Raymond.CC Blog

Author: raymond

  • FREE ESET Smart Security v2.7/3.0/4.0 Username and Password with 3 Months Subscription for EVERYONE

    For non-ESET fans, please bear with me for one more day because today’s article will be again about getting free ESET license. I’ve previously shared with you on how to get a free 3 months and 6 months ESET NOD32 Antivirus license. Today will be about getting free ESET Smart Security username and password with 3 months subscription. The difference between the 2 ESET products (NOD32 Antivirus and Smart Security) is that Smart Security has a personal firewall and antispam together with the same antivirus and antispyware protection delivered by NOD32 Antivirus. However, it doesn’t come with other fancy features such as game mode, parental control and web safety such as LinkScanner by AVG or SiteAdvisor by McAfee. Surprisingly the price for 1 user ESET Smart Security license valid for a year is also the most expensive compared to other Internet Security suites.

    FREE ESET Smart Security Username and Password

    The steps to get the free ESET Smart Security username and password again requires you to go through proxy. Since many of you had problems tunneling through open proxy, I will introduce you a few more tools and sites that can help you find a working china open proxy more easily. To get your free ESET Smart Security username and password valid for 3 months, just follow the steps below.


    1. First we need to look for open proxy that belongs to China. Here are 3 sites (Roinstrument, XROXY, Pass) that contains china open proxy. I’d suggest you to copy all the china proxies ip address and port to a text file with the format IP:Port (eg: 202.188.0.133:80) per line.

    2a. Open proxy usually don’t last long so you’ll have to test them. One of the easiest and fastest way to test the proxies is by using an online proxy checker. Just paste a the list of proxy addresses which you’ve created in step 1 to the form and click the Check Proxy! button. When finished testing, the good working proxies will be listed at the end of the page.
    web based online proxy checker

    2b. If you have a list of proxies and not categorized according to country, here is a free and simple tool called Country Detector where you can load the proxy list, and it’ll produce a new list with country code next to the proxy address. The ip-to-country database is very old, you might need to download the latest database and then replace the GeoIP.dat file which is in the same location as CountryDetector.exe.
    Find country from IP address

    3. Once you have a working china open proxy, run Proxifier. Go to Options > Proxy Settings…
    Configure Proxifier
    Click Add button, enter the proxy address and port. Next you need to select the protocol of the proxy. If the online proxy checker tells you that it is a “good socks 4 proxies”, then select SOCKS Version 4. Now click the Check button. You might want to enable SOCKS 4A extension if the testing fails. Once you get the message “Proxy is ready to work with Proxifier”, proceed to next step. Otherwise keep testing until you get a working proxy.

    4. Open http://www.eset.com.cn/trial/ess_ac_90/ and click the yellow colored button.
    ESET smart security username and password

    5. Enter your name, email, confirm email again and click the button.
    request ESET Smart Security license
    Note down the 24-digit activation code which can be used to convert it into a working ESET Smart Security username and password valid for 3 months.
    ESS 24 digit activation code

    6. If you’ve already installed ESET Smart Security, skip this step. If not, disable Proxifier, go to Australia’s NOD32 website to request for a 1 month trial license. Just enter your email address and hit the Submit button. Check your email and you should receive an email from [email protected] with the suject “ESET Smart Security – Trial License”. Note down the 1 month trial ESET username and password. Download the latest ESET Smart Security here and install. Enter the ESET username and password when requested. If you’re using a 64-bit Windows operating system, you have to download this installer instead. During installation, check “Setup update parameters later” when asked to enter your ESET Smart Security username and password.

    7. Now download ESET Activation Tool. This ESET Activation Tool is an official program by ESET to activate/convert the 24 digit serial number into a genuine ESET Smart Security username and password. Re-enable Proxifier and run essact.exe. Make sure the first option “Activate with Activation Code” is selected. Enter your name, email and the 24-digit activation code. The name and email in the activation tool is not important so you can enter anything. If you got it right, you should see the message “Activation succeed, the Expiry Date is:2009-MM-DD”
    Activate ESET Smart Security code

    8. Now launch ESET NOD32 Antivirus, click the Setup icon on the left hand side and then click Username and Password setup. You should only see the NOD32 username with the password hidden. To view the hidden password, download Asterisk Logger. Extract, run astlog.exe and voila! the ESET Smart Security password is revealed! I’ve tested the 3 months free ESET Smart Security username and password on NOD32View and the license can be used on both NOD32 Antivirus and Smart Security.
    NOD32View check ESET license

    Important Note: This ESET Smart Security offer page logs the IP address, browser cookies and also email. In order for this to work, you must use a china proxy that has never been used to request the 24 digit ESET Smart Security activation code. The 24-digit code generated is based on your email address. Entering the same email will always give you the same code.

    If you still can’t get the free ESET Smart Security username and password after trying for hours and about to throw your keyboard, try searching for Super GetValID V2 by Denniz / MasterSteven. It is only a vbs script that is able to connect to 25 websites, grabs all valid ESET Smart Security username and password, and automatically registers ESS to use the license. Super GetValID V2 is WAY better than NodLogin or NodEnabler because it connects to 25 sites simultaneously and the chances of all sites failing is very slim.

    Thanks Kino for helping me to confirm on the offer restrictions.

