|
REPORT CYBER CRIME
Internet Crime Complaint Center (IC3)
http://ic3.gov/
The Internet Crime Complaint Center (IC3) is a partnership between the Federal Bureau of Investigation (FBI) and the National White Collar Crime Center (NW3C). IC3's mission is to serve as a vehicle to receive, develop, and refer criminal complaints regarding the rapidly expanding arena of cyber crime. The IC3 gives the victims of cyber crime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. For law enforcement and regulatory agencies at the federal, state, local and international level, IC3 provides a central referral mechanism for complaints involving Internet related crimes. read more >>
http://ic3.gov/
Federal Trade Commission (USA) Complaint Input Form
https://rn.ftc.gov/pls/dod/widtpubl$.startup?Z_ORG_CODE=PU03
If you believe you have been the victim of identity theft, you may use the form below to send a complaint to the Federal Trade Commission (FTC). The information you provide is up to you. However, if you don't provide your name or other information, it may be impossible for us to refer, respond to, or investigate your complaint or request. To learn how we use the information you provide, please read our Privacy Policy.
Federal Bureau of Investigation - Cyber Investigations - Cybercrime
http://www.fbi.gov/cyberinvest/cyberhome.htm
Computer Crime & Intellectual Property Section
http://www.cybercrime.gov/
WiredSafety.Org
http://www.wiredsafety.org/911/
Our Cyber911 Help tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement...
ReportCybercrime.Com (Private)
http://www.reportcybercrime.com/
Also, through our interactive forum you can get opinion of specialist attorneys and lawyers. Each lawyer in practice will give his opinion on matters, which are raised in the forum. You Can post queries view answers from experts and improve upon your knowledge base...
How to Report Cybercrime
http://www.katiesplace.org/report_cybercrime.html
WiredSafety's Cyber911 Emergency tipline is not intended to replace law enforcement emergency 911, 999 and other numbers worldwide. It is to help people know where to get help when they are being victimized online, and to provide help when help is needed. We work closely with law enforcement around the world, and require that when offline threats are involved that local law enforcement be notified before we can offer assistance to the victim or their local law enforcement.
Take a Bite Out of Cyber Crime
ByteCrime.Org
http://www.bytecrime.org/
STATISTICS
What statistics about cybercrime (no. of cases, damages, etc.) are available
worldwide and how to get them?
https://answers.google.com/answers/threadview?id=3009
I'm already aware of the CSI/FBI Survey(us), PKS(de), ZaRD(de), KES-Umfrage(de) and PWC-Cybercrime Survey (uk). Which others are available? Surveys should be in english, german, spanish or frensh so I can read them.
Cybercrime.gov
Cases
http://www.cybercrime.gov/cccases.html
National Fraud Information Center
http://www.fraud.org/internet/2001stats10mnt.htm
The 1997-2001 Internet Fraud Statistics Reports are available to the
public at the National Fraud Information Center (NFIC) website.
CERT/CC Statistics 1988-2002.
http://www.cert.org/stats/cert_stats.html
CERT(R) is a center of Internet security expertise, at the Software
Engineering Institute, a federally funded research and development
center operated by Carnegie Mellon University Pittsburgh,
Pennsylvania, USA. At the website, you will find statistics reported
between 1988-2002 on the number of incidents, vulnerabilities
reported, security alerts published, security notes published, mail
messages handled, and hotline calls received. This data is used to
improve network security.
Interpol - Information Technology Crime
http://www.interpol.int/Public/TechnologyCrime/default.asp
Interpol
SOFTWARE PIRACY
P2P Dangers (Peer to Peer file swapping)
Summary: A peer network used primarily for music file sharing. In an organization, can degrade network performance and consume vast amounts of storage. Is bundled with many spyware/adware products.
