Monday, May 25, 2009

Cannot See Hidden Files or Folders :

When we select the radio button “Show hidden files and folders”, and then press Ok .. the changes done just disappear upon opening the dialog again. It was probably some virus attack after which the Windows registry was not being updated properly. So here is what I did to restore it back. There are so many methods to restore back the registry. If one method is not working, please try another one.

Method 1:

Go to registry editor by running regedit in the run box.
Go to this key:
In the right hand area, double click hidden and change the value to 1.
Now you’re all set to go. Check it in your tools menu if the changes have taken effect

Method 2:

1. Click “Start” -> “Run…” (or press Windows key + R)
2. Type “regedit” and click “Ok”.
3. Find the key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\
4. Look at the “CheckedValue” key… This should be a DWORD key. If it isn’t, delete the key.
5. Create a new key called “CheckedValue” as a DWORD (hexadecimal) with a value of 1.
6. The “Show hidden files & folders” check box should now work normally. Enjoy!

Method 3:

If None of the methods mentioned above work try using :

Read more!

Watch Changes to your Facebook Account with Fosimo:


Fosimo is a small FREE and small facebook desktop client which lets you update facebook status, synchronize facebook friend list with outlook.
You will be notified about your friend status updates, get notifications for unread messages, new friend request and event invites and more important you can do all this without browsing the heavy and slow interface of facebook in browser.

Some Key Features Of Fosimo are:
* Change Facebook Status
* Chat with Friends
* View Facebook Friends Profile
* Synchronize Friends with Outlook contacts
* Upload Photos directly to facebook
* Get notified about Friends status updates
* Get new group invitations
* Get new event invitations
* Get notified about unread messages
* Update messages and pokes

The Program Autoupdate itself by default, so new features will be added automatically with time.

Download Fosimo

Read more!

Sunday, May 24, 2009, latest in a long line of Facebook scams


Facebook has been targeted in a new wave of phishing scams by someone who likes Austrian (,at) domain names.

The latest emails send viewers to the following Austrian registered domains:,,,, and Like phishing attacks before it, the message is usually something simple, such as a subject line of “Hello

If a user falls for the scam, the email is sent to their friends, and the cycle continues. So far it’s not clear exactly what the intentions are with the scam besides the harvesting of login details.

If you’re not sure if the Facebook email you’ve received contains a legitimate link, be sure to check the URL before logging in, or if still in doubt, don’t click on any links received via email, and log in to Facebook directly to follow up.
Read more!

YouTube infested with hundreds of porn videos

Video-sharing website YouTube has come under attack with hundreds of pornographic videos being uploaded onto its site.
The sexually explicit videos and inappropriate material were uploaded under the names of famous teenage celebrities like Hannah Montana and Jonas Brothers.
Many of the videos uploaded first started with footage of children's videos, and then continued on to adults performing graphic sex acts.
In one video titled ''Jonas Brother Live On Stage'', a user posted a comment saying: "I'm 12 years old and what is this?"

Under other uploaded videos, online users posted comments such as: "Take the tags off, you''ll get us caught."

Another said: "Your gonna kill us all!"

The raid on the website has shown how easy it is to upload porn onto a site, which is viewed by millions of people on a daily basis.

And as the videos were being uploaded, many viewers added them to their favourites and rated them highly.

One of the users believed to have uploaded the pornographic material videos was 21-year-old Flonty from Germany.

"I did it because YouTube keeps deleting music. It was part of a 4Chan raid," the BBC quoted him as saying.

4Chan is a bulletin board focusing on Japanese manga and anime, but some of its more extreme sections have been described on online message boards as "sick" and "horrifying stuff".

"Anything and everything can, and usually does, happen here. We have our very own unique culture, and there is no group quite like us anywhere out there," he said.

Flonty was asked if he was concerned that children could freely watch such inappropriate material on YouTube.

"Children will find inappropriate material around the internet anyway," he replied.

"This kind of raid showed how easy it is to upload porn to a website that millions of people browse on a daily basis," he added.

YouTube owner Google said that it was aware and addressing the problem.

