How to Remove Security Guard 2012 Uninstall Guide

Security Guard 2012 is a scareware that tries to defraud less savvy computer users by scaring them into paying for a fake security product. In our previous write-up, we analyzed pretty much the same malware. Both programs are categorized as rogue/fraud software. This time, cyber crooks decided to use even more generic name to confuse more users into thinking that its a legitimate computer optimization and repair program by Microsoft. Unfortunately, it isnt. Do not pay for it. Security Guard 2012 and its scareware model closely reflects the affiliate marketing model. Although, the number of incidents have risen dramatically in the past few years, Security Guard 2012 and similar malware are preventable by users being internet savvy and keeping their computers protected. If your computer is infected with Security Guard 2012, please follow the general malware removal steps outlined below. Victims complaints are usually ignored and if you have already purchased this rogue program you should at least contact your credit card company and dispute the charges. Some users do not even realise they have been victimised. You should always check twice before paying for software that claims to be from Microsoft of other well-known companies. Especially, if it pop-ups on your computer screen like from no where or you wasnt looking to install it in the first place. If you have any further information about Security Guard 2012, please leave a comment below. We are currently investigating this threat and will provide more information as it becomes available. The following information was submitted by our readers:

• Windows was configured to use a proxy.
• Blocks legitimate security products and system tools
• Displays misleading security alerts
• Asks to purchase the program
• Runs on system start-up
• Drops a rootkit

Associated Security Guard 2012 files and registry values:

Files:

• %WINDIR%System32[SET OF RANDOM CHARACTERS].exe
• %Userprofile%Application Datadwm.exe
• %Userprofile%Application DataMicrosoftconhost.exe
• %Temp%csrss.exe

Registry values:

• HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun "[SET OF RANDOM CHARACTERS].exe"

Trojan downloader: http://vms.drweb.com/virus/?i=1477261

Quick tip: run Windows Configuration Utilities. Type MSCONFIG in the search box and press enter. Select Startup tab and unchecked any program that was just a bunch of characters, usually a bunch of random numbers. Then follow the removal instructions below.

---

Security Guard 2012 removal instructions:

1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key. Read more detailed instructions here: http://www.computerhope.com/issues/chsafe.htm


NOTE: Login as the same user you were previously logged in with in the normal Windows mode.

2. Launch Internet Explorer. In Internet Explorer go to: Tools → Internet Options → Connections tab. Click Lan Settings button and uncheck the checkbox labeled Use a proxy server for your LAN. Click OK. You may have to repeat steps 1-2 if you will have problems downloading malware removal programs.



3. Download free anti-malware software from the list below and run a full system scan.

• MalwareBytes Anti-malware
• SUPERAntispyware
• Spybot S&D
• Hitman Pro 3.5

NOTE: in some cases the rogue program may block anti-malware software. Before saving the selected program onto your computer, you may have to rename the installer to iexplore.exe or winlogon.exe With all of these tools, if running Windows 7 or Vista they MUST be run as administrator. Launch the program and follow the prompts. Dont forget to update the installed program before scanning.

4. Go back to Normal Mode and follow the TDSS, Alureon, Tidserv, TDL3 removal instructions to remove the rootkit from your computer.

Share this information with your friends:

Read More..

Spring security Part3

This is a continuation of Spring security part1 and part2.

• Spring security pre-authentication scenario - Part1
• Spring security pre-authentication scenario - Part2

This part covers some handy tips.

Q. How will you access Spring security context details within a method that is annotated with @RolesAllowed?
A. The answer is to use the SecurityContextHolder classs static method. It is a ThreadLocal class. Each thread has its own value of ThreadLocal  pointing to the same instance of SecurityContextHolder  class. Here is the sample code snippet. You can get the principal and the authorities as shown below.

 
 Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
 Collection authorities = authentication.getAuthorities();
 Object principal = authentication.getPrincipal();
 

Q. How do you map multiple authentication managers?
A. You can define multiple authentiaction managers based on URL patterns as shown below.

