[ h4x0r ]

Windows explorer has encountered a problem

When open video / image folder

Simply do the following steps:
1) (Start->Run, type in ‘cmd’ and enter)
2) To remove image preview
regsvr32 /u shimgvw.dll
3) To readd image preview
regsvr32 shimgvw.dll
4) To remove media preview
regsvr32 /u shmedia.dll
5) To readd media preview
regsvr32 shmedia.dll

VirusMwrdy.js (Virus Mawar) ahpaw.js (Virus Ahpaw) JS Autorun

Cannot open hard drive (C:,D:,) or (thumb drive) by double click / pop-up window “Open With” appear

1. Disable System Restore
(Right click My Computer –> Properties –> System Restore –> check at the Turn Off System Restore box –> OK

2. Restart your computer in Safe Mode
(Restart PC, Press F8 repeatedly and choose “Safe Mode”)

3. Unhide all Hidden Files and protected Operating System Files
- Go to My Computer
- Click Toools –> Folder Options… –> View
- Check the “Show hidden files and folders” radio button
- Check the “Hide protected operating system files (Recommended) button
- OK

4. Go to My Computer –> C: drive (or any additional/removable drive) and..
- Find autorun.ini and DELETE!
- Find VirusMwrdy.js (if any) and DELETE!
- Find ahpaw.js (if any) and DELETE!

5. Go to My Computer again, and right-click C: drive
- Click Properties –> Disk Cleanup –> More Options –> System Restore –> Cleanup.. –> click Yes when asked –> OK

6. Run Registry Editor
- Click Start — > Run –> type “regedit”
- Highlight at the My Computer icon and press Ctrl+F to start search
- type VirusMwrdy.js (for Virus Mawar) OR ahpaw.js (For AhPaw.js)
- delete all the key once detected
- repeat the search function again and again until you sure that the key is completelty removed.

7. Restart your computer and login to Windows as normal.

Add / Remove / Edit Internet Explorer Title Bar

- Click Start — > Run –> type “regedit”
- HKEY_CURRENT_USER — > Software –> Microsoft –> Internet Explorer –> Main
Windows Title and safely remove it the string value.

Removing “Hacked by Pokemon / Hacked by Godzilla – MS32DLL.dll.vbs” (VBS.Zodgila)

-Go to Tools>Folder Option
-Uncheck Hide protected operating system files (Recommended) and Use simple file sharing(Recommended)
-Click Apply and Close the window.

How to Delete/Remove *vbs File ?

1) CTRL + ALT + DEL and find wscript.exe if exist to make sure its running or not. If exist, click End Process.

2)You may delete 2 files that i mention above manually in every partition.

3) or, Start -> Search. Search for *vbs files . Delete the file.

How To Clean The Registry ?

- Start —> Run –> type “regedit”

- HKEY_LOCAL_MACHINE –> Software –> Microsoft –> Windows –> CurrentVersion –> Run –> MS32DLL

- Delete MS32DLL

-And refer to
Add / Remove / Edit Internet Explorer Title Bar to remove the “Hacked by Pokemon” or “Hacked by Godzilla”

-Then restart your PC

Start Menu ‘ All Programs ‘ is empty

- Start –> Run –> type ” regsvr32 /i shell32.dll “

Problem Opening Disk Drives

Click to open the folder, the search window opens

- Start –> Run –> type ” regedit “
- HKEY_CLASSES_ROOT –> Drive –> shell
- Change Value data: to none .
- test by double clicking on C: drive

Re – enable Windows Task Manager

Task Manager Has Been Disabled By Your Administrator.

- Start –> Run –> type ” gpedit.msc “
- User Configuration -> Administrative Templates -> System -> Ctrl+Alt+Delete Options -> Remove Task Manager.
- You can then disable, enable, or set the policy to Not Configured. Remember: Since the policy in question is called Remove Task Manager, by disabling the policy, you are actually enabling the Task Manager. Disabling or setting this policy to Not Configured should alleviate Main’s problem.

Volume Icon missing in XP

-Open the Control panel
-Open the “Sounds and Audio Devices” icon.
-Verify the “Place volume icon in the taskbar” checkbox is checked. If this option is not available or is grayed out, skip to the next section of this document.
-If you were able to check this box, click ok and close out of this window and the Control Panel.

The command prompt has been disabled by your administrator

-Start -> Run
- type “REG add HKCUSoftwarePoliciesMicrosoftWindowsSystem /v DisableCMD /t REG_DWORD /d 0 /f”

Virus Virtumonde

-Try run this software

-VundoFix

System Error pop-up

Your computer was infected by an unknown Trojan. It’s dangerous for your system (critical files can be lost)! Click ok to download the antispyware program to clean your system. (Recommended)

-ComboFix

Missing Comdlg32.ocx error

1. Download comdlg32.zip

2. Extract comdlg32.ocx to WindowsSystem32 folder.

3. Start –> Run type “regsvr32 %Systemroot%System32comdlg32.ocx”

SmitFraudFix v2.328 (WinXP, Win2K)

