Thursday, October 14, 2010

How to fix your infected computer


IS your PC infected by virus,spyware etc?,Does your pc much takes time to start?,Are you looking for tools to fix up your infected computer then this post is just for you,
I get this question getting asked frequently,"How to fix your infected computer",I have posted here many ways to fix your infected computer and Make it start faster

Steps to fix your Infected computer:

Here are some steps you need to take when fixing your infected computer:

Antivirus software

1.Kaspersky:

It is one of the best antivirus availible on web,Kaspersky Anti-Virus features include real-time protection, detection and removal of viruses, trojans, worms, spyware, adware, keyloggers malicious tools and Auto-Dialers, as well as detection and removal of rootkits. It also includes instantaneous automatic updates via the "Kaspersky Security Network" service.



2. Bitdefender

It is one of the best antivirus availible features include real-time protection, detection and removal of viruses, trojans, worms, spyware, adware, keyloggers malicious tools and Auto-Dialers, as well as detection and removal of rootkits.

3.Avira

Avira uses very less CPU and is quite compact.Avira free is much better than Avira Premium even though it offers web filter and mail filter




4.
Norton
Quite slow if you have a 512 MB or 1GB RAM.2GB and 3 GB RAM Users are only advised to use this software.But it is extremely good in virus detection and does not leave a single trace of any damage,It detects 90% of viruses but not better than kaspersky.


Antispyware:

Spyware is a type of malware that is installed on computers and that collects information about users without their knowledge. The presence of spyware is typically hidden from the user. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.

Antispware is the second step in to fix your infected computer.Running anti-spyware software has become a widely recognized element of computer security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user's computer

Here is a list of some antispywares which i would recommend:

1.Ad-Aware Free Anniversary Edition 8.0.7:
It eliminates spy archives and him easily aid to eliminate them of fast form. It can choose the modules to eliminate, to keep files from registry, and to personalize the menu of the program

2.a-squared Free 4.5.0.8:
Also known like a², one specializes in detecting, to eliminate malwares (all type of harmful file). To the day of today, a-squared detects and eliminates more of: 24.000 trojans, 67.000 worms, 40.000 dialers, 11.000 spyware y 70.000 plans or signs.

3
.Malwarebytes Anti-Malware:

This antispy analyzes the discs in search of malware With option to eliminating them. This antispy can be programmed to analyze PC at a certain hour. It has a list for files in quarantine and to ignoring. There exists the possibility of activating the protection in real time (Itdetects the threats before that enter to the system), which, it is of payment.

Others are such as spyware blaster,spy defence etc

Registry scanner:

Next you need a registry scanner, to fix your infected computer,Viruses often copy their algorithm into the registry entry.So you are only 50% done after you delete the virus)
Well there are many registry cleaners availible such as

1.Eusing Free Registry Cleaner/scanner
2.Registry fix
3.Auslogics registry cleaner(My recommendation)

Trojan horse removal:

For this you can read my post on "Trojan horse removal"

Ccleaner:

After that you can download CCleaner and optimize your computer speed by deleting unwanted registry and internet tracing cookies and temporary files.

Bonus:Anti-Malware Toolkit - a program that automatically downloads all of the recommended programs to help users clean their computers and have them running at peak performance again.
Help keep your computer safe, secure and clean from malware - get the Anti-Malware Toolkit today!




