Sunday, July 31, 2011

XP Antivirus 2012 Spyware Removal...

XP Antivirus 2012 is a deceptive and quite sophisticated rogue anti-spyware program(which in real is fake Anti-spyware) which applies the basic tricks of scams from this category. Though it declares to be a powerful virus remover, keep in mind that this program is the only one that needs to be eliminated because it reports invented viruses. To be more precise, XP Antivirus 2012 firstly will create numerous harmless files that it will drop in the infected computer’s system. Then this will Scan your computer and immediately will report numerous viruses that in reality are nothing else but these earlier created files. Some of its alerts may state about Trojan-BNK.Win32.Keylogger.gen threat for making you scared to death and push into purchasing its license which will be offered additionally. Pay attention to the fact, that XP Antivirus 2012 is dangerous and has nothing to do with computer’s protection!

XP Antivirus 2012 program has been manipulating people into believing as genuine software. However, this rogue anti-spyware mostly penetrates into a random computer system without the user’s knowledge and approval and opens the backdoor of the system(may be port 514 RPC Backdoor) to let more threats or allow the scammers to reach your personal information. All this is done with a help of Trojans that infect vulnerable systems through fake video codecs and flash updates. As you can see, you should not believe XP Antivirus 2012 and its detection reports as they are fabricated and have in fact nothing to do with the true condition of machine. Remove this software asap without purchasing it. 

XP Antivirus 2012 manual removal:

Kill processes:

Delete registry values:
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%LocalAppData%\kdn.exe" -a "C:\Program Files\Internet Explorer\iexplore.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'

Delete files:
%AllUsersProfile%\Application Data\u3f7pnvfncsjk2e86abfbj5h %LocalAppData%\kdn.exe %LocalAppData%\u3f7pnvfncsjk2e86abfbj5h %Temp%\u3f7pnvfncsjk2e86abfbj5h %UserProfile%\Templates\u3f7pnvfncsjk2e86abfbj5h

Friday, July 29, 2011

The Registry

DEFINITION: The Windows 9x/NT/2000/ME/XP Registry is a complex, unified, system wide, continually referenced during operation database, used for centrally storing, locating, editing and administering system, hardware, software and user configuration information, following a hierarchical structure.

It was introduced to replace the text/ASCII based MS -DOS configuration (.BAT, .SYS) and MS Windows initialization (.INI) files.

Structure of Registry in windows 9X is Different from that of Windows NT,2000 and XP.

Windows 95/98/ME :In these operating systems Registry is stored in these 5 files, with the Hidden, Read-only attributes for write-protection purposes, usually located in the %WinDir% folder (default is C:\Windows) .

· SYSTEM.DAT = stores persistent hardware and software settings related to the system it resides on, contained in the (HKEY_CLASSES_ROOT = Windows 95 and 98 only) and HKEY_LOCAL_MACHINE Hive keys.

· USER.DAT = stores user specific and software settings contained in the HKEY_CURRENT_USER Hive key. If more than one user, then multiple user profiles enable each user to have their own separate USER.DAT file, located in %WinDir%\Profiles\%UserName%. When a user logs on, Windows OS (down)loads both USER.DAT files: the one from the local machine %WinDir% (global user settings), and the most recent one from the local machine %WinDir%\Profiles\%UserName%, or from the central (host) server if user profiles reside on a network (local user settings).

· CLASSES.DAT = stores persistent data contained in the HKEY_CLASSES_ROOT Hive key, found only on Windows ME.

· SYSTEM.DA0 and USER.DA0 = automatically created backups of SYSTEM.DAT and USER.DAT from the last successful Windows GUI startup, and found only on Windows 95

Windows NT/2000/XP :Registration Database is contained in these 5 files located in the %SystemRoot%\System32\Config folder (default is C:\Winnt\System32\Config for Windows NT/2000 or C:\Windows\System32\Config for Windows XP):

· DEFAULT = stores the HKEY_USERS\.Default key.

· SAM = stores the HKEY_LOCAL_MACHINE\Sam key.

· SECURITY = stores the HKEY_LOCAL_MACHINE\Security key.

· SOFTWARE = stores the HKEY_LOCAL_MACHINE\Software key.

