How to Check if Your Computer is Infected or Not

In my previous post "How to Know if You Are Infected with RATs or Keyloggers" I've been writing about methods to find out when you are infected with a RAT or Keylogger, without using any complex tools. Here i will show you how to know if you are infected or not from any malware. These ways are very simple, but I guarantee you to 80% that you will clean your system using these methods.

Lets start:

First Method: Checking the startup

1. Open the "Run" by pressing "windows key + r" or go to "Start", and then select "Run".
2. Type msconfig
3. A window will come up. Go to the "Startup" Tab.
4. Now as you can see, you have the list of all the applications that start with Windows. You can find almost every RAT/Stealer/Keylogger/bot...
5. Search for some file like "Stub.exe" ,"server.exe" ,"s3rver.exe"... This are the most used names.

If you found one uncheck it, and click on "Save". Reboot your computer, and you have successfully prevented the malware(s) to startup with the system.


Second Method: Checking the Registry

In the registry every application saves its configuration, of course malware too. Malware often uses the Registry to startup, and Save the options.

1. Open the "Run" (Start -> Run)
2. Write regedit.exe
3. Search In The HKey_Current_User (HKCU) for the Software Folder.
4. There will be a list with the programs. If you are infected, you'll find something like Server or Stub, some sh*t like that.
5. If you found one, delete that entry (Right Click -> Delete Entry).

Third Method

1. Install Malwarebytes' Anti-Malware. It's really the best anti-malware. Check for updates and make a full scan.

Microsoft Windows Malicious Software Removal Tool

Microsoft released the Microsoft Windows Malicious Software Removal Tool to help remove specific prevalent malicious software from computers that are running Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, or Windows XP. After you download the Microsoft Malicious Software Removal Tool, the tool runs one time to check your computer for infection by specific prevalent malicious software (including Blaster, Sasser, and Mydoom) and helps remove any infection it finds. Microsoft releases a new version of the tool every month.

Microsoft Windows Malicious Software Removal Tool features:

• The tool removes malicious software from an already-infected computer. Antivirus products block malicious software from running on a computer. It is significantly more desirable to block malicious software from running on a computer than to remove it after infection.

• The tool removes only specific prevalent malicious software. Specific prevalent malicious software is a small subset of all the malicious software that exists today.

• The tool focuses on the detection and removal of active malicious software. Active malicious software is malicious software that is currently running on the computer. The tool cannot remove malicious software that is not running. However, an antivirus product can perform this task.

The Microsoft Windows Malicious Software Removal Tool is FREE! You only need to run->mrt.exe

Note: You cannot download and run the tool if you are running Microsoft Windows 98, Windows Millennium Edition, or Microsoft Windows NT 4.0. This tool is for Win XP SP2 and above including Vista& Windows 7

For further knowledge click here

About 6 months ago I was infected by deadly password stealers, and this was the only program that detected and removed both of them. None of the AVs, or HJ was able to catch that stealer. I highly recommend this tool.

How To Recover Your Computer After Virus Attack

Even after the virus is totally removed from the system, some users find it difficult to restore all those things back which were affected by the virus. A virus usually when enters into a system disables the registry editor and task manager so that the user can not remove the virus from the system.

Here is a free tool Re-Enable using which even a novice users can fix all the things which were disabled by the virus. An antivirus can remove the virus files but sometimes it may fail to restore the system settings. In such situations this tool can come handy.

The program has the ability to restore functionality to these Windows features:

• Windows Registry
• Command Line Tool
• Windows Task Manager
• System Restore Config
• Folder Options
• Run command
• My Computer
• Task Scheduler
• Right Click Context menu
• Ms-Config (Xp only)
• Control Panel
• Search

You will require dot net 3.5 or higher version to run this software. Or if you don’t want to download .Net framework then you can try the portable version of this software.

Download Re-Enable

How To Protect Your Computer From Virus By Disabling Autorun

Most of the computer seems to get transferred from flash drives, pen drives and other portable and removable media. As soon as you plug and play your removable storage media, the windows’ default feature will search for Autorun.inf file which contains all the information about the things to do when media is plugged in.