Sunday, August 29, 2010


Sniffers - An Introduction : Network Sniffers - 3


Introduction to Packet Sniffing

Its a cruel irony in information security that many of the features that make using computers easier or more efficient and the tools used to protect and secure the network can also be used to exploit and compromise the same computers and networks. This is the case with packet sniffing.
A packet sniffer, sometimes referred to as a network monitor or network analyzer, can be used legitimately by a network or system administrator to monitor and troubleshoot network traffic. Using the information captured by the packet sniffer an administrator can identify erroneous packets and use the data to pinpoint bottlenecks and help maintain efficient network data transmission.
In its simple form a packet sniffer simply captures all of the packets of data that pass through a given network interface.
Typically, the packet sniffer would only capture packets that were intended for the machine in question. However, if placed into promiscuous mode, the packet sniffer is also capable of capturing ALL packets traversing the network regardless of destination.
By placing a packet sniffer on a network in promiscuous mode, a malicious intruder can capture and analyze all of the network traffic. Within a given network, username and password information is generally transmitted in clear text which means that the information would be viewable by analyzing the packets being transmitted.
A packet sniffer can only capture packet information within a given subnet. So, its not possible for a malicious attacker to place a packet sniffer on their home ISP network and capture network traffic from inside your corporate network (although there are ways that exist to more or less "hijack" services running on your internal network to effectively perform packet sniffing from a remote location). In order to do so, the packet sniffer needs to be running on a computer that is inside the corporate network as well. However, if one machine on the internal network becomes compromised through a Trojan or other security breach, the intruder could run a packet sniffer from that machine and use the captured username and password information to compromise other machines on the network.
Detecting rogue packet sniffers on your network is not an easy task. By its very nature the packet sniffer is passive. It simply captures the packets that are traveling to the network interface it is monitoring. That means there is generally no signature or erroneous traffic to look for that would identify a machine running a packet sniffer. There are ways to identify network interfaces on your network that are running in promiscuous mode though and this might be used as a means for locating rogue packet sniffers.
If you are one of the good guys and you need to maintain and monitor a network, I recommend you become familiar with network monitors or packet sniffers such as Ethereal. Learn what types of information can be discerned from the captured data and how you can put it to use to keep your network running smoothly. But, also be aware that users on your network may be running rogue packet sniffers, either experimenting out of curiosity or with malicious intent, and that you should do what you can to make sure this does not happen.

ADDICTED TO HACKING

ADDICTED TO HACKING

Rafay Baloch is an Ethical Hacker and a Security expert from Pakistan; he is the owner of www.rafayhackingarticles.blogspot.com and the writter of the book "A Beginners Guide to Ethical Hacking. Rafay Baloch mailed this interview to Our Editor In Chief Vaidehi .Here are a few excerpts


Which websites have been hacked by you recently??

I am an Ethical Hacker and use my Information for positive purposes, I don’t Hack websites I just Test them for Vulnerabilities and then Inform the respective owners to fix it before others do a serious Damage.

There was recently news that Vijay Mallya’s website was hacked? How far was it true ?

Yes the Information the 100% true, even I saw the site my self when It was in Defaced State. It was Hacked by Pak Cybet Army with SQL Injection attack. Recent Studies Show that around 90% of the websites get Hacked. This method is really difficult by default for Newbies. How ever there are some online tools through which even a script Kiddie can Hack websites

There are lot of Indian politicians and other bigwigs whose money is lying in Swiss bank accounts ? How do you hack these accounts ?

I haven’t tried and also won’t try because as I told you at the Beginning of the Interview that I use My Information for Positive purposes. The most common Method Hackers use To Hack Swiss Bank accounts is through Phishing or Spoofing. Say the Hackers Target is Paypal account. The Hacker will create a exactly similar page like the original one and use some Social Engineering Techniques To make the victim Login through that page. Once the Victim Logins through the Fake page his will loose his account there.

How can one learn hacking ?

Well Hacking is Not an Art which can be Mastered overnight, it requires Patience, knowledge, skills, creativity, dedication and of course TIME. Every one can Learn Hacking provided that they Learn from Basics and have a good source of Knowledge. There are many scam services and softwares claiming to Hack for you but they purpose is just to steal your money. However there are many good books and other resources availible through which one can become an Ethical Hacker.

Have you heard of Bruce Sterling book "The Hacker Crackdown" where they gave an interview with the head of the New York Police Department? He says hackers are principally not good at creative programming. What do you think about it?

