you. - Look for the Linux/OSX version on this site
  Code:
```
h**p://prdownloads.sourceforge.net/peerguardian/pg2-050423-x64.exe?download
```
14. PING PLOTTER - "This exceptional GUI-based traceroute tool has features I’ve only seen in expensive industrial-strength tools, including dynamic tracking of changes in node response time — great for tracking a network outage across time. It’s also very fast!" - For NT/2K/XP ONLY
  Code:
```
h**p://www.pingplotter.com/downloads/pngplt_1.exe
```
15. PROXIRAMA (154kb) - "A tool for finding and testing proxy servers. it will test them for anonymity, speed, if it's a gateway proxy, h**ps support (=chainability) and geographical location. furthermore, it can be used as a local proxy server that redirects your traffic through a arbitrarily long chain of anonymous proxies. it is small, fast, and easy to use"
  Code:
```
h**p://gaamoa.securibox.net/ProxyramaSetup.exe
```
16. SPYBOT - SEARCH & DESTORY (3.5mb) - "This free program can detect and remove spyware of different kinds from your computer. Spyware is a relatively new kind of threat that common anti-virus applications do not yet cover"
  Code:
```
h**p://www.safer-networking.org/index.php?lang=en&page=download
```
17. TCPDUMP (341kb) - "TCPDUMP for Windows is a clone of TCPDUMP based on Packet Sniffer SDK, the popular command-line packet capture tool. It can provide very detailed information about any network conversation that runs across the wire."
  Code:
```
h**p://microolap.com/downloads/tcpdump/tcpdump.zip
```
OS RELATED
1. FILE
  1. BCWIPE - "Is intended to give you a confidence that your deleted files cannot be recovered by an intruder" For Linux/FreeBSD/OpenBSD/Solaris/Digital UNIX/Irix/Windows
    Code:
```
h**p://www.jetico.com/download.htm
```
  2. BEST CRYPT - "A Data Encryption system provides the most comprehensive and easy-to-use secure data storage and access control facilities available" For Linux/FreeBSD/OpenBSD/Solaris/Digital UNIX/Irix/Windows
    Code:
```
h**p://www.jetico.com/download.htm
```
  3. CIA UNERASE - " Is the first product using the CIS technology to recover deleted files. Using CIS, CIA Unerase recovers almost any file you deleted even before you installed CIA Unerase and files where all other solutions on the market failed. CIA Unerase is the smallest, easiest and fastest Unerasing-tool we know"
    Code:
```
h**p://217.160.136.183/en/Download/down.php?login=1&loginemail=nikita69@mailinator.com&loginname=tina&status=aktiv&CIA_Unerase=1
```
  4. DARIK'S BOOT AND NUKE (1962kb) - "Darik's Boot and Nuke ("DBAN") is a self-contained boot floppy that securely wipes the hard disks of most computers. DBAN will automatically and completely delete the contents of any hard disk that it can detect, which makes it an appropriate utility for bulk or emergency data destruction." Available in floppy and CD version. This tool is very dangerous. After using the WinImage extractor to create the “nuke” boot floppy disk, you then reboot the target system with the disk in drive A. The main point of this program is to securely delete everything, so NEVER run it on a system that you intend to use again.
    Code:
```
h**p://dban.sourceforge.net/
```
  5. ERASER (2745kb) - "Eraser is an advanced security tool (for Windows), which allows you to completely remove sensitive data from your hard drive by overwriting it several times with carefully selected patterns. Works with Windows 95, 98, ME, NT, 2000, XP and DOS. Eraser is FREE software and its source code is released under GNU General Public License.
    The patterns used for overwriting are based on Peter Gutmann's paper "Secure Deletion of Data from Magnetic and Solid-State Memory" and they are selected to effectively remove magnetic remnants from the hard drive.
    Other methods include the one defined in the National Industrial Security Program Operating Manual of the US Department of Defence and overwriting with pseudorandom data. You can also define your own overwriting methods." The US Defence Security Service (DSS) is one of their clients.
    Code:
```
h**p://prdownloads.sourceforge.net/eraser/Eraser57Setup.zip
```
  6. DELLATER (3kb) - "DelLater is the ideal program to use when you can't delete a file, no matter how hard you try"
    Code:
```
h**p://www.diamondcs.com.au/downloads/dellater.zip
```
  7. HIDE IT - Hide running applications
    Code:
```
h**p://www.annoyances.org/downloads/ftp/hideit.zip
```
  8. KILL - "Shuts down one or more running Windows NT tasks or processes" - For 2K/XP
    Code:
```
h**p://helpdesk.kixtart.org/Download/Utils/KILL.EXE
```
  9. KILL95 - Shuts down any processes running in memory
    Code:
```
h**p://helpdesk.kixtart.org/Download/Utils/kill95.zip
```
  10. ZAP - "deletes files that are either in use or otherwise cannot be deleted" - For 2K/XP *****
    Code:
```
h**p://helpdesk.kixtart.org/Download/Utils/zap.exe
```
2. CONTROL/MONITOR
  1. CIS - "A free security scanner written and maintained by Cerberus Information Security, Ltd and is designed to help administrators locate and fix security holes in their computer systems. This tool is a must!" To see the checks it does, go h**p://www.cerberus-infosec.co.uk/vulndb.txt]HERE - For NT/2K
    Code:
```
h**p://www.cerberus-infosec.co.uk/CIS-5.0.02.zip
```
