ExtremeVoltages: June 2009

Friday, June 26, 2009

E-Books on Computer Secrutiy

Name: The Art of Reversing
Pages: 50
Size: 2.59 MB
download
-----------------------

Name: Corporate Security
Pages: 23
Size: 1.4 MB
Download

--------------------

Name: -****** the Network
Pages: 329
Size:4.5 MB
Download
------------------------

Name :Tricks of the Internet Gurus.
Pages: 700+
Size: 5.6 MB
Download
---------------------------

Name: Breaking Into Computer Network from Internet
Pages: 90
Size: 1.1 MB
Download

---------------------------

Name: Hac**** Windows XP
Pages: 379
Size: 12.1 MB
Download
----------------------------

Name: Security & Privacy
Pages: 102
Size: 11 MB
Download
--------------------

Name: The little Black book of Computer Vir****. "The most precious Book"
Pages: 183
Size: 1.3 MB
Download

--------------------

Name: The Art of Reversing By ap0x. [Serbian language]
Pages: 293
Size: 7 MB
Download
Visit Reversing Labs
* How to translate this book? click here
--------------------

Monday, June 22, 2009

This info is for education purposes, i m not responsible for that if you use it for illegal purposes.

Windows offers the useful option of “Safe Mode” to recover from any damage caused by various malfunctions in the system. Booting in Safe Mode loads limited drivers and services that are required for the basic operation of the system, but avoids adding many extras that complicate the environment.
In general, Safe Mode is very helpful in recovering the system from malware infections. However, malware can exploit this feature by loading in Safe Mode, thus creating great difficulties for users and administrators in recovering from these infections.

How they run in Safe Mode?

The services and drivers that load in Safe Mode are listed under the following registry key(s):

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

If malware gains control of the system, it can add its entry under the above key(s) to load during a Safe Mode boot. This type of malware is difficult to remove manually; you’ll need an anti-virus product to detect and clean such malware.

Safety Precautions :-

Always practice anti-virus which is the first step in keeping your computers clean, and keep your anti-virus signatures updated.

Thursday, June 18, 2009

GeoGraphical Distribution Of Viruses

Population of Viruses Vary in all countries.Some countries have very less population of viruses/worms and some have High. It also depend upon the type of virus/worm.
Let’s see this graph.

Lets see some common examples.

2)-

3)-

4)-

5)-

These Maps will be updated regularly.

Monday, June 15, 2009

Importance OF File Packers

Don’t use these packers for Illegal purposes! Otherwise we will not take any responsibility.
Exe Packers/Encryptors:-

Unfortunately, many virus composers are use packers to make detection difficult and to defeat Signature base scanning.
Packers are basically used to reduce file size, so that to make uploading and downloading easy and fast.
They can also be used to protect software’s from modern cracking.

I burnt my mid-night oil to search lot of packers and uploaded it for you.

Compression Test:
File used for that test is Firfox.exe 2.0 Original File size 7.30 Mb.

Packer Name-------------------File after Compressed in MB
FSG 2.0--------------------------3.62
HotFusion.08---------------------Binder
Mew 1.2 -------------------------2.91
nsPack 3.7------------------------2.74
Npack 2.0 ----------------------- 4.19
PeSpin----------------------------3.67
ARM Protect----------------------Protector
winUpackE .31--------------------2.77
UPX 3.3 --------------------------3.17

Note: Your anti virus may report this as a virus, because packing files with some packers like FSG make the file specious, even you pack notepad.exe. So suspend your Antivirus and continue your work.

Packer suite contain following packers and versions, All of them are FREEWARE + Made Portable by ExtremeVoltages

FSG v2.0
HotFusion v 0.08 (Fantastic Software)
Mew v1.2
nsPack v 3.7
Npack v2.0
PeSpin 1.32
ARM Protect
winUpackE v 0.31
UPX 3.3 (With GUI)

Packers suite
Size: 3.7 Mb
License: FreeWare
Download Packer Suite

Some Shareware Packers/Protectors:
1) eXpressor
2) Mprotect
3) Aspack
4) Molebox Pro
5) Bitsum PE Compressor

Saturday, June 13, 2009

Malware Removal Tools

Most of the people use anti virus when their computer got infected, why not before? So when your computer get infected and your anti virus don't detect it, instead of formatting your hard disk or Installing new anti virus and updating it is a time taking task.

So there are some alternates of it. Try different virus removal tools. Keep in mind that most of them are effective against certain viruses!

i)-Mcafee Stinger
This is a very nice tool by Mcafee. It's portable. Just download it and then scan you PC. It's quite effective against certain viruses and updated on the site regularly.

Download Stinger

ii)Microsoft Windows Malicious Software Removal Tools
A fine creation by Microsoft. This is a tool which is very effective against latest threats.

Download MS Removal Tools

iii)Kasper Sky removal Tools

Download Tool

iv) Malware Bytes
Most of the people think that is also a very good tool not more than 4mb so try. They will give you real time protection if you pay them so a virus detection software that offer your real time protection, your can say it a anti-virus but here your are using it free so it's a malware removal tool.

Download MalwareBytes

Avira Antivir Removal Tools:-
For all those experiencing the damaging effects of a virus infection, Avira's researchers have prepared a free removal tool, which can be used to eliminate major distinct threats.

Avira Removal Tools

vi)AVG removal Tools
They provide a list of specialized utilities for virus removal. The utilities can be used to remove some of the most common viruses. The list is updated on regular basis.

Download AVG Tools

--------------------------------------------------------------------
How to search a Specific virus Removal Tools?
If to search for pacific virus removal tools suppose win32/virut go to Google
and type "win32/virus remover" or "win32/virut removal tools", you will get the
result then download it.
syntax
virusname removal tool
or
virusname remover

Monday, June 8, 2009

How to Submit Virus Sample?

Every day we face lots of virus which tease and annoy innocent peoples around us. Have you ever thought to submit those viruses to anti virus companies, so that thy make their Signatures and updates!

Importance:-
Every one use some kind of anti virus which he/she trust most. there are lots of benefits of submitting a virus sample.

1)Save lot's of other user from damage

When a day , you submit a sample you save a person from damage, similarly some day he/she will submit a sample your computer get safe!

2)To discourage Malware composers:

When a malware composer writes a virus, he spend lot of time on it and if it's virus dont achieve it's goal and detected earlier it's quite annoying and discouraging for him and with the passage of time malware composers population will start reducing.

Following are some addresses of submitting samples. You can submit to those AV company that you use!

Submit Virus Sample to :

1)-Nod32 (This is also a online scanner)

samples.nod32.com.sg

2)-Symantec

https://submit.symantec.com/websubmit/retail.cgi

3)-Avira

http://analysis.avira.com/samples/

4)-Avast

http://support.avast.com/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=199

5)-Kasper sky

http://support.kaspersky.com/virlab/helpdesk.html

6)-Mcafee

https://www.webimmune.net/default.aspz

Note: Create a free account, you will be able to upload files directly to Avert's automated systems for review. If the automated system is unable to determine a threat exists then the issue will be escalated to Avert Analysts.

7)-F-Secure

https://analysis.f-secure.com/portal/login.html

Hope this will help you!
If you have any problem and question please leave a comment!

ExtremeVoltages