(( radius in me ))
It's not you, it's me!
Thursday, July 29, 2010
:: enable / disable regedit - immediately ::
found this great tool & registry hack while browsing yesterday..
http://www.taskmanagerfix.com/enable-disabled-regedit
http://www.taskmanagerfix.com/enable-disabled-regedit
Monday, May 26, 2008
A guide on how-to remove Virus Mawar or AhPaw.js or len.js (any fuckin' autorun JS script!)
It's not actually a virus.
It's just a script made by script kiddos to make some fun on your computer. Trend Micro rate it as a malware and give a name JS_AUTORUN.ABE
(http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JS%5FAUTORUN%2EABE&VSect=P)
Symtomps:
1. Your Windows Explorer / Internet Explorer window title changed to Mawar.js / AhPaw.js
2. When you right-click any drive inside My Computer, be it C drive or USB flash drive, the default option which is "Open" is not the first choise & it's not in BOLD. It will come up with "Op%n" or "Search" instead of Open.
3. Double clicking the drive won't open it. Instead it will perform another function such as "Search" etc.
4. You have to go to the address bar and select your drive from the small arrow icon to open it, instead of double-clicking the drive.
5. etc. etc
It's caused by the Autorun.ini which resides inside the drive.
--- OK.. now end that shit ..let's go to removal instruction. Some additional tools (Hijackthis, CCleaner, Spybot S&D, WinPatrol) may help but I prefer manual removal.
It's just a script made by script kiddos to make some fun on your computer. Trend Micro rate it as a malware and give a name JS_AUTORUN.ABE
(http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JS%5FAUTORUN%2EABE&VSect=P)
Symtomps:
1. Your Windows Explorer / Internet Explorer window title changed to Mawar.js / AhPaw.js
2. When you right-click any drive inside My Computer, be it C drive or USB flash drive, the default option which is "Open" is not the first choise & it's not in BOLD. It will come up with "Op%n" or "Search" instead of Open.
3. Double clicking the drive won't open it. Instead it will perform another function such as "Search" etc.
4. You have to go to the address bar and select your drive from the small arrow icon to open it, instead of double-clicking the drive.
5. etc. etc
It's caused by the Autorun.ini which resides inside the drive.
---
code removed: http://pastebin.ca/1910347
---
--- OK.. now end that shit ..let's go to removal instruction. Some additional tools (Hijackthis, CCleaner, Spybot S&D, WinPatrol) may help but I prefer manual removal.
REMOVAL INSTRUCTION
-------------------
1. Disable System Restore
(Right click My Computer --> Properties --> System Restore --> check at the Turn Off System Restore box --> OK
2. Restart your computer in Safe Mode
(Restart PC, while Windows tried to load, Press F8 repeatedly and choose the 1st option - "Safe Mode"
3. Login to your computer
4. Unhide all Hidden Files and protected Operating System Files
- Go to My Computer
- Click Toools --> Folder Options... --> View
- Check the "Show hidden files and folders" radio button
- Check the "Hide protected operating system files (Recommended) button
- Click OK to apply the changes
5. Go to My Computer --> C:\ drive (or any additional/removable drive) and..
- Find autorun.ini and DELETE it!
- Find VirusMwrdy.js (if any) and DELETE it!
- Find ahpaw.js (if any) and DELETE it!
6. Go to My Computer again, and right-click C:\ drive
- Click Properties --> Disk Cleanup --> More Options --> System Restore --> Cleanup.. --> click Yes when asked --> Click OK
7. Run Registry Editor
- Click Start -- > Run --> type in regedit
- Highlight at the My Computer icon and press Ctrl+F to start search
- now.. when the search box appears, type VirusMwrdy.js (for Virus Mawar) OR ahpaw.js (For AhPaw.js) and let the system search for the key
- delete all the key once detected
- repeat the search function again and again until you sure that the key is completelty removed.
- ***For virus Mawar, you may need to find additional key -- mawar (and search it over again)
- ***For AhPaw.js you may try to find alternative key -- ahpaw (and search it over again)
8. Read again from steps 1 if you missed any. Now you can safely reboot your computer and login to Windows as normal.
To restore back window title/Internet Explorer title bar you'll need to remove this entry from Registry:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
look at the string value: Windows Title and safely remove it.
Please let me know if you have additional info or send me some winks if you found this article helps.