  2. COOL BEANS SYSTEM INFO (820kb) - "A small but powerful program that monitors your computer's CPU, physical memory, and swap memory usage"
    Code:
```
h**p://dl.winsite.com/files/180/ar1/winxp/sysutil/sysinf02.exe
```
  3. DEPENDENCY WALKER (406KB) - "A free utility that scans any 32-bit or 64-bit Windows module (exe, dll, ocx, sys, etc.) and builds a hierarchical tree diagram of all dependent modules." Can be helpful to identify missing files/dll after installtion of programs
    Code:
```
h**p://www.dependencywalker.com/depends21_x86.zip
```
  4. HHD SRVADMIN - "A very useful as a replacement to the ordinary NT service and device control panel applets, because it repeats and extends the functionality provided by them. Plus, it allows administrators to perform tasks, which usually not available to them without installing Windows NT Resource Kit." For NT/2K
    Code:
```
h**p://www.hhdsoftware.com/Download/srvadmfull.zip
```
  5. NTFS Reader for DOS - This is an absolutely essential recovery tool if you use NTFS partitions. Add this 147 KB executable file to your Win9x-based boot floppy and it will let you read any NTFS partition and copy off files to any FAT partition. (Don’t be thrown when the page says “Demo software.” It’s outright freeware.) - For NT/2K/XP ONLY
    Code:
```
h**p://www.ntfs.com/downloads/readntfs.zip
```
  6. NTSubst - "Extended version of the NT subst command. NtSubst allows you to assign the drive letter not only to any valid path, but also any valid NT Object Manager path." For NT/2000
    Code:
```
h**p://www.hhdsoftware.com/Download/ntsubst.exe
```
  7. POWER PROMPT - "will allow you to run programs as System"
    Code:
```
h**p://www.skrubbeltrang.com/Tools.aspx?Tool=PowerPrompt
```
  8. PROCESS EXPLORER (150kb) - "The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work"
    Code:
```
h**p://www.sysinternals.com/files/procexpnt.zip
```
  9. REVELATION - Discloses passwords that are only displayed as asterisks. I suppose, ultimately, this is a cracker’s tool; but there are practical, legitimate uses for it, so I decided to post the link. - For 9x/2K/XP. Please use it in good faith.
    Code:
```
h**p://www.snadboy.com/RevelationV2.zip
```
  10. RUN AS USER v4.1 - The function of this software is to allow Administrators to deploy applications that require elevated user rights to users who have restricted rights without having to issue Administrator Credentials to the user. It does this by passing a Run As User type command to the Operating System for the duration of the task at hand. It will only give the elevated rights to that specific task, so you can be safe knowing that the user will not have access to any restricted resources while the application is running. Other uses of this software include running games that require the administrator account to run. - For XP. Please use it in good faith.
    Code:
```
h**p://www.palmersoft.co.uk/software/runasusersetup.exe
```
  11. SHUTDOWN - Small commandline utility that makes it a breeze to log off, shutdown, restart, hibernate, or put in stand-by mode your Win XP computer. It’s the only utility I know that shuts down Win XP and then reliably powers off the computer. For XP ONLY.
    Code:
```
h**p://aumha.org/downloads/shutdown.zip
```
  12. STARTUP CPL - "A nifty control panel applet that allows you to easily configure which programs run when your computer starts."
    Code:
```
h**p://www.mlin.net/files/StartupCPL.zip
```
  13. STARTUP MONITOR - "A small utility that runs transparently (it doesn't even use a tray icon) and notifies you when any program registers itself to run at system startup. It prevents those utterly useless tray applications from registering themselves behind your back, and it acts as a security tool against trojans like BackOrifice or Netbus."
    Code:
```
h**p://www.mlin.net/files/StartupMonitor.zip
```
  14. STORM WINDOW - A great and FREE utility for Windows desktop security
    Code:
```
h**p://www.cetussoft.com/stormwin.htm
```
3. INFORMATION
  1. ADVISOR - Displays all your PC info (hardware/software) on one page
    Code:
```
h**p://www.belarc.com/Programs/advisor.exe
```
  2. SKRUB THE WEB - "Search Microsoft Knowledge Base, MSDN, Google and Google Groups in a single click"
    Code:
```
h**p://www.skrubbeltrang.com/Tools.aspx?Tool=SkrubTheWeb
```
4. UTILITIES
  1. DOS HERE (197kb) - "An Explorer Shell Extension to provide easy and quick access to the DOS Prompt in the requested folder"
    Code:
```
h**p://user.tninet.se/~fgo483j/files/ch20.zip
```
5. TWEAKS
  1. ANSWERS THAT WORK - "Through our support service we often come across problems caused primarily by programs running in the background, programs which in most cases start at the same time as Windows. Sometimes these programs are useful and need to be there; quite often, however, they are not needed, and in too many cases they cause severe problems." This is not a program, however it would be a great small utility if packaged.
    Code:
```
h**p://www.answersthatwork.com/
```
  2. BOOTVIS (990kb) - "Bootvis.exe is a performance tracing and visualization tool that Microsoft designed to help PC system designers and software developers identify performance issues for boot/resume timing while developing new PC products or supporting software."
    