This is can be sometimes true and some time not. How ever it has been observed that most popular hackers were good at creative programming, but still now a days there are such Hacking tools that even a script kiddie can Start Hacking so in this case the statement can be considered true. Personally I think that one cannot be an Elite Hacker without knowledge of programming, which means that he cannot develop his own exploit and will use pre developed exploits.

Is it hard to penetrate into the "closed" computer systems?

Yes it is difficult to penetrate into closed computer systems than open computer systems. Attacks such as NetBIOS Hacking won’t work if the Target is not online.

What hacker achievements could you tell us about?

At the age of 16 I became aware of all almost the Techniques which Hackers use I think a very few people are able to do this at a very young age. I run a blog www.rafayhackingarticles.blogspot.com with over 13000+ Rss readers educating 100000's of people every month to protect their sensitive information from being hacked by Hackers I think this is my biggest Hacker Achievement

I think hacking is probably unsafe, isn't it? There are some appropriate authorities like Cyber Crime Department that fights computer crime, don't they?

Yes the Hacking is probably unsafe; there are lots of laws introduced against Cyber crime. There are lots of Cyber Crime Departments such as FIA, CBI etc that fights against cyber crime. Having Information is about Hacking Techniques is not bad however how you use it matter allot.

Do you think you are a criminal?

Certainly not because I haven’t illegally Hacked or defaced any persons private Data.

Why is the image of a hacker associated with romantics of 21st century for some people, and with crimes and computer piracy for others?

It depends upon your Thinking some think it as part of protection however others think it as the part of breaking in.

Is it true, that hackers break into corporate computer systems and steal the source code to satisfy their curiosity, but later on deny the stories that any hacking has happened into the Indian Security Intelligence sites?

No comments

How did people come to know about you and how do multiply your business?

I started a security related website www.rafayhackingarticles.blogspot.com March 2009 in which I talked about some methods Hackers use to penetrate systems and steals your private data and methods to protect them. The search Engines started picking my content and slowly my website became popular day by day because I was providing my readers unique content which was not available anywhere. I don’t make efforts to multiply my business it are the readers that make due to which my business goes viral.

How easy is it to hack a computer? Has security improved much? Have things changed vis a vis what you did years ago?

With the tools available now a days it can be a cakewalk for the Hacker to Hack a comptuer system, However the security has gradually improved past years but still due to lack of awareness among the people related to computer security its damn easy for the Hacker to Hack a computer.

This is just for understanding as to how vulnerable is the common user?

A common user is not aware of Hacker's techniques so he is widely vulnerable

What does social engineering mean in the context of hacking ?

Social engineering is defined as the process of obtaining others passwords or personal information by the act of manipulating people rather than by breaking in or using technical cracking techniques.

How do they use this concept of social engineering ?

There are lots of way through which the Hackers use Social Engineering Below is the example of a social engineering attack Robert (Hacker) calls Michael and pretends to be a Google employee, Here is the conversation

Robert: Hi Michael I am Robert a Google employee

Michael: Oh How are you doing?

Robert: Me fine. I am here to inform you that Google is performing a security update on all Google account and therefore to install those securities updates on your account.

Michael: Yes kindly install those security updates.

Robert: Thanks for your interest in our security updates we will require your password for installing it.

Michael (Victim) has become a victim of social engineering, he will give out his password thinking that the person whom he was chatting was a Google employee.

Note: The Hacker will create an account similar to Googleupdates(at)gmail.com

Securityupdate(at)gmail.com

How would you consider the safety of online banking and credit cards online usage ?

It can be safe sometimes and sometimes not, unless you are not sure about the security of the website dont make use of it. How ever you can use some payment processors like Paypal, Alertpay etc to avoid your credit card number to be exposed.

Do you also use online banking for monetary transactions ?

Yes I use Online Banking for Monetary Transactions.

What achievements in cyber space made you a celebrity overnight in your community ?

My biggest Achivement is my website. Which is the one of the Top Security sites in my Country.

I think you attract a lot of media attention ? How does it feel ?