"We are aware of the slew of pornographic videos that were uploaded," Google spokesman Scott Rubin said.

"We are addressing them as we would any video that violates our community guidelines.

"In addition, any account we discover that has been set up specifically to attack YouTube will be disabled," he added.
Read more!

Friday, May 22, 2009

"Find on This Page” Does Not Work in Internet Explorer 8

When you use the Find on this Page… option in the Edit menu, or use the CTRL + F shortcut in Internet Explorer 8, the Find bar may not display. The space where the Find bar is to appear may be expanded correctly, but the Find bar does not show up and the toggle does not work.

Also when you click the Favorites Center button, the Favorites, Feeds and History tabs may be missing.

Click Start, Run and type the following command:
regsvr32 oleacc.dll

Press ENTER. You should now see the following message:

DllRegisterServer in oleacc.dll succeeded.

Open a new Internet Explorer window and check if the Find bar shows up correctly.

Read more!

"Task Manager has been disabled by your administrator."


Enable Your Task Manager One Easy Step :

Enable or Disable Task Manager for the Current User...

[Courtesy of MS-MVP Doug Knox]

If the method mentioned above does not work, You might try

* Open Registry Editor (Regedit.exe) and navigate to:

HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies\ System

* In the right-pane, double-click DisableTaskMgr and set it's data to 0
Read more!

Yahoo Messenger Virus: Sends Messages to Friends in Friend list :

It is one of the most powerful Trojan /virus I have ever seen.. If your computer is infected with this virus " It will sends the url to all of your friend list in yahoo messenger using your ID . So with in few hours many of your friends will get infected with it.

I don't know the actual target of the idiot who created it. May be to advertise his site or to steal very imp data from your computer. I resolved the problem manually from 2 infected PC's. Just go through the below steps carefully.

What are those links ?: or other (Do not open this url in your browser).

If you are infected with it what is going to happen ?

1: It sets your default IE page to, you can’t even change it back to other page. If you open IE from your comp some malicious code will automatically executed into your computer.

2: It will disables the Task manager / reg edit. So you can’t kill the Trojan process anymore.

3: Files that are gonaa installed by this virus are svhost.exe , svhost32.exe , internat.exe.

you can find these files in windows/ & temp/ directories.

4: It will sends the secured & protected information to attacker

How to remove this manually from your computer ?

1: Close the IE browser. Log out messenger / Remove Internet Cable.

2: To enable Regedit

Click Start, Run and type this command exactly as given below: (better - Copy and paste)

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f

3: To enable task manager : (To kill the process we need to enable task manager)

Click Start, Run and type this command exactly as given below: (better - Copy and paste)

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /f

4: Now we need to change the default page of IE though regedit.


From the below locations in Regedit chage your default home page to or other.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main

HKEY_ LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main

HKEY_USERS\Default\Software\Microsoft\Internet Explorer\Main

Just replace the attacker site with or set it to blank page.

5: Now we need to kill the process from back end. Press Ctrl + Alt + Del

Kill the process svhost32.exe . ( may be more than one process is running.. check properly)

6: Delete svhost32.exe , svhost.exe files from Windows/ & temp/ directories. Or just search for svhost in your comp.. delete those files.

7: Go to regedit search for svhost and delete all the results you get.

Start menu > Run > Regedit >

8: Restart the computer. That’s it now you are virus free.

I don’t know whether any removal patch that works for this Trojan/virus. But we can easily delete it manually.
Read more!

Shutdown Missing from Start Menu :

To resolve the issue, perform the following:

Click Start, Run.
Type gpedit.msc and click OK.
Navigate to the following path:

User Configuration\Administrative Templates\Start Menu and Taskbar

Double-click "Remove and Prevent Access to the Shut Down command"
Select "Not configured" or "Disabled"
Close Group Policy window.

Read more!

Fix : Dangerous Virus Detected in C:


I recently fixed a machine that got infected by a virus that works like this: every time you click on a directory, an error message gets displayed that goes like this:

Attention, [name]! Some dangerous trojan horses detected in your system. Microsoft Windows XP files corrupted. This may lead to the destruction of important files in C:\WINDOWS. Download protection software now!

