Friday, December 4, 2009

Brand windows with your name

Let's do some fun stuff today....
open notepad dump the following lines into it and save it with the name OEMINFO.INI in the c:\windows\system32 directory:



[General]
Manufacturer=,...............
Model=...............
[Support Information]
Line1=Aman Arora
Line2=.........
Line3=email
Line4=24
Posted by at No comments:

Is Ur Anti Virus Scanner Really Working ?

Have you ever wondered if your anti-virus software is really working? Would you like to see what happens when it detects a virus? Here's a safe way to test your computer's virus protection that doesn't require you to have a real virus.
First, open Notepad. Then copy and paste into it the text on the line below. (It should all be on one line.)
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Then select File, Save and select all Files for the file type, then save the file as eicar.com
Your anti-virus software may prevent you from saving the file as eicar.com, which is a sign that it is working effectively. If it doesn't raise an alert, try scanning the folder where you saved eicar.com. To see what happens if you try to run a file containing a virus, double-click eicar.com to open it.
Explanation
The file eicar.com you have created is completely safe. It is not a virus. It is a standard test file developed by the European Institute for Computer Anti-virus Research (EICAR). All anti-virus products are programmed to detect this file as if it was a real virus. Therefore you can safely use it to test whether your anti-virus software works, without fear of infecting your computer.
If your anti-virus product should fail to prevent you from running the file, it will simply display the text "EICAR-STANDARD-ANTIVIRUS-TEST-FILE" in a DOS box. No harm will have been done, but you should probably consider using a better anti-virus product, because if it had been a real virus, your computer would by now be infected!
Posted by at No comments:

For slow internet speed fastest browsing tricks

These are few steps to make your firefox run at lightining speed
1. first in the URL bar, Type “about:config”. This will bring up a list of commands and variables you can edit.
2. The second step is to put “network.http.pipelining” in the filter and change the value to “true”.
3. After that you will want to put “network.http.proxy.pipelining” in the filter.
Like the last one, make that value set to “true” also.
4. Next, locate “network.http.pipelining.maxrequests” and change the value to some number higher, say 10,20 or even 30, it would make up to 10,20 or 30 requests at once.
5. The last step is to right click anywhere and select “New” then “Integer”. Name it “nglayout.initialpaint.delay” and make its value “0?. This will make the browser respond faster on the information of the websites it receives.
6. Close out FireFox (make sure FireFox is closed by viewing the Task Manager) and restart it and enjoy the new mega speed
Posted by at No comments:

Mozilla Firefox Shortcuts

* Ctrl + Tab or Ctrl + PageDown: Cycle through tabs.
* Ctrl + Shift + Tab or Ctrl + PageUp: Cycle through tabs in reverse.
* Ctrl + (1-9): Switch to tab corresponding to number.
* Ctrl + N: New window.
* Ctrl + T: New tab.
* Ctrl + L or Alt + D or F6: Switch focus to location bar.
* Ctrl + Enter: Open location in new tab.
* Shift + Enter: Open location in new window.
* Ctrl + K or Ctrl + E: Switch focus to search bar.
* Ctrl + O: Open a local file.
* Ctrl + W: Close tab, or window if there's only one tab open.
* Ctrl + Shift + W: Close window.
* Ctrl + S: Save page as a local file.
* Ctrl + P: Print page.
* Ctrl + F or F3: Open find toolbar.
* Ctrl + G or F3: Find next...
* Ctrl + Shift + G or Shift + F3: Find previous...
* Ctrl + B or Ctrl + I: Open Bookmarks sidebar.
* Ctrl + H: Open History sidebar.
* Escape: Stop loading page.
* Ctrl + R or F5: Reload current page.
* Ctrl + Shift + R or Ctrl + F5: Reload current page; bypass cache.
* Ctrl + U: View page source.
* Ctrl + D: Bookmark current page.
* Ctrl + NumpadPlus or Ctrl + Equals (+/=): Increase text size.
* Ctrl + NumpadMinus or Ctrl + Minus: Decrease text size.
* Ctrl + Numpad0 or Ctrl + 0: Set text size to default.
* Alt + Left or Backspace: Back.
* Alt + Right or Shift + Backspace: Forward.
* Alt + Home: Open home page.
* Ctrl + M: Open new message in integrated mail client.
* Ctrl + J: Open Downloads dialog.
* F6: Switch to next frame. You must have selected something on the page already, e.g. by use of Tab.
* Shift + F6: Switch to previous frame.
* Apostrophe ('): Find link as you type.
* Slash (/): Find text as you type.
Posted by at No comments:

Secure your Mobiles

Please note this carefully:
If you receive a phone call on your Mobile from any person saying that they are checking your mobile line or going to give you some offer/ prize, and ask you to press #90 or #09 or any other number. End that call immediately without pressing any Number. There is a company in
Pakistan that is using a device that once you press #90 or #09 they can access your SIM card and make calls at your expense. ( for example..It is equal to give pin number of your ATM Card).They are misusing it to make calls from Indian numbers. Forward this message to as many friends as u can, to stop it. This information has been confirmed by both Motorola and Nokia... There are over 3 million mobile phones affected by this. You can check this news at CNN website.
Posted by at No comments:

Wednesday, November 11, 2009

Funny UST Scandal virus

How I removed Funny UST Scandal virus from my system.Recently my system infected with a virus. I am using Win XP and using McAFee. But, McAFee did not recognise the threat at all.Characteristics: The virus is closing every program it thought might be dangerous to its existence. If I open task manager, virus is minimizing it to system tray. There are processes running killer.exe, smss.exe, lsass.exe. Yes, smss.exe and lsass.exe are system processes, but virus is running two processes with the same name. one process is running with the name smss.exe, while two processes are running with the name lsass.exe, in that one is system process, another one is virus.I have already installed process explorer, otherwise I would have to download it from another system because when I tried to download it from the Net virus is closing the window. I have used this software to kill the above processes. In the process, before I am killing the processes virus is minimizing this process explorer to system tray, I am opening it from there, and I closed all the processes. Two entries are there for lsass.exe, one is child process for System process, another one is child for explorer.exe, this later one is virus process.Once virus processes are closed, I took the following steps:
Deleted Funny UST Scandal.exe, smss.exe, and killer.exe in Windows folder, Windows\System, and Windows\System32 folder.
Checked and deleted root folder of every partition for these files and autorun.inf. In some locations I found xmss.exe also, they all have some icon. So, I recognised them easily.
Usually these files will be hidden. You can use “attrib –h –s smss.exe” in command prompt to unhide them and then delete. But, I have used Bullet Proof FTP for locating these hidden files and deleting them. As I have already installed the software I used it, you can download trial version. It is very easy by using this FTP client. With attrib command we have to go every location and issue command and then delete it. This BP FTP is showing hidden files, and I dont need to use DOS commands.
Deleted C:\Documents and Settings\All Users\Start Menu\Programs\Startup\lsass.exe. I have also deleted Desktop.ini files which are placed in every folder of Start menu for every user. I think this file shouldn't in those locations.
Used MSConfig command to clean the startup items, I have unchecked all suspicious processes from startup tab.
Using RegEdit tool, deleted Auto Play entries which are pointed to smss.exe
And then searched for “Funny”, “Killer”, “Smss”, and “lsass”. Be careful when deleting lsass keys as there is an important system process will be running with the same name. System copy of the file will be in the Windows\System32 folder.If you find this information useful, please leave a comment below.
Posted by at 1 comment:

Your mobile's unique number

Every Mobile contains a number to uniquely identify it. GSM, CDMA uses different types of numbers. It is International Mobile Equipment Identity (IMEI) for GSM phones, Electronic Serial Number (ESN), and Mobile Equipment Identifier (MEID) for CDMA phones.This number can be found underneath the battery. You can find IMEI number by pressing *#06# in your GSM Mobile also. Note down the number. In case you lost your mobile, you can use this number to block the phone.You can know Mobile model, etc here by giving IMEI number.
Posted by at No comments:

Lost mobile phone?

If you have lost your mobile, you can block the handset with the help of unique number of your mobile. For this, you have to give complaint in the police station, and after that go to your operator. You needed to give your mobile's unique number. Your operator will put this number in a shared list. All the operators which are following the list will block the phone from using. This will work even the thief uses new SIM of another operator as long as that operator following that common list.You can buy and install some software before you lost mobile so that you can track your mobile.Lost Mobile Tracking System (LMTS) sends a message to you when somebody inserted new SIM in your mobile. You have to provide alternate number, and email id when registering. When the SIM was changed, LMTS sends a message containing new SIM number, and location to the alternate number, email.Virtual Mobile Security (VMS) offers more options. This software can hide your data apart from sending message. You can retrieve contacts from address book remotely, play alarm, display a message with your details (or warning message). Even you can lock the phone also.
Posted by at No comments:

Webpage disabled rightclick?

Some sites will disable right clicking on the page using JavaScript. If you find this annoying there is a solution. In you Firefox, go to Tools > Options > Content. Click on the 'Advanced' button opposite to the 'Enable Java Script'. Then un check the "Disable or replace context menus". Thats it.
Posted by at No comments:

Registry Accessing disabled?