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
 xmlns:beans="http://www.springframework.org/schema/beans"
 xmlns:security="http://www.springframework.org/schema/security"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                      http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

    <http auto-config="false" pattern="/app1/reporting/**" authentication-manager-ref="app1ReportingAuthenticationManager" entry-point-ref="app1ReportingProcessingFilterEntryPoint">
        <security:custom-filter position="PRE_AUTH_FILTER"
                                ref="app1ReportingSiteminderFilter" />
        <logout logout-url="/j_spring_security_logout"
                logout-success-url="" invalidate-session="true" />
    </http>

 <http auto-config="false" pattern="/app1/calculating/**" authentication-manager-ref="app1CalculatingAuthenticationManager" entry-point-ref="app1Calculating">
  <security:custom-filter position="PRE_AUTH_FILTER"
   ref="app1CalculatingSiteminderFilter" />
     <logout logout-url="/j_spring_security_logout"
   logout-success-url="" invalidate-session="true" />
 </http>

 <http auto-config="false" pattern="/app2/validating/**" entry-point-ref="app2ValidatingProcessingFilterEntryPoint"
 entry-point-ref="app2Validating">
  <security:custom-filter position="PRE_AUTH_FILTER"
   ref="app2ValidatingSiteminderFilter" />
  <intercept-url pattern="/app2/**/details.csv*"
   access="ROLE_viewer, ROLE_standard, ROLE_senior" />
  <logout logout-url="/j_spring_security_logout"
   logout-success-url="" invalidate-session="true" />
 </http>

</beans:beans>

Here is a sample config for one of the http mappings:

<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
 xmlns:beans="http://www.springframework.org/schema/beans"
 xmlns:security="http://www.springframework.org/schema/security"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.1.xsd
                      http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-3.1.xsd">

 <beans:bean id="app1ReportingProcessingFilterEntryPoint"
  class="org.springframework.security.web.authentication.Http403ForbiddenEntryPoint" />

 <beans:bean id="app1ReportingSiteminderFilter"
  class="org.springframework.security.web.authentication.preauth.RequestHeaderAuthenticationFilter">
  <beans:property name="principalRequestHeader" value="SM_USER" />
  <beans:property name="authenticationManager" ref="app1ReportingAuthenticationManager" />
  <beans:property name="exceptionIfHeaderMissing" value="false" />
 </beans:bean>

 <security:authentication-manager id="app1ReportingAuthenticationManager">
  <security:authentication-provider
   ref="app1ReportingAuthProvider" />
 </security:authentication-manager>

 <beans:bean id="app1ReportingAuthProvider"
  class="org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider">
  <beans:property name="preAuthenticatedUserDetailsService">
   <beans:bean id="myAppUserDetailsServiceWrapper"
    class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
    <beans:property name="userDetailsService" ref="myUserDetailsService" />
   </beans:bean>
  </beans:property>
 </beans:bean>

 <beans:bean id="myUserDetailsService"
  class="com.myapp.MyUserDetailsServiceImpl">
  <beans:property name="domain" value="FUNDS" />
 </beans:bean>

</beans:beans>

Q. The roles are stored in the session, how will you make sure that the roles are read every time from the database?
A. It is generally a good practice to leave the roles in the session, and the session gets invalidated on logout. There are times you want the roles to be read from the database and not from the session. This can be accomplished by

Step 1: Writing a response filter to remove the roles from the Http Session. Here is the code snippet.

 
   HttpSession session = request.getSession();
   session.removeAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY);

The SecurityHolder.getContext( ) has a clearContents method, but it will only remove it from  the current thread but not the session. 

Read More..

Danger Through Computer Security

Todays world evolves through the facility of the net. The complexities of our daily living square measure was easier and easy-to-access powerful supply of knowledge and electronic communication. Barriers square measure crossed and destinations square measure reached. Cyber communities are engineered. other than communication through easy electronic mails, social networking sites are obtaining the pull of the group like Facebook, MySpace, Twitter and therefore the like. Interaction from completely different individuals round the globe, among completely different races, ages, faith and gender square measure coming back into one strand of approach of interacting and mingling with one another. Virtual friendships square measure created attainable these days. thus once this evolution of engineering has emerged, it wasnt created certain initially that everything are going to be unbroken in camera with United States of America. individuals square measure intelligent enough to form malicious package styles which will merely break and decode what was originally meant just for ourselves. This makes laptop computer security and social network like Facebook security necessary to United States of America.