    Code:
    
    h**p://download.soft32.com/files/19687/bootvis.msi
  3. ERUNT - "Finally, a tool to back up the Win XP Registry! (Microsoft didn’t include one with Win XP itself.)" - For NT/2K/XP ONLY
    - NTRegOpt is included in the above file - This optimizes the Win NT/2K/XP Registry much as SCANREG /OPT does for Win98/ME.
    Code:
```
h**p://home.t-online.de/home/lars.hederer/erunt/erunt.zip
```
  4. HIJACK THIS - "HijackThis examines certain key areas of the Registry and Hard Drive and lists their contents. These are areas which are used by both legitimate programmers and hijackers." - USE WITH CAUTION AND AT YOUR RISK
    Code:
```
h**p://www.tomcoyote.org/hjt/hijackthis.zip
```
  5. TWEAKUI - THE BEST OF ALL THE PowerToys! This should be standard on every (pre-XP) Windows computer whatsoever! Many new features added.
    Code:
```
h**p://download.microsoft.com/download/winme/Install/1.0/WinMe/EN-US/Tweakui.exe
```

RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.

0110 · 16-May-2005, 11:14 PM #4

HOW TO BLOCK ADS AND MAINTAIN THE SUPERTRICK (hosts file - example 1)

Get the original FILE

Get a list of updated Ad sites from ACCS-NET

Code:

h**p://www.accs-net.com/hosts/get_hosts.html

SomeoneWhoCares

Code:

h**p://someonewhocares.org/hosts/

MVPS

Code:

h**p://www.mvps.org/winhelp2002/hosts.txt

Blood Image

Code:

h**p://www.bloodimage.com/hosts_bak

EveryThingIsnt

Code:

h**p://everythingisnt.com/Hosts

and if you want more then always
Google here

Code:

h**p://www.google.com/search?hl=en&ie=ISO-8859-1&q=hosts+file

and here

Code:

h**p://www.google.com/search?hl=en&ie=ISO-8859-1&q=windows+hosts+file

Update file either manually or use HOSTS Manager by simply adding the files from above.
Code:
```
h**p://www.aldostools.com/hosts.html
```

While visiting the sites listed above, enhance your knowledge about HOSTS file and utilize it properly to improve the Ad Blocking on your PC.

FINAL NOTE: If you open the hosts file (C:\WINDOWS\system32\drivers\etc) and see most if not all addresses have an IP addressess other than 127.0.0.1 or 0.0.0.0 then RUN windows update then an Anti-Virus program, then go back to my first point.
The Fortnight virus makes changes in your hosts file: C:\WINDOWS\system32\drivers\etc\hosts or C:\WINNT\system32\drivers\etc\hosts. The Windows hosts file serves to associate host names with IP addresses. The hosts file dropped by this virus contains of a list of URLs, each associated with a bogus IP address.
REFERENCE: Microsoft Security Bulletin MS03-011

Code:

h**p://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS03-011.asp

A sample of an example INFECTED hosts file:

Code:

# Copyright   1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost
66.159.20.80 moviesheaven.com
66.159.20.80 vidsvidsvids.com
66.159.20.80 my-teensex.com
66.159.20.80 nobull****movies.com
66.159.20.80 watch-xxx.com
66.159.20.80 wolrdteenparadise.com
66.159.20.80 www.google.com
66.159.20.80 worldsex-archives.com
66.159.20.80 ww2.link-o-rama.com
66.159.20.80 link-o-rama.com
How to Clean manually - simply remove anthing below "127.0.0.1       localhost" or some people have it "0.0.0.0       localhost":
# Copyright   1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

127.0.0.1       localhost

WINDOWS UPDATE NOTE: Akamai.net is used by Microsoft to host the Windows Update features, known as the "AutoUpdate" and "v5.windowsupdate.microsoft.com [63.209.144.181]". In addition, Akamai.net also hosts others, such as ad/spware websites.