· SYSTEM = stores the HKEY_LOCAL_MACHINE\System key and the HKEY_CURRENT_CONFIG Hive key,

these files located in the %SystemRoot%\Profiles\%UserName% folder:

· NTUSER.DAT and USRCLASS.DAT (Windows XP only) = store the HKEY_CURRENT_USER Hive key,

Editing Registry

Always make sure that you know what you are doing when changing the registry or else just one little mistake can crash the whole system. That's why it's always good to back it up!

To view the registry (or to back it up), you need to use the Registry Editor tool. There are two versions of Registry Editor:

:To modify the Registry, you need to use a Registry Editor:

· Regedit.exe (Windows 95/98/ME/NT/2000/XP) = located in %WinBootDir% (%SystemRoot%) has the most menu items and more choices for the menu items. You can search for keys and subkeys in the registry.

· Regedt32.exe (Windows NT/2000/XP) = located in %SystemRoot%\System32,enables you to search for strings, values, keys, and subkeys. This feature is useful if you want to find specific data.

Registry Structure

For ease of use, the Registry is divided into five separate structures that represent the Registry database in its entirety. These five groups are known as Keys, and are discussed below:

This registry key contains the configuration information for the user that is currently logged in. The users folders, screen colors, and control panel settings are stored here. This information is known as a User Profile.

In windowsNT 3.5x, user profiles were stored locally (by default) in the systemroot\system32\config directory. In NT4.0, they are stored in the systemroot\profiles directory. User-Specific information is kept there, as well as common, system wide user information.

This key contains configuration information particular to the computer. This information is stored in the systemroot\system32\config directory as persistent operating system files, with the exception of the volatile hardware key.

The information stored here is used to open the correct application when a file is opened by using Explorer and for Object Linking and Embedding. It is actually a window that reflects information from the HKEY_LOCAL_MACHINE\Software subkey.

The information contained in this key is to configure settings such as the software and device drivers to load or the display resolution to use. This key has a software and system subkeys, which keep track of configuration information.

REG Files

.REG file, which can be in:

· plain text/ASCII format in Windows 95/98/ME and NT/2000/XP or

· binary format in Windows 2000/XP.

Text .REG files can be easily viewed/created/edited by hand using any text/ASCII editor, like Notepad

Their purpose is to add, modify or delete Registry (Sub)Keys and/or Values.

Thursday, July 21, 2011

Learning Linux with me...

  1. What is Linux?
  2. Understanding files and folders
  3. Understanding users and permissions
  4. Who and what is root
  5. Opening a command shell / terminal
  6. Your first Linux commands
  7. The basic commands

1. What is Linux?

Linux is a free Unix-type operating system for computer devices. The operating system is what makes the hardware work together with the software. The OS is the interface that allows you to do the things you want with your computer. Linux is freely available to everyone. OS X and Windows are other widely used OS.

Linux gives you a graphical interface that makes it easy to use your computer, yet it still allows those with know-how to change settings by adjusting 0 to 1.

It is only the kernel that is named Linux, the rest of the OS are GNU tools. A package with the kernel and the needed tools make up a Linux distribution. Mandrake , SUSE Linux, Gentoo and Redhat are some of the many variants. GNU/Linux OS can be used on a large number of boxes, including i386+ , Alpha, PowerPC and Sparc.

2. Understanding files and folders

Linux is made with one thought in mind: Everything is a file.

A blank piece of paper is called a file in the world of computers. You can use this piece of paper to write a text or make a drawing. Your text or drawing is called information. A computer file is another way of storing your information.

If you make many drawings then you will eventually want to sort them in different piles or make some other system that allows you to easily locate a given drawing. Computers use folders to sort your files in a hieratic system.

A file is an element of data storage in a file system (file systems manual page). Files are usually stored on harddrives, cdroms and other media, but may also be information stored in RAM or links to devices.

To organize our files into a system we use folders. The lowest possible folder is root / where you will find the user homes called /home/.

