Enter your Keyword, Search here,

Vista Tips - Enabling the outbound firewall

In Windows Vista, Microsoft decided it was best to disable the outbound connection filtering because it can cause headaches for many inexperienced computer users. This may have been the right choice but not filtering your outbound traffic can increase the possibility that an application can steal important personal information and send it to a remote computer. If this application is malicious, it can be used to steal personal information such as passwords and bank account numbers.
Turning on the outbound firewall filtering and enabling only the rules that grant your normal applications access to the Internet will greatly increase the security of your computer.
Enabling the outbound firewall rules on your computer is easy to do once you know where Microsoft hid the setting.
Follow these steps to turn the outbound firewall back on:
  1. If the Windows Firewall with Advanced Security window is not already open, click the Start button, type wf.msc in the Search box, and then press Enter.
  2. When the firewall configuration tool is loaded, click Windows Firewall Properties right in the middle of the opening screen.
  3. When the settings window loads, you will see a tab for each of the different firewall profiles. Select the tab for the profile on which you would like to enable outbound filtering.
  4. Under the State section, locate the Outbound connections drop-down box and change it to Block.
  5. Click OK when you are finished to activate the outbound firewall on the profile you specified.
Windows automatically detects any applications that try to access the Internet or other network resources that are now blocked with the outbound firewall turned on and will prompt you to automatically authorize the application to send information out to the Internet.
Written by: No comments :
Tags: , , ,

Manual Removal of W32/Midgare.WNE Trojan

Manual Removal of W32/Midgare.WNE Trojan
W32/Midgare.WNE is a trojan. The trojan will infect Windows systems.
This trojan Copies its files to Windows and Temp Folder as hidden files.
This trojan information updated on June 5, 2009.
Other names of W32/Midgare.WNE Trojan:
This trojan is also known as Trojan.Midgare.DCC, Trojan/Win32.Midgare, Trojan.Win32.Midgare.wnf.

Damage Level : Medium/High
Distribution Level: Medium
W32/Midgare.WNE Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Midgare.WNE Trojan Known File Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]
  • %Windows\serrvice.exe
  • %Documents and Settings\Default User\Local Settings\Temp\Decrypted.eXe
    [ No Exact Information about Files, search above related files in Program files Folder ]
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Midgare.WNE Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
     and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
W32/Midgare.WNE Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Delete file entries from right side
Search Registry For W32/Midgare.WNE Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , ,

Manual Removal of W32/Kolab.BZN Worm

Manual Removal of W32/Kolab.BZN Worm
W32/Kolab.BZN is a worm. The worm will infect Windows systems.
This Worm Copies its files to Windows\System and Windows\system32\drivers Folder as hidden files.
This worm information updated on June 04, 2009.
Other names of W32/Kolab.BZN Worm:
This worm is also known as TROJ_SAFBOOT.BF, Net-Worm.Win32.Kolab.bzn.

Damage Level : Medium/High
Distribution Level: Medium
W32/Kolab.BZN Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Kolab.BZN Worm Known File Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]
  • %Windows\System\svhost.exe
  • %Windows\system32\drivers\sysdrv32.sys
    [ No Exact Information about Files, search above related files in Program files Folder ]
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Kolab.BZN Worm Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
     and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
W32/Kolab.BZN Worm modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services
Delete file entries from right side
Search Registry For W32/Kolab.BZN Worm File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , , ,

Manual Removal of W32/AutoRun.AAIX Worm

Manual Removal of W32/AutoRun.AAIX Worm
W32/AutoRun.AAIX is a worm. The worm will infect Windows systems.
This Worm Copies its files to Windows\System Folder as hidden files.
This worm information updated on June 3, 2009.
Other names of W32/AutoRun.AAIX Worm:
This worm is also known as Worm.Win32.AutoRun.aaix, WORM_AUTORUN.ETH.