It can execute programs (probably virus) which are already in removable storage media. Eventually the programs copies itself to the hard drive.

Therefore it is necessary to turn of autorun feature in your windows to get rid of viruses.

In this short tutorial I am going to teach you how to disable your system from searching and executing autorun.inf as soon as the removable storage is plugged in.

Follow this simple step by step tutorial.

First go to Start-> Run

Type: gpedit.msc in run window and press OK button.

It will load the group policy editor window.

In the explorer sidebar at the left, open Computer configuration tree. Inside it open Administrative templates. Again open System folder. (refer to the image below).

Click on the image to Enlarge

At the right side, scroll down for the “Turn off Autoplay”.

Double click to open it.

Click on “Enabled” button and choose “all drives”.


And click on OK button.

Again in explorer sidebar at the left, open User configuration tree. Inside it open Administrative templates. Again open System folder. (refer to the image below).

Click on the image to Enlarge

At the right side, scroll down for the “Turn off Autoplay”.

Double click to open it. Apply the same settings as above and click on OK button.

Restart you PC.

Now onwards, your removable media won’t autoplay making your desktop more secure from virus.

Know More About Phishing Attacks

Phishing is a method of stealing login info (usernames and passwords) by directing the victim to a clone (fake) login page, that logs the login info without the knowledge of the victim. Such clone website is known as a phisher. eBay, PayPal and other online banks are common targets. Phishing is an example of social engineering techniques used to fool users. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical measures.

Recent phishing attempts have targeted the customers of banks and online payment services. Social networking sites such as Orkut are also a target of phishing.

Spoofed/Fraudulent e-mails are the most widely used tools to carry out the phishing attack. In most cases we get a fake e-mail that appears to have come from a Trusted Website . Here the hacker may request us to verify username & password by replaying to a given email address.

How to protect yourself against phishing?

• Use your login info in the correct places only.

Don't ever put your login info anywhere else than the page you registered to, unless it's a trusted service, such as youtube or blogger, asking for your google account's info).

• Make sure the website you're logging in isn't fake.

Whenever you login to a website, if you didn't type the URL (address) of the website yourself, i.e. if you clicked a link that led you to the login page (from message, website, search engine results), always check the url (address) to see if you're in the right place.

For instance, if you're logging in your facebook account, make sure the url appears as http://www.facebook.com/
Where a phisher page would look like http://www.facebook.freewebs.com/, or http://www.facebook.spam.com/, or any url whose part before the .com isn't exactly the same as the page you want to login to.

• Make sure the links you're clicking aren't fake.

Whenever you're clicking a link, check where the link goes before clicking it. Links can be masked to appear as something else than the page they're leading to. For example, www.google.com leads to yahoo instead of google. Fortunately, in most browsers, whenever you point your mouse cursor over the link, the true location of the link is displayed on the bottom left part of the screen.
This is particularly important because it can protect you from another, rarer but more dangerous method called cookie stealing, which is basically automatically stealing your account if you're previously logged in the website.

Know that links to phishing pages are usually spread via email, and often represent impersonating trusted services and persons, such as making the email appear as it's sent from the website you've registered to, or a friend of yours whose account has been compromised.


What to do if you have spotted a phisher?

• Report the phisher as soon as you can. Report the phisher's address here: http://www.google.com/safebrowsing/report_phish/

• If the phishing attempt has been done via message, report the message in any of the following services:

http://www.reportphish.org/forwardphish.php
http://www.us-cert.gov/nav/report_phishing.html

• If you received the message from a friend's compromised account, inform your friend, and other friends that might be in danger.

• If possible, inform the admin of the website that the phisher is made for.

So the Bottom line to defend from phishing attack is

1. Never assume that an email is valid based on the sender’s email address.

2. A trusted bank/organization such as paypal will never ask you for your full name and password in a PayPal email.

3. An email from trusted organization will never contain attachments or software.

4. Clicking on a link in an email is the most insecure way to get to your account. 

Shut Up and Be Secure - Power of Social Engineering

Human is the most weakest part of the Information Security chain. Psychologists have identified many benefits people receive when they help others. Helping can make us feel empowered. It can get us out of a bad mood. It can make us feel good about ourselves. Hackers find many ways of taking advantage of our inclination to be helpful.