Thanks
ripped from switch
#shell @ FreeNode
irc.freenode.net:6667
-------------------
1. Disable System Restore
(Right click My Computer --> Properties --> System Restore --> check at the Turn Off System Restore box --> OK
2. Restart your computer in Safe Mode
(Restart PC, while Windows tried to load, Press F8 repeatedly and choose the 1st option - "Safe Mode"
3. Login to your computer
4. Unhide all Hidden Files and protected Operating System Files
- Go to My Computer
- Click Toools --> Folder Options... --> View
- Check the "Show hidden files and folders" radio button
- Check the "Hide protected operating system files (Recommended) button
- Click OK to apply the changes
5. Go to My Computer --> C:\ drive (or any additional/removable drive) and..
- Find autorun.ini and DELETE it!
- Find VirusMwrdy.js (if any) and DELETE it!
- Find ahpaw.js (if any) and DELETE it!
6. Go to My Computer again, and right-click C:\ drive
- Click Properties --> Disk Cleanup --> More Options --> System Restore --> Cleanup.. --> click Yes when asked --> Click OK
7. Run Registry Editor
- Click Start -- > Run --> type in regedit
- Highlight at the My Computer icon and press Ctrl+F to start search
- now.. when the search box appears, type VirusMwrdy.js (for Virus Mawar) OR ahpaw.js (For AhPaw.js) and let the system search for the key
- delete all the key once detected
- repeat the search function again and again until you sure that the key is completelty removed.
- ***For virus Mawar, you may need to find additional key -- mawar (and search it over again)
- ***For AhPaw.js you may try to find alternative key -- ahpaw (and search it over again)
8. Read again from steps 1 if you missed any. Now you can safely reboot your computer and login to Windows as normal.
To restore back window title/Internet Explorer title bar you'll need to remove this entry from Registry:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
look at the string value: Windows Title and safely remove it.
Please let me know if you have additional info or send me some winks if you found this article helps.
Thanks
ripped from switch
#shell @ FreeNode
irc.freenode.net:6667
Labels:
ahpaw,
ahpaw.js,
autorun.ini,
mawar,
mawar.js,
removal,
tools,
virus,
VirusMwrdy.js,
windows
Saturday, March 1, 2008
:: increasing and lowering kernel securelevel in FreeBSD ::
1. to increase kernel securelevel just type:
sysctl kern.securelevel=1
OR
sysctl kern.securelevel=2
and so on
the results will be:
# sysctl kern.securelevel=1
kern.securelevel: -1 -> 1
# sysctl kern.securelevel=2
kern.securelevel: 1 -> 2
2. to lower the secure level you'll need to write the commands in /etc/rc.conf and have your machine rebooted
edit /etc/rc.conf and put these entries:
kern_securelevel_enable="YES"
kern_securelevel="-1"
# this is just an example to lower the securelevel to -1
and reboot
sysctl kern.securelevel=1
OR
sysctl kern.securelevel=2
and so on
the results will be:
# sysctl kern.securelevel=1
kern.securelevel: -1 -> 1
# sysctl kern.securelevel=2
kern.securelevel: 1 -> 2
2. to lower the secure level you'll need to write the commands in /etc/rc.conf and have your machine rebooted
edit /etc/rc.conf and put these entries:
kern_securelevel_enable="YES"
kern_securelevel="-1"
# this is just an example to lower the securelevel to -1
and reboot
Sunday, January 27, 2008
:: change psybnc server messages ::
ever wanted to change the default message such as simon says: rehashing (while you delete psybnc user) and changing server (while you use /jump ?)
here is the tricks..
edit psybnc/lang/english.lng and find the appropriate words to change
you will need to compile your psybnc again by using make or gmake in order for the changes to take effects
cheers
here is the tricks..
