XP Antivirus Protection AKA: XPAntivirus is fake antivirus software program. This program is typically known to infect a computer just after performing an install of specific video codec. This corrupted video codec is usually distributed with a Trojan, Malware and Virus. It is crucial to remove all the components of XP Antivirus and all malware and trojans such as zlob.trojan, trojan.vundo and trojan.downloader that may have been installed along with it. The following tutorial explains how to remove this XP Antivirus Protection.

How to remove XP Antivirus Protection:

1. Navigate to Start-> Run, type cmd in the box and click Open
2. In the command window, type regsvr32 /u shlwapi.dll and press Enter
3. Next type regsvr32 /u wininet.dll and press Enter
4. Next Press Ctrl + Shift + ESC
   
5. Right click on XPAntivirus.exe from the processes window and select the option to end process
6. Right click on XPAntivirusUpdate.exe from the processes window and select the option to end process
7. Navigate to Start-> Search, then click on Files and Folders. Search for and delete the following files:
   1. XPAntivirus.exe
   2. XPAntivirusUpdate.exe
   3. shlwapi.dll
   4. wininet.dll
   5. XP Antivirus 2008.lnk
   6. Uninstall XP Antivirus 2008.lnk
   7. XP antivirus
   8. XPAntivirus.lnk
   9. Uninstall XPAntivirus.lnk
   10. XPAntivirus on the Web.lnk
   11. XPAntivirus.url
8. Navigate to Start-> Run, type regedit in the box and click Open
9. Delete XP antivirus in the following path: HKEY_USERS\Software\
10. Restart your PC and everything should be back to normal

This entry was posted on Friday, February 22nd, 2008 at 6:26 pm and is filed under Windows Tips and Tricks.

Increase in NDR (Bounce) Messages

Over the last several weeks there has been a major increase in the quantity of “backscatter” junk email - specifically, undeliverable email notices (also known as Non-Delivery Receipts).

This generally occurs when spammers ’spoof’ a valid domain as the supposed ‘From’ address of the junk mail messages. When the junk mail messages are sent to non-existent email addresses, the receiving mail server sends a bounce message to the supposed sender of that junk mail, i.e. to the unsuspecting domain that was spoofed. Given the very high volume of junk mail that spammers send, the unfortunate spoofed domain can see a large number of these bounce messages.

Unfortunately, there is no way to prevent a spammer from spoofing any email address that they want to use. (Techniques such as DKIM authentication or SPF will help identify those messages as spam, but they do not prevent the spammer from sending those messages in the first place.) Similarly, there is no way to prevent mail servers that receive these junk messages from sending bounce messages to that spoofed domain.

These bounce messages can be difficult for a spam filter to block, as these bounces generally look very similar to ‘legitimate’ bounce messages that people receive if they mistakenly send an email to a nonexistent address. Sometimes there is enough left over ’spammy’ content in the bounce messages that the messages can be identified as junk mail, but it generally does not make sense to block all bounce messages as an ongoing, long-term policy, due to the risk of blocking the occasional ‘legitimate’ bounce messages as well.

(TSB) TheSpamBusters.com has added a mechanism that allows us to temporarily block all bounce messages for a domain, so that if or when a domain has been spoofed, an administrator can simply change one setting in the web interface and all the bounce messages to that domain will be temporarily handled as junk mail. After a day or two (when the bounce messages subside), this setting can be disabled.

*** If you would like more information on how to protect scrub your email and add protection from Spam Mail before it reachs your computer, contact The Spam Busters a Service of ParagonHost, LLC (866) 412-HOST (467

ParagonHost, LLC

http://www.ParagonHost.com

“World Class Internet Services”

(866) 412-HOST (467

Bounced Email or Backscatter

Digital Ink Content Is Displayed as a Box with a Red “X” in Messages That You Send by Using Outlook Web Access

View products that this article applies to.
Article ID : 820278
Last Review : October 25, 2007
Revision : 2.4

SYMPTOMS

When a recipient opens a message that you sent by using Microsoft Outlook Web Access (OWA), and the message contains digital ink notes that you copied and pasted from another program (such as Microsoft Windows Journal on a Tablet PC), a box that contains a red “X” is displayed in the message instead of the digital ink content.

