|
|||||||
|
|
|
|||||
|
|
|||||||
6462
How to fix the malware entitled “about:blank”
by
Douglas Palaschak Lawyer, Engineer, Farmer.
BS Mech Eng., University of Illinois, Urbana, home of the Hal9000; Registered Professional Engineer.
Doctor of Jurisprudence, So. Cal. Institute of Law.
Star Chapter Farmer, Seneca Township High School: http://senecahs.org/cocur/ffa/2002deka.html
Former Member of the Marching Illini, world’s undisputed premiere Marching Band. http://www.bands.uiuc.edu/MI/
805-652-0334. Dlawyerdude@hotmail.com
Here is a brilliant experienced corporate computer expert:
Gary Baker: 805 643 7680. 805-302-7757. GaryRBaker@hotmail.com
Gary is available to help you, too.
This page is: http://www.lawyerdude.s5.com/blank.html
This page is located at: Douglas P\My Documents\Fixing the computer\about blank 6462 how to fix it \blank.wpd
Related pages: 5774 5974 6108
Folder locations:
Folder 793. Blue crate 27.
Folder #754 in the blue crated #27.
Click here to go directly to the navigational and promotional links.
Click here to go directly to the cure!
“About:Blank” malware is like the birthday candle that re-ignites.
“About:blank” (hereinafter “AB”) is the name given to this malicious, pernicious, trojan horse adware malware. The unique thing about AB is that it restarts itself - like a birthday candle that reignites. The name comes from your homepage; AB hijacks it to “about:page” which is what you will see in the URL box.
The key to re-ignition: messages from afar.
The key to the unique perniciousness of this malware is that it utilizes a random name generator to generate randomly named executable and date files such as rbtwe.exe and rbtwe.dat . Therefore a simply extermination algorithm won’t suffice. There is no name for which to search. AB installs hundreds of executables in your C:\Windows\ folder and in your C:\Windows\System32\ folders.
Keys to recognizing these randomly named .exe files:
Your infection may be different, but here is what I discovered about my infection.
1. The names are not so random. They have 5 letter names.
2. Their icon is a white box with a dark blue bar across the top. It looks like the “Broadway” deed in monopoly. This is the generic icon. Windows functions generally have a more unique icon.
3. If you right click and choose properties they say “unknown application” or they repeat something vague. By comparison, Windows functions and other legitimate files usually identify “Microsoft” or the manufacturer and explain the function.
4. They are generally 26k in size. You can sort your System32 files by size.
5. They were “modified” since the onset of your infection. In my case my legitimate system 32 files were installed in the year 2001. My infection began in July 2004. You can sort your System32 files by “modified”.
6. If they are running, then their names will be listed in “task manager”. I discovered this when I tried to delete a malicious file, and the computer told me that the .exe could no be deleted because the program was running. If indeed it was an AB program then it would be running waiting to periodically adjust the Register keys in order to hijack my home page and search functions. There are 10 functions that it changes. Hit control-alt-delete to view the task manager. Click on “processes” tab and you will likely find that process running - the 5 letter name gives it away. It is periodically loading up a browser helper or another home page or search page. You can see their damage if you run “Hijack this” You will see some extra functions. They have identical serial numbers for around 6 of them. All the other items on the Hijack This display will be readily identifiable from some product name include in the name - such as Hewlett Packard.
This didn’t happen by accident and the police don’t do anything!
AB rides into your computer when you click on malicious pornography sites. I don’t know if McAfee can stop it. Once inside your computer the AB malware sends out messages that instruct to distant computers to utilize the malware ports designed by Microsoft specifically to make your computer vulnerable to this type of attack. Bill Gates’s employees intentionally designed your computer to be vulnerable. Only now is he providing patches - but the patches are entwined with more garbage from the evil people at Microsoft. The alternative is a Linux box. They are available off the shelf now! The evil people behind AB could easily be caught; where are our hi tech police? Oh, they are looking for harmless traffickers of kiddie porn - which does not harm the kids or your computer or software. Some if the kiddie porn is in fact made BY the kids. The internet police should be whacking these disseminators of this harmful malware
HackerWatch http://www.hackerwatch.org/about/ is a pathetically weak community affiliated with a pathetically weak program sold by a greedy non-altruistic company called McAfee. HackerWatch just watches. It is like they see somebody breaking into your car and they take a picture of the thief to see if there is a pattern.