Category: P2P... Any peer-to-peer file swapping program, such as Audiogalaxy, Bearshare, Blubster, E-Mule, Gnucleus, Grokster, Imesh, KaZaa, KaZaa Lite, Limewire, Morpheus, Shareaza, WinMX and Xolox. In an organization, can degrade network performance and consume vast amounts of storage. May create security issues as outsiders are granted access to internal files. Often bundled with Adware or Spyware.
http://www.ca.com/securityadvisor/pest/pest.aspx?id=453088059
US-CERT Cyber Security Tip ST05-007 -- Risks of File-Sharing ...US-CERT: United States Computer
Emergency Readiness Team ... Peer-to-peer (P2P) applications, such as those used to share music files, are some of the most ...
http://www.us-cert.gov/cas/tips/ST05-007.html
Business Software Alliance - Software Piracy Prevention
Informing the public of the effects of software piracy, and of action that can be taken to curb this ongoing activity.
http://www.bsa.org/usa/antipiracy/
Microsoft: The risks of obtaining and using pirated software
How installing and running pirated software can compromise the security of your computer and your data.
http://www.microsoft.com/protect/promotions/us/wga_idc_us.mspx
NET Act
From Wikipedia, the free encyclopedia
http://en.wikipedia.org/wiki/NET_Act
NEWS RSS FEEDS:
CA Security Advisor Research Blog
http://www3.ca.com/blogs/rss/default.aspx?id=90744&name=CA+Security+Advisor+Research+Blog
CNET News.com - Threats
http://feeds.feedburner.com/CNETNewsSecurity
Computer Security - Topix.net
http://rss.topix.net/rss/tech/computer-security.xml
Dark Reading: Desktop Security
http://www.darkreading.com/rss_simple.asp?f_n=1946&f_ln=Desktop+Security
eSecurity Planet News
http://www.esecurityplanet.com/icom_includes/feeds/esp/xml_front-10.xml
eWEEK Security
http://rssnewsapps.ziffdavis.com/eweeksecurity.xml
InfoWorld: Security
http://www.infoworld.com/rss/security.xml
IT News headlines
http://feeds.reedbusiness.co.uk/0ac94b78-3177-43d3-936c-ae5e60aaa69d/CW360/The%20latest%20IT%20News%20headlines.xml
PCWorld Latest Spyware News
http://rss.pcworld.com/rss/syndication2.rss?feedid=1159
Malware Help.Org - Spyware Removal and Prevention Help
http://feeds.feedburner.com/MalwareHelporg
Microsoft At Home
http://www.microsoft.com/athome/community/rss.xml
Microsoft Security Bulletins
http://www.microsoft.com/technet/security/bulletin/secrss.aspx
SearchWindowsSecurity.com
http://feeds.feedburner.com/techtarget/Searchwindowssecurity
SecurityFocus News
http://www.securityfocus.com/rss/news.xml
2-Spywasre.com Spyware news
http://www.2-spyware.com/news.xml
SpywareGuide Articles
http://www.spywareguide.com/rss/sg_articles.xml
Spyware-Net
http://www.fbmsoftware.com/spyware-net/blog/?feed=rss
Techworld.com Security News
http://www.techworld.com/rss/techworld-security.xml
TrendLabs | Anti-Malware Blog - by Trend Micro
http://feeds.feedburner.com/Anti-MalwareBlog?format=xml
Virus.Org - Computer Security news
http://www.virus.org/component/option,com_rss/Itemid,0/feed,RSS1.0/no_html,1/
ZDNet News - Security
http://www.zdnet.com/2509-1009_22-0-5.xml
FORUMS ~
Additional Forums, Message Boards - Compare Results
Online Help Forums
Note: every forum has its own rules. Be sure to read the forum rules before posting.
Spywareinfo Forums: http://forums.spywareinfo.com/
Cexx Forums: http://boards.cexx.org/
D-A-L forums: http://www.d-a-l.com/index.php
CastleCops Forums (formerly ComputerCops): http://castlecops.com/
SpyWare BeWare!: http://forums.maddoktor2.com/index.php
BleepingComputer.com: http://www.bleepingcomputer.com/forums/
TechMonkeys: http://www.techmonkeys.co.uk/
PCHelp Forum: http://pchelpforum.com/
WilkonsonPC (Spanish):
http://www.wilkinsonpc.com.co/cgi-bin/foros/index.cgi?board=HijackThis
A support forum for Spanish-speaking users of South America and Central America.