  /   /home/   /home/mom/   /home/dad/ 

Behind every configurable option there is a simple human-readable text file you can hand-edit to suit your needs. These days most programs come with nice GUI (graphical user interface) like Mandrakes Control Center and Suses YAST that can smoothly guide you through most configuration. Those who choose can gain full control of their system by manually adjusting the configuration files from foo=yes to foo=no in an editor.

Almost everything you do on a computer involves one or more files stored locally or on a network.

Your filesystems lowest folder root / contains the following folders:

/bin Essential user command binaries (for use by all users)
/boot Static files of the boot loader, only used at system startup
/dev Device files, links to your hardware devices like /dev/sound, /dev/input/js0 (joystick)
/etc Host-specific system configuration
/home User home directories. This is where you save your personal files
/lib Essential shared libraries and kernel modules
/mnt Mount point for a temporarily mounted filesystem like /mnt/cdrom
/opt Add-on application software packages
/usr /usr is the second major section of the filesystem. /usr is shareable, read-only data. That means that /usr should be shareable between various FHS-compliant hosts and must not be written to. Any information that is host-specific or varies with time is stored elsewhere.
/var /var contains variable data files. This includes spool directories and files, administrative and logging data, and transient and temporary files.
/proc System information stored in memory mirrored as files.

The only folder a normal user needs to use is /home/you/ - this is where you will be keeping all your documents.

  /home/elvis/Documents   /home/elvis/Music   /home/elvis/Music/60s 

Files are case sensitive, "myfile" and "MyFile" are two different files.

For more details, check out:

3. Understanding users and permissions

Linux is based on the idea that everyone using a system has their own username and password.

Every file belongs to a user and a group, and has a set of given attributes (read, write and executable) for users, groups and all (everybody).

A file or folder can have permissions that only allows the user it belongs to to read and write to it, allowing the group it belongs to to read it and at the same time all other users can't even read the file.

4. Who and what is root

Linux has one special user called root (this is the user name). Root is the "system administrator" and has access to all files and folders. This special user has the right to do anything.

You should never log on as this user unless you actually need to do something that requires it!

Use su - to temporary become root and do the things you need, again: never log into your sytem as root!

Root is only for system maintenance, this is not a regular user (LindowsOS don't have any user management at all and uses root for everything, this is a very bad idea!).

You can execute a command as root with:

su -c 'command done as root'

Gentoo Linux: Note that on Gentoo Linux only users that are member of the wheel group are allowed to su to root.

5. Opening a command shell / terminal

To learn Linux, you need to learn the shell command line in a terminal emulator.

In KDE: K -> System -> Konsoll to get a command shell)

Pressing CTRL-ALT-F1 to CTRL-ALT-F6 gives you the console command shell windows, while CTRL-ALT-F7 gives you XFree86 (the graphical interface).

xterm (manual page) is the standard XFree console installed on all boxes, run it with xterm (press ALT F2 in KDE and Gnome to run commands).

Terminals you probably have installed:

Non-standard terminals should install:

6. Your first Linux commands

Now you should have managed to open a terminal shell and are ready to try your first Linux commands. Simply ask the computer to do the tasks you want it to using it's language and press the enter key (the big one with an arrow). You can add a & after the command to make it run in the background (your terminal will be available while the job is done). It can be practical to do things like moving big divx movies as a background process: cp movie.avi /pub &. Jobs - the basics of job control

6.1. ls - short for list

ls lists the files in the current working folder. This is probably the first command to try out. It as a number of options described on the ls manpage.



ls -al --color=yes

6.2. pwd - print name of current/working directory

pwd prints the fully resolved name of the current (working) directory. pwd manpage.

6.3. cd - Change directory

cd stands for change (working) directory and that's what it does. The folder below you (unless you are in /, where there is no lower directory) is called "..".

To go one folder down:

cd ..

Change into the folder Documents in your current working directory:

cd Documents

Change into a folder somewhere else:

cd /pub/video

The / in front of pub means that the folder pub is located in the / (lowest folder).

7. The basic commands

7.1. chmod - Make a file executable

To make a file executable and runnable by any user:

chmod a+x myfile

Refer to the chmod manual page for more information.