This error message is then followed by a dialog box. Clicking on it takes you to the website (WARNING: The website is a FAKE meant to deceive the visitor into downloading and executing a program that will create more virii. Do not interact with it).

After what seemed like hours of research I finally came upon the FixIEDef program developed by ShadowPuterDude of Malwareteks program developed by ShadowPuterDude of Malwareteks. Ran it, it was bye bye virus.
Read more!

Double Click on Drives opens Search / Open with Dialog Box :

This type of problem normally occurs because some virus called ‘PET32.exe’ , or it can also occur due some other virus which disrupt the windows registry.
Lets see how can we fix this problem.


If search/open with opens when you double click on folder in windows explorer, then see the fix below:
We need to repair some registry entry damaged by virus corresponding to windows shell. Follow the steps below:

1. Open Start >> Run or press Window Key + r , this will open the run prompt.

2. Type “regedit” ( without quotes ) and press Enter.

3. Navigate to key:

4. Double the registry key named Default and set the value to none.

This will restore the normal windows explorer behavior of opening a folder when you double click a folder rather than opening windows search.

If search opens when you double click on any windows drive, then try this

1. Open Start >> Run or press Window key + r

2. Type “regsvr32 /i shell32.dll” ( without quotes ) and press Enter

After the command run successfully, you will see a message saying DllRegisterServer and DllInstall in Shell32.dll succeeded.

Rest of the Post which is hidden in
Read more!

How to Remove Koobface / Facebook Virus

What is Koobface?
Koobface is a malicious executable program that is commonly installed without user consent or knowledge. Koobface can be installed by itself or bundled with other infections. Koobface will often display frequent advertisements for bogus products or programs. The presence of Koobface can cause sluggish system performance, system freezes and/or crashes. Eventual system failure and blue screen could also be caused by Koobface. Koobface is not known to replicate itself at the time of this publication.How do I remove Koobface?

This Koobface Removal guide provides two Koobface removal options, automatic Koobface scanner and manual removal. Please see our Koobface manual removal warning before proceeding with manual removal.
Automatic Koobface scanner download

Click here to download Automatic Remover

Manual Koobface removal directions

Warning! Manual Removal of Koobface is intended to be used by advanced users only.

Follow directions below for Koobface removal manually:

Find and Stop Koobface Virus Processes: ctrl+alt+del -> Processes

* fbtre6.exe

Find and Remove Koobface Virus registry values:

* HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “c:\windows\mstre6.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run\”systray” = “C:\Windows\fbtre6.exe”

Find and Delete Koobface Virus Files:

* C:\\Windows\\fbtre6.exe

How did I get Koobface?

Unfortunately it is very difficult to pinpoint the exact distribution point of Koobface. However, common delivery tactics of Koobface could be, but not limited to: trojans, browser exploits, pc ports or other vulnerable access points. We have seen reports of Koobface being distributed through fake media codec downloads as well.
Common symptoms of Koobface?

Possible attributes and symptoms of Koobface are listed below.

* Koobface may push advertisements for rogue security applications
* Koobface may cause frequent popup advertisements
* Koobface may cause sluggish system performance
* Koobface may cause slow PC processing
* Koobface may cause Blue Screen
* Koobface may cause high CPU usage

How do I prevent Koobface?

Once you have cleaned up Koobface, the main tip in order to prevent Koobface and future malicious programs from returning is to stay suspicious of new websites you have never visited. Chances are you were tricked into downloading Koobface when you thought it was something else.

More tips to prevent Koobface from returning:

* Update Windows often
* Update Windows Security Settings
* Turn on Firewall Protection
* Update Anti-Spyware Software Frequently

What is the purpose of Koobface?

The creators or authors of Koobface have one sole objective in mind, money. Almost all forms of malicious code nowadays, with Koobface being no exception, are created to make a buck. The creators or authors of Koobface know that if then can distribute “x” amount of downloads of Koobface then Koobface will generate “y” amount of revenue. In addition, many of these Malware authors have been doing this awhile so they have perfected their conversion rates and will continue to do so.