So if either feature of the Windows Update is not working and/or you get "Windows Update Failure - Error Code 0x800A138F". Then close ALL broswers' windows, open hosts file, press {CTRL+F}->look for this address "a248.e.akamai.net [63.251.152.201]", without the brackets, and delete it then save and exit. Now try h**ps://a248.e.akamai.net/v4.windowsupdate.microsoft.com/getmanifest.asp again. If it works, then go to h**p://windowsupdate.microsoft.com and get your Updates. If it still does not work then your company or your ISP may be blocking this hostname. Or some anti-ad/spy programs may have this address blocked, such as SPYBLOCKER
Code:
```
h**p://spyblocker-software.com/IPB/index.php?showtopic=420&st=0&#entry1820
```
DO NOT DELETE ALL AKAMAI.NET SITES, OTHERWISE YOU WILL END UP WITH AD/SPY SITES POPING BACK.
Below is a small sample of hundreds of the Akamai.net servers that process ad/spy sites:
1. 0.0.0.0 a08.g.akamai.net
2. 0.0.0.0 a1.g.akamai.net
3. 0.0.0.0 a10.g.akamai.net
4. 0.0.0.0 a100.g.akamai.net
5. 0.0.0.0 a100.g.akamaitech.net
6. 0.0.0.0 a1016.g.akamai.net
7. 0.0.0.0 a1028.g.akamai.net
8. 0.0.0.0 a1032.g.akamai.net
9. 0.0.0.0 a104.g.akamai.net
10. 0.0.0.0 a1040.g.akamai.net
11. 0.0.0.0 a1061.g.akamai.net
12. 0.0.0.0 a1066.g.akamai.net
13. 0.0.0.0 a108.g.akamai.net
14. 0.0.0.0 a11.g.akamai.net
15. 0.0.0.0 a1100.g.akamai.net
16. 0.0.0.0 a111.g.akamai.net
17. 0.0.0.0 a1156.g.akamai.net
18. 0.0.0.0 a1168.g.akamai.net
19. 0.0.0.0 a117.g.akamaitech.net
20. 0.0.0.0 a1172.g.akamaitech.net
21. 0.0.0.0 a1180.g.akamai.net
22. 0.0.0.0 a1196.g.akamai.net
23. 0.0.0.0 a12.g.akamai.net
24. 0.0.0.0 a12.g.akamaitech.net
25. 0.0.0.0 a1208.g.akamai.net
26. 0.0.0.0 a1224.g.akamaitech.net
27. 0.0.0.0 a1228.g.akamai.net
28. 0.0.0.0 a1234.g.akamai.net
29. 0.0.0.0 a1240.g.akamaitech.net
30. 0.0.0.0 a1252.g.akamai.net
31. 0.0.0.0 a1261.g.akamai.net
32. 0.0.0.0 a1284.g.akamai.net
33. 0.0.0.0 a13.g.akamai.net
34. 0.0.0.0 a1300.g.akamai.net
35. 0.0.0.0 a1316.g.akamai.net
36. 0.0.0.0 a1356.g.akamai.net
37. 0.0.0.0 a1360.g.akamai.net
38. 0.0.0.0 a1380.g.akamai.net
39. 0.0.0.0 a14.g.akamai.net

Now continue to Example 2, below

RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.

0110 · 16-May-2005, 11:17 PM #5

HOW TO BLOCK ADS AND MAINTAIN THE SUPERTRICK (hosts file - example 2)

Continuing from example 1:

Code:

http://forums.techguy.org:80/showthread.php?p=2617026

Update your hosts file
1. First, download and "save as" this
  UPDATED FILE (contains over 14,000 verified sites and about 500kb).
  Code:
```
h**p://remember.mine.nu/getfile.asp?t=nc
```
2. Add it to your hosts file using
  HOSTS MANAGER
  Code:
```
h**p://www.aldostools.com/hosts.html
```
Update your proxy configuration, even if you aren't behind a proxy
1. Netscape Navigator
  1. Go to Edit->Preferences->Advanced->Proxies
  2. Select "Manual Proxy Configuration" (even if you aren't using a proxy) and click "View"
  3. From the final hosts file, after merging it with the one you downloaded, open the file in Wordpad and remove everything except the site addresses
    - Replace the line breaks with a space to make the file as one line. Like this "000freexxx.com 039068a.dialer-select.com 1.h**pads.com 1000stars.ru 100free.com 100free.de 100free.nl 123adult.com"
  4. Paste the results into "No Proxy For" box
    This will tell Navigator to access these sites directly. Since your hosts file says they are the local machine, ad lookups will fail and you can surf in peace without distraction, with the added bonus that many web pages will load quite a bit faster
2. Internet Explorer 5.x+
  1. Go to Tools->Internet Options...->Connection tab
  2. Select your Connection (Dialup or LAN) & press "Settings" button
  3. Check "Use a proxy server for your..." checkbox
  4. Click "Bypass proxy server for local addresses" checkbox
  5. You are done - No need to add anything in "No Proxy For" box
NOTES
1. If you run a webserver on your PC
  1. All the servers in this file point to the ip 127.0.0.1 (localhost), you will need to open the “Hosts” file in a regular text editor (wordpad/bbedit/vim etc) and replace 127.0.0.1 for 127.0.0.2 or another "non-existant" ip address
  2. Alternatively you can simply download this dedicated Hosts file for servers with the ip set at 127.0.0.3 here. You will need to rename this file "Hosts"
    
    Code:
    
    h**p://remember.mine.nu/getfile.asp?ff=se
2. If you use the browser Mozilla , but after installing Hosts you keep getting a "connection refused.." error dialog
  This is a bug in Mozilla (version 1.1 and below) due to the browser not having a built in error page when a website/adserver cannot be contacted, therefore an alert dialog is used instead of error page
  
