JUL 7 log
|
If this is your First Visit to this site, you must click on {Rules for fighting Wormy.} before anything else.
AUG 2, 2010. about to Add the who/how/why
very hard to determine the good guys from the bad guys. i do know that
microsoft and the pentagon are a huge part of it, but cant understand why they
go to great lengths to keep building the worm and pretend to be helping...
and why and when was i targeted before aug 2008 to this day... the traffic
hasnt slowed or stopped...
The new info consist of my smartphone being the source of the 2nd wifi
connection
cept it uses AD-HOC and is one of 3 or more methods found to spread the worm.
This explains why a smart worm from the pentagon has to convert our harddrives to around 40 gigs so it can connect to the safari browser on a
smartphone. also one of the sources used to spread. It may be our own phones that needs the 40gig
downsize. i still dont understand how they make the phone ring different cept it
seems to be experiements to get into the hard programming inside the electronic
s. also
why it connects to other friends/family before calling myself locally.
The worm uses the smartphone to hack your own machines along side a satalite
connection with geo location.
The worm uses UDP and tcp/ip connections with a specific MAC address prolly for the
aloha type routing(originally an island for vacation). i am not amsterdam
but my traceroute said it was for a while. I do know that the service(4)
(also service(3)) is used to intercept any ports used with any application. It connects to
the fake Http and/or NULL hardware that routes to my hub on port zero. the
http proxy connects to our graphical icons and pics and prolly routes to the
virtual drive(M). i did happen to
find an EXE that removes the proxy stored in the Http(mistaken for http).
It somehow connects to a fake hardware device that uses Window's media center as
a Ethernet connection. This connection is somehow used with mobsync to
upload to the hacker from the TEMP folders. it ZIPs all the files it
copies into MUI files.
The links below were found while tracing a suspicious cookie setup that i
believe is part of the worm.
It took me to sites that all used the same technology as the worm. I even got the
HttpProxy removal
EXE from the site that showed all my graphics having black boxes after its use. This(along
other longterm details) shows that graphics in a lot of ways is a huge part of the worm(graphics
memory unmonitored/Pixel error belonging to someone from the pentagon whom ill
list later). and now the war detail links all match this hacker whom talks
to overseas personel such as saudi arabia which also matches the first incoming
udp and tcp/ip info belonging to a microsoft ceo from xerox through an asia
telecomunications connection. They are controling thing psycholgically downsizing the truth
linked to the traffic.
I
found a strange setup on one of the sites where it tries to appear normal, but may be used in part
of the interceptions of emails. When i wrote an email from that site,
it came back to me as me. This is what i been looking for and may be
the begining of finding more pieces of its advances spread out structure.
One Suggestion if you are trying to track down the worm,
Set your
browser's settings to allow
Debugging. What this does is
show you injected scripts that the worm uses with the fake hardware of Http and
NULL when the remote Node isnt found due to the hacker removing the socket(graphically). You can view the source
through debugging. the hacker's connection always showes as (RET)......
without the "......"
Below has a lot of info that shows how pandora.com is used for part
of WORMY. I say this cause i found another
setting you need to set if your interested in hacked parts of your system thats
always been used. In internet explorer, uncheck the "disable debugging"
option. You may
find a pattern that fake hardware and/or some type of connection was in place
always that is a Socket that was used to quickly disconnect after i found them.
The NULLs come from the injected parsings into your browser that routes to the
secret area of storing his ip info or something. It was used 2 or 3 times total
in panics after i shown them that i know who they are. Ports
used in the incoming ips(i get around 2000 per hour since feb2009) are actully
linked to case select commands in the parsings. the numbers keep it in
sync. i know the 4 in system(4) is a command. When i contacted the
microsoft ceo that wrote the book(satalite) that also is the first incoming ip
that never quit matched, I contacted that xerox/microsoft ceo from asia, the
results were a socket being disconnected that showed more NULL errors.
this caused that system(4) along side all the udp packets to disapear. my
other machine for the first time ever showed system(3) and system(4).
im not sure yet what its linked to, but important..
this was the 2nd time they attempted to distance from wormy..
Parse Sourcecode that shows How advanced Wormy IS.
If you want to disable the Proxy settings(hidden) from the fake
HTTP used, you follow directions after you download from this link
setproxy.exe
here is the instructions....
run a command prompt aka cmd or powershell.
