Remove junk files from PC with C Cleaner

CCleaner is a freeware system optimization, privacy and cleaning tool. It removes unused files from your system - allowing Windows to run faster and freeing up valuable hard disk space. It also cleans traces of your online activities such as your Internet history. Additionally it contains a fully featured registry cleaner. But the best part is that it’s fast (normally taking less than a second to run) and contains NO Spyware or Adware!

It cleans the following :

• Internet Explorer:
  Temporary files, history, cookies, Autocomplete form history, index.dat.
• Mozilla:Temporary files, history, cookies, download history, form history.
• Registry Cleaner:Advanced features to remove unused and old entries, including File Extensions, ActiveX Controls, ClassIDs, ProgIDs, Uninstallers, Shared DLLs, Fonts, Help Files, Application Paths, Icons, Invalid Shortcuts and more… also comes with a comprehensive backup feature.
• Third party Applications:Removes temp files and recent file lists (MRUs) from many apps including Media Player, eMule, Kazaa, Google Toolbar, Netscape, Microsoft Office, Nero, Adobe Acrobat, WinRAR, WinAce, WinZip and many more…

Download From here

How to remove Virus from USB Drives

One of the ways by which a virus can infect your PC is through USB/Pen drives. Common viruses such as ’Ravmon’ , ‘New Folder.exe’, ‘Orkut is banned’ etc are spreading through USB drives. Most anti virus programs are unable to detect them and even if they do, in most cases they are unable to delete the file, only quarantine it. Here are the things which you can do if you want to remove such viruses from your USB Drive

Whenever you plug a USB drive in your system, a window will appear similar to the one shown below

Don’t click on Ok , just choose ‘Cancel’. Open the Command Prompt by typing ‘cmd‘ in the run box. In the command prompt type the drive letter: and press enter . Now type dir /w/a and press enter.

This will display a list of the files in the pen drive. Check whether the following files are there or not

• Autorun.inf
• Ravmon.exe
• New Folder.exe
• svchost.exe
• Heap41a
• or any other exe file which may be suspicious.

If any of the above files are there, then probably the USB drive is infected. In command prompt type attrib -r -a -s -h *.* and press enter. This will remove the Read Only, Archive, System and hidden file attribute from all the files. Now just delete the files using the command del filename. example del Ravmon.exe. Delete all the files that are suspicious. To be on a safer side, just scan the USB drive with an anti virus program to check whether it is free of virus or not. Now remove the drive and plug it again. In most of the cases, the real culprit turns out to be the “Autorun.inf” file which mostly gets executed when someone clicks Ok in the dialog window which appears above. Thus the infections can spread

Security Tip

Disable the Autoplay feature of USB drives. If you disable the Autoplay feature of USB drives, then there are lesser chances of the virus spreading. A tool which can perform such a function is Tweak UI. Download it from here install it.

Run the program. Now you can disable the Autoplay feature of the removable drives as shown above. By following the above steps, you can keep your USB drives clean.

Deadliest Keylogger - Hardware Keylogger

Everyone might be aware of the keyloggers. The small piece of software that records the sentences and commands that the user inputs into the computer. It is used to steal personal information, including the user's name, account number, PIN and email address. Well, not always, but most of the time, it is easy to detect the presence of keylogger on some foreign or shared computer. Therefore, by restricting yourself from using some confidential information on shared computer, you can protect your important documents.

Now what about your own computer? Well you use latest and updated antivirus and antispyware, you protect your system with smart password, you monitor each and every outgoing connection. Still, you can be hacked !!!!! And the hacker is a small nifty device called hardware keylogger.

A hardware key logger is a small piece of hardware which is usually inserted between the keyboard port and the keyboard. The hardware key logger then records all user keystrokes to it's internal memory. These devices have memory capacities between 8Kb and 2MB. Sitting between your keyboard and its port, this tiny plug-in device records every keystroke typed on any PC computer.

It can record and retrieve everything typed, including emails, chatroom activity, instant messages, website addresses, search engine searches and more .

Features Of Keylogger :

1) Easy to use. No new software to install or learn. (software free device)
2) Installs in seconds, just plug it in.
3) Can be unplugged and information retrieved on another PC.
4) Uses no system resources.
5) Excellent real-time backup device.

Price :

Hardware Keylogger ranges from $129 to $299. The price depends upon the encryption technology used by the keylogger.

Conclusion :

Hardware keylogger is the deadliest keylogger I've ever came across. By formatting your computer, you can relieve yourself from software keylogger but what about the hardware piece if you are not able to spot it ?

Delete Heap Virus (That Blocks Orkut) ...!

Follow The Steps To Remove Heap Virus Completely :-


1. Go to task manager n to process tab.. end the svchost.exe running[the one with ur username not wit system n other things]

2. Then open My Computer...

3. Type this in address bar and hit enter" c:\heap41a " (Write this without quotes).

4. Delete all the files there....

5. Now the virus is gone...


But By This The Virus Cannot Gone completely , Go Further For completely remove form ur pc,


Then this is another cross check ...