edit psybnc/lang/english.lng and find the appropriate words to change
you will need to compile your psybnc again by using make or gmake in order for the changes to take effects
cheers
Thursday, January 24, 2008
:: upgrade FreeBSD 6.2 system from RELEASE to STABLE ::
upgrade FreeBSD 6.2 OS from RELEASE branch to STABLE branch made easy by following the guides below:-
1. simple yet efficient guidance on upgrade process (use other browser than IE to open this site)
http://lofotenmoose.info/bsd/note/upgrading-from-release-to-stable/
-- the site describe upgrading FreeBSD through cvsup, which mean cvsup must
first be installed to the system
(you can install it through ports: /usr/ports/net/cvsup)
-- define FreeBSD release tag in stable-supfile configuration:
*default release=cvs tag=RELENG
-- replace RELENG with RELEASE Tags which you can refer from here:
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/cvs-tags.html
2. official FreeBSD Handbook on buildworld/upgrading
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/makeworld.html
Friday, November 23, 2007
::locate database error::
$ locate
locate: database too small: /var/db/locate.database
solution:
cd to /etc/periodic/weekly
and then:
$ ./310.locate
it should build up the database now
locate: database too small: /var/db/locate.database
solution:
cd to /etc/periodic/weekly
and then:
$ ./310.locate
it should build up the database now
Wednesday, October 17, 2007
::installing adobe reader 8.1.1 for slackware linux::
installing adobe reader 8.1.1 for slackware linux
since there is no Adobe Reader package (*.tgz) for Slackware, we have to compile it from source *.tar.gz
1. download the source at Adobe Reader Homepage
2. select the source and download it
Operating System: Linux
Select a version: Linux x86 (.tar.gz)
Select a language: English
3. once download finish, cd to the directory of downloaded file and issue:
tar -zxvf adobe-reader-version.tar.gz
e.g
$ tar -zxvf AdobeReader_enu-8.1.1-1.i486.tar.gz
AdobeReader/
AdobeReader/INSTALL
AdobeReader/ReadMe.htm
AdobeReader/COMMON.TAR
AdobeReader/ILINXR.TAR
4. cd to AdobeReader/ and run:
./install
5. once asked, specify where do you want Adobe Reader to be installed. By default, on Linux, Adobe Reader is installed in /opt/Adobe. But I choose mine on /usr/lib/adobe
6. cd to the installation path (e.g /opt/Adobe or /usr/lib/adobe) and run:
$ acroread
(or you may double click Adobe Reader icon at the Desktop)
7. I do have minor issue while installing the reader saying that Adobe Reader cannot find gtk library.
Error: "Unable to find the HTML rendering library (libgtkembedmoz)."
explanation from Adobe.com:
This happens if acroread was unable to find libgtkembedmoz.so and related component files on your system.
solution is here
what is libgtkembedmoz library for?
- This library is required for rendering HTML content in Adobe Reader.
since I got Mozilla Firefox installed, i just search for file name libgtkembedmoz and point Adobe Reader to its directory
$ locate libgtkembedmoz
/usr/lib/seamonkey-1.1.4/libgtkembedmoz.so
8. open Adobe Reader >> Edit >> Preferences >> Internet >> libgtkembedmoz Folder >> put in the directory (e.g /usr/lib/seamonkey-1.1.4/), click OK and you're done!
since there is no Adobe Reader package (*.tgz) for Slackware, we have to compile it from source *.tar.gz
1. download the source at Adobe Reader Homepage
2. select the source and download it
Operating System: Linux
Select a version: Linux x86 (.tar.gz)
Select a language: English
3. once download finish, cd to the directory of downloaded file and issue:
tar -zxvf adobe-reader-version.tar.gz
e.g
$ tar -zxvf AdobeReader_enu-8.1.1-1.i486.tar.gz
AdobeReader/
AdobeReader/INSTALL
AdobeReader/ReadMe.htm
AdobeReader/COMMON.TAR
AdobeReader/ILINXR.TAR
4. cd to AdobeReader/ and run:
./install
5. once asked, specify where do you want Adobe Reader to be installed. By default, on Linux, Adobe Reader is installed in /opt/Adobe. But I choose mine on /usr/lib/adobe
6. cd to the installation path (e.g /opt/Adobe or /usr/lib/adobe) and run:
$ acroread
(or you may double click Adobe Reader icon at the Desktop)
7. I do have minor issue while installing the reader saying that Adobe Reader cannot find gtk library.
Error: "Unable to find the HTML rendering library (libgtkembedmoz)."
explanation from Adobe.com:
This happens if acroread was unable to find libgtkembedmoz.so and related component files on your system.
solution is here
what is libgtkembedmoz library for?
- This library is required for rendering HTML content in Adobe Reader.
since I got Mozilla Firefox installed, i just search for file name libgtkembedmoz and point Adobe Reader to its directory
$ locate libgtkembedmoz
/usr/lib/seamonkey-1.1.4/libgtkembedmoz.so
8. open Adobe Reader >> Edit >> Preferences >> Internet >> libgtkembedmoz Folder >> put in the directory (e.g /usr/lib/seamonkey-1.1.4/), click OK and you're done!
Subscribe to:
Posts (Atom)