PCPitstop Forum: http://pcpitstop.ibforums.com/
Tech with dk (dknoppix): http://dknoppix.com/forums/
InfoSpyware (Spanish): http://www.forospyware.com/
CyberTechHelp: http://www.cybertechhelp.com/
AntiSpywareOffensief.nl (English + Dutch): http://www.antispywareoffensief.nl/
Subratam.org: http://www.subratam.org/
BestTechie: http://www.besttechie.net/forums/ http://www.geekstogo.com/forum/index.php |
Webmasters:
Conduit.com - Free community toolbar
http://www.conduit.com/
"...140,000 publishers, 30 million subscribers, A new user every second..."
Ours: "bluecollarpc toolbar" http://bluecollarpc.CommunityToolbars.com
Our Community Toolbar Homepages:
http://bluecollarpc.communitytoolbars.com/home/
http://pdamobilecafe.communitytoolbars.com/home/
Advanced Users: 
About Remote Access Service
http://windowssdk.msdn.microsoft.com/library/default.asp?url=/library/en-us/rras/rras/about_remote_access_service.asp
RAS AutoDial (clean dialers out of windows registry)
http://windowssdk.msdn.microsoft.com/library/default.asp?url=/library/en-us/rras/rras/ras_autodial.asp
Examples: RAS Autodial (my own finds Jan/Feb 2006 - and I believe I have discovered these first in spyworld, would like the credit mentioned, and found all software does not ! I am trying my best to get software developed immediately so I can copyright the invention, but I need a writer. For more check out the unknown "anti-dialer softwares available, and I doubt if they stop these). (There were actually 10-20 different ones of these examples)
HKEY_CURRENT_USER\Software\Microsoft\RASAutodial\Addresses\bannerserver.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RASAutodial\Addresses\fm2.imesh.com
 For IP number Look-Up, use a DNS service. The one below is handy and fast with Reverse Look Up - which means you can look up the IP number to find out the domain involved with the RASautodial present in your registry:
Web Based DNS Lookup (NSLookup) (ZoneEdit.com)
DNS Network Information via nslookup, yet another free service from ZoneEdit.
http://www.zoneedit.com/lookup.html
EXAMPLE: HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\207.46.106.123 is a typical Microsoft key for apparently hotmail or msn.com. NOTE: If you find something strange that may be a porn dialer or spyware - make sure you really search out exactly what domain is associated and why before considering deleting one of these keys !
More Examples of RASAutodial entries:
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.clickspring.net
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\gatorcme.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\gs.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\ss.gator.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.clickthebutton.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.imesh.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.imesh.net
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.vcatch.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\istechno.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.mediacharger.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.musicex.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.tbrpr.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\www.zdnet.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\localhost
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\istechno.com
HKEY_CURRENT_USER\Software\Microsoft\RAS Autodial\Addresses\upgrade.newdotnet.net
ARP Cache (clean windows registry arp cache items)
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/arp.mspx
Horror stories ? "SVKP.sys"
NOTE: Software hackers  and pirates  might re-write legitimate monitoring software to produce threatwares.
The SVKP.sys LEGACY_SVKP mystery... Created at every start up in my
incidence, and I am trying to discover that culprit - whether program
or malware or worm or rootkit - or valid program. Any help will be appreciated,
and you may have cracked this. Manual Removal with all reports of trojans or
viruses reveal nothing present as reported, except the actual
C:\WINDOWS\system32\SVKP.sys mention. HiJackThis reveals nothing.
(NOTE That it is not found anywhere at Microsoft.com which raises a
real question of the forged entry in Properties of SVKP.sys in
windows system32 >>> Copyright (C) Microsoft Corp. 1981-1999 as/
SVKP driver for NT) See: Photo:
Identified as TSPY_Joiner.AV (Trend Micro AntiSpyware)
Obscure: If purchased as a valid software, it may be employed
as "trialware protection" for various products: SEE: "The presence of
SVKP.SYS does not necessarily mean that this trojan is installed.
SVKP.SYS is part of SVK Protector, which this trojan is packed with.