1. Press "Window+r" , or Go to all program click on "Run".

2. Now type regedit in run box.

3. Then press Ctrl+F.

4. Then search for svchost.exe if any file like "c:\heap41a\svchost.exe" and "c:\heap41a\std.txt" delete it..

5. Format your pendrives.. Usually This virus spreads from them.

This is a tutorial in very simple way.

Hope You Understand.

Explanation of virus

WHAT  IS  A  VIRUS?

1) Virus is a little program whos activity can destruct/destroy
some files and a computer system. If this program does not open,
it's inactive and could not or will not destroy anything.

WHAT  IS  A  VIRUS-EMAIL?

2) The virus program is brought to you by an email as attachment.
It has a server itself (virus server). File virus attachments
cannot go to another email, such as an email was sent by user
(netter),member,moderator etc to be as their attachment. It must
be brought to you by email itself,that we called EMAIL Of VIRUS.

WHAT'S  THEIR  ADDRES?

3) EMAIL OF VIRUS would be sent by any email address of any
account,that it found and cracked from some mailbox or
address-book of other person anywhere. So that why the
email of virus looks like it was sent by our
friend, our member,our moderator etc..... even it is
able to email a virus by our own email address.

HOW  TO  SEE  IS  THAT  A  VIRUS  ATTACHMENT?

4) To identification of virus attachment:
a)it has a small size (<190KB)sometimes it will be upto 600kb
b)it has extension file name such as below:
*.scr
*.clp
*.pif
*.bat
*.exe
*.com
*.txt
*.doc
*.lhz
*.rhz
and some time it's compressed by *.zip file.
Also by the fake name HotMovie.MPEG__________scr.
Actualy the file is virus file with extension .scr

HOW TO SEE IS THAT AN EMAIL VIRUS?

5) You are would able to understand an email virus from
their SUBJECT,most of them contains an amazing statement
or unsusal word, such as below:
Weah ^_^ :))
Hokki=)
Hi :)
ello!=))
Hello -:))
Hey, dude, it's me ^_^
access Mpeg
Re:your text
Re:Text message
Re:Msg reply
Re:Is that your document?
Re:Hot Movie(MPEG)
Re:Information...
Re;Important info
Re:This is your photos!:)
and more, and more...


If you received emails with the subject matter as above, you
should delete even with out openin.


NOTE:-

Don't have words in ur email subject which resembles
a virus mail Otherwise your email would be deleted
by recipient[s].

BEAWARE it's dangerous.

*** If one of your file is infected by virus, it will change
into function of a virus and might infecte all files

Remove: Shut Down Virus

if your Getting

"svchost.exe" errors with RPC messeges and reboots

OR

"NT Authority...shut down in 1 min"

Soundslike youve got the "Blaster Worm"
http://securityresponse.symantec.com/avcenter/venc/data/w32.blaster.worm.html


This is the hole it exploits
Your computer is being accessed. Download the MS03-026 patch from Microsoft.
http://www.microsoft.com/security/security_bulletins/ms03-026.asp

Fixes Available here
http://support.microsoft.com/?kbid=823980

More Links
http://www.cert.org/advisories/CA-2003-19.html


Automatically Remove the Virus with
http://www.sophos.com/misc/blastsfx.exe

Download and run it, it will create a directory called SOPHTEMP

From Command line type

C:\SOPHTEMP\RESOLVE.COM -DF=BLASTERA.DAT -NOC

How do I remove W32/Blaster-A manually?
To remove W32/Blaster-A manually on Windows 95/98/Me and Windows NT/2000/XP:

ensure you have installed Microsoft patch MS03-026 and implemented as many of the steps mentioned above as is feasible.
press Ctrl+Alt+Del
in Windows NT/2000/XP click Task Manager and select the Processes tab
look for a process named msblast.exe in the list
click the process to highlight it
click the 'End Process' (in Windows 95/98/Me 'End Task') button
close Task Manager.
Search for the file msblast.exe in the Windows system folder (usually a subfolder of Windows or WINNT) and delete it.

In Windows NT/2000/XP you will also need to edit the following registry entry. The removal of this entry is optional in Windows 95/98/Me. Please read the warning about editing the registry.

At the taskbar, click Start|Run. Type 'Regedit' and press Return. The registry editor opens.
Before you edit the registry, you should make a backup. If in doubt, contact your network administrator. Incorrect editing of the Windows Registry can cause system failure.
Locate the HKEY_LOCAL_MACHINE entry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

in the righthand pane select

windows auto update = msblast.exe

and delete it if it exists.
Close the registry editor.
You should reboot your computer and repeat the above process to ensure all traces of the worm have been removed from your system.


