Monday, September 21, 2009

Registry Editing Has Been Disabled By Your Administrator

Many times when working on a computer that has been infected with a virus, trojan, or piece of spyware I find myself with my most important command, Regedit, the Windows Registry Editor being disabled. Virus creators like to disable the Registry Editor so it makes solving the problem and removing the issue difficult.Sometimes administrators in IT departments may place restrictions on using the regedit command to keep employees from changes things on company computers, but viruses and other issues may also try to disable it.Listed below you will find the different ways to enable regedit, the Registry Editor.
Method 1 - Enabling the Registry with VBScriptDoug Knox, a Microsoft Most Valuable Professional, has created a VBScript that enables or disables the Registry Editor based on the following location in the registry. Of course, since the registry editor is disabled, you can't change it manually, so Doug wrote a Visual Basic Script to accomplish the task.HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\System\Visit Doug's page and download Registry Tools VBScript to your desktop, double-click on it to run it, then reboot your computer and try to open the Registry Editor.If this fix didn't solve your problem, try method two shown below.
Method 2: Use Symantec's tool to reset shell\open\command registry keysSometimes worms and trojans will make changes to the shell\open\command registry entries as part of their infections. This will cause the virus to run each time you try to run an .exe file such as the Registry Editor. In these cases, visit Symantec's website and download the UnHookExec.inf file to your desktop. Right-click on it and choose Install. Restart your computer and then try to open the Registry Editor.Method 3: Rename Regedit.com to Regedit.exe
Some viruses and other malware will load a regedit.com file that is many times a zero byte dummy file. Because .com files have preference over .exe files when executed if you type REGEDIT in the run line, it will run the regedit.com instead of the real regedit.exe file. Delete the regedit.com file if its a zero byte file to restore access to REGEDIT. In some cases, such as the W32.Navidad worm, you'll need to rename the REGEDIT file to get it to work.Method 4: Windows XP Professional and Group Policy EditorIf you have Windows XP Professional and access to an administrative user account, you could change the registry editor options in the Group Policy Editor.
Click Start, Run
Type GPEDIT.MSC and Press Enter
Go to the following location
User Configuration
Administrative Templates
System
In the Settings Window, find the option for "Prevent Access to Registry Editing Tools" and double-click on it to change.
Select Disabled or Not Configured and choose OK
Close the Group Policy Editor and restart your computer
Try opening REGEDIT againAlthough there are a few other ways, the above ways I have used with great success in re-enabling the REGEDIT command. If you are interested in more ways to reactive the REGEDIT command, you may want to visit a site called Killian's Guide, that goes into more detail on a variety of ways to get the registry editor to work again.
Posted by at No comments:

Thursday, September 17, 2009

How to Delete Undeletable Files in Windows



Many times when trying to remove an unwanted program, especially a piece of adware or spyware
, you may run across a file that is undeletable by any normal method. When you try to remove it you'll receive the error message shown below telling you "access denied" and explaining the file may be in use. You may also receive one of the following messages.Cannot delete file: Access is deniedThere has been a sharing violation.The source or destination file may be in use.The file is in use by another program or user.Make sure the disk is not full or write-protected and that the file is not currently in use.So if the file is in use, how do you delete it?I'll show you several ways of removing these types of files and even some freeware programs that help you remove these pesky undeletable files.

Many times when trying to remove an unwanted program, especially a piece of adware or spyware
you may run across a file that is undeletable by any normal method. When you try to remove it you'll receive the error message shown below telling you "access denied" and explaining the file may be in use. You may also receive one of the following messages.Cannot delete file: Access is deniedThere has been a sharing violation.The source or destination file may be in use.The file is in use by another program or user.Make sure the disk is not full or write-protected and that the file is not currently in use.So if the file is in use, how do you delete it?I'll show you several ways of removing these types of files and even some freeware programs that help you remove these pesky undeletable files.