Damage Level : Medium/High
Distribution Level: Medium
W32/AutoRun.AAIX Worm Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/AutoRun.AAIX Worm Known File Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]
  • %Windows\System\jjxzwzjy090217.exe
  • %Windows\System\jjxzajcj32dl.dll
    [ No Exact Information about Files, search above related files in Program files Folder ]
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/AutoRun.AAIX Worm Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
     and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
W32/AutoRun.AAIX Worm modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
Delete file entries from right side
Search Registry For W32/AutoRun.AAIX Worm File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , ,

Manual Removal of W32/Vb.PGP Trojan

Manual Removal of W32/Vb.PGP Trojan
W32/Vb.PGP is a trojan. The trojan will infect Windows systems.
This trojan Copies its files to Windows\System and Windows\Temp Folder as hidden files.
This trojan information updated on June 2, 2009.
Other names of W32/Vb.PGP Trojan:
This trojan is also known as Trojan.VB.FWPE, Multidrp.AWP, Trojan.VB.NYY.

Damage Level : Medium/High
Distribution Level: Medium
W32/Vb.PGP Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
[In Windows Vista Run As Administrator, After Execution System Will Restart]
  • %Windows\System\dpcxool64.sys
  • %Windows\System\sopidkc.exe
  • %Windows\System\tpsaxyd.exe
  • %Windows\System\dncyool64.sys
  • %Windows\System\msncache.dll
  • %Windows\System\wtukd32.exe
  • %Windows\System\tpszxyd.sys
  • %WINDOWS\Temp\mta77438.dll
  • %WINDOWS\Temp\mpj23395.dll
    [ No Exact Information about Files, search above related files in Program files Folder ]
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Vb.PGP Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
     and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
W32/Vb.PGP Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\msncache\Parameters
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msncache\Parameters
Delete file entries from right side
Search Registry For W32/Vb.PGP Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , ,

Manual Removal of W32/Flux.FM Trojan

Manual Removal of W32/Flux.FM Trojan
W32/Flux.FM is a trojan. The trojan will infect Windows systems.
This trojan Copies its files to Windows\System Folder as hidden files.
This trojan information updated on June 1, 2009.
Other names of W32/Flux.FM Trojan:
This trojan is also known as W32.Popwin, Worm.Win32.Winko.I,W32/Autorun-KH.

Damage Level : Medium/High
Distribution Level: Medium
W32/Flux.FM Trojan Manual Removal Instructions
Recommend Removal from Safe Mode:
How to Start in Safe mode:
Restart your Computer, Press F8 Repeatedly, when your Screen turns on, Select Safe mode, press enter.
The Infected Files Can be Seen in these folders and names also Running in Tasks
End the Following Active Process Before Removal
  • [ Kill the Process, Use Killbox if your Access Denied ]
Download W32/Flux.FM Trojan Known File Removal Tool
[In Windows Vista Run As Administrator, After Execution System Will Restart]
  • %Windows\System\18EC257E.EXE
  • %Windows\System\71D05FA0.DLL
  • %Windows\System\A725C6BE.EXE
  • %Windows\System\8AB42F0E.DLL
    [ No Exact Information about Files, search above related files in Program files Folder ]
    If you have any of these files in running process from task manger, end the process before removal.
    Note: if task manager is disabled, Download the following file, Click to Download - Enable Registry.reg     [ Right Click - Save Target As/Linked Content As ]
    Open it with Regedit.exe [%system32\regedit.exe], then it Confirms Add to registry Yes or No, Confirm Yes, then click Ok.
W32/Flux.FM Trojan Entries Manual Removal From Registry
Click Start, Run,Type regedit,Click OK.
Note: If the registry editor fails to open the threat may have modified the registry to prevent access to the registry editor.
  • Download this UnHookExec.inf, [ Right Click - Save Target As/Linked Content As ]
     and then continue with the removal. Save it to your Windows desktop. Do not run it at this time, download it only.
  • After booting into the Safe Mode or VGA Mode
  • Right-click the UnHookExec.inf file and click Install. [This is a small file. It does not display any notice or boxes when you run it.]
W32/Flux.FM Trojan modifies registry at the following locations to ensure its automatic execution at every system startup:
Delete The Entries
HKEY_USERS\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX\SYSTEM\CurrentControlSet\Services
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
Delete file entries from right side
Search Registry For W32/Flux.FM Trojan File Names listed above to remove completely,
Edit Menu - Find, enter Keyword and remove all value that find in search.

Exit the Registry Editor,
Restart your Computer.

Recommended Removal Tools:
Killbox (Freeware)
Written by: No comments :
Tags: , , , ,

More Posts that you may be interested...