Raymond.CC Blog

Author: raymond

  • Best Keystroke Encryption Software to Protect Against Keyloggers

    New malware is being created and released into the wild everyday, and it’s a fact that your antivirus software does not protect you 100% from everything. Sometimes it may take a few days for the antivirus analysts to get hold of the sample which will then be added to the latest virus definition. Within this time frame of unknowingly being infected by a new computer virus, probably all your sensitive information such as passwords, are already being stolen through a keylogger and the damage has been done.

    A keylogger is a common feature found in most Remote Access Trojans (RAT). When either the offline or online keylogger mode is activated, anything that you type on the keyboard will be recorded and logged to a file or transferred instantly to the controller. The purpose of a keylogger is to steal the login credentials or probably to know who the user is talking to on the Internet. Whatever the reasons are, keylogging is an invasion of privacy and is against the law in some countries.

    When an antivirus fails to detect the threat, a very effective extra layer of defense to keep your sensitive information safe is through keystroke encryption. Basically a keystroke encryption software works in a very deep level of the Windows operating system kernel to prevent the keyloggers from logging the real keystrokes, either completely blocking them or sending garbage text. Currently there are 4 pieces of keystroke encryption software available today. We’ve tested them against 13 different keyloggers and compared the features offered by these applications.
    (more…)

  • Requirements in Using Networking Tools on Remote Windows Computers

    It is common for people especially who are in the tech industry to have more than 1 computer at home with one laptop that they can bring in to their office and the other desktop for their family to use. Setting up a local area network with the computers connected to each other is really easy with a router. When the computers are connected, not only they can share the Internet connection and files, but they can also be managed remotely from one computer as there are many free third party networking tools that comes with remote features.

    Some examples are ProduKey and USBDeview by Nir Sofer, USB History Viewer, USB Remote Drive Disabler and Enable Remote Desktop by IntelliAdmin and the excellent PsExec by Windows Sysinternals. Even the built-in Registry Editor (regedit) in Windows has the functionality of connecting to a network registry. As useful as the remote features are in the networking tools, the biggest problem is they don’t seem to work even if you entered the correct username and password. It is common to receive an error message that says “Access is denied” like the image below.

    Access is Denied

    The access denied problem is actually caused by Windows default hardened security settings preventing the tools to work. If you would like to use the networking tools on remote computers, here are the configuration that must be made on the remote computer before you can connect to them.
    (more…)

  • Comprehensive List of Free AntiVirus 2013

    Billions of dollars are spent every year on antivirus software alone by enterprise because they know that computer virus can cause a lot of down time and making the company lose money. A computer virus can be programmed to do anything such as stealing sensitive information, locking up or slowing down the computer, data loss through corruption or deletion, and etc. With so many brands around and they all claim to be have the best detection and lightest in system resource, it is certainly not easy determining which is really the best.

    As for home users, most antivirus companies also offers a cheaper version that works on Windows operating system and requires an annual subscription. However, there is also a wealth of anti-virus software offered for free with the catch of disabling some of the extra defense system such as firewall, behavior blocking and also only allowing you to use it for personal home use only. After extensive research, we have come up with an up-to-date comprehensive list of free anti-virus programs for your convenience.
    (more…)

  • Fixing WordPress Website Constantly being Hacked

    There are a lot of reasons why WordPress is one of the most used content management system (CMS) today. It is easy to install and maintain, very user friendly and contains a lot of free themes and plugins which can be installed with a few clicks of a mouse button. However, it is also prone to being hacked if your website is running an outdated version of WordPress or plugin. About a year ago, a vulnerability has been found in the popular TimThumb PHP script that is widely being used to automatically resize images. The hackers gained access to many websites running WordPress with TimThumb and infecting all PHP files with eval(base64_decode code to redirect every visitors that comes from search engine to websites of their choice.

    wordpress base64_decode hack

    You can easily clean up the malicious gzinflate/eval(base64_decode codes from all PHP files by using this cleaner script to gain back the traffic from search engine but unfortunately using the script alone is not enough. You may notice that your website gets hacked again and again even if you’ve updated to the latest version of TimThumb because the hacker has already planted a few backdoors. The only way to prevent your website from being constantly hacked is to locate the backdoor and remove it from your server.
    (more…)