Here is the lame ambiguous language of HackerWatch: “We are a collection point for Internet users to report and share information to block and catch 'hackers' and other unwanted traffic. With the growing demand for 24/7 connection to the Internet, small businesses, telecommuters and home users are at a great risk of having their vital information exposed to hackers on the net. Protection from a software firewall application is essential... but should you stop there?”
“The individual user can do little to protect himself, let alone get action taken when they've experienced a malicious attack. HackerWatch allows for this assistance... Individual attacks are not necessarily always going to be addressed; however, if information submitted to HackerWatch begins to match other attacks submitted having the same ISP carrier - we've got a pattern! All of the data submitted to HackerWatch is screened for authenticity. It is then analyzed in conjunction with data from other individual users and organizations. When meaningful patterns emerge we can act on them quickly, notifying the administration of the appropriate network.”
Here is now I conquered the About: Blank malware:
August 27, 2004: This morning I cleaned out my c:\windows files and my c:\windows\system32 files. So far it looks like this procedure has worked. I deleted perhaps 200 files. I then shut down my machine to create a “restore” file devoid of these 200 malware files. Here is what I learned by experience.
Here is the diagnostic and cure software that was helpful:
1. Screen Print. It is free to humans. Not free to corporations. I don’t know who or what disabled my “print screen” key. I don’t know why but I know human nature. You need Print Screen function to keep a record when you have 99 viruses. AVG will pop up a box for each one. You may need to eradicate these 99 files by hand. Before Print Screen I would take copious handwritten notes. That takes too much time.
2. Hijack this. This is a widely used free program. It will help you learn about your computer. It searches for the places where the browser hijackers live. Then it will whack them for you. You can clear out the problems - but in 3 minutes the malicious browser helpers will be back. Therefore this program will help you to know when you have eradicated the trojan horses; when you have fixed the problem then you won’t need to run HickackThis every 5 minutes.
3. Trojan Remover. Obviously this pathetic and stupid program cannot conquer the AB malware. Its only utility in this regard is its ability to print out a 20 page log. You can look at the log and learn about your computer. You can see where Trojan Remover made its mistakes by leaving a certain key in place.
4. AVG is a free program. They cannot or will not do anything about AB infection. This is suspect. Grisoft was founded in 1991 in the Czech Republic. I am Slovak. These are my peoples! The program was written by software developer Jan Gritzbach. The founding of a high-tech company specializing in the development of anti-virus software was a natural progression for Mr Gritzbach, whose own interests in the field began in 1988, when he began developing programs specialized in protecting computers from mobile malicious code. Since its founding, the main focus of the company continues to be innovation in the detection of, and protection for computers from viruses! AVG AntiVirus has evolved substantially from the single-function utilities of those early days. In order to protect computers from viruses today, much more is involved than "merely" a software program. AVG is a comprehensive service which proves itself every day in the world-wide arena. This is more and more important as computers and computer technology become indispensable in our daily lives, and the danger of viruses spreading rapidly across the world's computer networks. Grisoft, Inc. (Delaware, United States) With the founding of Grisoft, Inc. in the United States in 1998, Grisoft took a significant step toward addressing the global market. Customer support and sales operations were established to support the growing world-wide base of customers and resellers. Grisoft has 43 employees, 26 of whom are specialists in the areas of software development, virus analysis and detection, and technical support. AVG AntiVirus is currently used by more than 8 million users around the world. Grisoft, Inc. (c) 2003
5. McAfee is an affordable program. This is what stopped the invasion. Had I been protected by McAfee or another program I would not have suffered the invasion. I had re-booted and forgotten which program was doing that job. McAffe has some nice graphics. I use it to log and block attempted invasions. Attacks come at the rate of 1 every 5 minutes. I am wondering if my computer has triggered the incoming invasion by its 2 weeks or more of infection. I think that the malware informs the MALNET that my computer is ripe for attack - but I am guessing. McAfee detected no viruses - but they did not say that there was no malware. Then I ran AVG and found 99! Obviously they cannot or will not detect malware.