Providing and dealing out for laptop Security, Security Articles, Facebook Security has conjointly been the foremost centered follow and principles in any company these days. Having a link to the foremost sure net security sites and making the most effective package security tools not simply provide protection for all knowledge} however a lot of significantly it offers you the peace of mind that your access for your data and knowledge can solely be yours. Lacking of the most effective package security tools will very be damaging to any organization. Below square measure a number of the most effective net security tool tips that everyone, be it a corporation or for private purpose, that has to be observed:


Keep it short and clear. Obviously, as a result of humans have become a lot of and a lot of intelligent during lately and apparently we are able to build things a lot of difficult. we have a tendency to build policies and procedures as long as we are able to build it attainable. this may pass the quality checking tool for any document however the question is, will these documents that square measure too long and complex be scan by others?

build mandates acceptable for individuals. generally so as to achieve the most effective security attainable, we have a tendency to systematize mandates and build rules that square measure thus strict creating it thus chimerical for individuals to catch up. this can be quite impractical and onerous to return up with.
laptop Security, Security Articles, Facebook Security protection through data security gadgets. we have a tendency to love technology as a result of weve got a transparent background of those. weve got the technical and engineering background. we have a tendency to produce new gadgets and devices and that we get excited concerning hearing new gizmos that might actually increase the increasing population of techs gadgets. However, we have a tendency to conjointly tend to forget to own security tools that ought to be deployed with restraints. the restrictions should even be accorded and contained within the tips and must not ever be forgotten.

think about the most effective practices and their extents. as a result of we have a tendency to like to confer with "best practices", we should always conjointly try and like to currently up to what extents they might be applicable to United States of America. {this can|this may|this can} show United States of America a minimum of a clue if they will render higher risks or will cut back it. generally we have a tendency to conjointly tend to travel for top level frameworks as a result of we predict that itll higher. bear in mind that we have a tendency to should conjointly adapt the protection tool that we have a tendency to acquire for our system. {we should|we should always|we should always} take care in selecting that security tools should be used and must be tailored.

hindrance of accidents through laptop Security, Security Articles, Facebook Security. to line up and brace ourselves against attainable failures, we have a tendency to should have already got an inspiration of terms for security accidents that might presumably ruin the system. Security incidents happen all the time and therefore the most sensible thanks to stop this to happen is to form the protection a lot of pricey to bypass your defences. Invest some effort into breach detection and incident response techniques. valuate the success prospects of your security tool or program.

It might be terribly confusing for United States of America if {we can|well|we square measure going to} be the one United Nations agency will expertise breach in our accounts not simply Facebook account however worse is once our emails we have a tendency to use for our skilled works are those affected. thats why its terribly essential to appear for United States of America to search out the most effective net security tools that and handily obtainable for United States of America. slightly learning concerning protective your personal sites from harmful infections scattered within the net will not very hurt particularly Facebook wherever the protection settings of this users were in danger only in the near past.

Read More..

Problems And Solutions Norton Internet Security

The internet is fraught with lot of malicious code. Even a casual internet surfer can very easily lose an expensive hard drive of his unprotected computer. Norton Internet Security software which is made by Symantec Corporation is among the most popular security programs, it defends your computer from any host of internet dangers. However, every program has its own good points and bad points, even with the best program that you trust most for keeping your computer safe. Norton Internet Security comes with a secure firewall but there are some problems that you should watch out for. In this article you will get to know about some common problem that you face with Norton Firewall.

Mac Security Update

Nortons firewall with the Internet Security 3.0 has caused little problems with a specific update to Mac OS X in 2003. When the July 14, 2003, update was actually applied, some computers could not reboot, and thus the only way to salvage all those computers was to boot it from any other another device, such as the other operating system installation disc. Users with old versions of this software should be little cautious while updating their computer system.



Blocking Internet Access

The Norton firewall will sometimes block certain websites or JavaScript, thinking they are a threat. It can also block browsers. If you receive an error reading "Server not found," Norton may be blocking your browser. "Connect attempt failed" may indicate it is blocking the website you are trying to view. These errors and JavaScript problems can be fixed by adjusting settings inside Norton.

Flaw Requiring Patch

The older versions of the Norton Security program had some flaws which may allow hackers to actually infiltrate your computers. This also included the firewall program. Symantec Company issued a patch through its Live Update service later in the year 2004 in order to fix this issue. If you are also concerned about your version of Norton program then you can also apply the patch through LiveUpdate or even manually.

Solutions

If the Norton Internet Security is not allowing you to access some websites then you can adjust the privacy settings of your computer. You can also change the strength of Norton firewall or you can even disable it temporarily to get access. If Norton Internet Security still continues to give you problems even after being temporarily disabled, in that case you can set the Norton program to start manually. This prevents Windows of your system from loading the program whenever the computer is started.

Article Source: http://EzineArticles.com/7187577

Read More..