  • Hacking Firefox to Always Auto Save Password Without Showing Notification

    While I was screening through new posts in the forum to see if there are any spam and also any computer topics that I can help with, I saw an interesting question being asked. Is there any way to make Firefox auto save passwords without clicking the Remember button?. In Firefox, even if you have the option “Remember passwords for sites” checked in Tools > Options > Security, the browser will still ask the question “Would you like to remember the password for “Username” on website.com?” with three selections which are “Remember Password”, “Never Remember Password for This Site” and “Not Now”. The earlier version of Firefox 3 displays a notification bar at the top of the web browser, while from version 4 until the current version 21 displays a popup notification at the top left.

    Disable Firefox Remember Never for This Site Not Now button

    Modifying Firefox to auto save the login information to the Firefox Saved Passwords manager without prompting was easy for version 3 because you can directly edit the JS files from the program’s folder to apply the changes. However, the file structure was a bit different starting from Firefox 4 up to and including the current versions. We researched and found that it is still possible to force Firefox to auto save the password without the popup notification. This can turn Firefox into a keylogger and no antivirus will even detect this as a threat.
    (more…)

  • Auto Click Annoying Confirmation Buttons with ClickOff

    Are you annoyed by confirmation windows asking questions like “Are you sure you want to continue”, “Are you sure you want to do this”, or something similar? These confirmation windows are there to prevent against accidental termination of programs for careless users but it can get really annoying especially if you know for a fact that you are going to click the Yes button every time you see that window. Depending on your level of expertise for computers, you may either prefer to have the warning windows every time you close a program or perhaps you don’t even want it at all. Below is one example when terminating Zemana AntiLogger.

    Zemana Exit Confirmation Window

    Previously I have introduced 5 software that is able to prevent programs from closing by disabling the close button, today we will be taking a look at a program that does the opposite, which is auto clicking on the button found in the confirmation windows.
    (more…)

  • 5 Software to Prevent Program from Closing by Disabling the Close Button

    Previously I have written an article on how to prevent Google Chrome from closing when there are multiple tabs opened by prompting a warning window when you try to terminate the program either by clicking the close button on the top right or via Alt+F4. This annoying behavior still exist on the current Google Chrome 20 which can be easily solved by installing the Google Toolbox extension.

    The solution above is application specific but what if you want to prevent other programs from closing such as Microsoft Outlook, or any other software of your choice? Good news is I found 5 software that claims to prevent accidental closing of software by disabling the close button and have put them to test. Weirdly out of the 5 programs, only 1 of it is a freeware.
    (more…)

  • Download Hulu Videos for Free using RTMPDumpHelper

    If you are not from the US, you may not know what is Hulu or probably just heard about it. Basically Hulu is a website that allows Americans to watch free TV episodes and movies by streaming it to their computer, media players and mobile devices. If you are not connected to the Internet from the US, accessing Hulu.com will display a popup message saying “Sorry, currently our video library can only be watched from within the United States” and when you try to watch any videos, it will show “We’re sorry, currently our video library can only be streamed within the United States”. This is a simple restriction which can be easily bypassed by connecting to a VPN server that is located in the US or you can change your DNS settings.

    Download Hulu

    Now that you are able to start watching the free videos from Hulu, you probably want to download Hulu videos and save them to your computer for later offline viewing when you know that you may not have an Internet connection at that time. Unfortunately Hulu does not provide a way for you to download the videos. I did a search and found that there are a few tools being reviewed such as Foxreal YouTube FLV Downloader by dotTech and StreamTransport by MakeUseOf but unfortunately both of the software can no longer download Hulu videos. Foxreal YouTube FLV Downloader merely detected the link to download the advertisements before the video while Hulu displays the following error “Unfortunately Hulu is not supported on your device. We apologize for any inconvenience” on StreamTransport.

    I did some extensive testing and here are the current working methods to download videos from Hulu.
    (more…)

  • Elite Keylogger 5 with Digitally Signed Driver for 64-bit Windows Support

    There are many keystroke logging software that you can find on the Internet. Most if not all is able to record the keys that you typed on your keyboard and save it to a log file for reference. The difference between the keyloggers are the features that comes with it, the ability to hide its presence from antiviruses and anti-keyloggers and most importantly the method that is used to capture the keystrokes.

    Most of the normal keyloggers simply captures the keystrokes using hooking mechanism where it hooks the function that comes with Windows and is commonly being used because it is easier to implement. A more advanced method would be using a low-level or kernel driver where it can receive the keystrokes directly from the keyboard without going through Windows first, hence bypassing protection by most anti-keylogger software.

    There are very few driver based keyloggers in the market because it is very hard to implement and the lack of support for 64-bit Windows operating system due to the restriction of only allowing installation of the driver if it is digitally signed. Getting a keylogger driver signed is definitely not an easy task because a keylogger can be used for both good and bad purposes. Somehow WideStep, the company from Ukraine that develops one of the most advanced keylogger software called Elite Keylogger managed to get their driver genuinely and digitally signed making it the first keystroke logging software to officially support 64-bit Windows operating system.
    (more…)

  • Easily Download from Usenet for Free Without Installing Newsreader Client

    I have a few friends who are real hard core downloaders. Their computer is turned on 24 hours a day, 7 days a week, 365 days a year and they never stop downloading. Whether it is movies, TV episodes, music or software, they’ll download it to their computer as long as it is downloadable. They actually have multiple bay hard drives which isn’t cheap to store all of the downloaded data. Two of the common methods used by most downloaders today are either bittorrent or from file sharing sites (cyberlocker) such as Rapidshare. However, there is actually another method called Usenet which is a great source to download files.

    You may have heard of Usenet, tried it and gave up due to the complexity of Usenet or probably most of the popular ones such as Giganews cost money for an account. Good news is recently I read from TorrentFreak that there is a website called UsenetStorm offering a very unique service where anyone can download from Usenet for free without a newsreader client. All you need to do is search for the files you want to download from Usenet search engine, download the NZB file and upload it to UsenetStorm. UsenetStorm servers will then grab the file for you and offer you to download once they’ve finished downloading the files to their servers.
    (more…)

  • Backdoor to Reset Administrator Password or Add New User in Windows 7

    As long as there is physical access to a computer, it is always possible to gain access to the operating system even if it is password protected. For example, you can use Kon-Boot to login to any user account in Windows with any password by booting up the computer with the CD or USB. If BIOS is secured with a password to prevent changing of boot order, you can change the jumpers or remove the battery from the motherboard to clear the CMOS settings. As long as you can boot up the computer with CD or USB, there are quite a lot of tools that allows you to reset the user account password even if you don’t know the original password.

    Here is an interesting method which I recently discovered that allows you to plant a backdoor to your Windows 7 operating system so that you can always reset or even add a new user account without even first logging in to Windows. This method is a bit restrictive because it requires an administrator privilege to the computer in order to make changes to the system but it does not involve installing any third party software or changing any system files like the old DreamPackPL.
    (more…)

  • List of Free and Trial VPN Accounts Without Paying Upfront

    With more services and freebies being geographically restricted, there is a frequent need to change our IP address to a specific country so that we are able to bypass the country or region restriction. There are two common ways of changing our IP address which is either through open proxy or VPN. Basically when connecting to a proxy or VPN, the internet traffic from our computer is encrypted and sent to the VPN/proxy servers to be decrypted and they will relay it to the destination. The below image would give you a better idea on how a VPN or proxy works.

    How VPN works

    Open proxies are mostly unstable, slow, don’t last for a long time and require manual configuration of the specific software to use the proxy. VPN would be a better choice because it is stable, fast and would automatically redirect all of your connections from your computer to the VPN without changing any settings. However, most of the VPNs out there are paid services that are commonly being used to protect the users data from being intercepted or hijacked at public WiFi hotspots through encryption. They too offer money back guarantee which means you will have make payment first via Paypal or credit/debit card and inform them within the guarantee period that you’re unhappy with their services.

