Thursday, September 8, 2011
New trojan masquerades as Microsoft enforcement-ware...Threatens to destroy everything and sue the remains
Wednesday, August 31, 2011
A QR code (Quick Response Code) is a specific matrix barcode (or two-dimensional code) that is machine readable and designed to be read by smartphones. The code consists of black modules arranged in a square pattern on a white background. The information encoded may be text, a URL, or other data.
In fact, it's their ability to hold significantly more information, as well as their user-friendliness which makes QR codes practical for individuals and businesses of all sizes.QR codes can be scanned and read by camera-equipped smartphones via software that's already installed on your phone, or with an application that you download such as Lynkee Reader or i-nigma Reader , which are compatible with a wide variety of modern smartphones including iPhone, Blackberry, Sony Ericsson, HTC, Motorola and Nokia. The readers/scanners give smartphone users the ability to read a QR code without special equipment.
Tuesday, August 30, 2011
Thursday, August 25, 2011
Saturday, August 20, 2011
Plankton works like a parasite: latching onto its host applications as a background service which has no affect on that apps intended purpose. When a user runs an infected application on their Android phone, Plankton collects information such as the device ID and list of granted permissions and sends them via HTTP POST message to a remote update server, the NC State researchers found.That remote server returns a URL pointing to an executable file for the device to download. Once downloaded, the jar file is dynamically loaded. In this way, the payload evades static analysis and is difficult to detect.Analysis of the payload shows that the virus does not provide root exploits, but supports a number of bot-related commands. One interesting function is that the virus can be used collect information on users’ accounts.
In Android versions 2.2 (Froyo) and earlier,DroidKungFu takes advantage of two vulnerabilities in the platform software to install a backdoor that gives hackers full control of your phone. Not only do they have access to all of your user data, but they can turn your phone into a bot – and basically make your smartphone do anything they want.
Friday, August 5, 2011
How To Remove Rootkit.TDSS
STEP 1 : USE WINDOWS TASK MANAGER TO REMOVE ROOTKIT.TDSS PROCESSES
RkLYLyoM.exe podmena.exe file.exe ~.exe 7-v3av.exe csrssc.exe 72631899.exe 1776260179.exe ucxmykkc.exe
STEP 2 : USE WINDOWS COMMAND PROMPT TO UNREGISTER ROOTKIT.TDSS DLL FILES
UACyylfjdaa.dll TDSSnrsr.dll tdssserf.dll TDSSriqp.dll TDSSciou.dll TDSSoexh.dll
STEP 3 : DETECT AND DELETE OTHER ROOTKIT.TDSS FILES
UACyylfjdaa.dll TDSSnrsr.dll TDSSmaxt.sys tdssserf.dll TDSSriqp.dll TDSSciou.dll TDSSoexh.dll tdidrv2.sys RkLYLyoM.exe podmena.exe tdssserv.sys file.exe ~.exe 7-v3av.exe csrssc.exe 72631899.exe 1776260179.exe ucxmykkc.exe
How To Remove Win32.Agent.P
REMOVE PROCESS FILES
REMOVE REGISTRY ENTRIES
How To Remove Win32.Agent.gpe
REMOVE PROCESS FILES
In this way, even when a user looks for these items on a computer, they won’t be able to see them.
Monday, August 1, 2011
- Download the software emulator for android from below link:
- Here's an overview of the steps you must follow to set up the Android SDK:
- Prepare your development computer and ensure it meets the system requirements.
- Install the SDK starter package from the table above. (If you're on Windows, download the installer for help with the initial setup.)
- Install the ADT Plugin for Eclipse (if you'll be developing in Eclipse).
- Add Android platforms and other components to your SDK.
- Explore the contents of the Android SDK (optional).
Sunday, July 31, 2011
XP Antivirus 2012 program has been manipulating people into believing as genuine software. However, this rogue anti-spyware mostly penetrates into a random computer system without the user’s knowledge and approval and opens the backdoor of the system(may be port 514 RPC Backdoor) to let more threats or allow the scammers to reach your personal information. All this is done with a help of Trojans that infect vulnerable systems through fake video codecs and flash updates. As you can see, you should not believe XP Antivirus 2012 and its detection reports as they are fabricated and have in fact nothing to do with the true condition of machine. Remove this software asap without purchasing it.
