Open Task Manager ( Right click on your taskbar and click “Task Manager” )
· Click on Processes tab and select “wscript.exe” and click “End Process” button.
(Remember to remove all wscript.exe)
· Go to My Computer, Click on Tools -> Folder Options, click on View tab
· Under Advance settings,
check “Show Hidden files and folders“,
uncheck “Hide extensions for known file types“,
uncheck “Hide protected operating system files (Recommended)”
and click “OK” button
· Go to C:\WINDOWS or C:\WINNT and delete file MS32DLL.dll.vbs
· Now go to all your drive in your computer, and delete autorun.inf and
MS32DLL.dll.vbs including your USB Drive and Floppy disk. All the autorun.inf and
MS32DLL.dll.vbs file is located at the root directory of your drive, ex:
c:\MS32DLL.dll.vbs, d:\MS32DLL.dll.vbs …
To access your drive, Go to My Computer, right click on the drive and select “Explore”
· Next we are going to clean your registry record. Click Start -> Run, type regedit
· Go to HKEY_LOCAL_MACHINE \Software \Microsoft \Windows \Current Version
\Run and delete MS32DLL (right click on it and select delete)
· Now we are going to disable CD Autorun, Go to HKEY_LOCAL_MACHINE \SYSTEM \CurrentControlSet \Services \Cdrom look for Autorun and double click on it and enter 0
as it’s DWORD value
You can skip this steps if you do not wish to disable CD Autorun feature. But Hacked By Godzilla worm
spread when CD Autorun is ON.
· Go to HKEY_CURRENT_USER \Software \Microsoft \Internet Explorer \Main and
delete “Window Title” which has it’s value of “Hacked by Godzilla“
· Now go back to My Computer, Click on Tools -> Folder Options, click on View tab
· Under Advance settings,
uncheck “Show Hidden files and folders“,
check “Hide extensions for known file types“,
check “Hide protected operating system files (Recommended)”
and click “OK” button
· Empty your Recycle Bin.
· Restart your PC and your PC should be clean from Hacked by Godzilla now
Friday, December 19, 2008
Tips to clean ur System Registry
If your System is infected with virus and is getting executed every time when the system reboots follow
the steps below to remove its execution at startup.
1. Download procexp.exe(process explorer) and autoruns.exe from the below URL which are freely
available .
http://technet.microsoft.com/hi-in/sysinternals/25e27bed-b251-4af4-b30a-c2a2a93a80d9(enus).
aspx
2. Procexp.exe(http://live.sysinternals.com\procexp.exe) is used to kill the unwanted processes
running in background. If your application is getting closed immediately after it opens, You can
use this tool to identify such process and to kill it. After killing the virus related process follow
the below step to disable that application at next startup.
3. The Autoruns.exe(http://live.sysinternals.com\autoruns.exe) windows utility is a more useful
alternative to windows built-in tool “msconfig” which shows what programs and services are set
to start automatically with windows.Autorun.exe displays every entry that starts at system startup.
Look at the file signatures., i.e Microsoft Corporation for Microsoft products, Sun
Microsystems.Inc for java software etc., If you didn’t find any signature corresponding to it, Look
at it carefully. If its installed by you keep that entry else delete that entry. For example ,look at
the below autorun.exe output.
C:\Windows\smss Logon Application c:\windows\smss.exe
C:\svchost Logon Application c:\svchost.exe
C:\windows\Explorer.exe Logon Application Microsoft Corporation
c:\windows\explorer.exe
C:\java\java Application Sun Microsystems. Inc c:\java\java.exe
Both the first two entries doesn’t have signatures associated with them, so we can delete both
these entries.
NOTE : if these tools are not available , you can do the same by using windows built-in tools like
taskmgr.exe and msconfig.exe with less efficiency.
the steps below to remove its execution at startup.
1. Download procexp.exe(process explorer) and autoruns.exe from the below URL which are freely
available .
http://technet.microsoft.com/hi-in/sysinternals/25e27bed-b251-4af4-b30a-c2a2a93a80d9(enus).
aspx
2. Procexp.exe(http://live.sysinternals.com\procexp.exe) is used to kill the unwanted processes
running in background. If your application is getting closed immediately after it opens, You can
use this tool to identify such process and to kill it. After killing the virus related process follow
the below step to disable that application at next startup.
3. The Autoruns.exe(http://live.sysinternals.com\autoruns.exe) windows utility is a more useful
alternative to windows built-in tool “msconfig” which shows what programs and services are set
to start automatically with windows.Autorun.exe displays every entry that starts at system startup.
Look at the file signatures., i.e Microsoft Corporation for Microsoft products, Sun
Microsystems.Inc for java software etc., If you didn’t find any signature corresponding to it, Look
at it carefully. If its installed by you keep that entry else delete that entry. For example ,look at
the below autorun.exe output.
C:\Windows\smss Logon Application
C:\svchost Logon Application
C:\windows\Explorer.exe Logon Application Microsoft Corporation
c:\windows\explorer.exe
C:\java\java Application Sun Microsystems. Inc c:\java\java.exe
Both the first two entries doesn’t have signatures associated with them, so we can delete both
these entries.
