Windows 10: Where do I begin?

So last week Microsoft released Windows 10 to the world, for free; “for free?!” you might say, “what is the catch?” you may ask. No one but Microsoft really knows the agenda behind the true reasons for the free release, and the motivating factor for the upgrade in this new way it was presented. Many have theories, from they want to be nice, too they are secret operatives working with the government to steal your personal data. Whatever their reason let us review the new operating system released, the dos, the don'ts; the whys and what the F*#$ is that?

1.       The Review

The Windows seems to be running smother and cleaner, at least on my devices. It would seem that Microsoft has come up with what Linux had Mac has done for years and given you resources. The setback appears to be all the added features that take this advantage away. There seems to be a lot of running process that should be off by default. Some features added that would be better to be on if the user wants. It would also appear that to turn these off it is a bit of a runaround. But Microsoft will be Microsoft, I truly didn’t expect anything else.

I see Windows 10 as a better product then the last 3 OS’s and it is about time. It has an updated view with all of our favorite features. Whatever you think of Windows, in any shape or form, this new OS is by far a win for Microsoft. Let us not forget though that it is still early and Microsoft could still sour the milk. 

2.       The Reform

Windows 10,as stated before, has some features that tend to decrease productivity and resource power. It is my suggestion that you go the following links as to how to turn these off:

·         http://www.tenforums.com/tutorials/4026-cortana-turn-off-windows-10-a.html

·         http://www.techworm.net/2015/07/windows-10-bugs-too-many-start-menu-apps-will-break-it.html

·         http://fossbytes.com/how-to-reclaim-free-regain-20-gb-disk-space-after-windows-10-upgrade/

·         http://fossbytes.com/windows-10-steals-your-internet-bandwidth-to-send-updates-to-others-disable-it-here/

·         http://thehackernews.com/2015/07/windows-10-wi-fi-sense-explained-actual.html

If you Google hard enough you can find a fix, or workaround for anything, these were a few I found that work great. Why any of these are on by default in the world we live in today I will never understand. They are making it easier and easier to hack a system, and exploit vulnerabilities. Although Microsoft will claim that the security risks are not to be a concern as they will not allow your personal info or data to compromised, it has been said that these issues can help a hacker create an easy Man in the middle attack, so beware.

3.       The Finale

As with any OS put out it will take time for everyone to get on board, I am in the belief that this Windows 10 will be good, I just hope that they can stay up with it for ten years. So before you do anything make sure you know what you are getting, make sure you know how to get rid of what you don’t want; and as always “Don’t Trust Anyone, or Anything!”

Computer Malware History

Cybrary.it

Cybrary.it is a new site dedicated to online training on topics for Information Technolgy specilists. thier mission is to provide the very best content for the best price ever; Free! They provide Recommended Additional Study Material for each class as well.

The more interesting part is that you can pay for lab time, this is great if you don't have the resources at your disposal to test and put into practice the lessons you learn.

I have take many of these courses and it has elevated my knowledge and understanding of the topics, and elevated my standing in my employers, and clients, view.

Here is a list of the courses I have completed:

http://www.cybrary.it/course/cryptography/
Here is a short course about a really advanced topic. It was quick but full of very important information. I was able to get a taste of the topic and I look forward to diving deeper into Cryptography. The lab portions were really helpful, i wish the course was longer.

http://www.cybrary.it/course/post-exploitation-hacking/
Another Totally awesome course!! an earlier course i took went great into this, i was happy to take a further look at this topic. I think that this is important and was well deserved to have a course all for itself. i would like to see a course totally about footprinting that i believe is also an important part.

http://www.cybrary.it/course/ethical-hacking/
This was totally awesome course, full of well provided information. Hacking is good, but we want to be nice guys about it. There is a lot of interest in ethical hacking and a lot of courses, most are very expensive and not nearly as in depth as this one.

http://www.cybrary.it/course/advanced-penetration-testing/
Another very good Course, would recommend it to all. a good course for those who have a good grip on the previous course. the way the class was laid out was simple to follow and easy to understand.

http://www.cybrary.it/course/computer-hacking-forensics-analyst
Simply remarkable the amount of content, cant wait for the next course i take. Forensics is one of those topics when i would look into it board the crap out of me. This course however changed that view and gave me a knew respect for the topic.

http://www.cybrary.it/course/comptia-casp/
i wanted to take a quicky course and found it to be very helpful on my path to IT security training. So i probably should have taken the security + first, but luckily the SME was easy to understand and presented in a way that could make anyone learn.

http://www.cybrary.it/course/cissp/
Good for anyone wanting to understand the job of  keeping companies secure and following policy. I liked that the SME used current real life scenarios to get her points across, I couldn't believe how many large companies neglect security, and made me think on my own company's policies and our clients as well. I talked greatly with my boss on this topic, he seemed generally insterested in what i had learned.

http://www.cybrary.it/course/itil/
Good Foundational Course! I finally got to take the ITIL course; i wanted to take this for a long time but to find a good course, with a Subject Matter Expert that knew their stuff and could teach well was a difficult task until Cybrary.it. I am soo excited that i have found this site, and have recommended it to everyone i know.

