Jun 7, 2010

TO HIDE A FILE IN OTHER FILE

INTRODUCTIONWe will have many files to hide from others who uses the same computer. Here is a nice trick trick to hide any file behind a music file or picture file or any such dummy file.Most of you probably already know this, this for those of you who are missing out. I think this post will be very useful who try to hide their file from others.

REQUIREMENTS
1. Winrar 
2. A dummy file (A jpg image file in this case, I've used the logo of this blog, logo.jpg)
3. A file you want to hide I've used a file I made, pron.bat)

 Instructions 

1. Move your files you want to hide to a single folder, in our case C:\Documents and Settings\Desktop\lethaltrix



2. Make the file you want to hide into a new RAR archive (in our example named pron.rar). To do that, just right click Pron.bat and click add to archive.



3. Theres the file Pron.rar  



4. Start Command Prompt (Start, Run, type cmd, and press Enter).


5. Go to the folder that youve created C:\Documents and Settings\Desktop\lethaltrix by using the 'cd' command.

'cd' goes to the root directory, so now it says C:>

'cd documents and settings' goes to the folder c:\documents and settings,


 such that reach the folder you have created so now it should say  C:\Documents and Settings\Desktop\lethaltrix>


6. Now put: copy /b logo.jpg + pron.rar faith.jpg into the command prompt.


Where logo.jpg is the original picture, pron.rar is the file that will be hidden, and faith.jpg is the file which contains both. Thats going to be the name of our finished product.


7. Right click, Open with, select Winrar, and there you go, you see the file that youve hid.

8. Well, now you see, you can view the picture normally; upload it to forum as an image. While its actually an attachment ;D

Thanks for viewing ...

Jun 6, 2010

REMOVE NEWFOLDER.EXE OR REGSVR.EXE VIRUS MANUALLY (RECOMMENDED)


This virus is know popularly as regsvr.exe virus, or as new folder.exe virus and most people identify this one by seeing autorun.inf file on their pen drives, But trend micro identified it as WORM_DELF.FKZ. It is spreading mostly using pen drives as the medium. And most of the antivirus failed to detect this virus..
New folder.exe virus
Well, so here is the story of how i was able to kill the monster and reclaim my hard disk space.
Manual Process of removal

I prefer manual process simply because it gives me option to learn new things in the process.
So let’s start the process off reclaiming the turf that virus took over from us.
  1. Cut The Supply Line
    1. Search for autorun.inf file. It is a read only file so you will have to change it to normal by right clicking the file , selecting the properties and un-check the read only option
    2. Open the file in notepad and delete everything and save the file.
    3. Now change the file status back to read only mode so that the virus could not get access again.
    4. Autorun
    5. Click start->run and type msconfig and click ok
    6. Go to startup tab look for regsvr and uncheck the option click OK.
    7. Click on Exit without Restart, cause there are still few things we need to do before we can restart the PC.
    8. Now go to control panel -> scheduled tasks, and delete the At1 task listed their.
  2. Open The Gates Of Castle
    1. Click on start -> run and type gpedit.msc and click Ok.
    2. If you are Windows XP Home Edition user you might not have gpedit.msc in that case download and install it from Windows XP Home Edition: gpedit.msc and then follow these steps.
    3. Go to users configuration->Administrative templates->system
    4. Find “prevent access to registry editing tools” and change the option to disable.
    5. Opening the gate of castle: Group Edit Policies
    6. Once you do this you have registry access back.
  3. Launch The Attack At Heart Of Castle
    1. Click on start->run and type regedit and click ok
    2. Go to edit->find and start the search for regsvr.exe,
    3. Launch the attack in the heart of castle: registry search
    4. Delete all the occurrence of regsvr.exe; remember to take a backup before deleting. KEEP IN MIND regsvr32.exe is not to be deleted. Delete regsvr.exe occurrences only.
    5. At one ore two places you will find it after explorer.exe in theses cases only delete the regsvr.exe part and not the whole part. E.g. Shell = “Explorer.exe regsvr.exe” the just delete the regsvr.exe and leave the explorer.exe
  4. Seek And Destroy the enemy soldiers, no one should be left behind
    1. Click on start->search->for files and folders.
    2. Their click all files and folders
    3. Type “*.exe” as filename to search for
    4. Click on ‘when was it modified ‘ option and select the specify date option
    5. Type from date as 1/31/2008 and also type To date as 1/31/2008
    6. Seek and destory enemy soldiers: the search option
    7. Now hit search and wait for all the exe’s to show up.
    8. Once search is over select all the exe files and shift+delete the files, caution must be taken so that you don’t delete the legitimate exe file that you have installed on 31stJanuary.
    9. Also selecting lot of files together might make your computer unresponsive so delete them in small bunches.
    10. Also find and delete regsvr.exe, svchost .exe( notice an extra space between the svchost and .exe)
  5. Time For Celebrations
    1. Now do a cold reboot (ie press the reboot button instead) and you are done.