XP Smart Security Removal

XP Smart Security Removal / ComboFix

The virus which attacked my laptop last weekend… I just removed it from the Task manager. But when ever my laptop connect to the WEB, it get started again…

I just referred some site and found that below registry code can be used to remove the same…

1. Click Start->Run (or WinKey+R). Input: "command". Press Enter or click OK.
2. Type "notepad" as shown in the image below and press Enter. Notepad will open.
3. Copy and past the following text into Notepad:

Windows Registry Editor Version 5.00[-HKEY_CURRENT_USERSoftwareClasses.exe]
[-HKEY_CURRENT_USERSoftwareClassessecfile]
[-HKEY_CLASSES_ROOTsecfile]
[-HKEY_CLASSES_ROOT.exeshellopencommand][HKEY_CLASSES_ROOTexefileshellopencommand]
@=""%1″ %*"

[HKEY_CLASSES_ROOT.exe]
@="exefile"
"Content Type"="application/x-msdownload"

I tried the same but no use… the XP smart Security still pop-up again and irritated me… As usual my final and the best malware fix which can remove all these F$%$% things is ComboFix… I just went to http://www.combofix.org and downloaded the file and ran it in my laptop and got it fixed…

Main Things to be considered while using ComboFix are

1, This is a freeware and every day it gets updated, so you need the latest version to fix your laptop/desktop.

2, Its extremely a powerful program, which could even CRASH your computer. So pls be careful while using this.

3, b4 running this in your comp, don't 4get to disable the antivirus or firewall in your desktop/laptop.

4, It may take some time to clean up your system, but after the full clean up. Your system performance will be great.

I strongly recommend ComboFix to clean up your computer, if you have enough knowledge in using the same…

10 Solid Tips to Safeguard Your Facebook Privacy

Facebook statistics show that it has 250 million active users each with an average 120 friends. More than 1 billion photos are uploaded every month by its users, over 70% of whom use applications like games and quizzes in Facebook. Unfortunately, most users don’t know the implications of entering personal information, making friends, and playing games on Facebook.

This guide will show what you can (and cannot) do to safeguard your Facebook privacy.

1. Organize Friends in Lists

What do you do when your boss, mother-in-law, or a casual web acquaintance sends you a friend request on Facebook? Use Friend Lists. Friend Lists are the foundation of your Facebook privacy settings. Select Friends from the top menu, and use the Create link to create friend lists like Co-workers, Family, College Friends, etc. Your friends can’t see your lists, so you can name them whatever you like.

Tip: On your left sidebar, all your friend lists may not show up by default. Click More to see all of them, and drag and drop those you want above the separator.

2. Customize Profile Privacy

Click Settings > Privacy Settings > Profile. Select which parts of your profile will be seen by whom.

If you choose Customize in the drop down, you can be more specific. This is where the Friend Lists you created before become really useful.

Also go to the Contact Information tab and choose how you want your contact information to be shared on the Internet.

3. Set Facebook Privacy Level of Photo Albums

On the Photos tab of your profile page, click Album Privacy. Here again, you can use your Friend Lists to set the privacy for each photo album.

Note that your profile pictures go into a special album that is always visible to ALL your friends.

4. Restrict Search Visibility

Click Privacy > Search to set your visibility when someone searches Facebook for people. This is an important way to safeguard your Facebook privacy. You can also select what will be visible in the search results.

5. Control Automatic Wall Posts and News Feed Updates

Your actions in Facebook such as comments, likes, appear as highlights on ALL your friends’ home pages. You cannot use friend lists here, only turn them on or off.

Go to Privacy > News Feed and Wall and choose whether you want your boss or ex-girlfriend to know that you’re in a relationship.

6. Set Facebook Wall Privacy

Go to your profile page, click Options > Settings under the status box.

Here you can control whether your friends can post to your Wall, and who can see the posts made by your friends.

7. Avoid Appearing in Advertisements

Facebook has two types of advertisements: third-party and Facebook. Third-party advertisements are currently not allowed to use your pictures, but there is a setting to disallow it if it is allowed in the future. Go to Privacy > News Feed and Wall > Facebook Ads tab to turn this off.

The Facebook ads shown to your friends are about ‘social actions’ like becoming a fan of something. You can turn this off at the bottom of the page.

8. Protect Yourself from Friends’ Applications

Go to Privacy > Applications, and click the Settings tab and uncheck all the boxes. These settings control what information about you is visible to applications installed by your friends. By default, these are set to visible. This means that your religious, sexual, and political preferences, pictures, etc. are readily available to one of the million worldwide Facebook application developers, each time any of your friends takes a quiz, plays a game, or runs any other Facebook app. This is obviously a Facebook privacy issue.

This is the most commonly misunderstood aspect of Facebook privacy. These settings control what applications installed by your friends can see about you, even if you don’t install the application yourself.

Why is this important? Because these settings will not change anything about what you are sharing with the applications you install yourself. For that, go to the next step.

9. Privacy from Your Applications

There is no way to control what applications see about you; it is an all-or-nothing affair. Take this quiz developed by the American Civil Liberties Union to check what anonymous application developers can know about you and your friends each time you take a quiz.

The Burton Group’s Identity Blog features the Facebook Privacy Mirror, an application that you can use to find out what applications know about you and your friends. If you really want to see exactly what profile data of each of your friends is visible to application developers, Privacy Mirror shows it in detail.

The only thing you can do is to authorize only those applications you require and trust. Go to Settings > Application Settings from the top menu. Change the drop-down from Recently Used to Authorized. Here you can see all the applications you have authorized to get access to ALL your profile information. Remove the ones you no longer need.