My Symptoms of Infection
1. Prologue. A month ago my computer would not boot up. I was forced to re-install Windows. That requires re-installation of some programs. Maybe I failed to promptly re-install a program whose name escapes me. It was SA or AS. Don’t know. I tentatively suspect that AB entered on a .wmv “entertainment” file - meaning pornography or other entertaining videos that are available on the net.
2. I felt it when this infection infected my machine. I lost control of the screen functions. I tried to shut down. I think that it was futile at that time. It came from a site listed on www.askjolene.com
3. AB hijacked my homepage and installed their own list of products. Google is my home page. I love Google. Google is good to me! I use it to find my own files. I have 880 web addresses. Google has them all indexed nicely. The infection changed my home page to a list of categories of products. Obviously the corporation who benefits from the links on this page is the one who pays for the dissemination of this AB malware. Follow the money trail. Why don’t the police do this?
4. Even when you do a Google search they quickly take away your Google page and install their own look-alike search page -which can fool you at times.
5. Previously they installed what appeared to be the real Google page, but the first 3 entries of every page were always the same 3 fake entries designed to lure you to a different search engine.
6. Web pages would “time-out” because my machine was loading their pop-ups or creating their pages to be popped up on my machine. Pages that I had easily loaded now simply could not be loaded.
7. The reason that the pages can’t load is that AB infection caused each page to pop up their own set of pop ups and other junk. The delays compounded and overloaded my system resources.
8. I received messages from mail bots saying that my message could not be mailed, but I did not mail any such message. The address was obviously computer generated. They send out a billion of these hoping that random generation will get new web addresses.
How I cured my “about:blank” infection:
Here is how I did it.
1. Having successfully cured “about:blank” previously I had a head start. I searched my files for my notes from last time. Those notes are appended to this file. I never did get to the end of the notes. This time I took more time and satisfied my own curiosity - and I learned. My friends just don’t have the time to do this. I am grateful that they can fix my computer so fast - and they usually do it for free, but they are very silent about what they are doing.
2. Gary installed McAfee for me. This program stopped the invasion of randomly-named 5 letter executables that had previously been loaded into my C:\Windows directory and my C:\Windows\System32 directory.
3. Gary had previously shown me how to “see” the invisible files. This is critical!!
a. Click on any “explorer” window - not to be confused with “internet explorer”. Click “tools” in the menu along the top of the page. Choose “folder options” - the 4th of 4 choices in the drop down menu. Then click the tab labeled “view”. Then choose “show hidden filed and folders”. Then, a couple lines down de-select “Hide protected operating system files”. Malware likes to hide in Windows and System 32 because these files and folders are generally hidden. (Sorry. My language here was slopping. I was anthropomorphizing the virus. In actuality the designers of the AB programs have elected to put the .exe executable and data there because that is where that type of file works best and because it blends into the surrounding .exe files. The invisibility is a just another big plus!
4. Having learned to make the files visible, go to “My computer”. Then “Windows”
5. Now is the heart of the process. Find the malware and delete them. I deleted hundreds of files. At first I was cautious but soon I learned to work the identifying characteristics by using the “arrange icons by . . .” function.