Cybrary.it has divided the courses into three paths:

• Systems Administration
• CompTIA A+ – An introduction to computer hardware, software and security implementation, maintenance and support. This is the class to begin with, if you have no experience in IT at all.
• CompTIA Linux+ – Take an in-depth look at administration in the open source operating system leader, Linux.
• Microsoft Office 365 Web Content Management: SharePoint – Learn how to administer the leading organizational collaboration software on the market today, SharePoint.
• Virtualization Management – Virtualization is driving Information Technology to new heights. Go deep into how to deploy, implement, manage and maintain the industry’s leading VM platforms.
• Microsoft Certified Solutions Associate (MCSA) – This class helps you to master Microsoft’s most current Server environment and helps you achieve one of the top certifications in Systems Administration.
• Project Management Professional (coming soon)

• Network Administration
• CompTIA Network+ – An introduction to networking and preparation for this highly trusted and highly recognized industry certification
• Information Technology Infrastructure Library (ITIL) Foundation – Learn the framework behind IT service management best practices.
• Cisco Certified Network Associate (CCNA) – Prove your worth in networking with this in-depth training class on how to implement, manage and maintain routers and switches
• CompTIA Cloud+ – The Cloud+ is an overview on how to create, secure and manage cloud based systems, applications and hardware.
• CCNP (coming soon)
• Cyber Security
• CompTIA Security+ – In this class you will gain a stable foundation of Cyber Security and Information Assurance as well as prepare for the security industry’s most sought after entry level certification.
• Cryptography – Learn how to secure data communications through the use of cryptographic messaging and practices.
• Ethical Hacking and Penetration Testing – Learn the fundamentals of hacking and penetration testing. Think like a hacker, so that you can stop them from intruding into your systems. This class will help prepare you for the industries most sought after certification, EC-Council’s CEH.
• Computer and Hacking Forensics – In order to catch cyber criminals, you have to learn how to retrace their steps and correctly acquire and document the evidence. Also prepare for the industry leading CHFI certification from the EC-Council.
• CompTIA Advanced Security Practitioner (CASP) – This advanced certification covers deep topics that span across both Cyber Security as well as Information Assurance.
• Certified Information Systems Security Professional (CISSP) – The leading certification for Information Assurance management personnel. This course is both very deep, and very broad. Be ready to study hard!
• Post Exploitation – Learn what to do to maintain your presence and to gather intelligence after you have exploited the target system.
• Social Engineering and Manipulation – Take a look inside the form, function and flow of a highly skilled social engineering cyber-attack. Learn to protect the human element.
• Python for Security Professionals – Learn the commands and functions that every aspiring cyber security professional must know from Python. This isn’t a full programming course, but rather a course designed for non-coders who are developing their career in security.
• Metasploit – An in-depth look inside the Metasploit Framework intended to show you how to use it to its full potential.
• Malware Analysis and Reverse Engineering – An introduction to reverse engineering malware. This class is for experienced Cyber Security professionals, generally at least two to three years in the field is preferred.
• Advanced Penetration Testing by Georgia Weidman – This class is for advanced Cyber Security professionals. You will learn in depth, hands-on, advanced hacking techniques to help you target and penetrate almost any highly secured environment.

Cybrary.it says on their site they are"The world’s first free and open, online IT and Cyber Security training platform. We believe IT and Cyber Security learning should be free and open."

Checklist for Starting a HackLab

1.    Examples of who your Hackerspace might be for
	Computer hackers
	Hardware hackers
	Food hackers
	Metalwork hackers
	Chem hackers
	Textile hackers
	Multimedia hackers
	UAV hackers
2.    Here’s an example of physical needs you may have on your list:
	220 power
	Running water
	Ventilation
	Concrete floor
	Natural light
	Darkroom and darkroom supplies (have your photo hacker make a list)
	Air conditioned room for servers
	Area for physical hack projects
	Sound proof room for audio/video recording/editing
	24/7 Access
	Spray paint booth
	Place to put a car lift
3.    Examples of where your Hackerspace can be:
	A mixed use commercial space
	A garage
	An art studio
	A rental space you can (legally!) customize
	An industrial warehouse
	A storefront location downtown
4.    Get this stuff organized so you can get hacking:
	Making a floor plan
	Painting the walls
	Making cleanup rules
	Internet/wifi
	Moving in desks
	Implementing a safety program
	Setting up an alarm system
	Setting up the website and social media (Twitter/FB/Flickr/YouTube/UStream)
	Installing proper wiring, ventilation
	Fixing stuff in the space (bathroom, windows, etc.)