Yes that’s true. I feel that I deserve it for the work it do. Remember "Sucess never comes by accident"

What are your other hobbies ?

My other hobbies include Playing Piano, Snooker etc

Have you ever been hacked ?

With the Grace of ALLAH I have'nt been Hacked till now

What can you tell us about iPhone hacking ? What is the technology involved ?

There are lots of Spyware softwares such as Mobile spy, Spyware Gold which allow you to Spy on IPhones

What do you see as the future of hacking in the next 5 years?

In the next 5 years Security will improve as well as Hackers. As each day the number of Hackers keep growing and growing so Security experts have to try hard to assure online security

Why is there is no unity in hackers?

This is because all Hackers have EGO and attitude problem, every hacker thinks that he is better than others

Is it true that hackers are always anti nationals?

No this statement is completly False, Even the cyber war between India and Pakistani Hackers started due to love and partriotism to their country

What is the biggest threat to hacker?

I think the Biggest threat to the Hacker is the anti Hacking and cyber crime departments

Can this profession ever be really ethical?

Yes this profession can be Ethical. Ethical Hacker is an accepted Industry Term, but it completly depends upon your use. Hackers are of three kind

1.White Hats

2.Black Hats

3.Grey Hats

White Hat hackers use their information for positive purposes, where as Black hat hackers use their information for Negative purposes and grey hats are in between both of them. so all depends upon how you use the information

Have you ever thought of challenging Bill Gates?

No, Billgates has computer security experts from all over the world, if you think that you know 8/10 there might be some people which know 9/10.

Saturday, August 28, 2010


How to Detect Anonymous IP Addresses


Detect-ProxyAs the fraudsters are now becoming more sophisticated in bypassing the Geo-location controls by using proxies (Anonymous IPs) to spoof their IP address, it has become very much necessary to come up with a means for detecting the proxies so that the authenticity of the users can be verified. Using a proxy (web proxy) is the simplest and easiest way to conceal the IP address of an Internet user and maintain the online privacy. However proxies are more widely used by online fraudsters to engage in cyber crimes since it is the easiest way to hide their actual Geo-location such as city/country through a spoofed IP address. Following are some of the examples where fraudsters use the proxies to hide their actual IP.
1. Credit Card Frauds
For example, say a Nigerian fraudster tries to purchase goods online with a stolen credit card for which the billing address is associated with New York. Most credit card merchants use Geo-location to block orders from countries like Nigeria and other high risk countries. So in order to bypass this restriction the credit card fraudster uses a proxy to spoof his IP address so that it appears to have come from New York. The IP address location appears to be legitimate since it is in the same city as the billing address. A proxy check would be needed to flag this order.
2. Bypass Website Country Restrictions
Some website services are restricted to users form only a selected list of countries. For example, a paid survey may be restricted only to countries like United States and Canada. So a user from say China may use a proxy so as to make his IP appear to have come from U.S. so that he can earn from participating in the paid survey.

Proxy Detection Services

So in order to stop such online frauds, Proxy Detection has become a critical component. Today most companies, credit card merchants and websites that deal with e-commerce transactions make use of Proxy Detection Services like MaxMind and FraudLabs to detect the usage of proxy or spoofed IP from users participating online.
Proxy Detection web services allow instant detection of anonymous IP addresses. Even though the use of proxy address by users is not a direct indication of fraudulent behaviour, it can often indicate the intention of the user to hide his or her real IP. In fact, some of the most used ISPs like AOL and MSN are forms of proxies and are used by both good and bad consumers.
How Proxy Detection Works?
Proxy detection services often rely on IP addresses to determine whether or not the IP is a proxy. Merchants can obtain the IP address of the users from the HTTP header on the order that comes into their website. This IP address is sent to the proxy detecting service in real time to confirm it’s authenticity.
The proxy detection services on the other hand compare this IP against a known list of flagged IPs that belong to proxy services. If the IP is not on the list then it is authenticated and the confirmation is sent back to the merchant. Otherwise it is reported to be a suspected proxy. These proxy detection services work continuously to grab a list or range of IPs that are commonly used for proxy services. With this it is possible to tell whether or not a given IP address is a proxy or spoofed IP.
How to Tell Whether a given IP is Real or a Proxy?
There are a few free sites that help you determine whether or not a given IP is a proxy. You can use free services like WhatisMyIPAddress to detect proxy IPs. Just enter the suspected IP in the field and click on “Lookup IP Address” button to check the IP address. If it is a suspected proxy then you will see the results something as follows.
Detect Anonymous Proxy
So for all those who think that they can escape by using a spoofed IP, this post is the answer. I hope this information helps. Pass your comments.