In Windows XP, there are a couple ways to remove an undeleteable file, a manual way, and a couple automated ways using some freeware programs. First, I'll show you the manual way.Manual MethodIf you already know the path to the file, please skip to Step 7
1. Click on Start, Search, All Files and Folders
2.Type the name of the undeletable file in the box shown
3.Make sure the Look In box shows the correct drive letter
4.Click Search and let the computer find the file
5.Once the file is located, right-click on it and choose properties, make a note of the file location.
6.Usually this is something similar to c:\windows\system32\undeleteablefilesname.exe
7.Close the search box
8.Click on Start, Run, and type CMD and Press Enter to open a Command prompt window
9.Leave the Command Prompt window open, but proceed to close all other open programs
10.Click on Start, Run and type TASKMGR.EXE and press Enter to start Task Manager
11.Click on the Processes tab, click on the process named Explorer.exe and click on End Process.
12.Minimize Task Manager but leave it open
13.Go back to the Command Prompt window and change to the directory where the file is located. To do this, use the CD command. You can follow the example below.Example: to change to the Windows\System32 directory you would enter the following command and Press Entercd \windows\system32
12.Now use the DEL command to delete the offending file. Type DEL where is the file you wish to delete.Example: del undeletable.exe
13.Use ALT-TAB to go back to Task Manager
14.In Task Manager, click File, New Task and enter EXPLORER.EXE to restart the Windows shell.
Close Task ManagerPrograms to automatically delete a file

Pocket Killbox
A simple .exe file that you can use to delete undeleteable files, although the program will also delete temporary files, edit the HOSTS file, and more. A definite must have program when you are fighting an annoying spyware or adware program that won't remove.
Unlocker
Unlocker is another program that runs from the right click menu. Its simple and very effective. The website even has a side by side comparision of other programs that accomplish this task.
Using one of the three tools shown above, you should be able to remove those annoying undeleteable files once and for all

Posted by at 1 comment:

Saturday, September 5, 2009

Soft virus With Hard Action (songs.exe, khatarnak.exe pictures.exe )

.


The virus was reported by one of our readers and surprisingly this virus spreads under the names of songs.exe, khatarnak.exe and pictures.exe apart from others.
Steps to remove this virus:
1.    Turn off the System Restore.
2.    Boot in the Safe mode.
3.    Go to Add/Remove Programs and remove any programs referencing “W32/SillyFDC,” “Worm.IM.Sohanad” or “Khatarnak.exe (if any)
4.    Run Task Manager and kill the process (if any) relating to these exe
5.    Search the hard drive with the name corresponding to khatarnak.exe, songs.exe and pictures.exe etc.
6.    Type msconfig in the Run box and remove checkmarks next to any “Khatarnak.exe” or “XSafe.exe” entries on the “Startup” tab
7.    Run the Registry Editor and delete the following entries (if any):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\Security\”Security” = “[BINARY DATA]”
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\”Type” = “1″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\”Start” = “3″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\”ImagePath” = “%Windir%\Fonts\srskl.fon”
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\”ErrorControl” = “0″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\srskl\”DisplayName” = “srskl”
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\Security\”Security” = “[BINARY DATA]”
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\”Type” = “1″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\”Start” = “3″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\”ImagePath” = “%Temp%\~dwphx.tmp”
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\”ErrorControl” = “0″
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\DogKiller\”DisplayName” = “DogKiller”

8.    Reboot

 The virus should have gone
Posted by at No comments:

Get Rid of autorun.inf

Almost all of us have come across this Autorun.inf virus file that infects our system from the USB drive. Autorun.inf is a file that contains instructions or commands of how the virus should be executed to infect Windows.

Thus protection against Autorun.inf is as important as it is against any virus. But it is quite difficult to guess whether the drive attached has Autorun.inf inside it or not without opening it. So here is a tool that will detect the Autorun.inf virus prior to the usage of USB drive.
USB FireWall from Net Studio is a tool that will stop the execution of all the malicious programs whenever an external drive is attached. The application runs in background task and alerts you immediately in case of try of intrusion.

It is specially designed for the Autorun.inf virus and warns you if the drive have one. You can now delete it from the USB without opening it.
Features:
•    Require no definition updates
•    Best for USB drives
•    Free and safe

download it from here
Posted by at No comments:
Posted: 04 Sep 2009 05:51 AM PDT
DVD Logo
CD/DVD are optical storage media easily gets corrupted or damaged. CD & DVD discs have low durability and single scratch on CD/DVD will permanently damage your data. In past we have reviewed Recover Disc to recover damaged/corrupted CD or DVD.
Here is yet another freeware tool CD Recover ToolBox for recovering damaged files from different disk types: CD, DVD,HD DVD, Blu-Ray, etc. You can use it to restore information lost as a result of some mechanical damage of the disk (scratches, chips, different spots on thesurface) or as a result of incorrect recording. Thus, the program can recover data that was considered lost.