You do not experience these symptoms when you compose and send the message by using Microsoft Outlook.
Back to the top

CAUSE

This behavior occurs because the digital ink content is not included as part of the message when you send it by using OWA. When you copy digital ink notes from a source program, the digital note content is created as a temporary .gif file. Although the message appears to contain the image when you paste the digital ink content into the body of the message, the image is not included in the message when you send it.

Although you can add attachments to the body of messages in Outlook, you must install the Secure/Multipurpose Internet Mail Extensions (S/MIME) Control on the computer before you can do so in OWA.
Back to the top

WORKAROUND

To work around this behavior, download and install the S/MIME Control in Outlook Web Access. The S/MIME Control permits you to add attachments to the body of messages in OWA. To install the latest version of S/MIME on your computer:1. Start Outlook Web Access, and then click Options.

2. Under E-mail Security, click Download.

3. Follow the instructions on the screen to install the S/MIME Control on your computer.

After you install the S/MIME Control, OWA includes the digital ink content in a message that is made up of multiple parts and sends it to the recipient. When the recipient opens the message, the image is displayed in the message. Note that in addition to the image, the message also contains a box with a red “X.”

What Is DNS?

• DNS is a distributed database that is the default naming system for IP-based networks. DNS names are user-friendly, which means that they are easier to remember than IP addresses.
• DNS names remain more constant than IP addresses.
• DNS is used to resolve computer names to an IP address and to locate computers within local networks as well as on the Internet.
• Host names refer to specific computers on the Internet or a private network. A host name is the leftmost portion of a fully qualified domain name (FQDN), which describe the exact position of a host within the domain hierarchy (Example: spiceworks.rocks.com).

How DNS Works In Theory

Domain names, arranged in a tree, cut into zones, each served by a nameserver. The domain name space consists of a ‘tree” of domain names. Each node or leaf in the tree has one or more resource records, which hold information associated with the domain name. The tree sub-divides into zones. A zone consists of a collection of connected nodes authoritatively served by an authoritative DNS nameserver. (Note that a single nameserver can host several zones.) When a system administrator wants to let another administrator control a part of the domain name space within his or her zone of authority, he or she can delegate control to the other administrator. This splits a part of the old zone off into a new zone, which comes under the authority of the second administrator’s nameservers. The old zone ceases to be authoritative for what goes under the authority of the new zone. A resolver looks up the information associated with nodes. A resolver knows how to communicate with name servers by sending DNS requests, and heeding DNS responses. Resolving usually entails iterating through several name servers to find the needed information. Some resolvers function simplistically and can only communicate with a single name server. These simple resolvers rely on a recursing name server to perform the work of finding information for them.

Types Of DNS Records

• An A record or address record maps a hostname to a 32-bit IPv4 address.
• An AAAA record or IPv6 address record maps a hostname to a 128-bit IPv6 address. (Spiceworks does not work with Ipv6 at this time)
• A CNAME record or canonical name record is an alias of one name to another. The A record to which the alias points can be either local or remote - on a foreign name server. This is useful when running multiple services (like an FTP and a webserver) from a single IP address. Each service can then have its own entry in DNS (like ftp.example.com. and www.example.com.)
• An MX record or mail exchange record maps a domain name to a list of mail exchange servers for that domain.
• A PTR record or pointer record maps an IPv4 address to the canonical name for that host. Setting up a PTR record for a hostname in the in-addr.arpa. domain that corresponds to an IP address implements reverse DNS lookup for that address. For example (at the time of writing), www.icann.net has the IP address 192.0.34.164, but a PTR record maps 164.34.0.192.in-addr.arpa to its canonical name, referrals.icann.org.
• An NS record or name server record maps a domain name to a list of DNS servers authoritative for that domain. Delegations depend on NS records.
• An SOA record or start of authority record specifies the DNS server providing authoritative information about an Internet domain, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
• An SRV record is a generalized service location record.
• A TXT Record allows an administrator to insert arbitrary text into a DNS record. For example, this record is used to implement the Sender Policy Framework and DomainKeys specifications.
• NAPTR records (”Naming Authority Pointer”) are a newer type of DNS record that support regular expression based rewriting.

