Monday, December 28, 2009

Remove Virus

Remove using boot CD from Kaspersky Rescue Disk - Load Kaspersky AntiVirus 2009 Using DOS
http://www.techmixer.com/kaspersky-rescue-disk-load-kaspersky-antivirus-2009-using-dos/
The most effected way to scan virus using standalone boot load from CD without Windows, I fixed the system this way when MBR master boot record is effected by virus. You must have a CD-W or DVD-W drive to make a standalone CD/DVD by burning ISO record/image. ISO (Short for International Organization for Standardization) image is a term commonly associated with CD and DVD burning. An ISO image (or .ISO file) is a computer file that is an exact copy of an existing file system. An ISO can contain the entire contents of a CD-ROM disc or CD medium. ISO files are typically created through a software application that will open, create, edit, and extract CD or DVD image files, then convert the extracted image to an ISO file, easily allowing users to burn an exact copy of the original onto CD or DVD.

Remove Virus and Malware with Online Virus Scanner *** Best for most users
http://www.precisesecurity.com/tools-resources/threat-removal-procedure/remove-threats-with-online-virus-scanner/
The second effected way to scan virus on line
This procedure can remove common virus and malware threats on your computer using only free on-line anti-virus scanners.

Requirements:
1. Internet connection
2. Administrative privilege (Windows 2000/XP)

Procedure:
1. Temporarily Disable System Restore in Windows XP. For Windows ME user, please click here.

Note: You must have an Administrator Privilege to be able to disable System Restore on Windows XP. It is advised to enable it after this procedure.

a) On the Desktop, Right Click on My Computer
b) Select the System Restore Tab
c) Mark the “Turn Off System Restore” to disable and UnMark to Enable
d) Click Apply on the Bottom of the Dialog Box to save the settings.
e) A message “This deletes all existing restore points” will appear, click Yes to disable.
f) Click OK.

2. Reboot computer in SafeMode with Networking (For Windows XP Only, Other OS may scan in Normal Starup Mode)

a) During BootUp process Press F8 continuously until selection appears
b) Use Arrow Up+Down to select SafeMode with Networking on the selections menu.
c) Hit Enter to proceed.

3. Connect to Internet and Scan with any of the following on-line Virus Scanner.

* Symantec Security Check | proceed (scan but no fix, just tell you virus name)
* TrendMicro Housecall | proceed
* McAfee | proceed
* Panda ActiveScan | proceed (not working well)
* BitDefender | proceed (not working well)
* F-Secure | proceed *** work for me
This F-Secure seems working for me download http://www.f-secure.com/en_US/security/security-lab/tools-and-services/online-scanner/
Most of antivirus asking to pay or only scan the virus but not remove it. F-Secure scan and remove for free.

OPTIONAL:
Create a Slip Stream version of Windows XP
http://www.webtree.ca/windowsxp/slipstream.htm
How to merge Windows SP2 to the original CD from Microsoft. Instead of install the original then install SP2 after.

Repairing Windows XP in Eight Commands
http://tech.icrontic.com/articles/repair_windows_xp/2/
Some windows commands may help during the process

Fix Corrupted Files in Windows XP
The things that you will need:

Windows XP Operating System

Windows XP CD

Steps:

1) First place the CD into your CD/DVD Drive.

2) Go to start

3) type “run”

4) type in “sfc /scannow” (without the “)

Now, it should load and fix all your corrupted file on Windows XP.

If you have Norton anti virus add/remove with windows won't work these are the tools to complete remove Norton and allow you to reinstall Norton again. For example to remove Norton 360 and install Norton Anti virus Client
Symantec CleanWipe (product remover)
http://www.vertor.com/torrents/643322/Symantec-CleanWipe-(product-remover)

Norton Remove Tool
http://www.softpedia.com/get/Tweak/Uninstallers/Norton-Removal-Tool.shtml

Nowadays it is difficult to have one system you need at least 2 systems in case one of them does not work you can go to internet to google or download the tools to fix the another one.

Wednesday, November 11, 2009

wireshark with tcpdump

Login as a root and type the following command at console:
# tcpdump -n -i {INTERFACE} -s 0 -w {OUTPUT.FILE.NAME} src or dst port 80
# tcpdump -n -i eth1 -s 0 -w output.txt src or dst port 80

DNS - TCP