Key to Security

There are so many hacks happened in recent days. That to major corporate organisations key databases. During the IDC security road show, Dubai (21-06-2011) one of the presenters was showing a slide with some corporate logo, captioned as it’s not our customer list. It’s giving high alert to business and professionals. How to protect the critical information? Is there any one product to buy and keep as security? Lot of questions and fears! Where to protect, what to protect and how to protect. To whom we can trust, to whom we cannot. Security road show I saw another interesting caption don’t trust anyone. To build up a security systems, the primary factor is awareness. What is our critical information’s, who all have access now, how they access, where it’s kept, how it’s kept, etc. Once we have the awareness, start putting technology to protect each of the segments. Keep a proper discipline. It has to be reviewed frequently and improved.

Key to Security

 

 

25.271139 55.307485

Desktops and Notebooks Operating System

It’s been quite long period people are tied with windows operating systems in desktops and notebooks. It’s user interface, installation, support of application, integration, drivers, devices, etc. Now the technology changed. People awareness changed requirement and way of access changed. This week I installed Ubuntu 10.10 in my notebook. It’s extremely awesome.

OS appearance changed, using Ubuntu font. E-mail, chat and micro blogging integrated. Installer is simple and faster. The trend shows more organisations and individuals will adapt the new OS.

25.271139 55.307485

MAL_OTORUN Virus

To clean the MAL_OTORUN virus, I tried with couple of Anti Virus, but nothing worked out. Some Antivirus quaratined the virus, but not able to fix the issue. Finaly I used combofix.

 

Please download ComboFix from here.

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix’s window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

WORM SOHANAD

The worm behaves like below:-

1. Virus removed user folder options
2. Virus removed task manager option
3. Virus make used user messenger, communicator, e-mail contacts and send messages to outside
4. Changed user default Internet explorer home page to – http://h1.ripway.com/poojasharma/index.html
5. Created xxx.exe folder for each files and folder name

                     i.      Folder Name         – sales, Created folder as sales.exe

                    ii.      File Name              – purchase, created folder as purchase.exe

 

To clean the worm manually use:-

 

1. Kaspersky Virus Removal Tool

2. ComboFix

3. Trend CWSHREDDER

 

It’s been identified by 2007.  

Kaspersky  –           IM-Worm.Win32.Sohanad.gen

Trend         –           WORM_SOHANAD.JJ