Building your very own Pentest Lab

I am going to go through the steps of building a penetration testing lab, I can’t over emphasizes the point to plan, you can’t do it enough. Please do as I did and look at other articles and books for ideas and fundamentals in information technology. This article assumes the reader has a certain level of understanding in I.T. networking, servers, applications and hypervisors at least.

I.            Planning

a.       Hardware and Software

                                                   i.      You need to start by determining what hardware and software you will need to build your Lab.

b.      Physical or Virtual

                                                   i.      You will also need to think about what type of Lab you will have; will it be all physical devices, one physical device with many Virtual or VM’s, or will you use a hybrid. The manner in which you will determine this will most likely depend on how much money you are willing to spend. The less money you have, the more virtual you will want to go.

c.       What type of pretesting

                                                   i.      It is also a very good idea to have some goals, and be very specific with them, as to what you are building the Lab for. If you have no real agenda then it will make it much harder to know what you need and what to do. There are a great many books and articles on the net I suggest that you do, as I did, and research.

II.            Preparing

a.       Download

                                                   i.      Your Hypervisor(VMware or VirutalBox)

                                                 ii.      Any way you build it you will need to download all required software and applications you will be using. This can actually be the longest part. . All VM’s should be standard and only need to be 32bit for testing.

1.       You should setup your Kali Pentest box first

2.       Have at least one Ubuntu and one Windows box as well

3.       Install any firewall appliances that you may wish to pentest    

III.            Build

a.       Setup

                                                   i.      Start hooking up and configuring you hardware, if using VM’s then start will configuring you Hypervisor

                                                 ii.      All VM’s can use minimum requirements and defaults as they are only testing devices.

                                                iii.      Have and keep a journal or log of all your configurations.

                                               iv.      Make backups and snapshots of all devices before you start your testing

IV.            Pentest

a.       Grab a book, watch a video or take a class; that is where you start! Again this is where your agenda of attacks comes in handy.

Obviously, this is a bit vague but there is no standard way to setting up a pentest lab that is detailed. The only thing you need to know is the tools and where to find them, and unfortunately everyone has a different answer or preference. My suggestion is that you start out basic with one Kali Linux box and one Linux and windows box.  Kali Linux is a very good operating system with all the tools you need to start, there is also an OS for testing on called Metasploitable, also look to the VMware virtual appliance marketplace.

N-able Help

Powershell Has Stopped Working & Trojans

Powershell Has Stopped Working & Trojans

Ref: https://forums.malwarebytes.org/index.php?/topic/159960-powershell-has-stopped-working-trojans/

      

Please run a Threat Scan with Malwarebytes

Start Malwarebytes 2.0..........
Click on Settings > Detection and Protection > Non-Malware Protection > PUP (Potentially Unwanted Program) detections > Make sure it's set to Treat detections as malware
Same for PUM (Potentially Unwanted Modifications)
Quarantine all that's found
Post the log (save the log as a .txt file not .xml)


Then......

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use class="apple-converted-space" for="" one="" span="" this=""> 64 bit systems

    Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.
For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Wait for the Prescan to finish

Click Scan to scan the system.

Don't run any other options, they're not all bad!!!!!!!

RogueKiller logs will also be located here:
%programdata%/RogueKiller/Logs <-------w7 span="">
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <-------xp o:p="">

________________________________________________________________________________

Download the attached fixlist.txt to the same folder as FRST.exe/FRST64.exe.

Run FRST.exe/FRST64.exe and click Fix only once and wait


The tool will create a log (Fixlog.txt) in the folder, please post it to your reply. 

Then...........

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

http://www.bleepingc...combofix/dl/12/ 



Please make sure you click download buttons that look similar to this, not "sponsored ad links":

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.


----------NOTE<---------- font="" nbsp="">
If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

________________________________________________________________________________

Lets check your computers security before you go and we have a little cleanup to do also:

 Download Security Check by screen317 from HERE or HERE.

     ·         
          Save it to your Desktop.
·         Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
·         If you get Unsupported operating system. Aborting now, just reboot and try again.

·         A Notepad document should open automatically called checkup.txt.

_______________________________________________________________________________

A little clean up to do....

Please Uninstall ComboFix: (------->if you used it<------- span="">)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter. (it may look like CF is re-installing but it's not)
This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall or download and run the uninstaller)

---------------------------------

Download Delfix from here and save it to your desktop. (you may already have this)

·         Ensure Remove disinfection tools is checked.
·         Click the Run button.
·         Reboot
Any other programs or logs that are still remaining, you can manually delete. (right click.....Delete)
IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST folder, FRST-OlderVersion folder, MBAR folder, etc....AdwCleaner > just run the program and click uninstall.

Note:
If you used FRST and can't delete the quarantine folder:
Download the fixlist.txt to the same folder as FRST.exe.
Run FRST.exe and click Fix only once and wait
That will delete the quarantine folder created by FRST.
The rest you can manually delete.