Also check the list of applications Allowed to Post and Granted Additional Permissions to remove unwanted ones.

10. Quitting Facebook? Delete, Don’t Just De-Activate Your Account

You can easily deactivate your account in Facebook from the Settings page. But deactivation will retain all your profile information within Facebook, including pictures, friends, etc. If you want to permanently delete your Facebook account, click here to submit a deletion request. Note that:

1. There is an unspecified delay between submitting your delete request and actual deletion.
2. If you login to Facebook, your deletion request is automatically cancelled.
3. There doesn’t seem to be any way to confirm that your request was completed.
4. Even after permanent deletion, Facebook says that copies of your photos may remain on their servers for technical reasons.

Also, note that once in a while, there is news of a Facebook hack or leak that can expose your information on the Internet. It is better to be safe than sorry by avoiding using Facebook for anything that may embarrass you.

I hope this article gives you a better understanding and insight into Facebook’s privacy.

Major Security Hole Discovered on Facebook and MySpace - The oversight allowed account hijacking and theft of user data - Softpedia

Major Security Hole Discovered on Facebook and MySpace - The oversight allowed account hijacking and theft of user data - Softpedia: "A Web developer has documented a proof-of-concept attack that could have been used to hijack accounts and steal private information on Facebook and MySpace. The attack leveraged a serious security oversight in XML configuration files used to define the cross-domain access policy for Flash applications.

The discovery was made while 24-years-old Dutch Web developer Yvo Schaap tried to find a workaround to a problem he was having with one of his Facebook applications. “I found a solution to one of my function limitations. Surprisingly, when looked into more carefully my solution allowed full access and control to the Facebook user account that accessed my application,” he notes on his blog.

As the programmer goes on to explain, this is not actually a bug, but an insecure configuration issue in crossdomain.xml. This file can be used to tell a Flash application, loaded from a URL and executed locally on the client, if it is able to access a file served from its domain. For example, if the owner of domain A wants to let an application from domain B access its files, it can specify domain B in the crossdomain.xml on its server.

While the crossdomain.xml on facebook.com whitelisted only other domains and sub-domains associated with Facebooks, the similar file on connect.facebook.com contained an <allow-access-from domain=”*” /> directive. This meant that any Flash application, hosted on any domain, was allowed to access data on the connect.facebook.com sub-domain.

“This wouldn't be a big deal if the subdomain only hosts images, but unfortunately this domain hosts the whole Facebook property, including a facebook user session,” Mr. Schaap notes. The web developer goes on to point out that if a user has auto-login enabled and is served with the URL to a specially-crafted flash file, an attacker could obtain full control of their account.

MySpace also suffered from a similar crossdomain.xml misconfiguration, though not as obvious as in Facebook's case. In particular, the crossdomain.xml on myspace.com granted access to a farm.sproutbuilder.com sub-domain. Sprout Builder is a web application building platform, which amongst other types of media, allows its clients to upload and incorporate .swf (Flash) files into their projects. As it turns out, these files are hosted on farm.sproutbuilder.com, thus opening the opportunity to create MySpace self-propagating social networking worm.

Yvo Schaap contacted both companies in advance of making this public and they moved swiftly to address the security problems. However, if two of the biggest social networking platforms left such gaping security holes opened, it is reasonable to assume that many smaller websites also have them."

Source: http://news.softpedia.com/news/Major-Security-Hole-Discovered-on-Facebook-and-MySpace-126327.shtml

Basic Security Enhancements

10 Fast and Free Security Enhancements.

Before you spend a day time on security, there are many precautions you can take that will protect you against the most common threats.

1. Check Windows Update and Office Update regularly (http://office.microsoft.com/productupdates); have your Office CD ready. Windows Me, 2000, and XP users can configure automatic updates. Click on the Automatic Updates tab in the System control panel and choose the appropriate options.

2. Install a personal firewall. Both SyGate (www.sygate.com) and ZoneAlarm (www.zonelabs.com) offer free versions.

3. Install a free spyware blocker. Our Editors' Choice ("Spyware," April 22) was SpyBot Search & Destroy (http://security.kolla.de). SpyBot is also paranoid and ruthless in hunting out tracking cookies.

4. Block pop-up spam messages in Windows NT, 2000, or XP by disabling the Windows Messenger service (this is unrelated to the instant messaging program). Open Control Panel | Administrative Tools | Services and you'll see Messenger. Right-click and go to Properties. Set Start-up Type to Disabled and press the Stop button. Bye-bye, spam pop-ups! Any good firewall will also stop them.

5. Use strong passwords and change them periodically. Passwords should have at least seven characters; use letters and numbers and have at least one symbol. A decent example would be f8izKro@l. This will make it much harder for anyone to gain access to your accounts.

6. If you're using Outlook or Outlook Express, use the current version or one with the Outlook Security Update installed. The update and current versions patch numerous vulnerabilities.

7. Buy antivirus software and keep it up to date. If you're not willing to pay, try Grisoft AVG Free Edition (Grisoft Inc., www.grisoft.com). And doublecheck your AV with the free, online-only scanners available at www.pandasoftware.com/activescan and http://housecall.trendmicro.com.

8. If you have a wireless network, turn on the security features: Use MAC filtering, turn off SSID broadcast, and even use WEP with the biggest key you can get.

9. Join a respectable e-mail security list, such as the one found at our own Security Supersite at http://security.ziffdavis.com, so that you learn about emerging threats quickly and can take proper precautions.

10. Be skeptical of things on the Internet. Don't assume that e-mail "From:" a particular person is actually from that person until you have further reason to believe it's that person. Don't assume that an attachment is what it says it is. Don't give out your password to anyone, even if that person claims to be from "support."