  This has been reported as a bug to the Mozilla project and is still awaiting to be set as a default setting into a release
  
  If you have Mozilla 1.2a or above you can add to your user preferences file (prefs.js) this line:
  user_pref("browser.xul.error_pages.enabled", true);
  
  This will stop the annoying dialog popup as 1.2a has the option to remove the dialog though this isn't enabled by default yet
3. If you installed it and now you can't visit site X
  1. Then probably the site in question is in the "black" list and is stopping your visit
  2. Simply delete that line or place a # before the line which deactivates that particular entry, then reboot or re-flush your dns, and you will then be able to visit the site in question
    This Hosts file is designed to be extremely comprehensive and to get the best out of it some people will find they need to edit it manually to remove certain sites for their own browsing preferences (using the above instructions)
    
    Web sites will not be placed in this file if they have had no observed hostile activities or privacy breaches, and with banner advertising only the server from which the advert banner originates will be blocked and not the whole site
    
    The sorts of activity that determines addition to this file is:
    adverts, banners, multiple popup windows /exit pages, webbugs, script/java exploits, privacy breaches, dialer droppers, user tracking and counters, viruses, spyware, circle sites, spammer sites, underhand practices etc.
    
    If a site is visited and they have these kinds of activities going on, then they will most likely to be entered into this Hosts file by myself or other users who contribute to this project
    
    You can always use this program, Hosts Toggle to turn on/off the Hosts file with one click
    - - Code:
        
        h**p://www.accs-net.com/hosts/HostsToggle/
4. If you installed it and your Windows 2000 PC hangs every 10 minutes and/or is slow
  1. This seems to be a bug in Win2K as it will not handle large Hosts files such as this one, it can be worked around by 2 different methods, if you are not on a LAN network or use a direct connection to the internet (t1/dsl/adsl/cable) (modems untested but believed to work also) the first simple method is as follows
    Locate the hosts file you installed and rename to hosts.txt (this will disable it tempoarily)
    
    Right Click on "My Computer" on the desktop and choose "Manage"
    
    Scroll to the "services" section and locate "dns client" r-click on this and choose "properties"
    
    Stop the service and from the dropdown choose "disable"
    
    Rename "hosts.txt" back to "hosts" and you should be able to use the hosts file as normal, a reboot might be required to get it working fully
    
    This method has been known to work on many Win2k* setups without any adverse effects. Also known to work for some XP users who experience slow network startup and/or IE or OE is very slow to start, the procedure to disable the dns client is the same as above. Of course if you still have problems or cannot connect to the internet after implementing this workaround it is advised you do not use this Hosts file and restore the "dns client" back to an "automatic" state and restart the dns client. Alternativly you will need this software
    
    Code:
    
    h**p://www.pyrenean.com/config.php
    
    and see this page for implementing an advanced dns solution (for expert users only)
    - Code:
      
      h**p://www.accs-net.com/hosts/DNSKong2K/Setting%20Windows%202000%20to%20use%20DNSKong.htm
5. If you installed it and can still see some banners
  1. After checking the obvious, have you got it installed in the correct location for your Operating system?
  2. If you wish to have 100% advert free browsing then using something like the Promoxitron or Junkbuster proxy or Mozillas BannerBlind which will remove 99.9% of adverts
6. How do you know if the file is working?
  1. Quite simply, can you see (h**p://doubleclick.net/) this site or (h**p://fastclick.net/) this site. If you can still see those sites than the Hosts file is not working and you should check your settings and installation
7. Does this have a virus in it?
  1. No it doesn't, its only a plain text file so it cannot do any harm to your computer, there are no install programs or executable files just a simple single text file
WINDOWS UPDATE NOTE: Akamai.net is used by Microsoft to host the Windows Update features, known as the "AutoUpdate" and "v5.windowsupdate.microsoft.com [63.209.144.181]". In addition, Akamai.net also hosts others, such as ad/spware websites.