    The good news is, we have searched for VPN companies that offer free VPN trial accounts without making an upfront payment and briefly tested them to make sure that it is working. Most of the time you will just need to sign up for a free account, verify it by clicking on the activation link from your email and follow the given instructions to connect to their VPN for free. If you’re only using the VPN for a short period it’s best to use a temporary email address. Hopefully this will be a great resource for people who want to quickly use a VPN to change their IP address without wasting time in searching and testing.
    (more…)

  • Viewing Hidden or Cloaked Contents or Links in Forums

    Ever since Google rolling out the Panda update which targets low quality sites, it has caused many webmasters to lose massive traffic and revenue as well. Many has claimed that they’re innocent and should not have been affected by the Panda but I strongly believe that they’ve unknowingly violated some guidelines that caused the penalty. One of the violation that is categorized as high risk is Cloaking. In simple terms, cloaking means showing different content to users than GoogleBot. This can be easily done by checking the Googlebot IP address or user-agent and feeding with different content. Many webmasters does not realize using some forum plugins that forces the users to register or login to view the content can be a cloaking violation.

    For example, you searched for a keyword in Google and visited one of the webpage from the results. Then you are presented with annoying messages that restricts you from viewing the content.

    Sorry, but you do not have permission to use this feature. If you are not logged in, you may do so using the form below if available.

    Guests cannot see links. Registration or Login is required.

    Now you have to go through the process of signing up in some forums that you would probably never visit again and you may even lose track of the origin URL at the end. The user will definitely start to blame Google on indexing useless restricted pages but the truth is, the forum has actually implemented some cloaking techniques where different contents are being presented to Googlebot and users. There are proper guidelines provided by Google on the correct implementation method for registration/subscription sites so a webmaster should definitely refer to it if they’re running such service on their website.
    (more…)

  • Mozilla Maintenance Service maintainanceservice.exe by Firefox

    With the User Account Control enabled by default starting from Windows Vista, installing most software and drivers will prompt the UAC window requesting for permission to copy files into protected areas in your hard drive. The Google Chrome is one of such software that doesn’t require UAC elevation when you install or update it because it is installed in C:\Users\UserName\AppData\Local (%LocalAppData%) folder. It is by design that the AppData folder doesn’t require any notification when a change is being made in that folder. As for Firefox, it is installed in Program Files folder and making any changes in that location requires higher permission which is why you get the UAC window prompt.

    Firefox User Account Control

    Starting from Firefox 12, it is capable of installing updates silently without prompting the User Account Control window by using the Mozilla Maintenance Service. If you’ve updated to Firefox 12 from an older version,the Mozilla Maintenance Service will be installed by default and the same goes to the new installation if you selected the Standard setup option. You can find the Mozilla Maintenance Service program (maintenanceservice.exe) installed in the following path C:\Program Files\Mozilla Maintenance Service\ together with an uninstaller (Uninstall.exe).
    (more…)

  • Delete Lines that Doesn’t Contain Specific Words with Notepad++

    Computer is supposed to help make things easier for us. One simple example is to delete lines from a text file that doesn’t contain a specific keyword. This task is a no brainer but very time consuming and tedious. Recently I have spent some time in compiling a list of websites that has copied and published articles taken from this blog to their website. Although Google does a pretty good job in determining the original publisher, it is still a robot based on a bunch of constantly changing algorithm that can and has made mistakes. Searching for websites that has copied the posts from here is very time consuming, so I have used Copyscape Premium to automatically perform a batch scan on all 2000 articles on this website to track down plagiarism of the content from this blog.

    Copyscape Premium finished scanning all 2000 posts in just 10 hours and I was able to export the results to a CSV file for further investigation. There are over 20,000 URLs in the list and I want to categorize the websites based on the domain names. Not all websites from the list are copycats but most of the websites hosted in free hosts such as blogspot/blogger/wordpress are either scrapers or copy paster. Once the URLs are categorized, I can concentrate on filing a DMCA complaint to Blogger, then followed by WordPress instead of jumping back and forth.
    (more…)