Other types of records simply provide information (for example, a LOC record gives the physical location of a host), or experimental data (for example, a WKS record gives a list of servers offering some well known service such as HTTP or POP3 for a domain). When sent over the internet, all records use the common format specified in RFC 1035 shown below.

Source: ConfigServer.com http://www.ConfigServer.com 

Why you should use :fail:

There are sound technical reasons that you should only use :fail: and not :blackhole: on a cPanel server running exim. We have conducted quite extensive testing to establish this configuration is best and outline the reasons here.

In general the two different settings both discard email not destined for a POP3 account, an alias or a catchall alias. However, ever since cPanel included the verify = recipient code in the standard cPanel ACL section for exim, the way email is discarded differs with the two methods quite starkly:

• Using :blackhole: email is accepted and received into the server in its entirety. It is then processed through exim and only on delivery is it written to the null device (/dev/null) and silently ignored.
  • This wastes server bandwidth as the email data, or body, of the email is accepted into the server
  • This wastes server resources (CPU, memory and disk I/O) as the email is fully processed by exim before being finally written to /dev/null
  • Because the blackholed email is still processed through the whole of exim before it is finally deleted, if any of the usual checks and routing that any email goes through fails, such email can be placed in the exim mail queue for later reprocessing. This can lead to tens of thousands of blackholed emails accumulating in the exim mail queue which in turn can cause a range of serious server performance and resource problems and will affect the normal and timely delivery of email
  • This actually breaks the SMTP RFC’s because you’re not notifying the sending SMTP server that the email is undelivered, which is a requirement
  • Causes emails that will never be delivered onto the exim mail queue because checks such as sender verification are still carried out when processing such emails and if they cannot complete they will stay on the exim mail queue and repeatedly reprocess the email until it is finally discarded (usually 4+ days). This can cause very large mail queues full of spam which is repeatedly processed causing severe performance degradation
• Using :fail: the email is never accepted into the server. During the initial SMTP negotiation when the senders SMTP server connects to your SMTP server, the sending SMTP server issues a RCPT command notifying your server which email address the email to follow is intended for. Your server then checks whether the recipient email actually exists on your server (a POP3 account, an alias or a catchall alias) and if it does not, it issues an SMTP DENY which terminates the attempt to deliver the email.
  • This saves bandwidth as the email data is never received into your server
  • This saves server resources as the email never has to be processed
  • This complies with the SMTP RFC’s because the sending SMTP server receives the DENY command
  • Your server does not send a bounce message (just the DENY command)
  • Your server does not send anything to the sender of the email (i.e. the address in the From: line)
  • The sending SMTP server is responsible for notifying the original sender

Here is a simple explanation of what happens during the SMTP conversation

• Some other SMTP server connects to your server on port 25 and initiates an SMTP connection (EHLO command)
• Other server then sends a message saying who they’re delivering a message for (MAIL FROM command)
• Other server then sends who the message is for on your server (RCPT command)
• At this point your server then checks whether the email address in the RCPT command can actually be delivered on your server. If you do not have a catchall alias configured to point to an email address (Default Address) and you have it set to :fail: the following happens:
• Your server sends back along the same connection to the sending server “Go away, no-one here” (the DENY command)
• The sender server would then normally tell their user that the attempt to email your server failed. Your server does not send a “bounce” message. As far as your server is concerned, all that has happened is a little SMTP chatter and no email has been received and no bounce sent

Additionally, this is what our Exim Deny ACL does:

• If the sender server tries four email addresses that don’t exist on your server the ACL disconnects the session with the sender server (DROP) and puts the IP address of the sender server into /etc/exim_deny
• If the sender server connects again, the ACL first checks /etc/exim_deny and if it finds the senders IP address there the session is immediately disconnected

Source: http://www.blackberry.com/btsc/articles/551/KB02318_f.SAL_Public.html

Select the Wipe Handheld option

To delete all the data from your BlackBerry smartphone, complete the following steps. This option is available with BlackBerry® Device Software 3.8 and later.