7.2. df - view filesystem disk space usage

df -h

  Filesystem Size  Used Avail Use% Mounted on   /dev/hda3   73G   67G  2.2G  97% /   tmpfs      2.0M   24K  2.0M   2% /mnt/.init.d   tmpfs      252M     0  252M   0% /dev/shm 

The flags: -h, --human-readable Appends a size letter such as M for megabytes to each size.

df manpage

7.3. du - View the space used by files and folders

Use du (Disk Usage) to view how much space files and folders occupy. Read the du manual page for flags and usage.

du is a part of fileutils.

Example du usage:

  du -sh Documents/   409M    Documents 

7.4. mkdir - makes folders

Folders are created with the command mkdir:

mkdir folder

To make a long path, use mkdir -p :

mkdir -p /use/one/command/to/make/a/long/path/

Like most programs mkdir supports -v (verbose). Practical when used in scripts.

You can make multiple folders in bash and other shells with {folder1,folder2} :

mkdir /usr/local/src/bash/{old,new,dist,bugs}

mkdir manual page

The command rmdir removes folders.

7.5. passwd - changes your login password

To change your password in Linux, type:


The root user can change the password of any user by running passwd with the user name as argument:

passwd jonny

will change jonnys password. Running passwd without arguments as root changes the root password.

If you need to add several new users and give them password you can use a handy program like Another Password Generator to generate a large set of "random" passwords.

7.5.1. KDE

From KDE you can change your password by going:

  • K -> Settings -> Change Password
  • K -> Settings -> Control Center -> System Administration -> User Account

7.6. rm - delete files and folders, short for remove

Files are deleted with the command rm:

  rm /home/you/youfile.txt 

To delete folders, use rm together with -f (Do not prompt for confirmation) and -r (Recursively remove directory trees):

  rm -rf /home/you/foo/ 

Like most programs rm supports -v (verbose).

rm manual page

7.7. ln - make symbolic links

A symbolic link is a "file" pointing to another file.

To make a symbolic link :

  ln /original/file /new/link 

This makes /original/file and /new/link the same file - edit one and the other will change. The file will not be gone until both /original/file and /new/link are deleted.

You can only do this with files. For folders, you must make a "soft" link.

To make a soft symbolic link :

  ln -s /original/file /new/link 


  ln -s /usr/src/linux-2.4.20 /usr/src/linux 

Note that -s makes an "empty" file pointing to the original file/folder. So if you delete the folder a symlink points to, you will be stuck with a dead symlink (just rm it).

ln manual page

7.8. tar archiving utility - tar.bz2 and tar.gz

tar (manual page) is a very handle little program to store files and folders in archives, originally made for tapestreamer backups. Tar is usually used together with gzip (manual page) or bzip2 (manual page), comprepssion programs that make your .tar archive a much smaller .tar.gz or .tar.bz2 archive.


You can use the program ark (K -> Utilities -> Ark) to handle archives in KDE. Konqueror treats file archives like normal folders, simply click on the archive to open it. The archive becomes a virtual folder that can be used to open, add or remove files just as if you were working with a normal folder.

7.8.1. tar files (.tar.gz)

To untar files:

  tar xvzf file.tar.gz 

To tar files:

  tar cvzf file.tar.gz filedir1 filedir2 filedir2... 

Note: A .tgz file is the same as a .tar.gz file. Both are also often refered to as tarballs.

The flags: z is for gzip, v is for verbose, c is for create, x is for extract, f is for file (default is to use a tape device).

7.8.2. bzip2 files (.tar.bz2)

To unpack files:

  tar xjvf file.tar.bz2 

To pack files:

  tar cvjf file.tar.bz2 filedir1 filedir2 filedir2... 

The flags: Same as above, but with j for for bzip2

You can also use bunzip2 file.tar.bz2 , will turn it into a tar.

For older versions of tar, try tar -xjvf or -xYvf or -xkvf to unpack.There's a few other options it could be, they couldn't decide which switch to use for bzip2 for a while.

How to untar an entire directory full or archives?


for i in `ls *.tar`; do tar xvf $i; done

.tar.gz: for i in `ls *.tar.gz`; do tar xvfz $i; done

.tar.bz2: for i in `ls *.tar.bz2`; do tar xvfj $i; done

Copyright (c) 2000-2004 Øyvind Sæther. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License".