Because Hackers often target people who don’t know the value of the information they are giving away, the help may be seen as carrying little cost to the helper. Most of Humans tend to explain their behavior and of others, while doing this we give away alot of information about us.

Security is too often merely an illusion, an illusion sometimes made even worse when gullibility, naivety, or ignorance come into play. The world’s most respected scientist of the twentieth century, Albert Einstein, is quoted as saying, “Only two things are infinite, the universe and human stupidity, and I’m not sure about the former.” In the end, social engineering attacks can succeed when people are stupid or, more commonly, simply ignorant about good security practices.

With the same attitude as our security-conscious homeowner, many information technology (IT) professionals hold to the misconception that they’ve made their companies largely immune to attack because they’ve deployed standard security products – firewalls, intrusion detection systems, or stronger authentication devices such as time-based tokens or biometric smart cards.

Anyone who thinks that security products alone offer true security is settling for. the illusion of security. It’s a case of living in a world of fantasy: They will inevitably, later if not sooner, suffer a security incident.

How to Detect Fake Emails

Yesterday one of my readers asked me about the way to detect a fake mail. I thought that this can become a good point for writing an article. So, I am mentioning some tips to detect fake/fraud/spam mails.

How to Detect Fake Mails:

1. Lets get back to the example I illustrated in my article Fake Mailer. I had used "support@gmail.com" as the sender email address. No doubt, this was fake and the receiver will get the fake email sent by me.

2. Suppose you are the receiver. Now, I will tell you how to recognize this mail as fake. Open the email and hit on "Show Details".

3. Something you must know:



Whenever Google sends you any email, the email details will contain fields like:

- Mailed by
- Signed by (optional)

Also, most of the times, "Mailed by" field will have value:

*.bounces.google.com or
*.google.com

depending on the type of your mail. This is true for every genuine email from every mail provider.

4. But, these two fields will not be present in the details of Fake Mail. Also, if the mail details contain these fields, the value of these fields will not be *.google.com

Fake Mail without "Mailed by" field:



Fake Mail with "Mailed by" field.



As you can see, the "mailed by" field shows the hosting server's name and not the Google server. This means, this server is used to send you the fake email and most probably, the fake mailer is hosted on the same server.


You can also check out the header field to detect fake mails. Follow the steps:

- Open the mail. Hit on down arrow next to "Reply" and click on "Show Original".



- Now, check out "Received" fields. This field will show you the name of server from which the mail is sent. As you can see, we have used "emkei.cz" as our fake mailer. So, it has appeared in "Received" field.

More Tips:

- Fake Mail usually have attractive titles.
- Such mails address receiver as "Dear Customer" or such and do not use your real name.
- Never click on any link in emails. Instead, open such links manually in new tab. Refer my article Anti-Phishing measures for more information.

Follow these tips and you will be able to recognize fake, spoof, spam emails. If you know any other useful tip to detect fake or spam emails, please share it with us in comments.

SQLI Helper Tutorial - A Must Read Article

Today I am going to show you people how to use SQLi Helper to Hack a Website. The SQLi Helper is a tool used to do all the work automatically which a Hacker would have to do manually. That make it a very popular tool among script-Kiddies as well as Pros.

You can download the SQLi Helper from Here.

It should look this this:



Now the First Step is to give the Target site like http://targethost.com/expoit.php?id=1 (Note: This is not the real site). After you give the target site click on the Inject button.



And then click on the Get Database Button.



Now the following Information will be available about the Host:



Now to take the attack forward choose a Database from the Database Name column and click on the Get Table button.



Now we Have the names of the Tables. Now we need to know the Columns of the Tables which contain sensitive information. For that we will choose the Table admininfo to get columns.



To get Columns select the Table and click on the Get Column Button.



Now we have the Names of the Columns shown below:



Now select the one which seems important and click on the Dump Now Button.