Friday, August 27, 2010


Netbios Hacking- The Ethical Hacking



Netbios Hacking- The Ethical Hacking


THIS NETBIOS HACKING GUIDE WILL TELL YOU ABOUT HACKING REMOTE COMPUTER AND GAINING ACCESS TO IT’S HARD-DISK OR PRINTER.NETBIOS HACK IS THE EASIEST WAY TO BREAK INTO A REMOTE COMPUTER.

STEP-BY-STEP NETBIOS HACKING PROCEDURE

1.Open command prompt


2. In the command prompt use the “net view” command
( OR YOU CAN ALSO USE “NB Scanner” OPTION IN “IP-TOOLS” SOFTWARE BY ENTERING RANGE OF IP ADDRESSS.BY THIS METHOD YOU CAN SCAN NUMBER OF COMPUTERS AT A TIME).

Example: Cnet view \59.43.45.212

The above is an example for operation using command prompt.”net view” is one of the netbios command to view the shared resources of the remote computer.Here “59.43.45.212? is an IP address of remote computer that is to be hacked through Netbios.You have to substitute a vlaid IP address in it’s place.If succeeded a list of HARD-DISK DRIVES & PRINTERS are shown.If not an error message is displayed. So repeat the procedure 2 with a different IP address.

3. After succeeding, use the “net use” command in the command prompt.The “net use” is another netbios command which makes it possible to hack remote drives or printers.

Example-1:
Cnet use : \59.43.45.212F
Example-2:
Cnet use G: \59.43.45.212SharedDocs
Example-3:
Cnet use I: \59.43.45.212Myprint

NOTE: In Examples 1,2 & 3, D:,G: & I: are the Network Drive Names that are to be created on your computer to access remote computer’s hard-disk.

NOTE: GIVE DRIVE NAMES THAT ARE NOT USED BY ANY OTHER DRIVES INCLUDING HARD-DISK DRIVES,FLOPPY DRIVES AND ROM-DRIVES ON YOUR COMPUTER.THAT IS IF YOU HAVE C: & D: AS HARD DIRVES, A: AS FLOPPY DIVE AND E: AS CD-DRIVE, GIVE F: AS YOUR SHARED DRIVE IN THE COMMAND PROMPT

F:,”SharedDocs” are the names of remote computer’s hard-disk’s drives that you want to hack. “Myprint” is the name of remote computer’s printer.These are displayed after giving “net use” command. “59.43.45.212? is the IP address of remote computer that you want to hack.

4. After succeeding your computer will give a message that “The command completed successfully“. Once you get the above message you are only one step away from hacking the computer.
[ad code=1 align=center]
Now open “My Computer” you will see a new “Hard-Disk drive”(Shared) with the specified name.You can open it and access remote computer’s Hard-Drive.You can copy files,music,folders etc. from victim’s hard-drive.You can delete/modify data on victim’s hard-drive only if WRITE-ACCESS is enabled on victim’s system.You can access filesfolders quickly through “Command Prompt”.

NOTE: If Remote Computer’s Firewall Is Enabled Your Computer Will Not Succeed In Gaining Access To Remote Computer Through Netbios.That is Netbios Hacking Is Not Possible In This Situation.(An Error Message Is Displayed).So Repeat The Procedure 2,3 With Different IP Address

No comments:

Post a Comment