Who is behind Koobface?

It is difficult to say exactly who is behind Koobface. Certain hypothesis can be created for Koobface though. Chances are the creators or authors of Koobface are located (or at least their servers are) somewhere in either Eastern Europe or China. However, Malware has been retraced back to almost every country in the world so it really difficult to gauge this with any type of accuracy.

Read more!

Page Cannot Be Displayed Error / Connection was Reset Error


"The Page Cannot be displayed error" in Internet Explorer and " The connection to the server was reset while the page was loading " error in Mozilla Firefox often bugs most of the users inspite of the very fact that they are sure they are connected to the internet. Accompanied with these errors are the problems such as the "Antivirus often stops updating" sites such as , stop opening...

If it is so then you are probably infected with conficker, or you are infected with the "" trojan.
Having Eset Smart Security on your system often will show an error message which is something like :

The Fix For "" trojan is :
*Go to Start > Control Panel > System > Hardware > Device Manager > View > Show Hidden Devices.

*Scroll down to “Non-plug and Play Drivers” and click the plus icon to open those drivers.

*Then search for “TDSSserv.sys”

*Right click on it, and select “Disable”

In simple terms, TDSSserv.sys is a service/server redirecting all software updates to (your own computer) so they won’t update.

Then try executing the Downloaded Anti-spy wares if they fail to execute try renaming them. I personally would suggest you to try Malwarebytes which is a freeware from :

If The file fails to execute then try RENAMING THE DOWNLOADED SETUP FILE !!

Read more!

How to detect / remove W32/conficker/downup/downadup Virus

What Is Conficker :
Conficker, aka Downadup and Kido, is one of those nasty worms that sneaks into your PC by taking advantage of holes in Windows MS08-067. Conficker gets into your PC and then stops you from being able to visit anti-virus and anti-spyware websites. This of course makes it difficult for you to remove the infection. Conficker also has the uncanny ability to copy itself when you reboot your machine. One of the worse things that this horrible worm does is to spread itself to other PC’s over your network. Microsoft attacked this problem by releasing a patch to fix the Windows flaw. It is very important that you install this Microsoft patch and get critical updates. You should also run scans frequently with anti-spyware and anti-virus software that you can trust.

How Do I Detect If I am Infected with Conficker
If You are unsure whether you are infected with conficker, these are the following symptoms :
1. If you cannot get into security websites and services, check your computer as soon as possible.
2. If suddenly there are tasks created and scheduled on your computer, you may want to check if you already have a CF Worm running on it.
3. If you are being denied access to shared admin, this is a symptom of the Worm.
4. If you are being locked out of directory, then that is just one symptom.
5. You Might Consider Taking the test by visiting the floowing site :

What does the Conficker worm do?
The Conficker worm has created secure infrastructure for cybercrime. The worm allows its creators to remotely install software on infected machines. What will that software do? We don’t know. Most likely the worm will be used to create a botnet that will be rented out to criminals who want to send SPAM, steal IDs and direct users to online scams and phishing sites.

The Conficker worm mostly spreads across networks. If it finds a vulnerable computer, it turns off the automatic backup service, deletes previous restore points, disables many security services, blocks access to a number of security web sites and opens infected machines to receive additional programs from the malware’s creator. The worm then tries to spread itself to other computers on the same network.

Steps of Removing W32/Conficker using Symantec Virus Removal Tool:

* Download Symantec W32.Downadup Removal Tool 1.1

* Disable System Restore and disconnect from the internet

* Run the tool to scan for Conficker worm

* Restart your computer and re-scan again to confirm there is no worm

I am not sure that these security tools can completely remove W32.Conficker from an infected system, but it surely is worth a try, so go for it.

3) Here is another W32.Conficker removal tool released just recently by McAfee, named as Stinger, which can remove 11 trojans including Conficker safely. Download McAfee’s Conficker Removal Tool.
Read more!

Label Cloud

Alexa Rank



Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com