Posts

How to remove PostgreSQL in Windows machine

Comprompt-PostgreSQL in Windows machine
PostgreSQL in Windows machine
Auto Uninstallation :-

i)Go to the Add/Remove Programs

ii) uninstall postgresql server
 or
go to the postgresql server installation directory
run the uninstaller.
Manual Uninstallation:
i) Remove the postgresql server installation directory.
 Suppose following default location then command on cmd
 (rd /s /q “C:\Program Files\PostgreSQL\8.3”)
ii) Delete the user ‘postgres’
net user postgres /delete
iii) Remove the Registry entries. (HKEY_LOCAL_MACHINE\SOFTWARE\PostgreSQL\Installations\postgresql-8.3) and (HKEY_LOCAL_MACHINE\SOFTWARE\PostgreSQL\Services\postgresql-8.3)
iv) Remove the postgresql-8.3 service.
sc delete postgresql-8.3
 
 
Courtesy :- 
Embedded System testing

DNSChanger Trojan infected machine internet not access.

DNSChanger Trojan No Internet Access on March 8

Today I Have Read News on Our Local News Paper no Internet Access on March 8. Every Time that Newspaper Title is shocked but inside story is so far then the Title but Today I have Read DNSChanger Virus/ Malware and I’m Search About this is a DNS Changer

I’m Shocked When Read one Famous Security Expert Brian Krebs say about this DNS Changer remains on computers at 50% of Fortune 500 companies, and on PCs at nearly 50% of all federal government agencies.

What is a DNS?

DNS (Domain Name System) is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other. When you enter a domain name, such as www.fbi.gov, in your web browser address bar, your computer contacts DNS servers to determine the IP address for the website. Your computer then uses this IP address to locate and connect to the website. DNS servers are operated by your Internet service provider (ISP) and are included in your computer’s network configuration. DNS and DNS Servers are a critical component of your computer’s operating environment—without them, you would not be able to access websites, send e-mail, or use any other Internet services.

What is this DNSChanger Trojan?

Criminals have learned that if they can control a user’s DNS servers, they can control what sites the user connects to on the Internet. By controlling DNS, a criminal can get an unsuspecting user to connect to a fraudulent website or to interfere with that user’s online web browsing. One way criminals do this is by infecting computers with a class of malicious software (malware) called DNSChanger. In this scenario, the criminal uses the malware to change the user’s DNS server settings to replace the ISP’s good DNS servers with bad DNS servers operated by the criminal. A bad DNS server operated by a criminal is referred to as a rogue DNS server.

This Trojan is Modify Windows Hosts file to map specific domain names to specific IP addresses and Modify Windows registry settings to reference specific (rogue) DNS servers. Once infected by the DNSChanger Trojan, however, websites entered into Internet browsers were hijacked to malicious servers and, in turn, directed the user to an unintended, fraudulent site

The DNSChanger Trojan Horse, also known as OSX.RSPlug.A and OSXPuper, and OSXJahlav-C, has been found on numerous pornographic websites disguising itself as a video codec. Once downloaded and installed, DNSChanger changes the DNS settings on the computer, redirecting websites entered by the user to malicious sites. If personal information is entered on these malicious websites, it can lead to identity theft.

Trojan.DNSChanger is a very scary Trojan that can cause serious damage to both your computer and your life. Trojan.DNSChanger opens up firewalls and collects confidential information such as personal financial information. Trojan.DNSChanger could avoid the security, monitor your Internet browsing activity, and modify the registry entries. Trojan.DNSChanger is an unwanted application that comes secretly but weaves great shock on the infected computer. Trojan.DNSChanger needs to be removed once detected to keep your computer clean and secured.

Symptom:-

* Google, Yahoo Searches are redirected. Desktop background image and Browser homepage settings are changed. This is a common symptom of a very serious Trojan.DNSChanger infection.

* Trojan.DNSChanger slows down your computer considerably and you will feel like your computer is stuck. This includes opening programs, shutting down your computer, and slow Internet.