Features of CD Recovery ToolBox

1. Recovering information from any CD and DVD disks
2. Recovering files larger than 4 Gb
3. Detecting possible lack of free space on the hard disk for storing the recovered files

CD Recovery ToolBox

CD Recovery Toolbox
Download CD Recovery ToolBox
Posted by at No comments:

Usefull Websites to play With photos

WATERMARK

So after spending the day snapping like crazy, the photographer comes up against a new problem – copyright. As a freelance writer, I discovered my work stolen by two websites on two separate occasions when playing with CopyScape. The feeling of anger and to be honest, helplessness is awful.
What can you do? It’s the internet and tracking down someone is like looking for a needle in a haystack. However, with photographs the creators can protect them by adding in a watermark that will stop people from stealing their work.
watermark
A great (and free) online tool I found that can do this is a photography website called Watermark. This has a good free account option with the ability to upgrade to the premium account if you so wish. The free account does all you would really need. You can mark multiple photos at once and you can customise the watermark with different text, colours, size and effects as seen in the screenshot.
The only bad parts to the free account that you would notice is that a picture cannot be any larger than 0.5Mb which shouldn’t obstruct you much if you’re only posting them online. Also, it doesn’t save your watermark for when you come back later.
Both Karl and Jim have discussed watermarking alternatives here and here.

Fotopedia

Finally when the photograph has been taken, edited, resized and protected there comes the time to publish it. Sure, one could indeed use Flickr or perhaps a personal blog but for me, Fotopedia stands out from the rest.
fotopedia
With Fotopedia, photographs are organised and even voted upon by users as one of the main features to determine which ones should represent each category. Many of the photographs actually come from other web services such as Flickr as seen under them in the photographer’s credit area. You’re assured that you’re getting the best of the best however, as irrelevant or low quality photos are removed from the categories via the user vote system.


photofunia
 


PhotoFunia lets you add cool photo effects to your pictures online wihin a matters of seconds. PhotoFunia provides you with a huge collection of templates where you can insert a face of your choice. Select the template, uplod your pic, and let PhotoFunia do the hard work and add your face to the template. Once the image is ready you can download and save it to your computer.

cool photo effects
Features:
  • Add cool photo effects and create funny face photo montages online.
  • Generate as many pictures as you like.
  • Supported image formats: JPG, PNG and GIF.
  • Maximum allowed image size is 500 KB.
  • Chhose between 70 funny photo templates and more being added.
  • Save pictures to your hard drive using “Save as” option (right click on the image).
  • Check out photos created by other PhotoFunia users.
Here are a couple samples created using Photfunia
photo effects online
photofunia
Check out PhotoFunia @ http://www.photofunia.com/


Dumpr and FunPhotoBox

Dumpr is another website that lets you choose the effect, upload your photo and get instant results. FunPhotoBox is also similar in concept. Together, all three sites give you plenty of effects and options to choose from and get the perfect effect you were looking for, according to your photo.

Mosaics and Collages

If you would like to create a photo mosaic or collage, check out pixisnap and photovisi. Photovisi is excellent for collages where as pixisnap can be used for creating photomosaics as well as collages. Also check out these cool photomosaic software.

TiltShiftMaker

TiltShiftMaker allows you to transform your real life photo scenes into miniature models. Just upload the photo, choose the area to focus on and presto you have your effect.
Looks great on photos of city scenes, mountains where the whole aspect of the scene has been captured in the image as opposed to a single object.

FotoCrib

A photo effect, editing and photo enhancing web application that allows you to create montages, convert images from one format to another, create rounded corners, add 3d effects, create photo puzzles and much more.

Genopal – pic2graphics

It is said that color represents the mood of the photo. Pic2graphics allows to take colors(and thus the mood) of a photo and apply it to some other photo.

befunky

BeFunky lets you give various artistic effects to your photos. Just choose an effect, upload the photo, tweak some settings and you have an instant professional sketch or cartoon or an ink drawing!

Picascii and Photo2Text

Simple and fun, upload an image and convert it into asciiart.
Posted by at No comments:
Subscribe to: Posts (Atom)