XP Antivirus 2012 manual removal:
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'
Friday, July 29, 2011
DEFINITION: The Windows 9x/NT/2000/ME/XP Registry is a complex, unified, system wide, continually referenced during operation database, used for centrally storing, locating, editing and administering system, hardware, software and user configuration information, following a hierarchical structure.
It was introduced to replace the text/ASCII based MS -DOS configuration (.BAT, .SYS) and MS Windows initialization (.INI) files.
Structure of Registry in windows 9X is Different from that of Windows NT,2000 and XP.
Windows 95/98/ME :In these operating systems Registry is stored in these 5 files, with the Hidden, Read-only attributes for write-protection purposes, usually located in the %WinDir% folder (default is C:\Windows) .
· SYSTEM.DAT = stores persistent hardware and software settings related to the system it resides on, contained in the (HKEY_CLASSES_ROOT = Windows 95 and 98 only) and HKEY_LOCAL_MACHINE Hive keys.
· USER.DAT = stores user specific and software settings contained in the HKEY_CURRENT_USER Hive key. If more than one user, then multiple user profiles enable each user to have their own separate USER.DAT file, located in %WinDir%\Profiles\%UserName%. When a user logs on, Windows OS (down)loads both USER.DAT files: the one from the local machine %WinDir% (global user settings), and the most recent one from the local machine %WinDir%\Profiles\%UserName%, or from the central (host) server if user profiles reside on a network (local user settings).
· CLASSES.DAT = stores persistent data contained in the HKEY_CLASSES_ROOT Hive key, found only on Windows ME.
· SYSTEM.DA0 and USER.DA0 = automatically created backups of SYSTEM.DAT and USER.DAT from the last successful Windows GUI startup, and found only on Windows 95
Windows NT/2000/XP :Registration Database is contained in these 5 files located in the %SystemRoot%\System32\Config folder (default is C:\Winnt\System32\Config for Windows NT/2000 or C:\Windows\System32\Config for Windows XP):
· DEFAULT = stores the HKEY_USERS\.Default key.
· SAM = stores the HKEY_LOCAL_MACHINE\Sam key.
· SECURITY = stores the HKEY_LOCAL_MACHINE\Security key.
· SOFTWARE = stores the HKEY_LOCAL_MACHINE\Software key.
· SYSTEM = stores the HKEY_LOCAL_MACHINE\System key and the HKEY_CURRENT_CONFIG Hive key,
these files located in the %SystemRoot%\Profiles\%UserName% folder:
· NTUSER.DAT and USRCLASS.DAT (Windows XP only) = store the HKEY_CURRENT_USER Hive key,
Always make sure that you know what you are doing when changing the registry or else just one little mistake can crash the whole system. That's why it's always good to back it up!
To view the registry (or to back it up), you need to use the Registry Editor tool. There are two versions of Registry Editor:
:To modify the Registry, you need to use a Registry Editor:
· Regedit.exe (Windows 95/98/ME/NT/2000/XP) = located in %WinBootDir% (%SystemRoot%) has the most menu items and more choices for the menu items. You can search for keys and subkeys in the registry.
· Regedt32.exe (Windows NT/2000/XP) = located in %SystemRoot%\System32,enables you to search for strings, values, keys, and subkeys. This feature is useful if you want to find specific data.
For ease of use, the Registry is divided into five separate structures that represent the Registry database in its entirety. These five groups are known as Keys, and are discussed below:
This registry key contains the configuration information for the user that is currently logged in. The users folders, screen colors, and control panel settings are stored here. This information is known as a User Profile.
In windowsNT 3.5x, user profiles were stored locally (by default) in the systemroot\system32\config directory. In NT4.0, they are stored in the systemroot\profiles directory. User-Specific information is kept there, as well as common, system wide user information.
This key contains configuration information particular to the computer. This information is stored in the systemroot\system32\config directory as persistent operating system files, with the exception of the volatile hardware key.
The information stored here is used to open the correct application when a file is opened by using Explorer and for Object Linking and Embedding. It is actually a window that reflects information from the HKEY_LOCAL_MACHINE\Software subkey.
The information contained in this key is to configure settings such as the software and device drivers to load or the display resolution to use. This key has a software and system subkeys, which keep track of configuration information.
.REG file, which can be in:
· plain text/ASCII format in Windows 95/98/ME and NT/2000/XP or
· binary format in Windows 2000/XP.
Text .REG files can be easily viewed/created/edited by hand using any text/ASCII editor, like Notepad
Their purpose is to add, modify or delete Registry (Sub)Keys and/or Values.