* You will get many unwanted pop ups. Trojan.DNSChanger corrupts your windows registry and uses it to deploy annoying pop up ads out of nowhere.

How Dangerous is Trojan.DNSChanger Infection?

This infection will change your registry settings and other important windows system files. If Trojan.DNSChanger is not removed it can cause a complete computer crash.

Some Trojan.DNSChanger infections contain trojan and keyloggers which can be used to steal sensitive data like passwords, credit card, bank account information etc. So it is very important to remove Trojan.DNSChanger as early as possible before it steals your information. Trojan.DNSChanger Virus will display numerous fake infections of exaggerated security threats on your computer and then state that you should purchase the program in order to remove the infections. Do not trust the warnings shown by Trojan.DNSChanger.

How to check My Pc in Infected from DNS Changer Trojan?

It’s Very Simple to check your Pc is infected from DNSChanger Malware or not goes any site listed above here using a browser, open up one of these pages:

  1. dns-ok.us
  2. dns-ok.de
  3. dns-ok.fi
  4. dns-ok.ax

These web sites provide information, and generally display either a warning (often a red color theme) if you’re using Rove Digital DNS resolvers, or an “ok” sign (often with a green color theme) if you’re not infected.

If Wont to check your System Manual is Infected from That Malware in windows OS (Xp, Window 7). Hit Start and Run then Type Cmd a Dos window will be open and for checking your ip type ipconfig /all u have seen Your DNS note your DNS

If your computers’ DNS settings use the follow ranges, then you likely have been affected by the DNS Changer viruses.

Between this IP… … and this IP
77.67.83.1 77.67.83.254
85.255.112.1 85.255.127.254
67.210.0.1 67.210.15.254
93.188.160.1 93.188.167.254
213.109.64.1 213.109.79.254
64.28.176.1 64.28.191.254


Remove Trojan.DNSChanger (Removal Guide), How To Remove Trojan.DNSChanger

The FBI has uncovered a network of rogue DNS servers and has taken steps to disable it. The FBI is also undertaking an effort to identify and notify victims who have been impacted by the DNSChanger malware. One consequence of disabling the rogue DNS network is that victims who rely on the rogue DNS network for DNS service could lose access to DNS services. To address this, the FBI has worked with private sector technical experts to develop a plan for a private-sector, non-government entity to operate and maintain clean DNS servers for the infected victims. The FBI has also provided information to ISPs that can be used to redirect their users from the rogue DNS servers to the ISPs’ own legitimate servers. The FBI will support the operation of the clean DNS servers for four months, allowing time for users, businesses, and other entities to identify and fix infected computers. At no time will the FBI have access to any data concerning the Internet activity of the victims.

It is quite possible that computers infected with this malware may also be infected with other malware. The establishment of these clean DNS servers does not guarantee that the computers are safe from other malware. The main intent is to ensure users do not lose DNS services.

 

Trojan.DNSChanger Infection Symptoms

Computer infected with Trojan.DNSChanger?

Is your PC infected with Trojan.DNSChanger? Not to worry. Our step-by-step guide and the listed Spyware removal tool can help you safely remove Trojan.DNSChanger from your computer.

Please, be informed that manual removal of Trojan.DNSChanger malware is a cumbersome procedure and does not always ensure complete deletion of the Trojan.DNSChanger, since some files might be hidden or may automatically reanimate themselves later.

How to remove Trojan.DNSChanger Automatically?

Trojan.DNSChanger is a dangerous infection.

“Trojan.DNSChanger should be removed as early as possible. Click the “Remove this infection” button to download Trojan.DNSChanger removal tool.”

                       

Download Trojan.DNSChanger Removal Tool to automatically remove Trojan.DNSChanger.

