26 tips to protect your estimator from hacking
Firstly you lot should know that at that spot are a lot of strategies to hack non only through the TCP/IP breaking, but about online hackers are choosing API programming in addition to several are employing an encoding linguistic communication such VB every bit good every bit Delphi or mayhap whatever others, in addition to they'll operate within the Windows environment. And since you lot are using Windows in addition to thus you lot receive got to know that you lot are using a non secure OS ...
Now the starting fourth dimension thing to create is to secure your PC, for such a thing create the next steps :
DO NOT EVER testify whatever file that you lot got from the mesh or from whatever other somebody inwards the PC that you lot are using for browsing the Internet
Always update your Anti-virus or if you lot desire you lot tin privy purpose an updated scanning site for Viruses in addition to Trojans, endeavour this link (it's Free) ... http://housecall.antivirus.com in addition to click on Scan Now, in addition to ane time you lot larn the names of the hacking files if any, only write them inwards a slice of paper
Check your PC if at that spot is whatever hack file inwards it : for example, search for whatever of these files (after you lot allow the hidden in addition to organisation files to appear) Click Here in addition to if you lot flora whatever of them in addition to thus read the remainder of this page.
Right click on the Network Neighborhood icon in addition to conduct properties, in addition to thus take the concluding icon (file in addition to printer sharing)
Do non install whatever protocol that you lot don't genuinely use
When you lot complete browsing the Internet unopen the Internet Explorer, in addition to thus correct click on the Internet Explorer icon that is located on the desktop in addition to conduct properties ,,, inwards the General tab click the "Delete Files" push in addition to thus banking concern agree the "Delete all offline content" check-box in addition to click OK ... (also click on the "Delete Cookies" push if you lot receive got it) ...
Remove the AutoComplete selection from your browser, in addition to regarding the cookies, it is ameliorate to larn to tools, Internet Options, in addition to inwards the safety tab click on Custom score in addition to conduct (prompt) for both cookies options.
If you lot are using the netstat.exe then it is recomended that you lot rename it to whatever other lift in addition to purpose the novel named file.
Always delete the files from C:\Temp in addition to C:\Windows\Temp folders.
Try your best to purpose the "Windows Update" always.
Some Hacking files or viruses don't allow you lot to run whatever application, inwards that instance you lot receive got to run this file to gear upwardly this work : Undo.reg.
Do NOT banking concern agree any "Save password" banking concern agree box.
Try NOT to cash inwards one's chips on the FTP connections inwards your PC.
You also receive got to know that many sites are non trusted, thus don't experience that costless inwards downloading whatever file from the Internet.
Make your password every bit long every bit you lot can, in addition to brand certain that you lot include about upper instance letters in addition to about numbers inwards it.
Go to the file (system.ini) in addition to opened upwardly it, inwards the 5th work you lot volition break : shell=Explorer.exe. But if you lot receive got been hacked ... it volition be shell=Explorer.exe xxxx.xxx, where xxxx.xxx is whatever file name, thus modify it to endure alone : shell=Explorer.exe in addition to relieve the file.
Go to the command panel in addition to larn to add/remove programs : if you lot flora a (Memory Manager 3.0) THEN UNINSTALL information technology ... don't mean value that it is a computer program .
Go to the file (Autoexec.bat) in addition to correct click on it in addition to conduct Edit, if you lot flora these 2 lines inwards it, in addition to thus remove them in addition to relieve the file :
1. @echo off re-create c:\sys.lon c:\windows\startm ,1\programs\startup\mdm.exe
2. del c:\win.reg
2. del c:\win.reg
These files tin privy endure located inwards whatever house of your difficult disk /
.exe (it is infinite point exe)
aim reminder.exe
bf evolution.exe
brainspy .exe (notice the infinite earlier the .exe)
bf evolution.exe
brainspy .exe (notice the infinite earlier the .exe)
cyber takeover.exe
dead bolt.exe
ds3-mini.exe
electrical chair.exe
en-cid12.*
fs-backup.exe
hitting it.exe
icq login.exe
calorie-free upwardly the night.exe
loveday14*.hta
malicious cleaner.exe
microsft cyberspace explorer.hta
intelligence doc.exe
nude pussy.exe
poisonous substance gas.exe
port 5000.exe
pretty park.exe
Ram distich optimizer.exe
recycle-bin.exe
robo-*.exe
rrlf-info.exe
ruler1-3.exe
sanctuary-sys33.exe
self extract.exe
serv-u32.exe
server 1.2.exe (there is a infinite later server) ...
sexy virgin.scr
S park.exe
the revenger.exe
truva atl.exe
really malicious.exe
weia-meia.exe
dead bolt.exe
ds3-mini.exe
electrical chair.exe
en-cid12.*
fs-backup.exe
hitting it.exe
icq login.exe
calorie-free upwardly the night.exe
loveday14*.hta
malicious cleaner.exe
microsft cyberspace explorer.hta
intelligence doc.exe
nude pussy.exe
poisonous substance gas.exe
port 5000.exe
pretty park.exe
Ram distich optimizer.exe
recycle-bin.exe
robo-*.exe
rrlf-info.exe
ruler1-3.exe
sanctuary-sys33.exe
self extract.exe
serv-u32.exe
server 1.2.exe (there is a infinite later server) ...
sexy virgin.scr
S park.exe
the revenger.exe
truva atl.exe
really malicious.exe
weia-meia.exe
These files are located inwards these locations ... follow the path ... the lift mightiness endure WINNT instead of WINDOWS ... in addition to SYSTEM32 instead of SYSTEM ... (search for these files inwards the active sectionalization if it was non C inwards your PC) ... if you lot flora whatever of them think its place ... it is ameliorate to uncheck the "Hide file extentions for know file type" from the folder options ...
C:\explorer.exe
C:\command.exe
C:\CONFIGG.SYS
C:\default.ini
C:\DivX\ (delete this folder but brand certain that it is non used past times about other program)
C:\DMSETUP.EXE
C:\iecookie.exe
C:\k2vl.exe
C:\MIRC.INI
C:\MIRC\BACKUP0412.INI
C:\MIRC\DMSETUP.EXE
C:\MIRC\MIRCREM.INI
C:\msdos98.exe
C:\msie5.exe
C:\mstask.exe
C:\os32779.sys
C:\PROGRAM FILES\DMSETUP.EXE
C:\Program Files\ik\ik.exe
C:\Program Files\Internet Explorer\_.exe
C:\Program Files\Internet Explorer\_.ini
C:\Program Files\Mdm.exe
C:\Program files\msgsrv36.exe
C:\Program Files\MStesk.exe
C:\recycled\temp.exe
C:\recycled\winkernel.exe
C:\sesame\ (delete this folder if you lot flora it)
C:\something\something.exe
C:\sys.lon
C:\system.dup
C:\TEMPSERVER.exe
C:\WINDOWS\...\Programs\StartUp\DeskManager.exe
C:\WINDOWS\command\drvspace.bat
C:\WINDOWS\command\msdos.sys
C:\WINDOWS\DMSETUP.EXE
C:\windows\fonts\ariel.exe
C:\windows\fonts\fonts\ (delete this folder ... fonts that is within fonts)
C:\WINDOWS\DMSETUP.EXE
C:\windows\inf\regcle32.exe
C:\windows\start menu\programs\startup\mdm.exe
C:\WINDOWS\Start Menu\Programs\Startup\mstesk.exe
C:\WINDOWS\SYSTEM\BRAINSPY .EXE (there is a infinite earlier the .EXE) C:\Windows\System\WSOCK32.SKA (IF you lot flora this file in addition to thus delete WSOCK32.DLL in addition to rename this ane from WSOCK32.SKA to WSOCK32.DLL)
C:\windows\temp\pkg*.exe (like pkg1221.exe or pkg2342.exe ... etc.)
C:\WINDOWS\TEMP\UNINST.DLL
C:\windows\y.bat (the y is having 2 dots over it)
C:\Windows\$TEMP\ (delete this folder if you lot flora it)
Find the file sysedit.exe ... if you lot flora it virtually 100 KB in addition to thus delete it straight ... in addition to supplant it from the Windows CD or from whatever other non hacked PC ...
Go to the C:\Windows\System\systray.exe ... if you lot flora it virtually 300 KB in addition to thus delete it straight ... in addition to supplant it from the Windows CD or from whatever other non hacked PC ...
Now ... allow us banking concern agree your Registry
Click on the + sign that is side past times side to HKEY_LOCAL_MACHINE thus that you lot volition larn about other subfolders ... anyway ... larn to this folder ... HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
Now click on a subfolder called (Run) ... inwards the correct cover you lot volition break 2 principal columns ... Name in addition to Data ...
In the Data department if you lot alone see "" in addition to thus correct click on the related lift in addition to conduct (Delete) If you lot flora whatever of these Click Here in addition to thus delete them.
Also if you lot flora this directory
HKEY_LOCAL_MACHINE\system\CurrentControlSet\Services\VxD\VMLDIR\
in addition to thus delete these items inwards it ...
StaticVxD = "vmldir.vxd"
StaticVxD = "intld.vxd"
Go to this directory
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\
or
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders\
at that spot is an detail called "Common Startup" ... if you lot flora it inwards the format of
Common Startup = "C:\windows\sysem\(any value)
in addition to thus delete it ...
If you lot flora this directory
HKEY_LOCAL_MACHINE\System\CurrentControlSet\control\SessionManager\Known16DLLs\
delete this detail inwards it ...
wsasrv.exe = "wsasrv.exe"
Go to this directory
HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Policies\
Click on the (System) folder in addition to encounter if you lot tin privy break this fundamental ...
DisableRegistryTools = "1"
correct click on this fundamental in addition to conduct delete ...
Next, click on the (Explorer) folder in addition to await at the correct manus side ... There are four items at that spot which demand to endure deleted ... they are:
NoRun
NoFind
NoDesktop
NoClose
Go to this directory
HKEY_LOCAL_MACHINE\SOFTWARE
On the left manus side, await for a folder titled (RBO) ... this is the folder that holds all of your systems passwords which the trojan grabbed, every bit good every bit the information the keylogger saved.
Right click on the folder (RBO) in addition to conduct delete ...
If you lot flora this directory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Network\LanMan\
In the (LanMan) folder if you lot encounter ane alphabetic quality for each receive you lot receive got filesharing turned on for ... Right click on each receive ane at a fourth dimension inwards the left manus panel in addition to conduct delete ...
One of the hacking programs (Netbus 2.1) hides itself inwards about other place of the registry : banking concern agree if you lot flora this directory :
HKEY_LOCAL_MACHINE\SOFTWARE\UltraAccess Networks\NetBus Server\General
or
HKEY_CURRENT_USER\NetBus Server\General
or
HKEY_CURRENT_USER\NetBus
or
HKEY_CURRENT_USER\NetRex Server\General
or
HKEY_CURRENT_USER\NetRex
if you lot flora it in addition to thus larn to the folder or fundamental (Visability) in addition to change the value of it from "2" or "3" or whatever other thing to "1" ... in addition to thus unopen regedit in addition to restart your figurer ... When windows restarts you lot should encounter the Netbus Server window (not hidden anymore) amongst a Settings in addition to Close push ... Click the Settings push in addition to plow off the detail labeled "Load at startup automatically".
Now restart your PC inwards the (Safe Mode) in addition to delete all the files those you lot flora hither ... if you lot were non able to delete a file in addition to thus restart your figurer using the kicking disk in addition to thus larn to its place in addition to delete it.
After that restart your PC : if you lot larn a message proverb that at that spot is a file missing from your organisation in addition to thus only larn the lift of that file in addition to larn to C:\WINDOWS\WIN.INI , opened upwardly it in addition to remove the work that contains the lift of that file, in addition to relieve the file.
DONE !!!
I don't receive got that rigid sentiment virtually the ICQ, in addition to I don't attention virtually it actually. it is FULL of safety bugs, no affair how many fixes they seat for it, thus purpose it at your ain risk.
Have a prissy surfing in addition to remember, don't human activity similar a hero in addition to utter virtually how secure your organisation is ... the TCP/IP is sum of bugs, to a greater extent than than 65000 ports the hackers tin privy purpose to access whatever system. Something else ... about hack programs are not detected past times the Anti-Virus programs,and fifty-fifty the firewall volition not block them, thus endure careful.
If you lot similar it, percentage it. Thank you lot for reading.
Belum ada Komentar untuk "26 tips to protect your estimator from hacking"
Posting Komentar