So if either feature of the Windows Update is not working and/or you get "Windows Update Failure - Error Code 0x800A138F". Then close ALL broswers' windows, open hosts file, press {CTRL+F}->look for this address "a248.e.akamai.net [63.251.152.201]", without the brackets, and delete it then save and exit. Now try (h**ps://a248.e.akamai.net/v5.windowsupdate.microsoft.com/getmanifest.asp) (h**ps://a248.e.akamai.net/v5.windowsupdate.microsoft.com/getmanifest.asp) again. If it works, then go to (h**p://windowsupdate.microsoft.com) and get your Updates. If it still does not work then your company or your ISP may be blocking this hostname. Or some anti-ad/spy programs may have this address blocked, such as h**p://spyblocker-software.com/IPB/index.php?showtopic=420&st=0&#entry1820 SPYBLOCKER.
DO NOT DELETE ALL AKAMAI.NET SITES, OTHERWISE YOU WILL END UP WITH AD/SPY SITES POPING BACK.
Below is a small sample of hundreds of the Akamai.net servers that process ad/spy sites:
1. 0.0.0.0 a08.g.akamai.net
2. 0.0.0.0 a1.g.akamai.net
3. 0.0.0.0 a10.g.akamai.net
4. 0.0.0.0 a100.g.akamai.net
5. 0.0.0.0 a100.g.akamaitech.net
6. 0.0.0.0 a1016.g.akamai.net
7. 0.0.0.0 a1028.g.akamai.net
8. 0.0.0.0 a1032.g.akamai.net
9. 0.0.0.0 a104.g.akamai.net
10. 0.0.0.0 a1040.g.akamai.net
11. 0.0.0.0 a1061.g.akamai.net
12. 0.0.0.0 a1066.g.akamai.net
13. 0.0.0.0 a108.g.akamai.net
14. 0.0.0.0 a11.g.akamai.net
15. 0.0.0.0 a1100.g.akamai.net
16. 0.0.0.0 a111.g.akamai.net
17. 0.0.0.0 a1156.g.akamai.net
18. 0.0.0.0 a1168.g.akamai.net
19. 0.0.0.0 a117.g.akamaitech.net
20. 0.0.0.0 a1172.g.akamaitech.net
21. 0.0.0.0 a1180.g.akamai.net
22. 0.0.0.0 a1196.g.akamai.net
23. 0.0.0.0 a12.g.akamai.net
24. 0.0.0.0 a12.g.akamaitech.net
25. 0.0.0.0 a1208.g.akamai.net
26. 0.0.0.0 a1224.g.akamaitech.net
27. 0.0.0.0 a1228.g.akamai.net
28. 0.0.0.0 a1234.g.akamai.net
29. 0.0.0.0 a1240.g.akamaitech.net
30. 0.0.0.0 a1252.g.akamai.net
31. 0.0.0.0 a1261.g.akamai.net
32. 0.0.0.0 a1284.g.akamai.net
33. 0.0.0.0 a13.g.akamai.net
34. 0.0.0.0 a1300.g.akamai.net
35. 0.0.0.0 a1316.g.akamai.net
36. 0.0.0.0 a1356.g.akamai.net
37. 0.0.0.0 a1360.g.akamai.net
38. 0.0.0.0 a1380.g.akamai.net
39. 0.0.0.0 a14.g.akamai.net

Now continue to Example 3, below

RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.

0110 · 16-May-2005, 11:26 PM #6

HOW TO BLOCK ADS AND MAINTAIN THE SUPERTRICK (hosts file - example 3)
The most common way of detecting spam is by using spam databases (blacklists, sometimes incorrectly referred to as RBLs, since RBL is trademarked by MAPS) that list the addresses of mail servers known (or believed) to send spam. This is done by taking the IP address of the remote mail server, converting it to a domain name using the ip4r format (1.2.3.4 becomes 4.3.2.1.bl.example.com), and seeing if that name exists.

Below is a list of all known DNS-based spam databases (some links may be temporarley down or unresolved, please send me a PM with any:
Standard IP-based Spam Databases

1. ABL - ”Arbitrary Blackhole List. No TXT records, missing test entry 127.0.0.2. Warning: Can't Be Tested.”
  Code:
```
h**p://spammers.v6net.org
```
2. BGISOCBL - ”Bulgarian Spam Prevention System. Designed primarily to protect isoc.bg's members from receiving Bulgarian spam. Warning: Can't Be Tested.”
  Code:
```
h**p://dnsbl.isoc.bg
```
3. BGISOCWL - ”Bulgarian Spam Prevention System Whitelist. Designed primarily to protect isoc.bg's members from receiving Bulgarian spam; this is a WHITELIST, which lists 'good' IPs. No TXT records, missing test entry 127.0.0.2. Warning: Can't Be Tested.”
  Code:
```
h**p://dnswl.isoc.bg
```
4. BLARSBL - ”Confirmed that it is working on 24 Oct 2001. Has 15 different return values, indicating the reason for the listing (IE could be split up into as many as 12 tests). Includes interesting tests such as no abuse@ - address, and originating a DoS attack. Does not have TXT records. Warning: May contain a number of IPs that no longer are associated with spammers, and are now allocated to legitimate customers that can not be removed. May also blacklist entire ISPs.”
  Code:
```
h**p://block.blars.org
```
5. BLITZEDALL - ”Combines the BLITZEDh**p, BLITZEDSOCKS, BLITZEDWINGATE, BLITZEDCISCO, and BLITZEDPOST tests. Confirmed that it is working on 09 Apr 2002.”
  Code:
```
h**p://opm.blitzed.org
```
6. BLITZEDCISCO - ”Lists Cisco proxies. Assumed to be working on 20 Feb 2003 (since bitmask tests can't be tested).”
  Code:
```
h**p://opm.blitzed.org
```
7. BLITZEDh**p - ”Lists open h**p (CONNECT) proxies. Confirmed that it is working on 03 Feb 2002.”
  Code:
```
h**p://opm.blitzed.org
```
8. BLITZEDPOST - ”Lists open h**p (POST) proxies. Assumed to be working on 20 Feb 2003 (since bitmask tests can't be tested).”
  Code:
```
h**p://opm.blitzed.org
```
9. BLITZEDSOCKS - ”Lists open SOCKS proxies. Confirmed that it is working on 03 Feb 2002.”
  Code:
```
h**p://opm.blitzed.org
```
10. BLITZEDWINGATE - ”Lists open wingate proxies. Confirmed that it is working on 03 Feb 2002.”
  Code:
```
h**p://opm.blitzed.org
```
11. BONDEDSENDER - ”A whitelist of E-mail senders that have posted a bond to help prove that their E-mail is legitimate.”
  Code:
```
h**p://query.bondedsender.org
```
12. BORDERWORLDSBL - ”A private spam database. Warning: Can't Be Tested.”
13. CBL - ”Lists IPs that send to large spamtraps, and are running open proxies, worms/viruses, trojan horses, etc. Confirmed 01 Aug 2003.”
  Code:
```
h**p://cbl.abuseat.org
```
14. CHICKENBONER - ”Unknown, apparently no website. Warning: Can't Be Tested.”
  Code:
```
h**p://fl.chickenboner.biz
```
15. CLUECENTRAL - ”Lists IPs in certain countries. Missing test entry 127.0.0.2. Confirmed 18 Jun 2002 Warning: Can't Be Tested.”
  Code:
```
h**p://rbl.cluecentral.net
```
16. COMPU-PMO - ”Undocumented. Apparently lists "pm0.com" sources. Confirmed 10 Jan 2002. Warning: Can't Be Tested.”
  Code:
```
h**p://pm0-no-more.compu.net
```
17. CSMA - ”Lists IPs of mailservers that send spam twice in a short timeframe to the McFadden Associates mailservers. Confirmed 29 Sep 2003.”
  Code:
```
h**p://bl.csma.biz
```
18. CSMA-SBL - ”Lists IPs of mailservers that send spam to the McFadden Associates mailservers, even once. More aggressive than the CSMA test, and best used with score-based anti-spam programs. Confirmed 20 - Oct 2003.”
  Code:
```
h**p://sbl.csma.biz
```
19. COMPU - ”Undocumented (but confirmed). 'Primarily for hosts which were not blocked by other blackhole sites and spammed compu.net' according to one source.”
  Code:
```
h**p://blackhole.compu.net
```
20. DEADBEEF - ”Lists ISPs that have no way to report abuse. Confirmed 11 Mar 2003.”
  Code:
```
h**p://bl.deadbeef.com
```
21. DNSRBL-DUN - ”Lists dialup lines (modems, DSL, cable). Warning: uses 127.0.0.1 as its test entry. Verified 19 Jun 2002.”
  Code:
```
h**p://dun.dnsrbl.net
```
22. DNSRBL-SPAM - ”Lists known spammers, based on E-mail sent to 'honey pot' addresses. Warning: uses 127.0.0.1 as its test entry. Verified 19 Jun 2002.”
  Code:
```
h**p://spam.dnsrbl.net
```
23. DSBL - ”Distributed Sender Boycott List. This is a 'trusted' portion of DSBL, that accepts submissions of open relays and any other unsecure servers that spammers can use to send spam. Confirmed on 28 Mar 2002.”
  Code:
```
h**p://list.dsbl.org
```
24. DSBLALL - ”Distributed Sender Boycott List. This is the 'untrusted' version (IE anyone can submit to it) of the DSBL database, which accepts submissions of open relays and any other unsecure servers that spammers can use to send spam. Note that it will likely contain some popular free mail services and the like, if their users maliciously submit entries. Confirmed on 05 Apr 2002.”
  Code:
```
h**p://unconfirmed.dsbl.org
```
25. DSBLMULTI - ”Distributed Sender Boycott List. This is a 'trusted' portion of DSBL, that lists multi-hop relays from trusted sources. Confirmed on 09 Apr 2002.”
  Code:
```
h**p://multihop.dsbl.org
```
26. DUINV - ”Lists IPs that belong to dialup connections. No TXT records, missing test entry 127.0.0.2. Warning: Can't Be Tested.”
  Code:
```
h**p://duinv.aupads.org
```
27. DULRU - ”Apparently lists dialup lines in Russia (site is in Russian). No TXT records, missing test entry 127.0.0.2. Warning: Can't Be Tested.”
  Code:
```
h**p://dul.ru
```
28. EASYNET-DNSBL - ”Lists direct spam sources, indirect spam sources (using open relays or other conduits to send spam), open proxy hits, Spamhaus SBL hits, opt-out mailers, and relay-probing sources. Click link for full - description. Confirmed that the zone and entries exist on Nov 26 2001. Was WIREHUB-DNSBL.”
  Code:
```
h**p://blackholes.easynet.nl
```
29. EASYNET-DYNA - ”Lists dynamic IP ranges (per /24, to attain maximum granularity and a minimum of false postives by probing several IP numbers in each /24 and examining PTR records). Confirmed 14 Dec 2001. Was WIREHUB-DYNA.”
  Code:
```
h**p://dynablock.easynet.nl
```
30. EASYNET-PROXIES - ”Lists both regular open proxies and trojaned servers with open proxy functionality. Was WIREHUB-PROXIES.”
  Code:
```
h**p://proxies.blackholes.easynet.nl
```
31. FABELSOURCES - ”Lists networks (mostly in Asia and South America) that keep sending spam. Confirmed on 23 Jan 2002.”
  Code:
```
h**p://spamsources.fabel.dk
```
32. FIVETENDUL - ”Lists spam sites before they get into DUL; includes some DSL IPs. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
33. FIVETENFREE - ”Lists mailservers used by free mail services that either have no abuse address address listed at abuse.net, or that ignore abuse complaints. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
34. FIVETENIGNORE - ”Lists IP ranges of companies that ignore spam complaints. Warning: May block large ISPs. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
35. FIVETENKLEZ - ”Lists mailservers that send AV notification responses to Klez and similar viruses that forge the return address. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
36. FIVETENMULTI - ”Lists multi-stage open relays. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
37. FIVETENOPTIN - ”Lists bulk mailers that don't use confirmed opt-in. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
38. FIVETENOTHER - ”Lists servers with 'other issues.' NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
39. FIVETENSINGLE - ”Lists single-stage open relays. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
40. FIVETENSRC - ”Lists direct spam sources. Warning: Lists entire Class B ranges if 1 IP sends them spam! NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
41. FIVETENTCPA - ”Lists companies that violate the TCPA act, by leaving pre-recorded telephone sales calls or not maintaining a do-not-call list. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
42. FIVETENWEBFORM - ”Lists servers running vulnerable web scripts that can send spam. NOTE: If you are listed, you can find the address to get removed on their page ('blackhole').”
  Code:
```
h**p://blackholes.five-ten-sg.com
```
43. FLOWGO - ”Unknown and undocumented, but operational (confirmed 24 Oct 2001). 'Lists FloNetwork systems' according to one source. Flonetwork was apparently bought out by DoubleClick.”
  Code:
```
h**p://flowgoaway.com
```
44. GIPPER - ”A listing of computers which are running an insecure h**p proxy that allows arbitrary port connections. No TXT records, no 127.0.0.2 test entry. Warning: Can't Be Tested.”
  Code:
```
h**p://proxy.bl.gweep.ca
```
45. GIRL - ”Gweep.ca Insecure Relay List. Lists open relays. No TXT records, no 127.0.0.2 test entry. Warning: Can't Be Tested.”
  Code:
```
h**p://relays.bl.gweep.ca
```
46. GRIP - ”Randomly lists random IPs. Obviously, this should not be used as a spam test. No TXT records, no 127.0.0.2 test entry. Warning: Can't Be Tested.”
  Code:
```
h**p://random.bl.gweep.ca
```
47. HIL - ”Lists IPs of mailservers that infringe on Habeas' intellectual property, and are unwilling or unable to rectify the situation in a timely matter. Note that it is not DNS-accessible yet; it requires that you connect directly to hil.habeas.com. No TXT records. Confirmed 30 Oct 2002. Warning: Can't Be Tested.”
  Code:
```
h**p://hil.habeas.com
```
48. HILLI - ”Undocumented.”
  Code:
```
h**p://blocked.hilli.dk
```
49. HUL - ”Lists IPs of Habeas licensees. Used as a whitelist. Requires a license agreement to be filled out. Warning: Can't Be Tested.”
50. ICMFORBIDDEN - ”Lists IPs of companies that took ORBS to court. No TXT records, no 127.0.0.2 test entry. Warning: Can't Be Tested.”
  Code:
```
h**p://forbidden.icm.edu.pl
```
51. INFORMATIONWAVE - ”Lists spammers. No TXT records, no 127.0.0.2 test entry. Warning: Can't Be Tested.”
  Code:
```
h**p://blacklist.informationwave.net
```
52. INTERSIL - ”Undocumented (but confirmed).”
  Code:
```
h**p://blackholes.intersil.net
```
53. IPWHOIS - ”Lists domains that have incorrect or otherwise bad information in their IP whois data. Note that this MAY have the same flaw as the BADWHOIS test and could list major portions of the Internet.”
  Code:
```
h**p://ipwhois.rfc-ignorant.org
```
54. JAMMDNSBL - ”Currently undocumented. Returns 127.0.0.2 for spammers, .3 for open relays, .4 for insecure E-mail scripts, .5 for open proxies, and .6 for dynamic IP ranges. Warning: Lists IP ranges for some entire countries.”
  Code:
```
h**p://dnsbl.jammconsulting.com
```
55. KEMPTBL - ”Lists any mailserver that sends spam or E-mail with forged headers. You must contact them to use it. Warning: Can't Be Tested.”
56. KITHRUP - ”Unknown. Note the possibly odd '0.0.0.0' response that could break existing anti-spam programs.”
  Code:
```
h**p://3y.spam.mrs.kithrup.com
```
57. KROPKA-IP - ”Lists static IPs, whole networks. Warning: Can't Be Tested.”
  KROPKA-DIALUPS - ”Lists dialups and dynamic IPs. Warning: Can't Be Tested.”
  KROPKA-RELAY

Search
Search in:
Show Threads Show Posts
Advanced Search