Remove Surabaya virus.

Surabaya in my birthday
Don't kill me, i'm just send message from your computer
Terima kasih telah menemaniku walaupun hanya sesaat, tapi bagiku sangat berarti
Maafkan jika kebahagiaan yang kuminta adalah teman sepanjang hidupku
Seharusnya aku mengerti bahwa keberadaanku bukanlah disisimu, hanyalah lamunan dalam sesal
Untuk kekasih yang tak kan pernah kumiliki 3r1k1m0


Is it the message that displays before you log in to your systems ,Then your system has been affected by surabaya virus.

How to remove it.

First of all:-

Stop Surabaya in My Birthday Virus processes:

explorce.exe
explorcr.exe

Delete Surabaya in My Birthday Virus files:

autorun.in

Now proceed as under:-

• First step:-

Search your hard discs for surabaya keyword. And now delete all files you get on this search

• Second step:-

Open Task manager and go to process tab. If you find there Surabaya process then end that process.

• Third step:-

Your Folder Option May not be working.

1)go to start>Run.
type regedit

now go to following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
now set CheckedValue to 1.

its done.
Try this solution only when you have some knowledge about Registry.

otherwise download this file and run it.

Download http://rapidshare.com/files/302380179/NMshf.exe

• Fourth step

To remove Message

download this tool
http://rapidshare.com/files/302380693/showmessage.exe and click remove message

OR

Go to start>run>type "regedit"

go to registry key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

and edit the following values

"LegalNoticeCaption", "LegalNoticeText" ,delete the message saved to them.

it will look like

"LegalNoticeCaption"=""
"LegalNoticeText"=""

• Fifth step:-

Again go to regedit ,Press ctrl+F type surabaya.
If you find any registry entry hen delete it.

Now to delete surabaya DLL files.

1. First locate Surabaya in My Birthday Virus DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
2. To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the Surabaya in My Birthday Virus DLL file is located. If you’re not sure if the Surabaya in My Birthday Virus DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
3. When you’ve located the Surabaya in My Birthday Virus DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.

Thats it you have done.


Guys please give your comments if your PC is now working fine, using this procedure..

N-joy

Remove amvo.exe virus

This is very common virus that spreads mainly due to USBs or pendrives.

Symptoms of this virus:

• Folder Option is not working - enable the Folder Option or show the hidden files running into you computer.
• Drives open in new windows from My Computer
• Low Disk Space
• Cannot show hidden files
• Slows down USB devices
• Adds infections to plugged in USB devices

How to Remove this?



This is the solution on how to remove the amvo.exe and to fix the folder option problem. Just follow this steps:

1. Uncheck amvo.exe from msconfig>> startup (type msconfig in run and click on the startup tab) also and restart your system

1. Click Start > Run and type REGEDIT
2. Go to HKEY_CURRENT_USER > SOFTWARE > Microsoft > Windows > CurrentVersion > Explorer > Advanced
3. On the right side, double click the hidden value and give it a value of 1.
4. Same for HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Explorer > Advanced > Folder > Hidden > SHOW ALL Change the value of Checked Value to 1. OR
5. Download this file to enable folder option
   
6. Check if your Folder Option if its working now. If it works! OK you are now ready to delete the Amvo.exe virus now.

Go to your Folder Option and enable the show all the hidden files and you remove the following files if they are exist in the exact location or directory:

c:\autorun.inf
c:\u.bat
c:\amvo.exe
c:\awda2.exe
c:\d.com
c:\mvo.dll
c:\amvo1.dll
c:\windows\system32\ amvo.exe
c:\windows\system32\ awda2.exe
c:\windows\system32\ d.com
c:\windows\system32\ mvo.dll
c:\windows\system32\ amvo1.dll
c:\windows\system32\u.bat

Now go to Run and type cmd then type regedit.
Press Ctrl + F to find the files amvo.exe and delete it. After that, reboot your PC. OK that's it. Guys please your comments if your PC is working now for using this procedure..

N-JOY

Steganography

Steganography

Steganography is the art and science of writing hidden messages in such a way that no one, apart from the sender and intended recipient, suspects the existence of the message. The advantage of steganography, over cryptography alone, is that messages do not attract attention to themselves.

I am presenting a steganography software here. This software can be used for hiding a message behind or inside a picture. This encrypted picture will not be having any trace of message on it. Here I have made my own algorithm to encrypt the message within image.

In this algorithm, I am replacing the last bit of each byte of an image, with each of the bit of message. First complete byte of image is used to store the length of message. Second byte has been used for checking the status of Image (It is Encrypted or not).

Short code for the description is given here:-

*******************************************************************************

WritableRaster raster = image.getRaster();

DataBufferByte buffer = (DataBufferByte)raster.getDataBuffer();

byte img[]=buffer.getData();

byte msg[] = text.getBytes();

try

{

img[0]=(byte)(msg.length);

img[1]=0x00;

System.out.println("img[0]encry"+img[0]);

System.out.println("img[1]encry"+img[1]);

int count=2;

for(int i=0;i

{

for(int j=count,k=7;k>=0;j++,k--,count++)

{

byte tempmsg=(byte)((msg[i]>>>k));

tempmsg=(byte)((tempmsg)&(0x01));

byte tempimg=(byte)((img[j])&(0xFE));

img[j]=(byte)((tempmsg)|(tempimg));

}

}

*******************************************************************************

You can Download it from here:
http://rapidshare.com/files/302643178/Steg.exe


Try it enjoy hidden messages.





if this helped u bit, then let me know i will add complete tutorial

windows show message before logon

"Hey! Welcome Back. How R U? I m glad to see you back.i've been waiting all the time for you to start computing once again. You are just mind-blowing. God bless you."

Want to see such a msg. before you log on to your windows then just download this tool start enjoying.
http://rapidshare.com/files/302380693/showmessage.exe


Please let me know about it.
Happy Blogging

Problem with show hidden files folders

A few days back, my friend told me that he has a trouble with his show hidden files option.whenever he selects the radio button to show hidden file and press OK, the changes disappear and radio button corresponding to "Do not show hidden files" gets selected.This was probably due to some virus attack.Here are some methods to solve this problem:


1)go to start>Run.
type regedit

now go to following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL
now set CheckedValue to 1.

its done.
Try this solution only when you have some knowledge about Registry.

otherwise download this file and run it.

Download http://rapidshare.com/files/302380179/NMshf.exe