How to Remove Trojan.DNSChanger Manually

Manual removal of Trojan.DNSChanger Spyware is a difficult task, we recommend you to use our Automatic Spyware removal tool. This is a safe and easy method. Download SPYWARE Doctor / Malware byte to automatically remove Trojan.DNSChanger.

Manual Trojan.DNSChanger Removal Steps:

* Stop Trojan.DNSChanger process using the windows task manager.

* Uninstall Trojan.DNSChanger program from windows control panel Add/Remove Programs.

* Open windows registry using regedit.exe command. Find and Remove all Trojan.DNSChanger Registry Files.

* Search for Trojan.DNSChanger Files on your computer and delete it.

Please, be informed that manual removal of Trojan.DNSChanger malware is a cumbersome procedure and does not always ensure complete deletion of the Trojan.DNSChanger, since some files might be hidden or may automatically reanimate themselves later.

Trojan.DNSChanger properties:

1. Trojan.DNSChanger Changes browser settings
2. Trojan.DNSChanger shows commercial adverts
3. Trojan.DNSChanger Connects itself to the internet
4. Trojan.DNSChanger stays resident in background

While Windows Trojan.DNSChanger is running, it will display a variety of fake security warnings and block legitimate Windows applications on your computer. Some of the alerts Trojan.DNSChanger shows are:

Attention
Suspicious software activity is detected by Trojan.DNSChanger on your computer.
Please start system files scanning for details.

Warning!
Name: taskmgr.exe
Name: C:WINDOWStaskmgr.exe

Trojan.DNSChanger detects application that seems to be a key-logger. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

Just like false scan results above, all of these alerts Trojan.DNSChanger shows are a fake and supposed to scare you into thinking your computer is in danger. You should ignore all of them!

As you can see, Trojan.DNSChanger is a scam. Most importantly, do not purchase it! Instead of doing so, follow the removal instructions provided in our site to remove Trojan.DNSChanger and any associated malware from your computer.

Associated Trojan.DNSChanger Windows Registry Information:

HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “.exe”
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “”
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “CertificateRevocation” = ’0?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings “WarnonBadCertRecving” = ’0?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesActiveDesktop “NoChangingWallPaper” = ’1?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAssociations “LowRiskFileTypes” = ‘/{hq:/s`s:/ogn:/uyu:/dyd:/c`u:/bnl:/ble:/sdf:/lrh:/iul:/iulm:/fhg:/clq:/kqf:/`wh:/lqf:/lqdf:/lnw:/lq2:/l2t:/v`w:/rbs:’
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments “SaveZoneInformation” = ’1?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableTaskMgr” = ’1?
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem “DisableTaskMgr” = ’1?
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDownload “CheckExeSignatures” = ‘no’
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain “Use FormSuggest” = ‘yes’
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced “Hidden” = ’0?
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced “ShowSuperHidden” = 0?

Associated Trojan.DNSChanger Files:

Windows XP:

%AllUsersProfile%Application Data~
%AllUsersProfile%Application Data~r
%AllUsersProfile%Application Data.dll
%AllUsersProfile%Application Data.exe
%AllUsersProfile%Application Data
%AllUsersProfile%Application Data.exe
%UserProfile%DesktopTrojan.DNSChanger.lnk
%UserProfile%Start MenuProgramsTrojan.DNSChanger
%UserProfile%Start MenuProgramsTrojan.DNSChangerUninstall Trojan.DNSChanger.lnk
%UserProfile%Start MenuProgramsTrojan.DNSChangerTrojan.DNSChanger.lnk

Windows Vista & 7:

%AllUsersProfile%~
%AllUsersProfile%~r
%AllUsersProfile%.dll
%AllUsersProfile%.exe
%AllUsersProfile%
%AllUsersProfile%.exe
%UserProfile%DesktopTrojan.DNSChanger.lnk
%UserProfile%Start MenuProgramsTrojan.DNSChanger
%UserProfile%Start MenuProgramsTrojan.DNSChangerUninstall Trojan.DNSChanger.lnk
%UserProfile%Start MenuProgramsTrojan.DNSChangerTrojan.DNSChanger.lnk

File Location Notes:

%UserProfile% refers to the current user’s profile folder. By default, this is C:Documents and Settings for Windows 2000/XP, C:Users for Windows Vista/7, and c:winntprofiles for Windows NT.