6. First I popped up to the tools bar and clicked on the colorful “views” box. If you hover over it the word “views” appears. Select “details”
Keys to recognizing the malicious randomly named .exe files:
7. Your infection may be different, but here is what I discovered about my infection.
a. The names are not so random. They have 5 letter names.
b. Their generic icon is a white box with a dark blue bar across the top. It looks like the “Broadway” deed in monopoly. This is the generic icon. Windows functions generally have a more unique icon - but not always.
c. If you right click and choose properties they say “unknown application” or they repeat something vague. By comparison, Windows functions and other legitimate files usually identify “Microsoft” or the manufacturer and explain the function
d. They are generally 26k in size. You can sort your System32 files by size.
e. They were “modified” since the onset of your infection. In my case my legitimate system 32 files were installed in the year 2001. My infection began in July 2004. You can sort your System32 files by “modified”.
f. If they are running, then their names will be listed in “task manager”. I discovered this when I tried to delete a malicious file, and the computer told me that the .exe could no be deleted because the program was running. If indeed it was an AB program then it would be running waiting to periodically adjust the Register keys in order to hijack my home page and search functions. There are 10 functions that it changes. Hit control-alt-delete to view the task manager. Click on “processes” tab and you will likely find that process running - the 5 letter name gives it away. It is periodically loading up a browser helper or another home page or search page. You can see their damage if you run “Hijack this” You will see some extra functions. They have identical serial numbers for around 6 of them. All the other items on the Hijack This display will be readily identifiable from some product name include in the name - such as Hewlett Packard.
8. First I looked for the newest files. I did this by right clicking and choosing “arrange icons according to modified”.
a. I observed that around 20 new program had been installed in the previous 12 hours. Well I knew that I had not installed any new programs in that time frame, so whack. . . . I whacked em! To do this you use your mouse wheel to center the malicious bunch on the screen. Then hover over the top one. Then use the mouse wheel to roll on down to the bottom one. Then right click and delete. Bam! Gone. Well not so fast there cowboy. Microsoft asks you (pathetically) “Hey theses are system files. Your malicious viruses that we invited into your computer through our special door, well they won’t work if you whack this sucker.” - or something like that. You have to know that Microsoft is not afraid to speak up even when it has no clue. One again I anthropomorphize. Sorry. It is the fault of Microsoft programmers and their dumb down messages. One size fits all. They are too lazy to write out the true message so they pick one out of the box. This same thing happens in court. The clerk observes what happened. Rather than write it own, she has a choice of 40 actions to pick from. It is a crude language that has only 40 words. The clerk will not relay all the nuances by simply picking the 1 in 40 that fits best. Answer Microsoft by choosing “Hell yes, I know what I am doing”.
b. Actually from what I learned, you may simply be able to go back to the files “modified” after the date of your infection. Block them all (about 4 screens full, you will roll the wheel to scroll down or up) and delete - but I was a bit more cautious. Here are some other methods to quickly delete groups of malicious files.
9. Tip: If you have the files arranged by “modified” date and you see an .exe file with a 5 letter name and a matching data file with the same name then the odds are extreme that this is malware - but you can speed the process even faster.
10. Right click and arrange the files by size. You will see maybe a dozen that are all 26 k in size. Maybe even 200. If they all have 5 letter names and they all use the generic “Broadway monopoly card” icon then look at the “modified” dates column. If you installed xp in 2002 and these are all dated August 2004, the date of your infection or later, then whack em!
11. Your actual infection may vary. Maybe your infection file has a size 56k - but they will mostly be the same. Some of mine were not 26k. They are the same size because the various Hong Kong and London bastards who send this shit are merely sending the same program with different names. This is the essence of the AB efficiency. We cannot simply look for the name and whack it - cause they keep sending it with a new random name.
