I would like to share a very useful tool that I am using to restore deleted files (even emptied from recycle bin). I use this tool whenever I accidentally delete my files (for being stupid. haha).
This is a free tiny program that doesn't need to be installed.
Click here to download the tool
File information:
Filename: file_restoration.zip
File size: 164,299 bytes
MD5: B27AB9D8DF4BDA6E4D9D9FE280CD358E
note: the archive is password protected, password is: novirus
How to use:
1. Double click the Restoration.exe
2. Select a drive (location of the deleted file).
3. Input the filename of the file then click the "search deleted file" button.
4. Select a listed file.
5. Click "Restore by copying" button.
6. Specify the location you want to restore to.
Enjoy! ^_^
Monday, November 30, 2009
Multiple Yahoo Messenger
Do you have 2 or more yahoo accounts that you need to use in yahoo messenger at the same time? No Worries! This can be done in 1 machine (using Windows OS).
A simple trick to run yahoo messenger multiple times so you can use multiple accounts at the same time. All you have to do is modify something in windows registry.
Here are the steps:
1. Open Notepad.
2. Copy the following in the opened Notepad:
REGEDIT4
[HKEY_CURRENT_USER\Software\Yahoo\pager\Test]
"plural"=dword:00000001
Note: just replace the dword:00000001 to dword:00000000 if you want to disable multiple instance of yahoo messenger.
3. Save the file as MultipleYM.reg.
4. Locate and right click on the file MultipleYM.reg and click on Merge
5. Click Yes on the Prompt.
This trick does not need to restart Windows, you can now run the yahoo messenger multiple times and login all your accounts.
Enjoy! ^_^
A simple trick to run yahoo messenger multiple times so you can use multiple accounts at the same time. All you have to do is modify something in windows registry.
Here are the steps:
1. Open Notepad.
2. Copy the following in the opened Notepad:
REGEDIT4
[HKEY_CURRENT_USER\Software\Yahoo\pager\Test]
"plural"=dword:00000001
Note: just replace the dword:00000001 to dword:00000000 if you want to disable multiple instance of yahoo messenger.
3. Save the file as MultipleYM.reg.
4. Locate and right click on the file MultipleYM.reg and click on Merge
5. Click Yes on the Prompt.
This trick does not need to restart Windows, you can now run the yahoo messenger multiple times and login all your accounts.
Enjoy! ^_^
Sunday, November 29, 2009
Autorun Malware Protection
Windows has a feature known as AutoPlay and AutoRun. These features are designed to run applications automatically from devices such as disk drives, floppy drives, usb flash drives cd/dvd drives. This feature is dependent on a certain file "autorun.inf", which is a configuration file that contains information on application that will launch by Windows.
Example: Most disc installers uses the AutoPlay feature of Windows, it uses the file "Autorun.inf" so that once the disc is inserted in a cd/dvd drive, Windows will launch the setup of the installer from the disc automatically.
This feature is exploited by the malwares for its propagation routine, they usually drop a copy of itself in all drives (from A to Z) together with the file "Autorun.inf". Their objective is to infect the removable drives (such as floppy disk, flash drives, usb hard disks) so that when these infected drives are inserted to another machine with the AutoPlay/Autorun feature turned on, that machine will also be infected by the malware.
Here is the solution to block the autorun for all devices:
1. Open Notepad.
2. Copy the following to the Notepad:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\autorun.inf]
@="@SYS:DoesNotExist"
3. Save the file as DisableAutorun.reg.
4. Right click on the file DisableAutorun.reg and click on Merge
5. Click Yes on the Prompt.
6. Restart Windows to take effect.
For a brief explanation, this registry entry will make Windows tag the autorun.inf as not present in all drives, like it doesn't exist.
Example: Most disc installers uses the AutoPlay feature of Windows, it uses the file "Autorun.inf" so that once the disc is inserted in a cd/dvd drive, Windows will launch the setup of the installer from the disc automatically.
This feature is exploited by the malwares for its propagation routine, they usually drop a copy of itself in all drives (from A to Z) together with the file "Autorun.inf". Their objective is to infect the removable drives (such as floppy disk, flash drives, usb hard disks) so that when these infected drives are inserted to another machine with the AutoPlay/Autorun feature turned on, that machine will also be infected by the malware.
Here is the solution to block the autorun for all devices:
1. Open Notepad.
2. Copy the following to the Notepad:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\autorun.inf]
@="@SYS:DoesNotExist"
3. Save the file as DisableAutorun.reg.
4. Right click on the file DisableAutorun.reg and click on Merge
5. Click Yes on the Prompt.
6. Restart Windows to take effect.
For a brief explanation, this registry entry will make Windows tag the autorun.inf as not present in all drives, like it doesn't exist.
Well, this is only tested on Windows XP, I haven't tried it in Windows Vista or earlier version.
===========================================
Update - March 15, 2011 - 6:00 AM PST
This is tested only in Windows XP and is _NOT_ applicable on Windows 7.
For Windows 7 instructions please click below:
Phishing on Facebook
To all facebook users, beware if one of your friends post a message in your wall with links, there are several reports that malwares are using facebook to redirect a user to a phishing site to steal your facebook account's password.
Here's the example of the message with the malicious link that might be posted on your wall:
note: The message and link may change but it will still point the user to the phishing site.
Once you click the link, it will redirect you to a fake facebook site (phishing site), entering your email and password to this fake facebook site will expose your facebook account to the hacker (owner of phishing site).
Fake facebook website (Phishing site):
Please always check the address bar on your browser that the domain site you are viewing is from facebook before logging in. (it should be http://www.facebook.com/ _NOT_ http://-somethingelse-/facebook.com)
Here's the example of the message with the malicious link that might be posted on your wall:
- http://WWW.SHRINKURL%2EUS/ntrurpwkthx?2230
Once you click the link, it will redirect you to a fake facebook site (phishing site), entering your email and password to this fake facebook site will expose your facebook account to the hacker (owner of phishing site).
Fake facebook website (Phishing site):
- http://122.141.86.112/facebook.com.login.php
Please always check the address bar on your browser that the domain site you are viewing is from facebook before logging in. (it should be http://www.facebook.com/ _NOT_ http://-somethingelse-/facebook.com)
Subscribe to:
Posts (Atom)