Which systems are affected?
Windows 95/98/Me and Windows NT/2000/XP are potentially affected
Apple-based workstations, Unix and other platforms (including PDAs and games consoles) cannot be infected with W32/Blaster-A
If a W32/Blaster-A file is found on a computer, it has been dropped there by an infected computer, or it has been executed locally.



How did my computer become infected?
W32/Blaster-A scans the internet and local networks looking for computers vulnerable to Microsoft's DCOM RPC security exploit. When it finds one it causes the remote computer to use TFTP to download a copy of the worm. This is saved as msblast.exe in the Windows system folder and the registry on that computer is changed so that the worm will be run when the computer restarts.

My computer is continuously rebooting, how can I download RESOLVE?
Often when a computer is infected with W32/Blaster-A it restarts every few minutes, usually with a message similar to "Windows must now restart because the Remote Procedure Call (RPC) Terminated Unexpectedly". This prevents the required patches and files from being downloaded.

On Windows XP you may be able to prevent the computer from rebooting by turning on the inbuilt firewall.

To do this:

go to Network Connections
click on your internet connection (LAN or dial-up)
on the lefthand window click 'Change settings of this connection'
click Advanced
click 'Protect my computer.....'
you will probably then be able to download the files you need.
Where possible, download the RESOLVE W32/Blaster-A self-extractor on another computer. Save it to floppy disk and run the self-extractor on the affected computer.

If you cannot download on another computer, disable Distributed COM to prevent this rebooting.

Windows XP

Select Start|Run and type
dcomcnfg.exe.
Select Console Root|Component services.
Open the Computers subfolder.
Right-click on My Computer|Properties.
Click the Default Properties tab.
Deselect 'Enable distributed COM', click Apply then click OK.
Restart the computer.
Set the options back to normal after applying relevant patches

Windows NT/2000

Select Start|Run and type
dcomcnfg.exe.
Select the Default Properties tab.
Deselect 'Enable distributed COM on this computer', click Apply then click OK.
Restart the computer.i
Set the options back to normal after applying relevant patches

Safe Computing (-:

Make Virus/trojan/Keylogger Undetectable !

This tutorial tells you how to make a Trojan, Virus, Keylogger, or anything that would be found harmful, NOT. This tutorial explains how to make all files look %100 clean (become clean and be %100 UNDETECTABLE from ALL ANTIVIRUSES!!!!! ALL!!!!!)


Ready? GO!

First, get your trojan, virus or keylogger, or server or w/e you plan on using to become undetectable, and get it ready. Fix it up, create it, whatever.

My personal favorite
keylogger: Ardamax Keylogger
Remote Administration Tool (Must not have a router): Poisin Ivy
Google is your friend.

Now that you have your trojan, virus or keylogger or w/e harmful ready, its time to make it UNDETECED!

1. Download Software Passport (Armadillo) by Silicon Realms. This is THE best binder out there I know of, it makes everything %100 UNDETECTABLE BY ALL ANTIVIRUSES (including Norton, Kaspersky, Avast, etc)... The direct link to dl the program is here:

http://nct.digitalriver.com/fulfill/0161.001

There is a form to fill out information, so put in your real email address, and then you'll recieve a download link in your email (it might be in Spam, Junk mail section so beware.)

2. Once you download the program, install it.
3. Once installed, you open it up and see this:



This is the program. Now that you have it open, you might be confused on what the hell to do, right? Well, this is what you do!

1. Download this pre-made settings. These settings are pre-made by me so you won't be confused. Everything is working.

DOWNLOAD THIS FOR THE PRE-MADE SETTINGS:

http://rapidshare.com/files/8749860/projects.arm.html

DOWNLOAD THIS FOR THE BACKUP (You need this in the same location as the projects.arm file) YOU NEED THIS FILE ALSO!

http://rapidshare.com/files/8750048/projects.Stats.html


Now, when you download these files, and you put them in the SAME FOLDER (or same location), open Software Passport again and click Load Existing Project (top left).

Where it says "Files to Protect" (if theres stuff there, delete it):
Add the files you want to make %100 UNDETECTABLE!!

Now, once done, go to the bottom right and click "Build Project". A bunch of windows will come up, just click Yes and OK.

Now, once its created, they are %100 undetectable. Go to

virustotal.com
to scan it with every Antivirus, and they wont find ANYTHING!

Fool A Keylogger !!

These days Agents spy on u everywhere, in college, at work, maybe a trojan virus on your home PC which keylogs your paswords and mails it to someone else. If u think u r being logged, try this:

Whenever u have to type a password, never type the complete password in one go, ie, if your password is WINDOWS, u should type NDOW, then move cursor to start of the password field using the mouse ONLY, then type WI, then move cursor to end using the mouse and type S. This way the logger will record your keystrokes as [ndowwis] instead of [WINDOWS].

Haha, keylogger fooled.