Many viruses disable the access to the registry so that we can't remove the virus entries in the registry. In these cases you can download the following file UnHookExec.inf. After downloaded, right click on the file, and select Install.You can enable it manually by editing the group policy editor. Go to Windows > Run > gpEdit.mscGo to User Configuration > Administrative Templates > System > Prevent Access to Registry Editing Tools. Disable it. You should be able to open regedit now.
Posted by at No comments:

Removed Fun.exe, dc.exe, SVIQ.exe virus

I have got a virus, which automatically opening the Yahoo messenger. So, when I have looked the processes in the task manager, I have found the following processes Fun.exe, dc.exe, SVIQ.exe.I killed those processes, by right clicking the process and select "End Process Tree". After I have killed all those processes, I searched Internet and found the following link W32.Imaut.AS (also called Dung Coi). Then I have deleted all the virus files and cleaned the registry.I am describing the exact steps below:
First go to the task manager (right click on the task bar > task manager) and select the processes tab.
Right click on the Fun.exe, dc.exe, SVIQ.exe and select "End Process Tree". This stops the viruses from interrupting in the cleanup process.
Go to the MSConfig (Win+R, type MSConfig and press enter). Go to the startup tab. Uncheck the dc.exe, fun.exe, SVIQ.exe, Other.exe, Win.exe. This stop the virus processes from starting with the windows.
Next go to the Registry Editor (Win+R, type RegEdit and press enter). Remove the following keys
dc, dc2k5, fun under the key HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
load, run under the key HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
Go to the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon and Modify Shell's value to "Explorer.exe".
Remove HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dc
Remove HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\dc2k5
Remove HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Fun
Remove HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Load
Remove HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Run
Delete the following files.
%Windir%\Help\Other.exe
%Windir%\inf\Other.exe
%Windir%\system\Fun.exe
%Windir%\System32\config\Win.exe
%Windir%\System32\WinSit.exe
%Windir%\dc.exe
%Windir%\SVIQ.exe
%Windir%\System32\NWB.dat
c:\PNga.txt
%Windir%\wininit.iniI have created two files to automate the process of deleting the Registry keys, and the virus files. Download Fun Virus Removal, unzip it. Double click on the RemoveVirus.bat file.Thats it. I got rid from the virus. I read in the net that this virus will create a copy of virus file in directories with the same name and uses a folder icon, so that users will click on it thinking it was a folder. But, I dint get any files like that, if you got any files like that, don't click on them, delete them immediately. If you have any doubt, right click on that and select properties, then you can know whether it is a file or folder.
Posted by at No comments:

Stop viruses coming from pen drives

Now a days pen drives ( or USB drives ) are became necessary. But there is a problem with these pen drives. They can be very easily infected by viruses. But, we can not live without using pen drives.You can be a bit more careful when using pen drives to prevent them infecting your system with different types of viruses.
First disable auto play in your system. This prevents viruses in the pen drive from running automatically when pen drives are inserted into the system. (Please note that this will disable auto playing of CDs also).
After inserting pen drive into the system open it in explorer mode only, don't open it in My Computer.
To open Explorer, press Win+E on your keyboard.
Or right click on My Computer, and select explorer.
If My Computer is already opened, click on 'Folders' in the tool bar (or View menu> Explorer Bar> Folders).
Always open pen drive by clicking on the pen drive name from the left pane only. Don't open from right pane.
Don't open the files you don't need. If you find any file suspicious, right click on file name and select properties. It will show complete details about that file. Don't rely on icons. Some viruses use folder icon to make us think that they are folders, and most probably we will double click on that to see what is there in that folder which actually executes the virus.A little careful handling of pen drives will prevent a lot many viruses.
Posted by at No comments:

Clean New Folder.exe, RegSvr.exe Virus

Recently I got infected with this virus. This virus just shows a message when windows started, "Rundll.exe is not found.......", and infecting the pen drives for first few days. Not much harm. But after 4 or 5 days it is starting creating copies of virus file in many folders. The copy will be having the same name as the folder name and it also having folder icon, so that we will think it as another folder.When I have searched Internet, I got the following link useful Am I Works. I have developed a tool for removing this virus.Download New Folder virus removal tool, unzip it, and double click on RemoveVirus.bat file. Tell me if you get rid of virus in comments section.Note: If you are not able to open Registry Editor (Win+R, regedit.exe), See Accessing Registry disabled?
Posted by at No comments:

RDown - Rapidshare Downloader

You can download rapidshare files without using any downloader.
Using firefox now things are easy to download rapidshare links.
https://addons.mozilla.org/en-US/firefox/search?q=rdown&cat=all
Posted by at No comments:
Subscribe to: Posts (Atom)