And then a New Windows will open that will Dump the Data that is in those Columns. Like Show Below:



After we have got this Sensitive Information, we can use online MD5 cracker to crack the Password Hash and access the Website with Administrative Privilege.

SUPERAntiSpyware - Free Spyware Removal Software

If you’re looking for free software that will remove Spyware, Adware, Malware, Trojans, KeyLoggers, Dialers, Hi-Jackers, and Worms, then you should try SUPERAntiSpyware Free Edition.



SUPERAntiSpyware scans your computer for known Spyware, Adware, Malware, Trojans, Dialers, Worms, KeyLoggers, HiJackers and many other types of threats, and allows you to remove or quarantine them. It offers daily (manual) definition updates, as well as home page hijack protection and customizable scan options. Furthermore, the program includes a Repair feature that allows you to restore various settings which are often changed by malware programs, but usually not corrected by simply removing the parasite.

Download SUPERAntiSpyware - Free Edition

Best Antivirus Software of 2012

With 2012 around the corner, we want to upgrade our antivirus software to the latest and greatest. The antivirus software below will prevent computer viruses from attacking and infecting your computer.

Avira Antivirus Premium

Avira provides not only protection but also performance with a tendency for over-protection due to the Advanced Heuristics Analysis Detection system. The price is reasonably low at $29.99 and it has an easy, straightforward installation.

Trend Micro Titanium Antivirus 2012

Thus far, Trend Micro Titanium has made a great name for itself and we predict that it will sustain this reputation come 2012. This new line of security software uses cloud technology to bring real-time updates to your screen. Trend’s speed is definitely its greatest asset.

AVG Antivirus 2012

AVG is a great antivirus option, and its 2012 line has made improvements on its social network protection, in particular. The updates are automatic and continual, and it boasts some epic LinkScanner technology. However, the speed is slower than software like Trend.


Freebies:

AVG Antivirus Free 2012

With an impressive malware cleanup, this free software is a great option for those who need both cleanup and malware blocking. If you like this software, you can always move on up to the AVG Antivirus 2012 for $39.99.

Panda Antivirus 1.5 Free Edition

Panda, like Trend, uses cloud technology to make this software light on your PC. With speed and reliability, Panda has impressed many critics recently. While it doesn’t have “2012” in the title, the latest product runs with the best 2012 products. It has continually ranked the highest in malware removal, but sometimes has an incomplete cleanup. You can download the free edition of Panda Cloud Antivirus and give it a shot if you’re skeptical. The Panda Antivirus Pro 2012 goes for about $49.99/year.

Ryan is a guest blogger who often writes for the Blog Content Guild. He believes in ethical hacking and never paying the full price for anything--he always finds the greatest deals using Dell coupons. 

Get a Free Activation Key for Eset Nod32

If you’re looking for Eset Nod32 activation key , then you came to the right place. Here you can download Eset Nod32 Keygen , that will generate Nod32 keys.


Download Eset Nod32 Keygen

1.Open keygen
2.Click generate
3.Copy & paste the name and password into eset
4.Done

Offering rock-solid security, simple usability, effective resource usage and an enticing pricepoint, ESET Nod32 Antivirus is the best antivirus software on the market. The newest installment takes their established expertise to the next level with new features and advanced technology. More than just keeping your computer safe from threats, the antivirus software also helps to optimize your PC. Overall, it’s a top antivirus solution that offers superior protection, performance, and price.


Traditional viruses are showing no sign of slowing down, and new online threats continue to emerge and target different vulnerabilities. Luckily, this antivirus software continues to grow their arsenal to meet (and beat) the threats, whether they be viruses, worms, Trojans, or any other type of malware.

One of the best aspects of this software is that it is so flexible. Whether you’re an advanced user looking to control the whole process manually, or an average user who simply wants a set-and-forget solution, this software can match your workflow. Advanced users will love how robust the features are and the customization and overall control. Basic users will appreciate the fact that they can set up their preferences quickly and simply let the software protect them with little intervention.

In short, this security software provides protection and peace of mind, without upsetting your PC performance or paycheck.