Wednesday, July 20, 2011

Security Tool Rouge ware...

Some recent versions of the Security Tool scare-ware now

includes a ransom ware component that confounds the victims by blocking the desktop with a full screen scare message. It asks for a serial number that will supposedly be provided on purchasing Security Tool, to unlock the computer.

The exact message:


For Security of your data computer is locked…To unlock your computer buy the antispyware software below and remove all viruses as soon as possible. In case trojans are not removed fro your computer in 3 hours, all data in the computer will deleted. Enter the serial number you are given after buying the antispyware below and

unlock your computer and clean the spywares.

Entering any serial with more than 12 characters removes the alert. Thanks to S!Ri.URZ for the tip.

Security Tool Ransomware

A rogue security software such as Security Tool belongs to a family of software products that call themselves as antivirus, antispyware or registry cleaners and often use deceptive or high pressure sales tactics and deliberate false positives to convince users into buying a license/subscription. They are often repackaged and renamed. They do not actually remove malware instead many of them add more malware of their own.

The ransom-ware component was named myserv.exe and found in the Windows directory. It was about 32 KB in size and detected by 26/42 (61.91%) of the antivirus engines available at VirusTotal. myserv.exe was observed making connections to webpaybill .net.

This malware is classified as:


§ Trojan.ATRAPS.Gen

§ Win32/LockScreen.EG

§ Adware.SecurityTool.R.32768

§ Trojan.Win32.VB.acwq

This ransom-ware starts with Windows by adding itself to the Run registry key:

§ HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KeyMy C:\WINDOWS\myserv.Exe

Security Tool Ransom-ware component Removal

§ Enter any serial number with more than 12 characters. For example: 1234567891011 and then click “UNLOCK” to remove the fake alert.


§ Download, Install and run MalwareBytes’s Anti-Malware. Go to the Update tab and check for updates. Once the update is completed, open the Scanner tab and choose a full-scan. Once the scan is completed, click “Show results“, confirm that all instances of the rogue security software are check-marked and then click “Remove Selected” to delete them. If prompted restart immediately to complete the removal process.


§ Download, Install, scan and clean the temporary files with CCleaner Slim version.

*By Source :

New variant of Zeus malware targets LinkedIn members...

It has been observed that the Zeus recent new variant has started to target LinkedIn members again. It was observed that the same malware Zeus had spam fake LinkedIn connection request to thousands of LinkedIn members during September last year.

LinkedIn is a most popular business networking site with more than 90 million members and the recent successful IPO. Most of the users on LinkedIn are business users. This has attracted the attention of the cyber criminals to target enterprise users. The latest version of Zeus malware sends spam email that carries the link to the malware hosted server. The email is a fake LinkedIn connection request that appears exactly same as original sent from LinkedIn website.

When the user clicks on "Accept" button in the email it takes to the websites that installs malware in the computer. Once installed this variant of Zeus can steal sensitive information like user name and password and sends it to a remote server hosted by cybercriminals.

Since the malware uses the BlackHole exploit kit to infect the computer it gets downloaded and installed automatically and silently. Zeus is known as the most prevalent malware that goes after the banking credentials.

I recommend never click on links in email to visit the social networking webstie. The best way to access your social networking website is by typing the website address in the browser and login from there. Not only LinkedIn, one should follow this rule to access any social networking website like Facebook, Twitter, LinkedIn etc.

Monday, July 18, 2011

Creation of Rules to block Junk Mails..

Outlook Express 6
Outlook Express does not have a junk mail filter built in like Outlook 200x. You can
create rules that will do essentially the same thing.

To create a rule for e-mail messages

1. On the Tools menu, point to Message Rules, and then click Mail.
Message rules cannot be created for IMAP or HTTP e-mail accounts.

2. If this is the first rule you are creating, proceed to step 3. Otherwise, on the Mail
Rules tab, click New and proceed to step 4.

3. Select the conditions for your rule by selecting the desired check boxes in the
Conditions section. (You must select at least one condition.)
You can specify multiple conditions for a single rule by selecting more than one
check box. Click the and hyperlink in the Rule Description section to specify
whether all of the rule conditions must be met before the specified action occurs
(and), or whether at least one must be met (or).

