If you don't have perl installed on your system then you can download from these following links:
For more download options look for following link:
Sunday, August 7, 2011
Removing Autorun Newfoder.exe virus from your system
To remove this virus please follow the below steps:
- Search for autorun.inf file in your computer. If it's in read only mode, then change it by right clicking on it and then in properties uncheck the "Read Only" option.
- Now open it in notepad and delete all data in it and save it.
- Don't forget to change the status to "Read only" mode , so that virus can't modify it again.
- Click on Start -> Run -> gpedit.msc.
- User configuration -> Administrative template -> system -> Turn off autoplay -> Enable ( For all drives) refer to this link for more detail.
- Start-> Run->msconfig
- Startup tab & services -> search regsvr.exe and un-check all and click OK.
- select exit without restart.
- Control panel -> Scheduled tasks -> delete the Atl task, if listed there.
- Start -> run -> regedit
- Edit ->find -> search for regsvr.exe. Delete all regsvr.exe occurrences.
- Don't delete Explorer.exe if regsvr.exe appears with it. Delete only regsvr.exe.
- Goto [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] and modify value in Shell = Explorer.exe regsvr.exe and delete regsvr.exe from here.
- Now search for all occurrences of regsvr.exe in your system and delete them.
- Search for "svchost .exe" ( remember space between svchost & .exe) and delete all occurrences.
- Also search for "*.exe" and remove all virus affected files, don't remove any legitimate file( any installer file).
- Restart the system and enjoy..
For more detail on handling autorun.inf file, if you have option set for "don't show hidden files" and you are not able to see autorun.inf file then use following link for removing autorun.inf file.
Some more links you may be interested in:
Disabling Autorun/Autoplay using Registry editor
To get rid off virus affecting your system because of autoplay of drives please use below steps:
1. Type regedit on run prompt.
2. Navigate to below location:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
3. you will find a key value as "NoDriveTypeAutoRun" , which is one byte value.
4. Please set the value of key as "95" Hex value to disable autorun on removable media and Network drives.
 |
| Regedit |
Value Meaning
0x1/0x80 Disables AutoRun on drives of unknown type
0x4 Disables AutoRun on removable drives
0x8 Disables AutoRun on fixed drives
0x10 Disables AutoRun on network drives
0x20 Disables AutoRun on CD-ROM drives
0x40 Disables AutoRun on RAM disks
0xFF Disables AutoRun on all kinds of drives
If any of the bit is set into this hex valye, that type of drive will be disabled for autorun.
Bit Type of Drive
0/7 UNKNOWN
1 NO ROOT DIR
2 REMOVABLE
3 FIXED
4 REMOTE
5 CDROM
6 RAMDISK
For setting values you must always add 0x80 to the value of drive you want to set for.
A few examples for setting values:
for removable drives: 0x80 + 0x04 = 0x84 ( Hexadecimal addition)
for removable & fixed drives : 0x80 + 0x04 + 0x08 = 0x8C
for removable + fixed drives +CD ROM = 0x80 + 0x04 + 0x08 +0x20 = 0xAC(1010 1100)
For changing Autorun option using Group policy please refer to following links:
Disabling autoplay option in Windows XP using Group Policy
turning-off-autoplay-on-all-drives
Disabling autoplay option in Windows XP using Group Policy
turning-off-autoplay-on-all-drives
Disabling autoplay option in Windows XP using Group Policy
Use following option to disable autoplay in ur system:
1. type gpedit.msc in run window and enter.
2. then goto Computer configuration->Administrative template -> System
3. Then in right side u will find Turn off autoplay
4. Double click on that and check "enabled" and select for "all drives"
5. Now click on apply and OK.
6. Similarly follow above steps step 3 to step 5 for
User configuration ->Administrative template -> System
7. This setting for "User Configuration" is must.
Steps for Advanced Users / System Admins:
if you want to Modify using registry edit then please goto this link.
Disabling Autoplay_Autorun using Registry editor for Advanced Users
Now when you insert any pendrive or any other media it will not be played automatically and you will be safe from Viruses.
1. type gpedit.msc in run window and enter.
2. then goto Computer configuration->Administrative template -> System
3. Then in right side u will find Turn off autoplay
5. Now click on apply and OK.
6. Similarly follow above steps step 3 to step 5 for
User configuration ->Administrative template -> System
7. This setting for "User Configuration" is must.
Steps for Advanced Users / System Admins:
if you want to Modify using registry edit then please goto this link.
Disabling Autoplay_Autorun using Registry editor for Advanced Users
Now when you insert any pendrive or any other media it will not be played automatically and you will be safe from Viruses.
Labels:
How to's,
PC tips and tricks,
Security,
Shell Command,
Virus Stuff,
windows,
XP Tricks
2
comments
2
comments
Wednesday, March 30, 2011
Cygwin Installation
Cygwin is
This can be downloaded and installed from Cygwin website. Click Here to download.