%AllUsersProfile% refers to the All Users Profile folder. By default, this is C:Documents and SettingsAll Users for Windows 2000/XP and C:ProgramData for Windows Vista/7.

To put it simply, you need to delete Trojan.DNSChanger from your computer before it cause tremendous harm. Don’t believe Trojan.DNSChanger claims that everything will go back to normal if you acquire the license for the full version of the program. You will only lose your money while the Trojan.DNSChanger rogue will remain in your system. Invest in a reliable security tool and remove Trojan.DNSChanger from your computer.

 

Courtesy :-
www.fbi.gov

http://efacebook.in/dnschanger-trojan-no-internet-access-on-march-8/

www.security.cleanpcguide.com/remove-trojan-dnschanger-removal-guide-how-to-remove-trojan-dnschanger/

www.dnschanger.com


How to Resolve Active Desktop Recovery Script Error?

The following picture shown as active desktop recovery error

 

 

Solutions :-

click “start”

type “regedit” for open registry

and go to “HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerDesktopSafeModeComponents”

and change the value DeskHtmlVersion from 252 to 0

How to perform a Mcafee command-line scan in Microsoft Windows

Summary

Usually, all On-Demand Scans are done through the VirusScan Console. However, sometimes it might be necessary to run a scan with strictly required programs only. Scenarios which require this include, but are not limited to:

  • Scanning a computer before installing VirusScan to ensure it is clean.
  • When a workstation has been infected and you are unable to load the VirusScan Console.
  • When VirusScan Enterprise (VSE) does not install successfully.

Solution

NOTES:

  • It some cases it may be necessary to run the Command Line Scan in Safe Mode.
  • McAfee recommends deleting all temporary files from your computer before running any scan. This includes files in the temp folder, temporary Internet files, Internet usage history and cookies.

Use the latest VirusScan Command Line Scanner (CLS). The CLS has the most up-to-date cutting edge generic drivers.

  1. Download the CLS scanner using your grant number.

To download McAfee products, updates, and documentation, visit the Downloads page at http://www.mcafee.com/us/downloads/downloads.aspx.

For instructions on downloading, see: KB56057.

NOTE: If you do not have a license for VirusScan Command Line Scanner, please contact McAfee Technical Support.

For contact details:

    • Non-US customers – select your country from the list of Worldwide Offices

 

Alternatively:

Log in to the ServicePortal at https://mysupport.mcafee.com:

    • If you are a registered user, type your User Id and Password and click OK.
    • If you are not a registered user, click New User and complete the required fields. Your password and login instructions will be emailed to you.

 

  1. Create a folder on the root of your primary partition. In this example: c:scan
  2. On the infected computer, extract the contents of vscl-w32-6.0.1-l.zip or later to c:scan
  3. Download the latest beta.dats from one of the location below:http://www.mcafee.com/apps/mcafee-labs/beta/dat-file-updates.aspx
  4. Extract the contents of avvwin_netware_betadat.zip to c:scan and overwrite the existing files.
  5. Perform a complete system scan (best practice).
  6. Click Start, Run, type cmd and press ENTER.
  7. From the directory created above, type scan.exe /adl /all /analyze /clean /program /unzip /winmem /rptall /report=c:scan.log and press ENTER.

 

Courtesy :- Mcafee Corporation
(https://kc.mcafee.com/corporate/index?page=content&id=KB51141)

Steps for how to resolve blocked ip message in symantec endpoint protection

Steps for how to resolve blocked ip in symantec endpoint protection :-


1.Go to Policies –> Intrusion
Prevention Policies

2.Right Click Edit –> On the Exceptions tab

3.Click Add –> Look for the ID 23179

4.click Next

5. On the Signature Action select “Allow” and click OK.

  If you want to disable the notification on
your system tray..
 