Download Norton 360 Version 4.0 2011 For Free

Well this ain’t a joke. Norton is giving away its Norton360 Version 4.0 and norton antivirus 2011 for 90 days free trial i.e 3 months. This is a special promotional offer. This is an OEM setup installer that has been released by norton in conjunction with microsoft.

If you will directly go to the norton website you will not be able to benefit from this offer instead you will get only a 30-day trial version only after entering your credit card details. But if you use the link that I am giving at the end of this post you will get a 90 day trial and doesn't require to enter your credit card details.

So don't waste your time and try the best antivirus solution as the new norton 2011

* Provides excellent protection against viruses,spywares.
* Its lightweight and uses less system resources.
* Specially Designed for windows 7

Click the link below to download Norton 360 Version 4.0 Or antivirus 2011 for free

Download Norton360 Version 4.0 2011 for free

Protect Yourself Against Viruses, Spyware and Web Bugs – For Free

You don’t have to spend a penny to keep your PC safe from viruses, spyware and web bugs. Fight back with these tips and tools—for free.

Kill Viruses

Big-name antivirus software such as Norton AntiVirus or McAfee VirusScan forces you to pay for a subscription every year, but they have another drawback as well. They also tend to suck up a lot of system resources and use plenty of RAM, and your PC can take a big performance hit from them just to keep itself protected.

There’s a better way. Use avast!, nifty antivirus software that’s free for personal use and that takes up so few system resources and RAM you won’t even notice it’s there. It includes seven different shields, and it’s a good idea to install and use them all. Once avast! is running, you can customize each shield. Double-click the avast! icon running in the System Tray and from the screen that appears, select the shield you want to customize. To change the sensitivity of the scanner—how aggressively the shield should act—move the slider. Move it to the left to make it less sensitive, and to the right to make it more sensitive. To customize the shield even further, click the Customize button. The dialog box that appears will vary according to the shield you’re customizing.

Note, by the way, that before you install avast!, you’ll need to first uninstall whatever antivirus software you’re already using; otherwise it might not work properly.

Protect Yourself Against Spyware

For most people, spyware has replaced viruses or worms as the most-feared and obnoxious danger on the Internet. A relatively few number of people become infected by viruses or worms, but it seems as if almost everyone you know has been hit by some kind of spyware.

Spyware is a catch-all phrase that encompasses many different types of obnoxious programs. The least intrusive of the bunch report on your surfing activity to a web site, which tracks what you do and then delivers ads to your PC based on your interests. But increasingly, they are becoming more intrusive. Some of them spawn pop-up swarms of ads that appear so quickly they overwhelm your PC, slowing it down and making it unusable. Others hijack your browser home page so that no matter what you do, you’re sent to a home page of the hijacker’s choosing, which might be a pornographic site, or perhaps a web site that spawns even more pop ups. And some kinds of spyware, called keyloggers, literally spy on you by watching every keystroke you make, and then send that information to someone on the Internet.

Even more fearsome is spyware that turns your PC into a “bot” or a “zombie” and forces it to spew out tens of thousands or more pieces of spam, all without your knowledge.

But you don’t have to be a victim; there’s a good deal you can do to protect yourself, and you won’t have to spend a penny to do it:

Get a free spyware detector and eradicator

One of the best and most popular free program is Ad-Aware. It checks your system for spyware, finding not only program files, but also Registry entries and cookies. After it does a check, you can choose which spyware problems you want the program to fix, and it’ll go about its work, deleting files, folders, and cookies, and fixing Registry entries. Because no one spyware-killer is perfect, I suggest getting another free one, Spybot Search & Destroy. If you’re a Vista user, you already have a free piece of antispyware, Windows Defender, shown on the picture below, on your system. If you use an earlier version of Windows, get a free copy of Windows Defender.



Be vigilant about what you download

There are plenty of free programs available on the Internet, but not all have good intentions in mind. Some are spyware. So be careful before downloading any free software. Go to reputable download sites, such as the download library run by PC World or to CNET Download.com and read the descriptions and reviews, to make sure the software doesn’t carry a spyware load. In addition, head to the Index of Known Spyware page run by Gibson Research, the SpywareGuide, and the Spyware Warrior List of spyware for a list of spyware programs.