12. One lesson: If you select the 30 newest files, then you won’t be hitting critical files. The most critical thing you will hit is the log where Microsoft wants to update their files on you. They then encourage you to update. Then they tell you that you can’t update because you are running without a valid registration - and they offer to keep it secret if you will just snitch off the person who gave it to you. Bottom line: You can whack that log with pleasure. Caution: Gary says that you may be whacking some other program or even Microsoft. I say, so what? The alternatives are:
a. Waste days hours to search for all your important data and back it up. Reformat the hard drive and start fresh. Unacceptable. This is only good for Game Boy who has absolutely no data - maybe some records of his score. For the rest of us with actual data and lots of programs for which we may never have had an install disk, well this is not a viable alternative. I lost all my email twice. I lost 2 years of diaries. I know. I need a back up system.
b. Repair windows files and reload WordPerfect and Office Express and maybe lose your email. Not acceptable.
c. The right choice. Be cautious as you wanna be. You can always resort to B or A. You will lose caution after tedium sets it. Use the several indicators judiciously. These indicators are:
i. Boardwalk icon.
ii. Right click. Properties. Unknown application.
iii. Uniform size of 26k or whatever.
iv. Dated around the time of your infection.
v. Matching Data file
d. Use the tools judiciously:
i. Arrange icons by size to whack the obvious after ascertaining that they all are in that same week after infection.
ii. Arrange icons by “modified” so see the pattern: A clump of generic Broadway monopoly card icons of the same size.
iii. Right click and check the pedigree. If “unknown” then it is suspect.
13. Important Lesson: Microsoft won’t let you delete anything critical - so don’t be overly cautious.
14. You can right click on these mysterious .exe and .dat files - or hover over them and a box will identify them. If they say “unknown application” then whack those suckers.
15. Okay. Next Lesson. You have your 30 newest files. You will see that are labeled otsuy.exe or some other 5 letter combination. Dead giveaway. Now right click and delete. The machine will pause for every .exe and say “This is a system file. If you whack this sucker then some program may not work.” What they should say is
“Well, this one has an .exe extension so we are warning you. Some program may not work if you whack this, but in actuality if it were a real program then the date would be the date you installed or modified it - months ago - and it would have its own icon - not this generic Broadway Monopoly icon. If you are whacking trojans, then that file may be the actual trojan loader - especially if it is zero or 26 k in size - so whack that sucker. If you are wrong, we won’t let you make the mistake of whacking a critical windows file - and a critical windows file would not have been loaded just yesterday if you installed XP in 2001. XP files list their “modified” date as the date on the disk from which they were installed.”
But windows messages are short, vague, and even defensive. They don’t tell any weaknesses.
16. If you try to delete a suspect and it says that the system denies you the permission to delete it because it is running, then simultaneously click control, alternate, and delete. This brings up “task manager”. Click on the “processes” tab and look for that malicious program running. There is some expertise and experience to know which of the programs are malicious. You can test any program by a search on Google. Dead giveaway: If the name has 5 letters in the name - or even 4 - and there are absolutely NO Google returns then that is a big fat clue that the process has been randomly named. In my case they were appnu.exe and imno.exe Appnu does not stand for application new. It is mere coincidence. I clicked on each of these and stopped them. Then I went back to C:\Windows and this time I was permitted to whack that sucker, the appnu.exe malicious file.
17. After you clean up the C:\Windows folder, you then clean up the C:\Windows\System32 folder in the same way.
18. McAfee did not recognize any of these 200 malware files. They don’t even recognize the viruses in the restore files. AVG barks at the restore files - and even the malware files in the recycle bin. I ran McAfee. I detected nothing. I ran AVG and it detected 99 but most were in system restore. So? That counts!
19. Now clean up the “system restore” files as follows:
a. Click on my computer\ Local disk (C drive)\System volume information\Restore. That takes 4 clicks.
b. You will find a list of “rp” folders. RP means “restore points”. Liberally delete these RP files except for the most current. In doing so you are destroying backups from the days when your machine was infected. Or maybe you have a 5 day old restore point before the infection. I have used that to give me a fresh restore. That worked. However, I would rather have my up-to-date settings and do it right.
c. If you screw up you still have rp files in the recycled - or maybe not. Never looked.
d. Let’s call your restore file “rp18". There are maybe 4 critical items in an uninfected RP18 folder. Don’t mess with “snapshot” ; it contains your registry setting. We will get to that. In addition there will be shortcuts to various menus and documents. We may tinker with those some day but today we are hunting malicious executables - just like we did with the C:\Windows folder. An infected RP will contain the distinctive anonymous .exe files from recent days. Click on “properties” and you will see that they are labeled “unknown application” which is a lie. They are really secret malicious applications! Once you have removed all malware then your system restore will not infect your computer on start up.
20. Now you have the option of restarting your computer to “lock in” the good system restore. Don’t restart just yet.
21. Now we will clean up the registry as follows:
a. Click as follows: Start. Run. Type “regedit” in the box. Click “okay”. That brings up “Regedit” which is the editor for the Registry settings.
b. At the top click on “edit” and then “find”. Now search for any of the named executable. “About” was what I searched for. I was amazed at what I found: 2600 domain names for malicious adware - like finding a bunch of snakes under a rock!
c. The search will take you to the list of adware and other malware. I deleted all 2600 of the folders. 2600! Then have names that expose them as evil.
22. Your problem should now be fixed. Now shut everything down and restart. Click start. Stop. Restart.
23. Now run “Hijack this” I have a shortcut to Hijack This in a folder called “virus whackers” on my desktop. Scan using Hijack should reveal that none of the browser hijack ware is running. If there is some running then use Hijack to whack it. Maybe it is a remnant. Have not got that result.
24. Of court when you go back to open your browser you will see “about:blank” Use the drop-down menu to change to “google” or whatever you choose. You fix that by clicking on tools. Then options. Then choose homepage, use current.
25. Run task manager by simultaneously clicking control, alternate, and delete.
26. Look for malware running. There should be none.
27. Empty the recycle bin.
28. Empty the virus vaults unless you want to review them like a hunter would gaze over his prized Elk heads.
29. Make sure that you have AVG or McAfee running.
30. I enjoy watching the attacks come in. McAfee draws an arrow back to where they came from and gives you the telephone number of who sent this shit to you. Call the district attorney and ask him to get an extradition warrant. If they are in your county, then ask a sheriff deputy to get a warrant and take his computers. Better yet: Call someone who cares: Lawyerdude! 805 652 0334. I will sue those bastards for you! But not on a contingency basis.
End. You are finished with this project except to wait and see if more junk springs up tomorrow.
Comments:
1. Comment: I know of no program that will whack the about:blank problem. Trojan Buster lets it slide right by.
2. Comment: McAfee draws a map of the world and draws a line to Hong Kong where these oriental yellow dogs are sending the stuff from. They contract with advertisers here to send us pop-ups and otherwise fuck up our computers. I am confident that Bush will bomb them if he is elected. It is time we took Taiwan and Hong Kong. We should not let those people immigrate here: Keep em as slaves there.
3. From the reports of the dumbshits who post on the internet, they think that there is some mysterious loader on your machine making the random -named files. okay the guy who said that also said to download registry Lite. He may have been a vendor.
4. My problem began with my “Geek superhero” stopped working. It no longer caught any incoming and it no longer blocked pop-ups. The 30 days expired with no problem but when 45 days came up it just stopped working.
Summary: Here is the critical knowledge that solved this problem:
1. You must be able to recognize malware and legitimate. The problem is that this malware creates files with random 5 letter names - so that the 5 letter name with size of 26K becomes the signature - that and the fact that it was modified yesterday or the day before or the month before.
2. Gary pointed me to McAfee which stopped incoming malware - one attempt every 20 minutes from people who can be identified and should be sued.
3. Gary explained to me that there are 2 boxes to check/ uncheck in order to see hidden files.
4. I learned to recognize this particular malware. File size. Name showing up in Hijack this. Date of the system files.
5. I learned that you can delete with impunity. Microsoft won’t let you delete a critical file. Gary says that I am wrong about this. He has experience and knows what he is doing.
6. When you attempt to delete a malicious file and you get the message saying “This file is in use” simply hit control alt delete and look for that file name as a running process. It is there loading up the 10 hijacking programs - or at least the first 2. Stop that process. The explorer window remains waiting open for you. This time when you try to whack that malfile it will get whacked.