4. Specify the actions for your rule by selecting the desired check boxes in the
Actions section. (You must select at least one condition.)

5. Click the underlined hyperlinks in the Rule Description section to specify the
conditions or actions for your rule.
You can click contains people or contains specific words in the Rule
Description section to specify the people or words you'd like Outlook Express to
look for in messages. If you enter multiple people or multiple words per
condition, use the Options button in the Select People or Type Specific Words
dialog boxes to further customize the condition.

6. In the Name of the rule text box, select the default name or type a new name for
your rule, and then click OK.


• You can create a new rule by selecting an existing one on the Message Rules tab
and clicking Copy. This is helpful when the new rule you want to create is similar
to an existing one.

• You can create a rule from a message by selecting an e-mail message in the main
window and then on the Message menu clicking Create Rule from Message.
This helps by automatically filling in the name of the person on the From line; no
other information from the message, however, is entered into the rule.

To change a rule

1. On the Tools menu, point to Message Rules, and then click Mail or News,
depending on the type of rule you want to change.

2. Select the rule you want to change, and click Modify.

3. Make your changes in the Edit Rule dialog box, including renaming the rule, and
then click OK.
Blocking unwanted messages

You can control the e-mail and news messages you get in Outlook Express in several
ways. You can block certain people from sending you e-mail, you can hide conversations
that don't interest you, and you can guard against being sent damaging code in e-mail by
setting security levels.

The following topics provide more information:

To block messages from a sender or domain

You can block messages from a particular sender or domain. The domain is the name
following the @ symbol in an e-mail address.
When you block a sender or domain, no e-mail or news message from that sender or
domain will arrive in your Inbox or in the news messages you read. E-mail from blocked
senders goes directly into your Delete folder. Newsgroup messages from blocked senders
are not displayed.

1. From your e-mail Inbox or the list of messages in a newsgroup, select a message
from a sender you want to block.

2. On the Message menu, click Block Sender.


• Blocking a sender applies to standard POP e-mail only. It does not apply to HTTP
e-mail or IMAP messages.
• To remove a sender or domain from the Blocked Senders list, on the Tools menu,
point to Message Rules, and then click Blocked Senders List. Select the sender
or domain, and then click Remove.

To manage the blocked senders list

1. On the Tools menu, point to Message Rules, and then click Block Senders List.
2. To remove a sender or domain from the list, select the name and click Remove.
3. To change a sender's name or domain on the list, select the name and click
Modify. Make your changes in the dialog box and click OK.
4. To add a new sender or domain to the list, click Add. Enter the information in the
dialog box and click OK.
5. Click OK in the Message Rules dialog box to apply rules that have been added or
To set security zones

In Outlook Express, security zones enable you to choose whether or not active content,
such as ActiveX Controls and scripts, can be run from inside HTML e-mail messages.
You can choose a moderate security level that allows most active content to run, or you
can choose a more restrictive security level.

1. On the Tools menu, click Options, and then click the Security tab.
2. In the Security Zones section, choose an Internet Explorer security zone:
o Choose Internet zone for standard use. It is used by a majority of Outlook
Express users.
o Choose Restricted sites zone to create a more secure environment.


• You can adjust the security level of these and other zones in Internet Explorer.
The security settings that you make in Internet Explorer also apply to Outlook
Express. In Internet Explorer, on the Tools menu, click Internet Options, and
then adjust your settings on the Security tab.





1. W32/CONFICKER.A IT WAS REPORTED ON (November 21 2008)

2. W32/CONFICKER.B IT WAS REPORTED ON (December 29 2008)

3. W32/CONFICKER.C IT WAS REPORTED ON (February 20 2009)




Digital Protection Spyware Removal...