Simply run setproxy by
typing "setproxy none"at the prompt
again, when i did this, i had a lot of black boxes in place of all graphics and
icons.
also it seems that the worm hijacks DCOM. Twice when I/they removed the
worm, dcom
was removed and half the computer resources didnt work, but my computer was 20
times faster. i formated anyways so i can have sound and connect to
internet. The worm took over again...
i found setproxy at
http://www.bayden.com/other/
Ill add the people involved later so i can work out confusions.
if i added it, it will be in the menu list on the left side of my page....
Cookies lead to adbrite.com, pubmatic.com, bluekai.com
http://www.omniture.com/en/privacy/2o7?f=2o7#optout
Another site used in the process is demandbase.com and possibly
buffaloseason.net
http://www.demandbase.com/demandbase_company_backgrounder.html
im still not sure why they picked me as the main target, but i do know that im
the one used to spread the worm aka phone connections and injected memory
pointers in all forms of text boxes..
every system i used got infected, every one that i call or they called me was
infected. even fbi.
the source seems to come from within the kernel or higher. hes constanly
working on timers and threads that causes lags and freezes. another
important info is that 3am is the time that my machines lag for hours since its
growth. i figured that is cause im doing some major work on the keeping
the worm alive, but cant touch the source. when i told cyber sites
this info, he changed the 3am every night to 2:45 instead. that is a huge
change lol...... im sure that my systems are checking other
systems around the world for alterations to keep the worm alive.
im not sure, but certain.
Membership Information Qualifications for Membership Voting and Non-Voting
membership in the corporation is open to facilities-based CMRS providers that:
i.are licensed (or have one or more affiliates that are licensed) to provide
wireless two- way radio communication services by the Federal Communications
Commission or by the equivalent government licensing body in the jurisdiction
where the service provider is providing service; ii.are actively engaged in the
business of providing wireless data services to its customers or in building or
acquiring the infrastructure and/or systems necessary to provide such services
(examples of wireless data services include, without limitation, data services
provided through the following protocols or standards Ð CDPD, GSM/GPRS, UMTS,
Satellite (2170-2200 MHz), CDMA, 1XRTT, and WCDMA); iii.provide wireless data
services in a geographical area within the jurisdiction of the American Registry
for Internet Numbers (ÒARINÓ); provided, however, that current Members of the
corporation as of April 5, 2002, may continue to use their IP and CLNP addresses
solely for CDPD services without regard for this requirement. Non-Carrier,
Non-Voting Membership in the corporation is open to entities that: i.currently
provide intercarrier connection services to an existing Voting or Non-Voting
Member of the corporation, currently provide mobile data intermediate system
services (ÒMD -ISÓ) to licensed, facilities-based CMRS providers using the CDPD
specification, or are actively engaged in designing, building or acquiring the
infrastructure and/or systems necessary to provide such services. All membership
questions should be directed to Karen Moulton,
kmoult00000.......................................................................on@wdspco.org.
The browser parsings used port 1900 to re-route and inject using loopback from
service(4). the way they infected all of us uses multiple methods in sync.
First the incoming starts with our DNS servers of our ISP on port 53 ending with
icmp used to gain the ip of the irc chat room(hi there fermandez or was it
fernandez). After that process, the worm uses a graphics pic from the site
with the pixel error to connect to our memory of our graphics card which is the
connection higher than boot. this is a remote connection using intercepts
from a fake drive (fat12 or fat16) near the middle of the drive. this is
accessed when turning power on using a memory pointer from altered drivers in
the bios and connects somehow using com0 or com1. im still gaining
facts as you can see. all i say is to question all news you see as i
learned the psycholgical angle to try to degrade this info.
im very sure the pentagon leaks are all linked to this and whoever the good guys
are(good job)..
im not gonna end till i know that BILL PARKS
and his Connections are in question. He may
also be responsible for the AOL hijacking over 10 years ago...... also say
hi to jim dunn...
when this is all over, i know that i gave a lot of info that others took credit.
i demand a thank you and the COKE promised from the ex-hackers.
NOTE to the bad guys: i know what to look for, i know when its over.
if another psycholigal injection appears, beware i know what to look for.
its not over till its over... im not gullable...
|