This tool removes Desktop Hijack malware: AdwarePunisher, AdwareSheriff, AlphaCleaner, AntiSpyCheck, Antispyware Soldier, AntiVermeans, AntiVermins, AntiVerminser, AntiVirGear, AntivirusGolden, AVGold, Awola, BraveSentry, IE Defender, MalwareCrush, MalwareWipe, MalwareWiped, MalwaresWipeds, MalwareWipePro, MalwareWiper, PestCapture, PestTrap, PSGuard, quicknavigate.com, Registry Cleaner, Security iGuard, Smitfraud, SpyAxe, SpyCrush, SpyDown, SpyFalcon, SpyGuard, SpyHeal, SpyHeals, SpyLocked, SpyMarshal, SpySheriff, SpySoldier, Spyware Vanisher, Spyware Soft Stop, SpywareLocked, SpywareQuake, SpywareKnight, SpywareRemover, SpywareSheriff, SpywareStrike, Startsearches.net, TitanShield Antispyware, Trust Cleaner, UpdateSearches.com, Virtual Maid, Virus Heat, Virus Protect, Virus Protect Pro, VirusBlast, VirusBurst, VirusRay, Win32.puper, WinHound, Brain Codec, ChristmasPorn, DirectAccess, DirectVideo, EliteCodec, eMedia Codec, EZVideo, FreeVideo, Gold Codec, HQ Codec, iCodecPack, IECodec, iMediaCodec, Image ActiveX Object, Image Add-on, IntCodec, iVideoCodec, JPEG Encoder, Key Generator, LookForPorn, Media-Codec, MediaCodec, MMediaCodec, MovieCommander, MPCODEC, My Pass Generator, NetProject, Online Image Add-on, Online Video Add-on, PCODEC, Perfect Codec, PowerCodec, PornPass Manager, PornMag Pass, PrivateVideo, QualityCodec, Silver Codec, SearchPorn, SiteEntry, SiteTicket, SoftCodec, strCodec, Super Codec, TrueCodec, VideoAccess, VideoBox, VidCodecs, Video Access ActiveX Object, Video ActiveX Object, Video Add-on, VideoCompressionCodec, VideoKeyCodec, VideosCodec, WinAntiSpyPro, WinMediaCodec, X Password Generator, X Password Manager, ZipCodec…

-Use this URL to download the latest version (the file contains both English and French versions)

How to enable regedit?

Start -> Run -> gpedit.msc -> User Configuration -> Administrative Templates -> System -> Prevent access to registry editing tools -> Right Click Properties -> Disabled

Folder Options missing in Windows XP

-Start –> Run –> regedit. The registry editor will open. Go to the following key:
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows
CurrentVersionpoliciesExplorer

-In NoFolderOptions change it’s value to 0.

-1 means hide options and 0 means show options.

Run command missing from start menu in XP

-Open a command prompt (CMD) from accessories menu -> type “gpedit.msc”

- Click user configuration -> admin templates -> click “Start Menu and Taskbar -> in the right pane look for “remove run menu from start menu from start menu”  ->  set to “disable”.

-Reboot

Remove Restrictions Tool

Enable Folder Options, Enable Registry Tools, Enable Ctrl+Alt+Del , Enable Show hidden files & folders,  Enable Run Command

RRT v4.8.0.3 – With Removable Media Malware Defender

Files *.doc become *.exe

The virus copying your filesname.doc become filesname.exe .All your *.doc will become hidden and os files. So don’t scared if you see your files is missing.

-Update your antivirus and scan the virus.

-After the antivirus removed it. Go to command prompt ( Start -> Run -> type cmd ) and locate your files ( make sure you know where your files location and cmd command such as cd, chdir d a/b/c/d/e..: ) then just type ( attrib your filesname.doc -S -H )

-This command will recover back to *.doc

Remove disables show hidden files

-Start ->  Run ->  regedit ..click Enter.

-Go to HKEY_LOCAL_MACHINE -> Software -> Microsoft -> Windows ->  Current Version -> Explorer -> Advanced -> Folder -> Hidden -> SHOWALL

-Delete the value CheckedValue.
(Its type should be REG_SZ and data should be 2 or 0.)

-Create a new DWORD value called CheckedValue (the type is REG_DWORD).

-Modify the value data to 1 (0×00000001).

Fix “Invalid Update Control CTF File” Error in AVG 8.0

Enable show hidden files first !

XP

-Go to C:Documents and SettingsAll UsersApplication Dataavg8updatedownload

-remove avginfoavi.ctf and avginfowin.ctf

-Update as usual.

VISTA

-Go to C:ProgramDataavg8updatedownload

-remove avginfoavi.ctf and avginfowin.ctf

-Update as usual

Disable and Remove Windows Genuine Advantage Notifications Nag Screen

Official Method by Microsoft – more information here.

-Lauch Windows Task Manager.
-End wgatray.exe process in Task Manager.
-Restart Windows XP in Safe Mode.
-Delete WgaTray.exe from c:\Windows\System32.
-Delete WgaTray.exe from c:\Windows\System32\dllcache.
-Lauch RegEdit.
-Browse to the following location:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows NT\CurrentVersion\Winlogon\Notify
-Delete the folder ‘WgaLogon’ and all its contents
-Reboot Windows XP.

Note: With this method, you may be prompted to install WGA Notifications again which can still be unselected.

Excel opens one or more files
Excel unexpectedly opens one or more files at startup

Method 1

-on Excel

-Tools -> Options -> General Tab

-DELETE the contents of the At Startup, open all files in box. Ok.

-Restart Excel.

Method 2
-Open Regedit.exe ( Run..type regedit )

-HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Excel
(8.0 for Excel 97, 9.0 for Excel 2000, 10.0 for Excel 2002, 11.0 for Excel 2003)

-Backup this registry by File – > Export -> Verify the registry key listed in Selected branch box.

-Double click at AltStartup, delete the contents of the value data box.

-Ok. Quit Registry Editor. Start Excel

Method 3

-Same like method 2 but click delete the registry key.

Disable Chkdsk on startup

-run cmd (Start -> run -> type cmd)
-type chkdsk /x [drive:]
-eg; chkdsk /x c: