powerful step away exploiters google

maybe now a lot of very dangerous viruses that cause very severe problems even to spread very quickly and very inconvenient time. W32/Smalltroj.VPCG virus is a malicious program is currently looking for more victims on the Internet at the end of this year. This new virus will block access to several security websites and other websites that have been specified by way of transfer to the IP number 209.85.225.99 which is Google's public IP.

every time users to try to access certain websites, including websites or anti-virus security, so that appears not on the website but the website wants to www.google.com.

This 9 step following to clean W32/Smalltroj.VPCG the potion has a vaksincom:

1. Turn off System Restore during the cleaning process take place.

2. Decide who will clean your computer from the network or the Internet.

3. Change the name of the file [C: \\ Windws \\ system32 \\ msvbvm60.dll] to prevent the virus active again.

4. Perform cleaning by using the Tools Windows Live CD Mini PE. This is due to some rootkit files masquerading as services and drivers difficult to stop. Please download the software at the address http://soft-rapidshare.com/2009/11/10/minipe-xt-v2k50903.html

Then boot the computer using software Mini PE Live CD. After that deleting some files parent virus by:

l Click the [Mini PE2XT]
l Click the [Programs]
l Click the [File Management]
l Click the [Windows Explorer]
l Then delete the following files:

o C: \\ Windows \\ System32
§ wmispqd.exe
§ Wmisrwt.exe
§ qxzv85.exe @
§ qxzv47.exe @
§ secupdat.dat
o C: \\ Documents and Settings \\% user% \\% xx%. exe, where xx is a random character (example: rllx.exe) with a file size of 6 kb.
o C: \\ windows \\ system32 \\ drivers
§ Kernelx86.sys
§% xx%. Sys, where xx is a random character who has a size of 40 KB (example: mojbtjlt.sys or cvxqvksf.sys)
§ Ndisvvan.sys
§ krndrv32.sys
o C: \\ Documents and Settings \\% user% \\ secupdat.dat
o C: \\ Windows \\ inf
§ Netsf.inf
§ netsf_m.inf
 
5. Delete the registry created by the virus, by using the "Avas! Registry Editor", how:

l Click the [Mini PE2XT]
l Click the [Programs]
l Click the [Registry Tools]
l Click [Avast! Registry Editor]
l If the confirmation screen appears Kelik button "Load ....."
l Kemudain delete registry: (see figure 6)

Ø HKEY_LOCAL_MACHINE \\ software \\ microsoft \\ windows \\ currentvers
     on \\ Run \\ \\ ctfmon.exe
Ø HKEY_LOCAL_MACHINE \\ system \\ ControlSet001 \\ Services \\ kernelx86
Ø HKEY_LOCAL_MACHINE \\ system \\ CurrentControlSet \\ Services \\ kernelx86
Ø HKEY_LOCAL_MACHINE \\ system \\ CurrentControlSet \\ Services \\ passthru
Ø HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ WindowsNT \\ CurrentVersion \\ Image File Execution Options \\ ctfmon.exe
Ø HKEY_LOCAL_MACHINE \\ software \\ microsoft \\ Windows NT \\ CurrentVersion \\ winlogon

ü Change the string value to be Userinit = userinit.exe,
Ø HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Services \\ SharedAccess \\ Parameters \\ FirewallPolicy \\ DomainProfile \\ AuthorizedApplications \\ List
ü% windir% \\ system32 \\ wmispqd.exe =% system% \\ wmispqd.exe: *: enabled: UPnP Firewall
Ø HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Services \\ SharedAccess \\ Parameters \\ FirewallPolicy \\ DomainProfile \\ AuthorizedApplications \\ List
ü% windir% \\ system32 \\ wmispqd.exe =% system% \\ wmispqd.exe: *: enabled: UPnP Firewall
Ø HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControlSet \\ Services \\ SharedAccess \\ Parameters \\ FirewallPolicy \\ StandardProfile \\ AuthorizedApplications \\ List
ü% windir% \\ system32 \\ wmispqd.exe =% system% \\ wmispqd.exe: *: enabled: UPnP Firewall
Ø HKEY_LOCAL_MACHINE \\ system \\ ControlSet001 \\ Services \\% xx%
Ø HKEY_LOCAL_MACHINE \\ system \\ CurrentControlSet \\ Services \\% xx%

Note:
% xx% showing random characters, this key is made to run the file. SYS which has the size of 40 KB which is in the directory [C: \\ Windows \\ system32 \\ drivers \\]

6. Restart the computer, restore the remaining registry that changed by the virus to copy the following script in notepad and then save with the name repair.inf. Execute the following manner: right-click repair.inf | click install

             [Version]

Signature = "$ Chicago $"
Provider = Vaksincom

[DefaultInstall]
AddReg = UnhookRegKey
DelReg = del

[UnhookRegKey]

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Classes \\ batfile \\ shell \\ open \\ command ,,,"""% 1 ""% * "

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Classes \\ comfile \\ shell \\ open \\ command ,,,"""% 1 ""% * "

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Classes \\ exefile \\ shell \\ open \\ command ,,,"""% 1 ""% * "

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Classes \\ piffile \\ shell \\ open \\ command ,,,"""% 1 ""% * "

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Classes \\ regfile \\ shell \\ open \\ command,,, "regedit.exe"% 1 ""

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Classes \\ scrfile \\ shell \\ open \\ command ,,,"""% 1 ""% * "

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows NT \\ CurrentVersion \\ Winlogon, Shell, 0, "Explorer.exe"

HKEY_LOCAL_MACHINE \\ software \\ microsoft \\ ole, EnableDCOM, 0, "Y"

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Security Center, AntiVirusDisableNotify, 0x00010001, 0

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Security Center, FirewallDisableNotify, 0x00010001, 0

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Security Center, AntiVirusOverride, 0x00010001, 0

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Security Center, FirewallOverride, 0x00010001, 0

HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet001 \\ Control \\ LSA, restrictanonymous, 0x00010001, 0

HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet002 \\ Control \\ LSA, restrictanonymous, 0x00010001, 0

HKLM, SYSTEM \\ CurrentControlSet \\ Control \\ LSA, restrictanonymous, 0x00010001, 0

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Explorer \\ Advanced \\ Folder \\ SuperHidden, CheckedValue, 0x00010001, 0

[del]

HKCU, Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Policies \\ System, DisableRegistryTools

HKCU, Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Policies \\ System, DisableCMD

HKCU, Software \\ Microsoft \\ Windows \\ CurrentVersion \\ Policies \\ Explorer, NoFolderOptions

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Run, ctfmon.exe

HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet001 \\ Services \\ kernelx86

HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet002 \\ Services \\ kernelx86

HKLM, SYSTEM \\ CurrentControlSet \\ Services \\ kernelx86

HKLM, SYSTEM \\ CurrentControlSet \\ Services \\ mojbtjlt

HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet001 \\ Services \\ mojbtjlt

HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet002 \\ Services \\ mojbtjlt

HKEY_LOCAL_MACHINE \\ SYSTEM \\ ControlSet001 \\ Services \\ Passthru

HKEY_LOCAL_MACHINE \\ Software \\ Policies \\ Microsoft \\ Windows NT \\ SystemRestore

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Policies \\ Microsoft \\ Windows \\ windowsupdate, DoNotAllowXPSP2

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Policies \\ Microsoft \\ Windows \\ windowsupdate

HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows NT \\ CurrentVersion \\ Image File Execution Options \\ ctfmon.exe

7. Delete temporary files and temporary Internet files. Please use the tools ATF-Cleaner. Download these tools in http://www.atribune.org/public-beta/ATF-Cleaner.exe addresses.

8. Restore back to the host file in Windows that has been changed by the virus. You can use tools Hoster, please download at the following address http://www.softpedia.com/progDownload/Hoster-Download-27041.html

Click the [Restore MS Hosts File], to restore the Windows hosts file.

9. For optimal cleaning and prevent re-infection, anti-virus scan with up-to-date and was able to detect this virus. You can also use Norman Malware Cleaner, please download at the following address http://www.norman.com/support/support_tools/58732/en.

Read More

new cyber security chief in the USA

United States President Barack Obama reportedly has appointed one person who is an expert in cyberspace for a national cyber security chief. cyber security chief this time is howard A. Schmidt to complete the line of officers in the field of cyber. Schmidt will be the chief of cybersecurity in the administration of Barack Obama followed two officials namely cyber Vivek kundra (informations chief officer) and Aneesh Chopra (chief technology officer).

obama in proclaim why choose a schiedt because schmidt are invited to someone who can compromise, even one is a schmidt have a background as one of the cyber security adviser during President George W. Bush and also has a military background and law enforcement.

Schmidt reportedly will report to the National Security Council and have regular meetings with President Obama. Schmidt held positions created to harmonize all cyber security efforts have been impressed apart in the U.S..

Schmidt now, before the official announcement, still serving as CEO of the Information Security Forum - an industry association based in London. Previously he had served as an Information Security Officer of eBay and Chief Security Officer at Microsoft.

at the time President Bush, Schmidt is the vice chairman for infrastructure protection board and special advisor about cyber security.

Read More

passwords are often used in the virtual world

What important keyword in cyberspace or the internet, often in discuss by some owners of email and social networking sites. password or key words in the only home made - arbitrary, and consequently many become victims of burglary or hacking by cyber criminals.

some time ago microsoft revealed that around 10 thousand in the hotmail account password and on social networking sites like myspace, facebook and others, have been deliberately spread by cyber criminals and sold to someone else.

microsoft's email service was successful in breaking the scammer and deliberately password or key words published on a website.

for anticipate it, it helps you create passwords that are rarely in use by many users. For this reason, security experts from acunetix Bogdan calin trying to express a number of passwords that is considered easy to market and the collapse.

The following keywords are often used by beginners or those in the market, as follows:

1. 123456
2. 123456789
3. first names (the most widely used in the American south)
4. 111111111
5. iloveyou
6. birth date
7. 12345678
8. marriage date
9. the word "password"
10. last name
11. a boyfriend
12. goods in like
13. mobile
14. name of the father and mother
15. password = email
16. 131313
18. use google, yahoo, microsoft

some keywords that are often in the use of the master computer and the Internet in cyberspace:

1. KhTYkh23489
2. company name
3. labels on products that are sold
4. JaYYYn8de285
5. master pseudonym itself
6. binary
7. numbers hexal
8. office name

maybe that's all I know the master password and password on the market only. I hope to be careful when selecting keywords.

Read More

AVG 9.0 free and premium

Tag Technorati: {grup-tag}antivirus,avg 9.0,software antivirus

for the users anti-virus avg heart seemed to be having this day guard, because the AVG antivirus AVG release we have not only the 9.0 version of AVG is paying 9, but they now have release most recent edition of AVG Free 9.0 or you can download for free and updates are free.

the AVG 9.0 is certainly a lot of new features have been added to complement the reliability of their anti-virus is. for the fans AVG anti-virus, AVG 9.0 you deserve try to deal with the emerging viruses in cyberspace or the internet.

avg 9.0 to 3 compatible operating system most recent version of windows xp, windows vista, windows 7. if you want to download  please click here!

AVG 9.0 download

if there is a problem with how to install the latest avg 9.0, please comment or contact me here !!!

Read More

10 Tips and trick wireless security

the opportunity this time I took time to post because this month I'm very busy with my school and my job became a computer technician and network. but for you all do not worry I will always be bothered to post this on my website almost every day or week. us directly to our subject in the conduct of wireless security .... why did I post about security or wireless security because lots of software and lots of hackers or crack spread in cyberspace or the internet so I release tips and tricks in this post. but we must know what is meant by wireless networks or who is often called a wireless network understanding very simple and clear is very easy for the setup, and also feels comfortable, especially if we want to be able to walk around the house or office with a portable computer / laptop / net book, but we are still able to access the Internet network. however, because the wireless waves, it will be easier on the hack by hackers or crackers or a can of computer and network experts from the connections that are still using the cable.

I took out my 10 tips and tricks you can use to secure the wireless network / wireless us, is as follows:

1. Wearing encryption.

Encryption is the first security measure, but many wireless access points (WAPs) do not use encryption as a default. Although many WAP has Wired Equivalent Privacy (WEP) protocol, but not enabled by default. WEP does have som

e holes in securitynya, and an experienced hacker would be able to open it, but it was still better than no encryption at all. Be sure to set the WEP authentication method to "shared key" rather than "open system". To "open system", he does not encrypt data, but only authenticate the client. Change the WEP key as often as possible, and use 128-bit WEP compared with the 40-bit.

2. Use strong encryption.

Because of the weakness weaknesse s in WEP, it is recommended to use Wi-Fi Protected Access (WPA) as well. To use WPA, WAP had to the support. The client side must also be able to support WPA tsb.

3. Change the default administrator password.

Most manufacturers use the same administrative password for all their products WAP. The default password is generally known by the hackers, which can then be used to change the settings on your WAP. The first thing to do in the WAP configuration is changing the default password tsb. Use at least 8 characters, a combination of letters and numbers, and do not use the word word in the dictionary.