SVK Protector is used in innocent programs as well.
http://vil.nai.com/vil/content/v_101134.htm"
Apparent related websites selling "AntiCracking" or "SVK Protector"
or related:
SVKP Website - [ Translate this page ]
www.svkp.ch/
AntiCracking Software Protecion Systems: Copy protection, Software ...
Software security protection solutions for software corporations,
distributors
and developers. Software and Hardware based copy licensing protection
via SVK ...
http://www.anticracking.sk/
shows : "© 2001 AntiCracking. All Rights Reserved" (which could be a
clue as to the date of any download - and shows 2003-08-17 New
Distributor for Serbia and Montenegro - Relikon d.o.o.).
SVKP
SVK Protector. SVK Protector is suitable for all companies and
professional
software developers, who need easy, fast, and efficient protection
for their ...
www.anticracking.sk/products_svkp.html
CD Media World - Commercial CD/DVD Protections: SVK Protector
Protection, :, SVK Protector (SVKP) - Slovak Protector. Versions, :,
1.43.
How to Detect, :, Use Protection ID. Backup Solution, :, Unknown as
of yet! ...
www.cdmediaworld.com/hardware/ cdrom/cd_protections_svkp.shtml
SVK Protector
http://www.anticracking.sk/products_svkp.html
"SVK Protector is suitable for all companies and professional
software developers, who need easy, fast, and efficient protection
for their products. SVK Protector was designed with ease of
protection implementation into your product as a basic feature. All
users, also the less experienced, can do it in just couple of
minutes. Despite the ease of use, programs are protected with the
highest level of security and this protection will stop software
pirates from unauthorized copying and distribution of your
work...... " .
Help offered websites: (google results)
File.Net - How to remove SVKP.sys error problem
SVKP.sys file information on Windows XP. If you have a SVKP.sys
problem or error
or want to remove this file, check it out.
www.file.net/process/svkp.sys.html
"How to remove SVKP error
The free File.Network forum can help you find out if SVKP.sys is a
virus, trojan, spyware, adware which you can remove, or a file
belonging to a Windows system or an application you can trust.
SVKP.sys file information
The process SVKP driver for NT [ http://www.google.com/search?q=%
22SVKP driver for NT%22 ] belongs to the software SVKP driver for NT
[ http://www.google.com/search?q=%22SVKP driver for NT%22 ] by
AntiCracking [ http://www.google.com/search?q=%22AntiCracking%22 ] .
Description: SVKP.sys is located in the folder C:\Windows\System32.
The file size on Windows XP is 2368 bytes.
The driver can be started or stopped from Services in the Control
Panel or by other programs. The program has no visible window. There
is no detailed description of this service. File SVKP.sys is not a
Windows system file. SVKP.sys seems to be a compressed file.
Therefore the technical security rating is 6% dangerous, however also
read the users reviews.
Important: Some malware camouflage themselves as SVKP.sys,
particularly if they are located in c:\windows or c:\windows\system32
folder. Thus check the SVKP.sys process on your pc whether it is
pest. We recommend Security Task Manager for verifying your
computer's security. It is one of the Top Download Picks of 2005 of
The Washington Post and PC World...... Other processes odhost.exe
btwdins.exe tcpsvcs.exe SVKP.sys idrivert.exe gearaspiwdm.sys
photoshopelementsfileagent.exe hplun.dll pchbutton.exe pqntdrv.sys
support.exe [all] " .
SVKP that wont go away - TechSpot Troubleshooting
Still everytime on startup i get a svkp that is found in my system32.
I attached
my most recent hijackthis results if anyone can help ...
www.techspot.com/vb/all/windows/ t-35824-SVKP-that-wont-go-away.html
CastleCops.com
Described as from malware / worms:
W32/Rbot-AGP http://www.sophos.com/virusinfo/analyses/w32rbotagp.html
W32/Spybot-FB
http://www.sophos.com/virusinfo/analyses/w32spybotfb.html
W32/Rbot-AJR http://www.sophos.com/virusinfo/analyses/w32rbotajr.html
http://castlecops.com/o23list-852.html
McAfee AntiVirus: defines as- IRC-Deport trojan
http://vil.nai.com/vil/content/v_101134.htm
Sophos virus analysis: W32/Rbot-AJR
http://www.sophos.com/virusinfo/analyses/w32rbotajr.html
When W32/Rbot-AJR is installed it creates the file <Windows system
folder>\svkp.sys.
