Archive for the ‘Uncategorized’ Category

Downloads available

13 September, 2010

The downloads are available now at my new website
http://piyushlabs.com/

Soon i will be starting a forum to answer/discuss virus related problems.
Stay tuned in…
🙂

Unavailability of Downloads

29 July, 2010

hi people,
the downloads are currently unavailable.
I m planning to buy some webspace to host my files, and probably another website.
Previously i was hosting on a free hosting service, and they have deactivated my account and asking me to become premium member. 😦
Looking for some reliable n less costly domain/webspace provider. suggestions are invited.
if you need any of these softwares urgently, then mail me at piyushlabs@gmail.com

How to disable Autorun for drives

17 May, 2009

Follow this procedure . . .
Goto Start > Run > “gpedit.msc”
Goto UserConfiguration > AdministrativeTemplates > Syatem
Select TurnOffAutoplay > Properties > Enabled > AllDrives

Windows File Protection “SFC /SCANNOW”

3 May, 2009

If your Windows files are corrupted/infected by any virus, the best way to restore them is by using Windows File Protection.
Open Start>Run>”cmd”>”sfc /scannow”
The windows file protection will start running.
It scans all protected system files and replaces incorrect versions with correct Microsoft versions.
It will ask you to insert your WindowsXP cd to replace the files.

* You can customize the drive for cd. Open Regedit and goto “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup”. Change “SourcePath” and “ServicePackSourcePath” to your drive letter.

Best way to kill SOUNDMIX.EXE

26 April, 2009

Its very difficult to kill the virus process Soundmix.exe
i found out that this process looks for the presence of a file named “C:\stop.txt”
Generally when you try to kill the virus process, it comes again and again.
Now, create a simple notepad in c:\ and rename it to “stop.txt”
And now, try killing the sounmix.exe
Hola! the process stops…
probably the virus developer used this in testing, but forgot to remove this.. 😉

Online Troubleshooting

25 April, 2009

Hello people,
i am going to start a new service :
Online Troubleshooting via Remote Access
Get your viruses removed, speed up your system, get all problem fixed.

This service will be available free of cost till April 28, 2009 (as an introductory service).

Currently Supporting:
Windows XP

Visit https://piyushlabs.wordpress.com/online-troubleshooting/
for more details.

Auto-status for BorgChat : BorgStatus

7 April, 2009

Borg Chat [link]  is one of the best chatting software on LAN network.

Icon

I have made a small tool for auto-status for Borg Chat.
It simply works with the help of commands “/?” that can be used from the main tab.
Programmed in AutoIt.
BorgStatus
+ Changes status to “away” or “available”
You just need to set your screensaver setting. Activate screensaver, say 5 mins, when the screen saver starts (which means you are not available), this tool will automatically set your BorgChat status to “away”.
When you resume working, screensaver stops, it will set the status to “available”.

+ Dota , CounterStrike
When you play warcraft or cs, this tool will automatically set your status to “busy”.

+ Working
No window. Just works from the tray icon.
No customizations provided.
If you need a customized (paid version) BorgStatus software or want me to make some software for your need, then mail me piyushlabs[at]gmail[dot]com

+ Cost
This trial version , free of cost 🙂

Download
http://piyushlabs.googlepages.com/BorgStatus.exe

Hunt and Delete Virus Files

6 January, 2009

This small utility is a continuation of HealPenDrive.
I have added a few more options.
The best one is: This will help you to delete , what i call, “pattern files”.
Like a virus exe file inside every folder with the name of parent folder name
Eg: ..\songs\songs.exe
One more option is to hunt n delete files based on its size.

Its completely a “batch” file.
I went throgh various samples of batch file over net and learnt to code such programs. Its nice 🙂
So you can open and check its contents.

*Many of you have complained about HealPenDrive to be detected as virus. The thing is, that software is built by AutoIt software, which cannot (as far as i know) be run in exe debuggers to know its exact working. Most of AutoIt files are being put up suspicious by antiviruses there have been many viruses found built on AutoIt.

Link to download:
HuntAndDelete.zip

After 6 month

6 January, 2009

Hmm… after 6 months of silence. i’m back in this new year…

Sorry, i wont be able to reply to u all. So many comments. My God!
Just TRY to fix the problem it yourself…
C’mon you can do it.

Its semester break and i’m chilling out at my home. (its 6 degree C, i miss Bangalore’s warm climate)…
I learnt a bit of DOS BATCH file programming… its nice
I’ve a new year present for you. I’ll post tomo.

three nasty viruses in wild

4 June, 2008

First one=SVCHOST.EXE

It looks like Word File, (ref: my previous post).
The file name is *.scr , (ie screen saver file)
It hides your original word document and instead there a *.scr file is created which is of the same name of the word file.
For ex, you create a document Hello.doc and after you write on it and save it, the Hello.doc gets system hidden, and a file named Hello.scr is created which is having the same word icon.
In the administrator account, it makes such a change in registry that you will never be able to login to your account. When you click on your login name it logs in and suddenly logs out.
So, whenever opening word file, right click and check the options.
For virus file, it will be: open,run,run as,test,configure,etc
Once if you get the virus in limited user , never login to your admin. or else , as i said, it makes such a change in registry that you will nerver be able to login again.

Second=spoolsv.exe

the virus writer has done a quite much research on autorun property.
when you insert your pen drive, (if autorun is ON) , it asks for what to do, eg,
open using windows explorer, open using WMP, open using Nero, view photos using some s/w, etc.
but if it has this virus, it will say
“open using software provided on this device”
So, be careful.

After the virus is installed, i found no separte virus process, probably it injects some dlls
I am unable to find the solution yet.
its challenging… hmm…

Third=SHAHROKH.EXE

how come anyone misspell shahrukh khan. its so sad. : )
it creates AUTORUNS.EXE, and EXPLORER.EXE files.
the EXPLORER.EXE file is placed inside c:\windows\system32\ folder.
so, whenevre the comp starts , it doesnt load the genuine window’s EXPLORER.EXE but it runs the virus EXPLORER.EXE program.
This happens because in the “path” system32 directory has higher preference than windows directory…
now i think, y doesnt the windows’s EXPLORER.EXE is not placed in system32 folder.

My semester exams this month, so m going to hibernate, gud bye guys… be in touch.


%d bloggers like this: