Search This Blog

Tuesday, January 19

Information & Tutorial :How to stay safe on internet !!!!

Index:
Introduction
History of Malicious Programs
Virus Databases & Solutions
Malicious Programs & Informatinos about them


Today I will teach you how to stay safe on the internet, and avoid getting infected.
As you know there are many viruses on the internet such as: trojans, worms, adwares etc. Most of people get infected when download keygens, cracks, game hacks etc. All of those programs are fake and can contain malicious program also called virus.

Anti-virus companies treat cracked games as viruses, so you cannot know is it really a virusor not. The first thing you should do after downloading, is scanning on free online scanners such as Virustotal or NoVirusThanks. If the file has around more then 100Mb then it all depends on your knowledge and trust.

Pirate games from torrent sites such as: Piratebay or uTorrent, can contain virus. Since your AV will treat it as a virus you don't know is it a file virus infected or clean. Scanning files on Virustotal or NoVirusThanks can be immpossible sometimes because size of file or it will take a lot of time.

History of Malicious Programs

The first spam e-mail was sent in 1978 over the ARPAnet, the Defense Department network that was precursor to today's Internet, by a Digital Equipment Corp. marketing executive named Gary Thuerk to flog a new computer. The epidemics of the past few years have introduced the majority of computer users to viruses, worms and Trojans. The media has also played a role, reporting more and more frequently on the latest cyber threats. However, malicious software is not really new. Although the first computers were not attacked by viruses, this does not mean they were not potentially vulnerable. It was simply that when information technology was in its infancy, not enough people understood computer systems to exploit them. Viruses started appearing on dedicated networks such as the ARPANET in the 1970s. The boom in personal computers, initiated by Apple in the early 1980s, led to a corresponding boom in viruses. As technology has evolved, so have viruses. In the space of a couple of decades, we have seen computers change almost beyond recognition. While the viruses of the 1980s targeted a variety of operating systems and networks, most viruses today are written to exploit vulnerabilities in the most commonly used software: Microsoft Windows. The first malicious programs may have shocked users, by causing computers to behave in unexpected ways. So malicious software has turned into big business. An understanding of contemporary threats is vital for safe computing.


Virus Databases & Solutions

A computer virus is a computer program which copy itself and infect your computer. The term virus is also commonly but erroneously used to refer to other types of malware, adware, and spyware, keylogger programs that do not have the reproductive ability. A true virus can only spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system


Learn more about botnets & protecting yourself from them:
Botnets PART 1 : building a botnet (1/2)
Botnets PART 1 : building a botnet (2/2)

Botnets PART 2 : Botnet Attacks (1/2)
Botnets PART 2 : Botnet Attacks (2/2)

Malicious Programs & Informatinos about them

• Trojan Horses
• Computer Worms
• Adwares and Popus
• Viruses
• Rootkits
• Keystroke loggers(Keyloggers)
• Rogue Programs
• Spams
• Phishing

Trojan Horses

Trojan horses are most dangerous for your computer. They are also known as Backdoors, which fully take control on your computer. Once a Trojan has been installed on your computer, it is possible to hacker access it remotely and do anything he want. Due to the growing popularity of botnets among hackers, Trojan horses are becoming more common. Unlike traditional computer viruses and other types of malware, they are designed with the intention of exploiting infected systems. However, in order for an attacker to gain access to a system, the victim must run an executable server file.


Operations:

• Use of computers as part of botnet(Distributed Denial of Service aka DDos attack)
• Keystroke logging.
• Trojans can also disable your AV without your knowledge.
• Downloads & Upload files from his computer to your
• Installation of software.
• Data stealing(credit card informations, bank accounts, paypal and other passwords)
• Keylogging keystrokes.
• Using your computer for Spams.
• Making serious damage to your computer(Deleting any file on your PC, including System too!)
• Your computer can be used for spreading viruses(via MSN, P2P chats, forums etc.)

Installation Process

Trojan horses can be installed on your computer throught the following methods:

• Exploits(security holes in webbrowsers, messangers, or other software that allows installation of Trojan Horse)
• Email attachment(this is most popular and easiest way to get infected, so dont open suspice mails)
• Websites containing .exe(Trojan horse which is installed on website page and can be downloaded and executed on your computer without your permission)
• USB infection(You can also get infected, if the USB you use is infected. Sometimes hackers infect your USB and then spread it ever time you plugin to other computer)

How to remove Trojan infection & protect your PC

Well there are many ways to remove infection from your computer, you just need to know what you doing. Well for Trojans you will use Anti-Viruses programs and they must be updated(up-to-date), the updates keep your computer safe. Also there are many other tools: Anti-Spywares(Malwerbyte, SpyBot S&D, Combofix etc.), System cleaners(ATF Cleaner, CClean etc.), debuggers which can run file in box where Trojans cant do anything(Sandboxie, Ollydbg etc.), Firewalls which blocks hackers IP and port which makes Trojan on your computer unusable, Virtual Computer is like debugger but much better because you can install OS on it(Virtual Machine etc.). To download them, just click on linked names of tools and you will get on legit download page.