Symantec Security Response - W32.Loxbot.A
Service Name: SVKP Display Name: SVKP. Creates the following registry
subkeys
for the two ...
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SVKP ...
securityresponse.symantec.com/ avcenter/venc/data/w32.loxbot.a.html
Symantec Security Response - W32.Spybot.RDW
www.sarc.com/avcenter/venc/data/w32.spybot.rdw.html
Viruslist.com - Email-Worm.Win32.Wurmark.a
www.viruslist.com/en/viruses/encyclopedia?virusid=66726
"Workstation Service Buffer Overrun (Microsoft Security Bulletin MS03-
049) DCOM RPC (Microsoft Security Bulletin MS03-026) Microsoft SQL
Server 2000 or MSDE 2000 audit (Microsoft Security Bulletin MS02-061)
Microsoft Windows LSASS (Microsoft Security Bulletin MS04-011)."
Microsoft searches ; no such thing, as the SVKP.sys file in Windows
system32 properties claim it is copyrighted by Microsoft (Copyright
(C) Microsoft Corp. 1981-1999 )
microsoft.public.security.virus: Re: hacktool.rootkit
SVKP.sys file - sometimes it is good and sometimes not. I am using
TweakUI ...
file C:\wimdows\system32\SVKP.sys is infected with the
Hacktool.Rootkit ...
www.derkeiler.com/Newsgroups/microsoft. public.security.virus/2005-
10/0310.html
Additional Registry entries found concerning: TSPY_Joiner.AV (Trend
Micro AntiSpyware)
If you are having trouble finding these, simply download the
adware/ads free fully working freeware RegSeeker which has multiple
functions and searches entire Windows Registry very quickly. Keyword
Search: SVKP
C:\WINDOWS\system32 SYKP.sys (((PROPERTIES))):
Company Name: AntiCracking
File Version 4.0.1381.1
Description: SVKP driver for NT
Copyright (C) Microsoft Corp. 1981-1999
Other Version Information:
Value: 4.00
Internal Name: SVKP.sys
Language English
Original File Name: SVKP.sys
Product Name: SVKP driver for NT
Product Version: Value 1.00
(NOTE That it is not found anywhere at Microsoft.com which raises a
real question of the forged entry in Properties)
Additional Registry entries found concerning: TSPY_Joiner.AV (Trend
Micro AntiSpyware)
Additional Registry Entries:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP\0000
(Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP\0000
(DeviceDesc SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SVKP\0000
\Control
(Active Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SVKP]\??
\C:\WINDOWS\system32\SVKP.sys
(ab ImagePath)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SVKP
(Display Name SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001
\Services\SVKP\EnumRoot\LEGACY_SVKP\0000
( ab 0 )
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SVKP
(Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Enum\Root\LEGACY_SVKP
(DeviceDesc SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\StillCam\Security
(Note RegSeeker displays this as:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\SYMIDSCO\SVKP - with
the backwards letter P and extra line | in it )
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000
(Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP
(DeviceDesc SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SVKP\0000
\Contol
(Active Service SVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP\??
\C:\WINDOWS\system32\SVKP.sys
(image path)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP
(DisplayNameSVKP)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SVKP\EnumRoot\LEG
ACY_SVKP\0000 (ab 0)
NOTE:The "StillCam" is in the "Sparrow" registry folder which lends to possible system snapshot ?
Possible files to search for: [from product information at
AntiCracking: http://www.anticracking.sk/
SVKP_DLL.DLL
SVK Protector
SVKP_GetHWInfo in Visual Basic
SVKP_KillDebugger function against kernel debuggers
(like VC debugger,W32Dasm ...)
File.Net - How to remove SVKP.sys error problem
http://www.file.net/process/svkp.sys.html
|
COMMUNITY.... 