1. On the Home screen of the BlackBerry smartphone, click Options.
2. If you are running BlackBerry Device Software 4.1 or later, click Security Options > General Settings. Otherwise, click Security.
3. Open the menu and then select Wipe Handheld > Continue.
4. Type blackberry and then press the Enter key. All the data on the BlackBerry smartphone is deleted.

Type an incorrect password

To delete all the data from your BlackBerry smartphone, lock the BlackBerry smartphone, then type an incorrect password ten times. During this process you may be prompted to type blackberry a few times. Once completed, all data on the BlackBerry smartphone is deleted.

Note: You must have a password set on your BlackBerry smartphone in order to perform this task.

Use the Application Loader tool to delete all data

To delete all the data from your BlackBerry smartphone, complete the following steps:

1. Connect your BlackBerry smartphone to the computer, open BlackBerry Desktop Manager, and type the password of your BlackBerry smartphone, if prompted.
2. Double-click Application Loader > Next.
3. On the Device Security Password screen, type the password of your BlackBerry smartphone. Click Next.
4. On the Device Application Selection screen, click Next.
5. On the Completing the Application Loader Wizard screen, click Advanced. The Device Data Preservation screen is displayed.
6. To delete all application data from the BlackBerry smartphone, select the Erase all application data check box. Click Next.
7. Select Do not automatically back up and restore the device application data during the loading process. Click Next.
8. Click Finish. The BlackBerry smartphone resets. This might take several minutes.

Use the Backup and Restore tool to clear the application databases

To clear the application databases from your BlackBerry smartphone, complete the following steps:

1. Connect your BlackBerry smartphone to the computer, open BlackBerry Desktop Manager, and type the password of your BlackBerry smartphone, if prompted.
2. Double-click Backup and Restore > Advanced.
3. Press and hold the Shift key while selecting all the databases in the Handheld Databases list box.
4. Click Clear.
5. Click OK on the Warning window. All application databases on the BlackBerry smartphone are erased.

Type an incorrect password in the Application Loader tool

To delete all the data from your BlackBerry smartphone, complete the following steps:

1. Connect your BlackBerry smartphone to the computer, open BlackBerry Desktop Manager, and double-click Application Loader.
2. In the Application Loader Wizard window, click Next.
3. On the Device Security Password screen, type an incorrect password, and click Next. Perform this step ten times.
4. Click Close. Without software, the BlackBerry device is unresponsive and displays device error 507.
5. Reinstall the BlackBerry Device Software. For instructions, see KB03621

Layered Security Approach Helps Small Businesses Protect Information – Overview

As most seasoned mountain climbers know, the key to keeping warm in subzero temperatures is to put multiple layers of insulation between themselves and Mother Nature.

To help protect your company’s data, you should take cues from the climbers. Instead of looking for a magic formula, you should approach data security from the perspective of layers or building blocks. Each safeguard you can place between malicious online threats and your company’s data will provide another layer of security for the lifeblood of your business: information. The layers – or building blocks – that all small businesses should consider are:

Following are some key considerations for these building blocks.

Building Block 1: Physical Security

When a notebook turns up missing, a desktop is stolen or a handheld is lost, the information stored on the devices goes right along with it. For many small businesses, the cost of losing that data can be far more devastating than the replacement costs of the devices. Small businesses whose employees spend most of their time out of the office, where wireless devices are more vulnerable to loss or theft, can be especially impacted and should be sure to have a protection plan as it relates to physical security.

Physical security includes cable locks and asset tagging, as well as recovery services (such as ComputraceComplete¹ from Absolute Software) that are designed to protect your PCs and the data they contain from theft and unauthorized access. Products like those offered by Computrace also can help you remotely track PC configurations and usage.