7. “Hijack this” is a fundamental diagnostic tool.
8. You may want to run “Trojan Remover” and print the 20 page log. Trojan Remover cannot touch about:blank.
9. My about:blank thing came from a porn server site listed on “askjolene” I saw it when it happened. It took control of my machine. Had I been using mozilla this would not have happened. I had just recovered from a crash and my machine was out of tune. I think that active x may have been running. I don’t know. Suddenly I lost control of the screen and it was locked while the malware was loading.
10. I am running un-patched xp. Patched XP may or may not be vulnerable to trojan horse malware.
11. I may have deleted some critical files for auxiliary functions such as Hotmail, but I strongly doubt it! I can only get my hotmail through office express now. My hotmail page pops up blank.
12. There is a calmness about my computer now. We are at peace.
There is much more below this line but it pertains to methods that did not work. Maybe they would have worked but they did not.
I did not try the approach by the guy promoting Registry Lite program.
Friday, August 20, 2004. 12:29 pm noon.
Here is what I did.
Did a cleanup with Hijack this.
Did a cleanup with Trojan Blaster. It found nothing.
Did a clean up with AVG.
I clicked and unchecked the folder options advanced page in order to be able to see operating system files.
I went to Windows\system32 and deleted all the new stuff this year. The system won’t let me dismiss the system files. Therefore what is deleted is virus junk. Perhaps it is deleting other stuff that I need to run other programs but I don’t think so.
Then I did the same then with the windows folder.
When I ran AVG I continued to have embedded problems in the restart backup files or whatever they are called.
I continue to have problems.
I went to the 6 places where startup menus are found.
I think that there are more places.
This very file contains instructions to detect the downloader. I haven’t followed these instructions yet.
Navigational and promotional Links:
Okay, here is the scoop on me. I am Lawyerdude.
General navigational links:
Telephone Lawyerdude: 805 652 0334
Please join my newest Yahoo group for discussion or legal self help litigation. Here is the link to the link: http://www.lawyerdude.8k.com/6346.html
Email lawyerdude: dlawyerdude@hotmail.com
Instant message me: I am lawyerdude1989 on Yahoo instant messenger. I am dlawyedude on msn messenger.
My most useful web pages and my most popular web pages are these following pages:
Links for your Empowerment! Self help Litigation forms, instructions, cases, and samples.
13. Lawyerdude’s Empowerment page: http://www.lawyerdude.8k.com/medley.html
14. Links to all 70 sample motions for all my pro se litigators ! http://www.circuitlawyer.8m.com/traffic.html
15. List of my 200 most popular web pages according to Google. http://www.lawyerdude.8k.com/5733.html
16. Samples of 8 actual Section 1983 federal complaints: http://www.lawyerdude.netfirms.com/6008.html
17. List of the 30 most important criminal court motions. They are listed in Lawyerdude’s Bill of Rights for Criminal Defendants in jail. This is my New Standard by which to measure effectiveness of counsel. Make your appointed lawyer toe the line: http://www.circuitlawyer.8m.com/5635.html
18. Motions 101. How to write and file and serve a motion: http://www.lawyerdude.netfirms.com/6025.html
19. Briefs 101. How to write a Memorandum of Law: http://www.lawyerdude.s5.com/6435memo.html
20. Courtroom assertiveness 101: How to be assertive in court. Scripts for the Pro Se litigant:
http://www.circuitlawyer.8m.com/5537.html
21. Your litigation rights page. Learn your litigation rights! http://www.circuitlawyer.8m.com/5687.html
22. Were you strip searched? Sue em! http://www.circuitlawyer.8m.com/5728.html Do they do a strip search anus check every time you go to the law library? Did your jail not have a law library?