1.    Go to Clients, then the client group you want to remove this ability  from.

2. Click the Policies tab on the right, then expand ‘Location-specific
Settings’

3. Click on ‘Server Control’, then Customize.

4. In the Intrusion Prevention Notifications Uncheck the “Display
Intrusion Prevention notifications.”


Courtesy :- Symantec Corporation

How to resolve certificate error when open any website?

If you have seen security certificate error when open any website these are three cause :-

computer date is wrong or certificate has really expire or web site is not trusted.

when seen this error to check computer date and time setting.Suppose computer

date and time are not set means it’s resetting again and again then check

computer cmos battery.

After set date not see this error again but suppose this error seen again means

this site certificate is really expire or this site is not trusted.

In Endian Firewall How to Stop Spam service?

Login Endian Firewall

Go to Proxy

Click on POP3

Untick Spam Filter

&

Click on Save

How to Upgrade Cyberoam Firmware from 9.0 version to 10.0version

 

New folder create on desktop and give a name “migrate data”

 

Login cyberoam

 

On dashboard we can see the Software version. Verify the verison  is  9.6.0.78

 

Now upgrading version from 9.6.0.78 to 10.01.0667

 

Take a backup of current cyberoam

 

Go to System

 

Manage Data

 

Backup Data

 

Click on Backup

 

Download backupfile

 

After Download this backup file it’s necessary to migrate data file for using 10.0 version appliance

 

How to migrate data files?

 

 Login into customer account by following link:-
http://v9migration.cyberoam.com/offline-migration/webpages/login.jsp

 

After login successfully

 

Upload backup files

 

Convert into version 10.0

 

Download this migration file to migrate data folder on desktop.

 

Note:- Don’t be afraid when have seen this migration file size is less than original backup files.
Suppose backup file size is 5.6mb and migration file size is 30kb.

 

How to upgrade the version from 9.0v to 10.0?

 

Login into customer account by following link:-
https://customer.cyberoam.com/customermyaccount/webpages/common/customeraccount.jsp

 

Click on “Upgrade”,

 

Select
 “Select for Version 9.x.x.x to current GA Version 10.00.0xxx Firmware” option.

 

Ask for saving 10.01.0667 file

 

save to desktop

 

Now login cyberoam

 

Go to help

 

And click on upload upgrade.

 

Once upgrade 10.01.0667 file upload  is successfully

 

Then click on console tab

 

Login console

 

Select  Menu no 6 for upgrade version ask upgrade cybeoam to Latest  version

 

Choose “y” for yes

 

Then display upgrade from window

 

Choose no “1” for upgraded from the uploaded file

 

cyberoam appliance rebooted automatically.

 

After reboot the appliance

 

Login cyberoam appliance

 

Shown version 10.0.0667

 

Then restore migrate backup

 

Go to system

 

Go to maintenance

 

Go to backup and restore

 

Select path on migrated backup

 

Click on Upload

In Linux system How to set date and time?

How to check date?

Type date command

#date

Thu May 12 15:43:04 IST 2011 (Shown on today date)

How to set date and time?

For example, set new data to 2 Oct 2006 18:00:00, type the following command as root user:

# date -s "2 OCT 2006 18:00:00"


OR

# date --set="2 OCT 2006 18:00:00"

You can also simplify format using following syntax:

# date +%Y%m%d -s "20081128"

Linux Set Time

To set time use the following syntax:

# date +%T -s "10:13:13"

Where,

  • 10: Hour (hh)
  • 13: Minute (mm)
  • 13: Second (ss)

Use %p locale’s equivalent of either AM or PM, enter:

# date +%T%p -s "6:10:30AM"

# date +%T%p -s “12:10:30PM”

Courtesy :-http://www.cyberciti.biz/