NOTE : if these tools are not available , you can do the same by using windows built-in tools like
taskmgr.exe and msconfig.exe with less efficiency.
Sunday, December 14, 2008
Preventions for using Social Networking
Do not clik on uncertified weblinks whic is used to receive in your inbox. To overcome this problem dowloand internet explorer 7 browser. By using Internet Explorer 7 user easily know that where received weblink certified or not with the help of Extende Validation (SSL) Certificate. Further more details please visit
www.microsoft.com/windows/products/winfamily/ie/ev/default.mapx
INVITATIONS
Most of the Hackers used send group Invitation Messages by using your friend's Mail ID to inviting into some other new social networking. In such case ignore these type of messages and not to open until it confirms with ur friend.
PROTECT YOUR ADDRESS BOOK
Many members usually sends social networking invitaion web links to all of their friends whoever available on their address book. But always it's not safe method of sending. Instead sending all at a time better to send individual member separately.
OPEN EACH WEB LINK IN EACH NEW BAR
Every day new web site links appear in you mail box, most of the members simply clicks on the link in existing mail. But it is not safe all the tims. Hence every link is to be open in separate page by using copy & Paste of said links.
SOCIAL ENGINEERING...?
Cyber cheaters always creates profile with false details and proceeds into your mails. The process of this sytem is called Social Engineering. So ignore unknown person's invitations into your Social Networking. For more details about Social Networking please visit
www.microsoft.com/protect/yourself/phishing/engineering.mspx
GUIDE LINES FOR USING 3rd PARTY APPLICATIONS
Every Social Networking providing somany 3rd party applications to their members. They can dowload such applicationa and also keep into as their personal message. Becareful about such applicatons, cyber killers can cheat you with the help of such applications. Here is a link which helps you for using 3rd party applications
www. microsoft.com /pro tect/yourself/downloads/about.mspx
3rd PARTY APPLICATIONS Vs. HACKERS
Now a days most of the MNCs have been facing with Viruses, Spywares, Fishing Scams and Cyber Attacks. Resons for these kind problems are most of their employees were using Social Networking and dowloading 3rd party applications. So when we download these applications hackers easily take over important data from your PC. Hence MNCs banned 3rd party applications.
For more details about preventions aginst 3rd party applications please visti.
http://blogs.msdn.com/securitytipstalk/archive /2008/09/02/be-careful-with-social-networking-sites-especially-at-work.aspx /2008/09/02/be-careful-with-social-networking-sites-especially-at-work.aspx
KIDS Vs SOCIAL NETWORKING
When kids are retriving social networkings website preventions must be taken
for more details please visit.
www.microsoft.com/protect/family/guidelines/rules. mspx
www.microsoft.com/windows/products/winfamily/ie/ev/default.mapx
INVITATIONS
Most of the Hackers used send group Invitation Messages by using your friend's Mail ID to inviting into some other new social networking. In such case ignore these type of messages and not to open until it confirms with ur friend.
PROTECT YOUR ADDRESS BOOK
Many members usually sends social networking invitaion web links to all of their friends whoever available on their address book. But always it's not safe method of sending. Instead sending all at a time better to send individual member separately.
OPEN EACH WEB LINK IN EACH NEW BAR
Every day new web site links appear in you mail box, most of the members simply clicks on the link in existing mail. But it is not safe all the tims. Hence every link is to be open in separate page by using copy & Paste of said links.
SOCIAL ENGINEERING...?
Cyber cheaters always creates profile with false details and proceeds into your mails. The process of this sytem is called Social Engineering. So ignore unknown person's invitations into your Social Networking. For more details about Social Networking please visit
www.microsoft.com/protect/yourself/phishing/engineering.mspx
GUIDE LINES FOR USING 3rd PARTY APPLICATIONS
Every Social Networking providing somany 3rd party applications to their members. They can dowload such applicationa and also keep into as their personal message. Becareful about such applicatons, cyber killers can cheat you with the help of such applications. Here is a link which helps you for using 3rd party applications
www. microsoft.com /pro tect/yourself/downloads/about.mspx
3rd PARTY APPLICATIONS Vs. HACKERS
Now a days most of the MNCs have been facing with Viruses, Spywares, Fishing Scams and Cyber Attacks. Resons for these kind problems are most of their employees were using Social Networking and dowloading 3rd party applications. So when we download these applications hackers easily take over important data from your PC. Hence MNCs banned 3rd party applications.
For more details about preventions aginst 3rd party applications please visti.
http://blogs.msdn.com/securitytipstalk/archive /2008/09/02/be-careful-with-social-networking-sites-especially-at-work.aspx /2008/09/02/be-careful-with-social-networking-sites-especially-at-work.aspx
KIDS Vs SOCIAL NETWORKING
When kids are retriving social networkings website preventions must be taken
for more details please visit.
www.microsoft.com/protect/family/guidelines/rules. mspx
Subscribe to:
Comments (Atom)