Use a personal firewall such as ZoneAlarm

A personal firewall will let you block any program on your system from contacting the Internet without your approval. With one installed, spyware can’t “phone home” and alert others to your surfing habits. Windows XP’s Windows Firewall doesn’t have this capability, so you can’t use it to block spyware. Windows Vista’s Windows Firewall is better than XP’s at blocking these kinds of outbound connections, but it may not block all of them. For maximum safety, get a free firewall such as ZoneAlarm.

Kill pop ups

Pop-up ads are a common way of delivering spyware. Click a pop up, and you might get infected with spyware. So, kill pop ups. Internet Explorer includes pop-up killers, as does Firefox. But keep in mind that sometimes pop-ups make it through their pop-up killers. If one does, close it down and don’t click anything inside it (especially fake close buttons; be sure to use the real Windows controls in the upper corners of the window).

Be wary of files and links sent in instant messages

Increasingly, spyware is propagated via instant messaging programs. Spyware can in essence take over someone’s instant messaging program and then send itself to everyone on the buddy list, either as an executable file or a link—and it appears that a person, rather than spyware is sending the file or link. So before clicking a link or using a file sent via instant messaging, double-check with your friend that he is actually sending you something, and that spyware hasn’t done the job.

Stop drive-by downloads

A web site might attempt to download software to your PC without your knowledge, and it might carry a spyware payload. Internet Explorer includes tools to stop drive-by downloads, as does Firefox. However, they’re not necessarily 100 percent effective. So don’t click links sent to you in spam, which can lead to sites with drive-by downloads.

Watch Out for Web Bugs

Web bugs are invisible bits of data, frequently a single pixel in size (sometimes called clear GIFs), that can track all your activities on a web site and report them back to a server. They are one of the more pernicious ways your online activities can be tracked, no matter which browser you’re using. Sometimes, the web site the bugs send information to isn’t the one that contains the web bug; for example, a web bug might send information back to an online advertising network.

Web bugs can send the following information back to a server:

• The IP address of your computer
• The URL of the page on which the web bug is located, so they know you visited the page
• The time the web bug was viewed, so they know exactly when you visited the page
• The URL of the web bug image
• The type of browser you have
• The values of certain cookies (generally only cookies set by the web site that the bug resides on)

A free piece of software called Bugnosis will alert you whenever it comes across web bugs on pages you visit. It reports on the URL the bug reports to, and, for some bugs, it lets you click a link it creates so that you can send an email of complaint to the web site that runs the bug. It runs inside Internet Explorer as a toolbar and doesn’t work with any other browsers.

The software can’t actually protect you against web bugs, but it can alert you when you visit pages that use them, so you’ll know to stay away from them in the future. When you visit a site, the Bugnosis toolbar reports on the number of suspicious items that might be web bugs. To see detailed information about each suspicious item and web bug, click the down arrow next to the Bugnosis logo, and choose Bugs Found in This Session. You’ll see a list of every suspicious web bug. Click the item, and you’ll see a more detailed description, and an analysis on whether the item is truly a web bug or only suspicious.

Bugnosis can’t actually block web bugs; it can only alert you to their presence. If you want your privacy protected when you surf the Web, your best bet is to surf anonymously.

Download Norton 360 Version 4.0 2011 For Free

Well this ain’t a joke. Norton is giving away its Norton360 Version 4.0 and norton antivirus 2011 for 90 days free trial i.e 3 months. This is a special promotional offer. This is an OEM setup installer that has been released by norton in conjunction with microsoft.

If you will directly go to the norton website you will not be able to benefit from this offer instead you will get only a 30-day trial version only after entering your credit card details. But if you use the link that I am giving at the end of this post you will get a 90 day trial and doesn't require to enter your credit card details.

So don't waste your time and try the best antivirus solution as the new norton 2011

* Provides excellent protection against viruses,spywares.
* Its lightweight and uses less system resources.
* Specially Designed for windows 7

Click the link below to download Norton 360 Version 4.0 Or antivirus 2011 for free

Download Norton360 Version 4.0 2011 for free