4. Turn off SSID Broadcasting.

Service Set Identifier (SSID) is the name of our wireless network. By default, the SSID of the WAP will be broadcast. This will make users easy to find the network they will be, because the SSID will appear in the list of available networks that have the wireless client. If the SSID is turned off, the user must first know a bit SSID can be connected with the network.

5. Turn off the WAP when not in use.

The way this one looks very simple, but some companies or individuals do it. If we have users who only connect at a certain moment, there is no reason to run a wireless network at all times and provide the opportunity for intruders in an automated to carry out his evil intentions. We can turn off access point when not in use.

6. Change the default SSID.

Factory default SSID provided. Usefulness of the SSID broadcast is switched off to prevent anyone else know the name of our network, but if you still use the default SSID, will not be difficult to guess the SSID of our network.

7. Wearing MAC filtering.

Most WAP (not the cheap cheap of course) will permit us to use the filter media access control (MAC). This means we can make a "white list" of the computer computer that can access our wireless network, based on the MAC or physical addresses on each network card pc. Connections from the MAC is not on the list will be rejected.

This method is not always safe, because it is still possible for a hacker to do packet sniffing that we transmit via the wireless network and get a valid MAC address from one user, and then use it to make spoof. But the MAC filtering will make a intruders in an automated trouble is still not really good candidate.

8. Isolate the wireless network from the LAN.

To protect the cable from the internal network threats coming from the wireless network, it is important to make wireless DMZ or perimeter network is isolated from the LAN. It means installing a firewall between the wireless network and LAN.

And for the wireless client that requires access to the internal network, he must first authenticate to the RAS server or use a VPN. This provides extra layers for protection.

9. Control the wireless signal

802.11b WAP to emit waves of about 300 feet. But this distance can be added by replacing the antenna with a better one. By using high-gain antenna, we can get more distance. Directional antenna will transmit the signal to a particular direction, and the radiance is not circular as in Omnidirectional antenna that usually found in standard WAP package. In addition, by selecting the appropriate antenna, we can control distance and direction signals to protect themselves from intruders in an automated. In addition, there are some WAP settings that can be in signal strength and direction through WAP config tsb.

10. Emits waves at a different frequency.

One way to hide from hackers who often use technologies 802.11b / g, which is more popular is to use 802.11a. Because 802.11a works on a different frequency (ie at the frequency of 5 GHz), NIC is designed to work on a popular technology will not be able to catch the signal tsb.

good luck hope it can be useful for you all, but do not forget to give your comments on this post or other posts.

Read More

12 weakness of the computer search tip

Tag Technorati: {grup-tag}security

my beloved in the blog I will give this tip to find the weakness of your computer. because I get a complaint - a complaint about it all,complaints examples such as:

1. weaknesses of the computer where I?
2. and need to be confused whether my computer?
 
so I write in my blog to share knowledge because so many people that need it all. and you can download antivirus below:

1. smadav
2. AVG 8.5
3. Symantec 2009
4. ansav 3,5 beta
5. avast prefisional editions
6. Kaspersky 2010

    1. Make the investment to buy the Internet security solution that combines antivirus, firewall, penetration detection and management weaknesses to get maximum protection from malware and other threats.
    2. Make sure that the security patch has been installed and new immediately applied to all applications which have disadvantages.
    3. Make sure that the password used is a mixture of letters and numbers, and often-to change them often. Password should not contain words from the dictionary.
    4. Never open, view, or run an email attachment unless the attachment is known that the objective and sent sepengetahuan receiver.
    5. Update the virus definitions regularly. With the latest virus definitions, you can protect your computer from viruses that are spread out.
    6. Regularly check whether the operating system that is used has a weakness. This can be done by using Symantec Security Check which can be accessed via http://www.symantec.com/securitycheck.
    7. Use anti-phishing solution. And, never let the information confidential, financial or personal, except if the request can be ascertained that the information is truly official.
    8. get involved with efforts to track and report the attack. By tracking service from Symantec Security Check, users can immediately identify the location of potential attacks and forward the information to the attackers ISP or authorities.
    9. beware because of security threats can be automatically installed on Computer that use the file sharing program, download free software and freeware or shareware version specific.
   10. Avoid clicking on links or attachments in email messages or IM, these things may be a risk that the computer does not need to.
   11. Read the end-user license agreements (EULA) carefully and be sure to understand all requirements before acceptance. Some of the specific security risks can be installed when users agree to the EULA, or due to user acceptance.
   12. beware software that displays ads on the appearance. Many spyware programs that track how users respond to ads such as this, the presence of such a program is a sign of danger. Ads that appear to be a spyware.

Read More