Building Block 2: User Security

As a small business owner, you should consider your company’s data in much the same way you consider your personal property: You have things you don’t mind sharing with people you know and other stuff that nobody touches but you.

That’s the way you should set up your systems. And with user authorization protocols and software, you can. The first thing to do is to set up your systems so that only authorized users – your employees and, in some cases, your customers – can access the information you want to share with them. The next step is to make sure your employees can readily access information they need in order to do their work efficiently, but are restricted from accessing sensitive company information.

To meet these steps – user authentication, password and encryption technology offer the best solution:

Another important user security precaution is instituting an e-mail and Internet security policy. By getting each employee on the same page about security, you’ll be less likely to experience security problems. Click here for more information on e-mail and Internet security policies.

Building Block3: System Security

More than any other device on your network, the individual PC is the Achilles’ heel in terms of vulnerability because it’s the favored point-of-entry for some of the most common security threats. And the “work-anywhere workforce” enabled by wireless technologies heightens your security challenge. That’s why installing and keeping a current version of security software on all your employees’ computers is a necessary first step to system security. This software helps protect against viruses, worms, spyware, and other threats that are transmitted over the Internet, as well as files imported from USB keys, instant messaging and other means. Click here for a more focused article on spam, viruses and spyware.

Another smart step is to set up your IT structure in a way that enables you to view and manage all of your company’s computers from one central location. This step, which you can achieve by using solutions such as Dell’s OpenManage^TM  Network Manager, will add confidence that all your PCs have the same level of protection.

Dell also helps small businesses protect their systems from unauthorized access, control and damage with a more secure or “hardened” operating system configuration. This service involves more than 50 factory-activated security settings within the operating system designed to meet security benchmarks established by the Center for Internet Security.

Another important area that small businesses would prefer to avoid – but definitely need to consider – is hard drive failures. Specifically, you need to consider what will happen to your data – and how you want to manage it – in the event of a fatal hard drive crash. To that end, Dell offers a “Keep Your Hard Drive”² service that helps small businesses stay in control of important data. Under this program, if a hard drive covered by your Dell limited warranty³ fails, you can keep the defective hard drive that’s being replaced by Dell, helping you protect sensitive, classified or proprietary information.

Building Block 4: Network Security

Without a doubt, network technology drives small business productivity and success. But it also increases vulnerability to security threats. Fortunately, a wide range of technologies in the marketplace today are designed specifically to help small businesses keep your networks safe and secure:

ParagonHost, LLC

http://www.ParagonHost.com

ScanDefense / TheSpamBusters / MyiContact

(866) 412-HOST

ScanDefense.com - ContentProtect Home Suite

Powered by Net Nanny / Content Watch
Protection Services by ScanDefense.com

Features/Benefits of Individual Modules

ContentProtect™ is the most effective and flexible
Internet filter available today! The state-of-the-art
dynamic filtering engine ensures that your family
members won’t be exposed to pornography and other
offensive content.

ContentProtect™ is the only family-oriented filter that
allows you to manage your home Internet use from
anywhere at any time through powerful Remote
Management tools. ContentProtect can be used as
configured right “out of the box” or you can adjust the
filter settings according to your personal preferences
and needs.

Features/Benefits

• #1 Rated Internet Filter – Internetfilterreview.
com; Filterguide.com
• Integration With Popular Search Engines –
ContentProtect leverages “Safe Search” type options
found in popular search engines such as Google,
Yahoo, Dogpile, AltaVista, Lycos, AllTheWeb, and MSN.
This new feature will enable better protection against
pornographic images when doing an image only search.
• Remote Management – Powerful Remote
Management tools exist to help parents to manage and
maintain Internet policies remotely; for example, from
work if Internet access exists.
• Enhanced Reporting – ContentProtect reports
have been enhanced through the use of Flash
technology. Reports are dynamic in nature and provide
parents with a first class presentation of Internet activity
of children. Reports track where, when and how often
children visit certain Web sites by category.
• Time Management – ContentProtect includes a
powerful time management feature that permits parents
to set the time of day when children can access the
Internet as well as a time quota feature that permits
administrators to assign a block of time to a child. Once
that child’s time quota is used up, they can no longer
access the Internet.
• Customized Lists – ContentProtect permits
parents to create customized lists of unacceptable or
acceptable Web sites. For example, parents could set
up a list (white list) of friendly sites that don’t necessarily
get filtered.
• Email Notifications – Parents can be notified
via email when children are blocked, warned or try to
violate or override the defined Internet Policy.
• Instant Messaging – ContentProtect provides
better tools for managing access to popular Instant
Messaging applications. ContentProtect also records IM
sessions so that parents can review the dialog that
takes places between children, friends and potential
predators.
• Internet Game Management – ContentProtect
permits parents to block access to certain Internet
games..
• Peer-to-Peer Management – ContentProtect
permits parents to block access to certain Peer-to-peer
(P2P) sites.