Useful Video tutorial:
How To Remove Trojan Virus
How to Remove Trojan Virus from your PC
Manually Removing Any Trojan Horse Virus.trojan Zlob Virus Horse Removal

Also checkout this thread:
? Mega Thread: Firewalls, Antivirus and Other security tools ?


Computer Worms

A computer worm is a software program that is designed to copy itself and spread from one computer to another, without users knowledge.(Which means, when you click on file infected by worm, program download & execute other virus from hackers hosting server to your PC). Once installed on machine, worms automatically generate additional email messages containing copies of worm. Worms can also open a port without users permission and make security wholes. In addition to email, worms can also infect computers via web sites, file sharing systems, instant messages, and more.


Operations:

• It spreads across the Internet using email, instant messaging or P2P(peer-to-peer) file sharing networks
• It may install one or several files on your computer, often masquerading as system files, or with randomly generated names to make removal more difficult
• It makes security wholes, and also some worms are can open a port on your PC without your permission
• The worm can also copy it self it registry which can make manual removal difficult

How to remove Worm infection & protect your PC

Well there is many ways to remove Worm infection, but the best and most effective way to clean a computer that has been infected by an Worm is to use a dedicated removal tool. Even if you have an AV software on your PC that detects the Worm, it may still be safer to remove it using one of these dedicated removal tools. I suggest you free Malicious Software Removal Tool, avast! Virus Cleaner, Symantec’s Removal Tools, SbyBot S&D or MalwerByte. To download them, just click on linked names of tools and you will get on legit download page.

Useful Video tutorial:
Win32/Autorun Worm Remover
Tutorial How To Remove All Spyware ,Virus , Malware ,Worm ,Rouge Program Use Malwarebyte

How to remove Viruses and Spyware manually - Part 1 of 2
How to remove Viruses and Spyware manually - Part 2 of 2


Adwares and Popups

Adware is any software application in which advertising banners are displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen. Some adware is also shareware, and so the word may be used as term of distinction to differentiate between types of shareware software. Adware can also download and execute Spyware on your computer.

List of well-known adwares & popups(click links):

[x]Adssite Toolbar
[x]AOL Instant Messenger
[x]Ask.com Toolbar
[x]Bonzi Buddy
[x]BlockChecker
[x]Burn4Free
[x]Cydoor
[x]Comet Cursor
[x]DivX
[x]DollarRevenue
[x]ErrorSafe
[x]Evernote
[x]Foxit PDF Reader
[x]FormatFactory
[x]Gator
[x]IWNet
[x]Kazaa
[x]Messenger Plus! Live
[x]Mirar Toolbar
[x]PornDigger!
[x]Tribal Fusion
[x]Videothang
[x]Viewpoint Media Player
[x]VirusProtectPro
[x]Windows Live Messenger
[x]Winzix
[x]XXX Shop online
[x]XXX Toy
[x]Yahoo! Messenger
[x]Zango

How to remove Adware infection & protect your PC

For this, AV wont really help you. To remove adware from your computer you will need to use Ad-adware or XoftSpy(detects over 45,000 diffrent types of adwares) to clean your PC from adwares. To download them, just click on linked names of tools and you will get on legit download page.

Also download one addon for FireFox, its called Adblock Plus and its great against adwares and popups. To download it click this link.


Click for more informations (Click to View)

Useful Video tutorial(s):
Remove Spyware/Adware From Your Computer! With Spybot-S&D
How to remove adware, spyware, dailers, keyloggers, trojans, and protect your usage tracks
Viruses

A computer virus is program which copy itself and infect other file on your computer. Once when its installed, virus spread over your computer and infect all files. Also there are many types of viruses, spreaders(which can spread over P2P, messangers & other web pages etc.). Some viruses include other viruses, trojans, worms, rootkits, spywares etc. In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, viruses are sometimes attached/binded with legitmate programs. In order to avoid detection by users, some viruses employ different kinds of deception. Some old viruses, especially on the MS-DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus. Some viruses can also infect files without increasing their sizes or damaging the files. Even if virus is detected some viruses try to avoid detection by killing the tasks associated with antivirus software before it can detect them. Viruses can also try to trick antivirus software by intercepting its requests to the operating system. A more advanced method is the use of simple encryption to encipher the virus. In this case, the virus consists of a small decrypting module and an encrypted copy of the virus code. If the virus is encrypted with a different key for each infected file, the only part of the virus that remains constant is the decrypting module, which would (for example) be appended to the end.

Operations

• Spreads itself and infect all files on your computer
• Can be binded with legitmate program, and without your knowledge infect all files on your system
• Can have code which can kill AV before you run virus and make undetectable
• Some viruses can generate their name and make cleaning harder

How to remove Virus infection & protect your PC

To remove virus from your PC you will just need updated AV software. Also download free Anti-Spyware tools from internet, I suggest you MalwerByte, SpyBot S&D or Dr Web curelt etc. To download them, just click on linked names of tools and you will get on legit download page.

Useful Video tutorial(s):
How To Remove Virus Without Using Antivirus Program
How Clean A Patching Virus (Virut or Sality)

Rootkits

Rootkit is a program that enable admin-level acces to a computer. Its something like exploit(security hole) which install rootkit on your computer after obtaining user-level access, either by exploiting a known vulnerability or cracking a password. Once installed, rootkit allows attacker to mask intrusion and gain privileged acces to your computer. Rootkit can also contain spyware or any other type of malicious software. Most rootkits typically hide files, processes, network connections, blocks of memory. Rootkits often modify parts of the operating system or install themselves as drivers or kernel modules, depending on the internal details of an operating system's mechanisms.

About rootkits(click links):

[x]Firmware
[x]Hypervisor
[x]Boot loader
[x]Kernel
[x]Library
[x]Application

Operations:

• Can enable admin-level acces to a computer
• Sometimes rootkits can drop spywares, viruses, worms etc.
• Can hide files, processes, network connections etc.
• Rootkits modify parts of the operating system and install themselves as drivers.

How to remove Rootkit infection & Protect your PC

Direct removal of rootkit wont really help. You will need dedicated tool to remove rootkits from your computer. You will need skills or experience to remove any type of rootkits. Option one is to re-install your operating system again or to remove by using some Anti-Rootkit tool. I suggest you to download and install some free Anti-Rootkit(Sophos Anti-Rootkit, Panda Anti-Rootkit, Avira AntiRootkit Tool, SpyBot S&D, Anti Rootkit etc.)

Useful Video tutorial(s):
How to Defeat a Rootkit Without Reinstalling Windows
RootKit detection and removal

Keystroke loggers(Keyloggers)

Keylogger is a software program or hardware device that is used to monitor and log each of the keys you type into a computer keyboard. Once installed the program or hardware device can then view all keys typed in by that you. Because these programs and hardware devices monitor the keys typed in, hacker can easily find your passwords and other information about you(Credit Cards, Bank Accounts, PayPal, Email Account etc.). Keylogger is commonly included in rootkits. A keylogger normally consists of two files: a DLL which does all the work and an EXE which loads the DLL and sets the hook. Therefore when you deploy the hooker on a system. There are two types of keyloggers, spywares & usually offline keylogger. Spywares are usually made for logging your passwords, offline keylogger is visible for you and anyone who use your computer can see logs.

Operations

• Log every single keystroke you type in your keyboard
• Some keylogers can take screenshot of your dekstop
• Invisible for human eye
• Sometimes, keyloggers got names like legitmate process
• Low CPU usage and almost invisible

List of well-known keyloggers & removing instructions(click links):

[x]007 Spy Software
[x]2Spy
[x]AB System Spy
[x]ActionsMonitor
[x]Actual Spy
[x]Ardamax Keylogger
[x]BEEE
[x]BigLuck
[x]BlazingTools Perfect keylogger
[x]Boss Everyware
[x]Call Online Two
[x]Cummings Keylogger 2.0
[x]Desktop Scout
[x]eBlaster
[x]EliteKeylogger
[x]Elfrah PCSpy
[x]CapScrn
[x]CQMA
[x]DesktopDetective
[x]EBlaster 5.0
[x]ElGolf 1.0b
[x]Catch Cheat Spy 1.4
[x]CLogger
[x]CyberSitter
[x]DBdoor
[x]Edepol
[x]Espion
[x]EyeSpyPro
[x]Akuku.889.A

For more informations & Manually Removing instructions click this link.

How to protect your PC from Keyloggers

To remove keylogger you can use any tool AntiVirus, Anti-Spyware or some Anti-Keylogger. AntiVirus(AVG Free, Avast Free and Kaspersky etc.), Anti-Spyware(Malwerbyte, SpyBot S&D, Super Anti-Spyware etc.) and Anti-Keylogger(Advanced Anti-Keylogger, PrivacyKeyboard, Elite Anti Keylogger etc.)

To protect your passwords from being keyloged I suggest you to download (if you use firefox) addon for firefox called Keyscrambler.
Click for more informations (Click to View)

Rogue Programs

Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing.


Operations:

• Alerting the user with fake or simulated detection of malicious software
• Installing actual malware onto the computer, then alerting you after detecting them.
• Selectively disabling parts of system to prevent you from uninstalling them.
• Deleting parts of system and rebooting the computer
• Presenting offers to fix urgent performance problems or perform essential housekeeping on the computer.

List of well-known rogue programs:

[x]007 Anti-Spyware
[x]1stAntiVirus
[x]2008-antispyware
[x]2008antivirus
[x]2008antivirus-software
[x]2008-downloads
[x]2008-panda
[x]2008-security
[x]2008-virus-protection
[x]2009 Antivirus Downloads
[x]2009-antispyware
[x]Advanced Virus Protection
[x]Advanced Virus Removal
[x]Advanced Virus Remover
[x]Advanced XP Defender
[x]Advanced XP Fixer
[x]AdvancedAntivirus
[x]AntiSpyCheck
[x]AntiSpyCheck 2.1
[x]AntiSpyControl
[x]AntiSpyGolden
[x]AntiSpyKit
[x]AntiSpyMaster
[x]AntispySpider
[x]AntiSpyStorm
[x]Doctor Antivirus
[x]Doctor Antivirus 2008
[x]DoctorAdwarePro
[x]DoctorAntivirus2008
[x]DoctorVaccine
[x]Dr.AntiSpy
[x]DriveCleaner
[x]DriveCleaner 2006

For more informations and full list click this link.

Useful Video tutorial(s):
How to Remove Virus Remover 2008 Rogue/Fake Scanner/Alert Program
REDO Remove Any Rogue(Fake) AntiVirus Program Fake Alert/Scanner

Spams

Spam is the abuse of electronic messaging systems to send unsolicited bulk messages indiscriminately. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, Usenet newsgroup spam, Web search engine spam, spam in blogs, wiki spam, online classified ads spam, mobile phone messaging spam, Internet forum spam, junk fax transmissions, social networking spam, and file sharing network spam.

Instant Messaging Spam

Instant Messaging spam, known also as spim , makes use of instant messaging systems. Although less ubiquitous than its e-mail counterpart, spim is reaching more users all the time. According to a report from Ferris Research, 500 million spim IMs were sent in 2003, twice the level of 2002. As instant messaging tends to not be blocked by firewalls it is an especially useful channel for spammers.

Mobile phone spam

  Mobile phone spam is a form of spamming directed at the text messaging service of a mobile phone. It is described as mobile spamming, SMS spam, text spam, or Spam SMS but is most frequently referred to as m-spam. As the popularity of mobile phones surged in the early 2000s, frequent users of text messaging began to see an increase in the number of unsolicited commercial advertisements being sent to their telephones through text messaging. This can be particularly annoying for the recipient, because unlike email, it is usually difficult or impossible to delete an SMS message without reading it.

Online game messaging spam

Many online games allow players to contact each other via player-to-player messaging, chat rooms, or public discussion areas. What qualifies as spam varies from game to game, but usually this term applies to all forms of message flooding, violating the terms of service contract for the website. This is particularly common in MMORPGs such as World of Warcraft and others where the spammers are trying to sell game related items for real world money, chiefly among these items is in-game currency. This kind of spamming is also called Real Money Trading.

  In World of Warcraft it is common for spammers to advertise sites that sell gold in multiple methods of spam. They send spam via the in game private messaging system, via the in game mailing system, via yelling publicly to everyone in the area and by creating a lot of characters and committing suicide and making a row of bodies resemble a site URL. The URL takes the user to a gold selling website.

Noncommercial spam

E-mail and other forms of spamming have been used for purposes other than advertisements. Many early Usenet spams were religious or political. Serdar Argic, for instance, spammed Usenet with historical revisionist screeds. A number of evangelists have spammed Usenet and e-mail media with preaching messages.

Virus spreading spam (Important to know)

Spam can be used to spread computer viruses, trojan horses or other malicious software. The objective may be identity theft, or worse. Some spam attempts to capitalize on human greed whilst other attempts to use the victims' inexperience with computer technology to trick them.

Phishing

  In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as user names, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging.

Phone phishing

  Not all phishing attacks require a fake website. Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts. Once the phone number was dialed, prompts told users to enter their account numbers and PIN. Wishing sometimes uses fake caller-ID data to give the appearance that calls come from a trusted organization.

Website forgery

  Once a victim visits the phishing website the deception is not over. Some phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL. An attacker can even use flaws in a trusted websites own scripts against the victim. These types of attacks aka cross-site scripting are particularly problematic, because they direct the user to sign in at their bank or service's own web page, where everything from the web address to the security certificates appears correct.

No comments:

Post a Comment

Shortly i come back to you !! thank you for your comment !!