23. List of the most quotable cases and the most useful web pages for the pro se Litigator: http://www.lawyerdude.8k.com/medley.html
24. Your case summary and trial notebook form: http://www.lawyerdude.8k.com/summary.html
25. New! Links to the 143 cases that define criminal procedure: http://www.circuitlawyer.8m.com/weinreb.html
26. My Demurrer page: perfect record so far: http://lawyerdude.8k.com/5736.html
All about Lawyerdude
27. My ongoing battle with the mistaken, oppressive, and political state bar: http://www.lawyerdude.8k.com
28. Lawyerdudes’s biographical page: http://www.lawyerdude.8m.com/mystory.html
29. My LSD story and brief: http://www.lawyerdude.8m.com/5431.html
30. How to work well with Lawyerdude: http://www.lawyerdude.8k.com/contract.html
31. My most important page. My top 10 lists: http://www.lawyerdude.8m.com/5459.html
32. My ideas. My 10 proposed amendments to the bill of rights: http://www.lawyerdude.8m.com/5123.html
33. My home page: http://www.lawyerdude.8m.com Or my mirror site: http://www.lawyerdude.netfirms.com
My biggest fattest briefs:
34. My “state bar acts are unconstitutional!” brief: http://www.lawyerdude.8k.com/3789.html
35. My 100 page LSD brief: http://www.circuitlawyer.8m.com/1170.html Use this for your drug case!
36. My collection of “right to drive” briefs: http://www.lawyerdude.8k.com/right2drive.html
37. Lawyerdude's briefs: http://www.circuitlawyer.8m.com
38.
More Lawyerdude links and Recommended Reading list
39. Lawyerdude’s traffic page: http://www.lawyerdude.8m.com/5259.html
40. Lawyerdude's library. A prioritized reading list. A list of books that farm folk and an enlightened populace should read. Some of these books justify weekly or monthly review - like your Bible - for your own defense. http://www.lawyerdude.netfirms.com/library.html
41. List of links to the Latest uploads from Lawyerdude: http://www.circuitlawyer.8m.com/5673.html
42. Lawyerdude's Contemporary Constitutional Issues: http://www.circuitlawyer.8m.com/5693.html
43. Lawyerdude's links page: http://www.lawyerdude.8m.com/links.html
44. Lawyer’s Manifesto: http://www.lawyerdude.8k.com/5753.html
People who link to me:
45. I thank Bill Munro http://www.landrights.com I remember Dan Meador http://www.lawresearch-registry.org/ , http://www.geocities.com/CapitolHill/Rotunda/4027/ ; http://www.wakeupaustralia.net ; http://home.houston.rr.com/jtyner/links ;
Here is some stuff from the net:
http://www.google.com/search?q=about:blank+hijack+variant&hl=en&lr=&ie=UTF-8&start=10&sa=N
This goes in folder #754 in the blue crated #27. On computer it is filed in "fixing the computer"
Table of Contents:
Problem solved. . . . . . . . . . . . . . . . . . . . . . . . . . Page 6 of 8
SUMMARY
1. This article describes the registry. This article also includes information about how to edit the registry, and lists references for additional information.
back to the top
MORE INFORMATION
Description of the Registry
The Microsoft Computer Dictionary, Fifth Edition, defines the registry as:
A central hierarchical database used in Microsoft Windows 9x, Windows CE, Windows NT, and Windows 2000 used to store information necessary to configure the system for one or more users, applications and hardware devices.
The Registry contains information that Windows continually references during operation, such as profiles for each user, the applications installed on the computer and the types of documents that each can create, property sheet settings for folders and application icons, what hardware exists on the system, and the ports that are being used.
The Registry replaces most of the text-based .ini files used in Windows 3.x and MS-DOS configuration files, such as the Autoexec.bat and Config.sys. Although the Registry is common to several Windows operating systems, there are some differences among them.
Registry data is stored in binary files.
back to the top
Information About Editing the Registry
To edit the registry, Microsoft recommends that you follow the steps in the Microsoft documentation only. If you can, use the Windows user interface instead of directly editing the registry.
You can edit the registry by using Registry Editor (Regedit.exe or Regedt32.exe). If y