While you are installing it will ask for package downloading, which you can download from internet or if you already have downloaded then you can give the local path. Now it will ask for packages to be installed. Just select the packages for installation.
For more information refer to this site.
It provides many linux tools like ls
- a collection of tools which provide Linux kind of environment for windows.
- a DLL which provides substantial Linux API functionality.
This can be downloaded and installed from Cygwin website. Click Here to download.
While you are installing it will ask for package downloading, which you can download from internet or if you already have downloaded then you can give the local path. Now it will ask for packages to be installed. Just select the packages for installation.
For more information refer to this site.
It provides many linux tools like ls
LS: unix command for listing files and directories
ls is a command to list files and directories in Unix and unix like systems.
if it is invoked without any arguments then will list files and folders in current working directory in bare format. In this bare format its difficult to distinguish files and folders and other parameters.
FORMAT: ls [Options] [Filename]
Following are the most common options to be used with "ls".
-a : Include all files even which are starting with "."(Hidden files in Unix ), by default they are ignored.
-l : Long format, lists permissions in unix format, size, owner , date modified etc.
-F : Appends a character to reveal the type of file e.g. * for executables '/' for directory
-R : list recursively all the directories and files
-R : list recursively all the directories and files
-d : list directories instead of content
-t : sort by modification time
-h : Print size in human readable format like 1M, 4G ( Use with -l)
Example:
For listing files and directories with their parameters like size permissions and all.
> ls -l
For listing in as ls -l along with size in human readable format..
>ls -h -l
Note: ls can also be used in windows environment with cygwin installation.
CACLS command for windows changing mode permission
It is a command line utility which displays and modify Access Control Lists (ACLs) in windows environment(Microsoft windows NT) of files and folders. An Access Control List is a list of permissions for securable object, such as a file or folder, that controls who can access it.
XCACLS.exe : It's a updated version for cacls for windows 2000 and later.
CACLS filename [/T] [/E] [/C] [/G user:perm] [/P user:perm [...]] [/D user [...]]
Options:
filename: Name of the file to be modify ( * wildcard for all files )
/T Changes ACLs of specified files in the current directory and all subdirectories.
/E Edit ACL instead of replacing it.
/C Continue on access denied errors.
/G user:perm Grant specified user access rights.
/P user:perm Replace specified user's access rights.
/D user Deny specified user access.--
Perm can be:
N None
R Read
W Write
C Change (write)
F Full control
Examples:
1: to replace ACL with Full access permission to current directory and all subdirectories for user "test"
>cacls * /T /P test:F
2. To edit ACL for particular user "test" with Change access for abc.text file without changing other permission.
> cacls abc.text /E test:C
Also look for chmod a linux command for changing file permissions.
Tuesday, March 8, 2011
Sending AT commands using microsoft hyperTerminal
MS Hyperterminal is a small program which can be used for sending AT commands to ur GSM/3G phone connected as modem to ur PC. For linux users minicom can be used as HyperTerminal.
for getting hyper terminal in windows Vista and 7 use this link
Hyperterminal can be found in start->programs->accessories->communications->Hyperterminal
You should first check ur device whether it's connected properly, and working fine or not.
Now you should set up ur device as modem. In Hyper terminal you can start a new connection and select the com port where your device is appearing (check in device manager).
Now you can send the AT commands to ur device.
Now you should Type "AT" in the main window.
A response "OK" should be returned from the modem.
Now type "AT+CPIN?" in the main window.
The AT command "AT+CPIN?" is used to query whether the modem is waiting for a PIN ( i.e. password). If the response is "+CPIN: READY", it means the SIM card doesn't require a PIN and its ready for use.
else you can set the PIN using "AT+CPIN=<pin>"
for getting hyper terminal in windows Vista and 7 use this link
Hyperterminal can be found in start->programs->accessories->communications->Hyperterminal
You should first check ur device whether it's connected properly, and working fine or not.
Now you should set up ur device as modem. In Hyper terminal you can start a new connection and select the com port where your device is appearing (check in device manager).
Now you can send the AT commands to ur device.
Now you should Type "AT" in the main window.
A response "OK" should be returned from the modem.
Now type "AT+CPIN?" in the main window.
The AT command "AT+CPIN?" is used to query whether the modem is waiting for a PIN ( i.e. password). If the response is "+CPIN: READY", it means the SIM card doesn't require a PIN and its ready for use.
else you can set the PIN using "AT+CPIN=<pin>"
Alternatives for Hyper Terminal in windows vista and Windows7
for getting hyper terminal in windows Vista and 7 use this link or you can use following options:
> windows remote shell (WinRS)
> use phone and modem options if you are using Hyperterminal for modem connections (AT Command).
> Can use Putty also. Download putty.exe
For getting more info on WinRS type "winrs /?" in your command prompt.
> windows remote shell (WinRS)
> use phone and modem options if you are using Hyperterminal for modem connections (AT Command).
> Can use Putty also. Download putty.exe
For getting more info on WinRS type "winrs /?" in your command prompt.
Subscribe to:
Posts (Atom)