Product Data Sheet

3 great Internet Protection tools —1 great value! Protect your family on the Internet from
inappropriate content. ContentProtect Home Suite gives you a fully integrated suite of Internet

Protection tools including:

ContentProtect™ — The industry’s leading Internet filtering software
ContentCleanup™ — The ability to analyze your hard drive, categorize content and then
remove unwanted files from your PC
Privacy Protection — Protection from fraudulent and online phishing scams

• Customization – ContentProtect is highly customizable permitting each family member to have their own filtering settings, rather than forcing them
into a “one size fits all.”
• Multi-Language Support – ContentProtect now localized and filters Internet content in multiple languages including English, Chinese and Spanish.
ContentCleanup™
This simple-to-use tool helps users analyze, categorize and erase unwanted content from their computers. ContentCleanup starts by running a
comprehensive scan on the user’s computer and categorizes them in files types: History, Cookies, Documents, Temporary Internet files, Images, Audio,
and Video. In addition, ContentCleanup further analyzes each file in depth using ContentProtect’s award-winning and patent-pending dynamic analysis
engine which identifies potentially objectionable files and categorizes them into one of 28 different content categories, ranging from Pornography or
Adult/Mature to Sports and Travel. By doing this, it enables the user to easily identify objectionable files and delete them; freeing up disk space on the
user’s computer and enhancing its performance.

Features/Benefits

• Scan and categorize each file-type based on its content and where it came from.
• View each file in a “thumbnail view” to determine if it is suitable to view before opening the file for further inspection.
• View images in a “blurred” mode so you avoid exposure to objectionable or questionable images.
• ContentCleanup scans, analyzes and categorizes every file on your computer including Images, Video, Audio, Text, and Program files.
• Move objectionable items to an encrypted quarantine folder for later review or deletion.
• View an enhanced summary of each scan through the use of Flash technology. Reports detail by type and category the number of items found, items
quarantined, and items deleted.
• Specify the types of files you want to scan, specify the location, and/or include size restraints.
• Control the removal of files through our Cleanup Wizard.
• Enhances PC performance by freeing up disk space.
Privacy Protection
Powered by CallingID, Privacy Protection warns users of potentially dangerous Web sites by verifying information about the site’s ownership including
its origin, date created, and any other pertinent information concerning the legitimacy of the Web site. If any information is suspicious, a visual warning will
appear to inform the user. Other features of the product include:
Features/Benefits
• Site Verifications – Verifies safe sites before users do business with them
• Verification Tests – Executes 52 verification tests on each page users visit and provides them with simple easy, to understand risk.
• Site Warning – Choose between two different methods of warning users about suspicious sites: foreground message box, or background pop-up window.
• Configurable Warning Level – Choose to warn users of either or both “High Risk” and “Low Risk” suspicious sites.

Support
ContentProtect Home Suite is backed by toll-free technical support and email support.

Automatic Updates
With state-of-the-art technology, ContentWatch updates users with the latest lists, definitions, and technology, as they become available. This process can
happen automatically or manually depending on the user preference enabling the customer to have the most current version of the software available.

More info on this product and Sign-up for a FREE Trial: ScanDefense.com

Source: http://www.scandefense.com/pdf/cphomesuite_rev.pdf