Description of Digital Protection consequences of its residing on your PC

That would be futile to remove Digital Protection (DigitalProtection) adware and give no regard to other parasites inhabiting your PC. The remark is made to emphasize that Digital Protection is rather a dependent program as the most common way of its downloading and installation is based on prior introduction of BHO (browser helper object) or trojan, and those infections are equally dangerous oar even more destructible and annoying than Dig

ital Protection. Upon introduction of preliminary infection things go as follows:
- in case of BHO infection , web-browser is exploited as alerts generator so that users are lured to download the adware of Digital Protection and the alerts are linked with Digital Protection website suggesting to get a copy of Digital Protection and providing relevant link. It is possible to buy the adware instantly passing by the stage of its trialware. However, you need to remove Digital Protection activated adware as it remains adware no matter you have paid for its activation;
- in case of trojan infection the rogue is downloaded in no agreement with user, nor the user is aware of infection until the downloading is complete.
Get rid of Digital Protection as there is no use to have a program that is unable to protect you from current virus attacks and remove already present in the memory of your PC malware, viruses and worms.

Digital Protection Technical Details

· Full name: Digital Protection, DigitalProtection, Digital-Protection

· Version: 2010

· Type: Rogue anti-spyware, Trojan horse

· Origin: Russian Federation

Digital Protection screenshot (click to enlarge):

Signs of being infected with Digital Protection:

Digital Protection is ordinary fake antispyware that is designed to start automatically and attempts to be the first program that appears on the monitor after Windows warming up. That might result in its conflicts with computer system and other self-initiating apps.
Digital Protection runs a show that its developers want us to treat as a scan for viruses. That is not actually a search for threats but just a show when all names of infections are actually selected randomly or invented by hackers to misleading purposes. Besides, there are alerts in abundance that appear at seemingly random intervals, but in fact they are arranged in precise sets and their appearance frequency is increasing according to the schedule specified by the hackers. Remove Digital Protection upon observing any sign of its presence. Case may occur when you may remove Digital Protection hijacker and ignore relevant suggestions to upload the trialware of Digital Protection. The hijacker betrays itself as its business is to make you visiting the website of Digital Protection so that the website is often downloaded by your browser.
Click here to remove Digital Protection and related parasites having performed the free scan.

Automatic Removal of Digital Protection from your PC:

No matter whether Digital Protection removal is an adequate measure to purify your PC of any infections, follow the link below as there is unlikely to be another way to establish if you need to remove Digital Protection only or to remove Digital Protection plus additional parasites.

Digital Protection Removal Tool

Manual Removal of Digital Protection:

Even if there is a solely of Digital Protection to remove, yet you are recommended to equip your PC with Digital Protection removal tool as that would ensure your future protection and optimize your PC configuration.
If you are going to start Digital Protection removal in manual mode, please reboot prior to the beginning of Digital Protection removal process in order that Safe Mode could be selected. Once the Safe Mode is set, make sure you have Internet connections enabled and no apps running while Digital Protection removal steps are executed.

Remove Digital Protection files and dll’s:

c:\Documents and Settings\All Users\Application Data\fiosejgfse.dll
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Digital Protection.lnk
%UserProfile%\Desktop\Digital Protection Support.lnk
%UserProfile%\Desktop\Digital Protection.lnk
%UserProfile%\Start Menu\Programs\Digital Protection
%UserProfile%\Start Menu\Programs\Digital Protection\About.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Activate.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Buy.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Digital Protection Support.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Digital Protection.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Scan.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Settings.lnk
%UserProfile%\Start Menu\Programs\Digital Protection\Update.lnk
c:\Program Files\Digital Protection
c:\Program Files\Digital Protection\about.ico
c:\Program Files\Digital Protection\activate.ico
c:\Program Files\Digital Protection\buy.ico
c:\Program Files\Digital Protection\dig.db
c:\Program Files\Digital Protection\digext.dll
c:\Program Files\Digital Protection\dighook.dll
c:\Program Files\Digital Protection\digprot.exe
c:\Program Files\Digital Protection\help.ico
c:\Program Files\Digital Protection\scan.ico
c:\Program Files\Digital Protection\settings.ico
c:\Program Files\Digital Protection\splash.mp3
c:\Program Files\Digital Protection\Uninstall.exe
c:\Program Files\Digital Protection\update.ico
c:\Program Files\Digital Protection\virus.mp3

Unregister Digital Protection registry values:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Digital Protection
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = “1″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Digital Protection”