  • RogueKiller is an Effective Malicious Rogueware Cleaner

    Rogueware or commonly known as fake antivirus is a kind of scareware that misleads users into paying for fake or simulated removal of malware or that installs other malware. Once your computer is infected with a rogueware, it will either secretly download more real viruses to your computer which is kinda rare nowadays or it simply simulates that your computer is infected and offers you to clean it by buying the software. Although the simulated ones don’t seem to be really a threat to your computer because it doesn’t drop more malwares to your computer but it cripples your computer and nags the crap out of you until you give up and just pay them the money. Some rogueware is even programmed to defeat or disable antivirus or antispyware programs.

    I have previously written about a free tool called Remove Fake Antivirus that is able to detect some rogue antivirus and clean them from your computer. Here is another similar tool called RogueKiller by Tigzy which in my opinion is more powerful in detecting and disabling Rogueware.


    RogueKiller is a free and portable tool written in C++ which scans the registry, running processes and terminates the malicious ones. The good thing about RogueKiller is it only disables the rogueware and doesn’t delete any files on your computer. It is best to leave the deleting job to an antivirus or antispyware software because they have a more extensive database in recognizing malicious files. RogueKiller doesn’t have a fancy user interface and all you see is a blue colored command prompt window awaiting for further actions.

    RogueKiller

    The first thing you should do after running RogueKiller is press the number 1 on your keyboard to start scanning for any active rogueware on your computer. A log file by the name RKreport.txt will be created and saved to the same location as RogueKiller for reference. If you see a sentence “Registry entries found!! Choose the mode 2 for deletion” after it has finished scanning, press any key to continue followed by pressing number 2 on your keyboard to start the disinfection process. The suspicious files will be copied to the RK_Quarantine folder while the original file is still available at the original location.

    RogueKiller Registry Entries Found

    As usual, other than just talking about the feature of a software, I prefer to test it and make sure that it really works. I downloaded a FakeRean sample that runs under the name “Win 7 Security 2012″ and ran it on my test system. It tells me that it found infections and kept on asking me to register the software to clean it.

    FakeRean Win 7 Security 2012

    Even Action Center shows that Win 7 Security 2012 is turned off and clicking the Turn on now button will prompt me to purchase the full version or manually activate the program. This Action Center is actually fake and runs under the rogueware’s process. Once the rogueware process is terminated, I am able to access the real Action Center.

    Fake Action Center

    The worse problem is whenever I run any executable (.exe) file, it is blocked and the Win 7 Security 2012 Firewall Alert window will show, again asking me to activate the program. It does seem like there is no way I can use any tool to clean up this rogueware.

    Win 7 Security 2012 Firewall Alert

    Fortunately there is a solution to run RogueKiller to attempt disabling this rogueware. Simply right click on RogueKiller and run it as Administrator which will have higher privilege than the rogueware bypassing the infected exe file association. After running a scan and delete in RogueKiller, Win 7 Security 2012 is instantly disabled. I also tested RogueKiller against Cloud AV 2012 and the rogueware doesn’t even stand a chance against RogueKiller. Other than disabling rogueware, RogueKiller can also fix HOSTS file, proxy, DNS and shortcuts. Definitely a keeper!

    Download RogueKiller

  • RegFromApp Monitors Registry Changes on Selected Process

    I have heard about RegFromApp tool for quite some time but never really tested it because I am a very happy SysTracer user. SysTracer is able to take snapshots and then perform comparison to show the differences on the files, registries and applications. As for RegFromApp, the name itself sounds like it only monitors the registry which I think is not complete since I also need to monitor for file changes. Nevertheless, I am always a big fan of tools created by Nir Sofer so here is my review on RegFromApp.

    After testing RegFromApp, the methodology is actually quite different from SysTracer because RegFromApp attempts to inject to a process and then monitors the registry changes in real time. Unlike SysTracer where I had to take the first snapshot, make the changes and then taking another snapshot to compare the differences.


    There are two ways to monitor with RegFromApp. The first is to inject it into a process that is already running and the second method is to select the file that you want to monitor and then run it from RegFromApp. One important note is if you have UAC enabled, you should run RegFromApp as administrator so you will be able to trace processes that are ran under administrator. The registry changes will be outputted instantly on the RegFromApp interface. You can then save the entire Registry changes into a .reg file by using the ‘Save As’ option.

    RegFromApp

    One possible problem that I’ve discovered when testing RegFromApp is that you may not be able to directly monitor for registry changes on installation setup files. Reason is when you run a setup file, it actually extracts a couple of real installation files to the temporary folder and then use them for installation. Here is an example scenario where I ran gbooks.exe from desktop to install Google Books Downloader. After clicking the Next button once, gbooks.exe process is no longer active and is bring replaced by 11659nua.exe and 11659nua.tmp at temp folder. So in order to monitor the installation registry changes on gbooks.exe, I will have to inject RegFromApp to both 11659nua.exe and 11659nua.tmp process from two different instances.

    RegFromApp Process Injection

    The same goes to a malware that has melting capability. When you run the malware, it creates a copy of itself into a deeper location where it is not easily seen and then the newly created malware starts to make changes on your registry by automatically adding itself to startup. RegFromApp is useful but only for certain situation. It is free and works from Windows 2000 to Windows 7.

    Download RegFromApp

  • FREE File Hosting using HYPERUPLOADER – facile way to upload

    HyperUpload, a website that I always upload my files to. It’s very similar to RapidShare, but somehow I prefer to use HyperUpload.
    Although RapidShare says that they doesn’t have limit in hosting your files,they still have to clean up their drives from time to time, so they will delete files that have not been accessed for 30 days or longer.
    If you want your file to stay forever, you’ve just gotta pay to be their Premium user.
    I’ve just tried downloading a file that I uploaded 3 months ago in HyperUpload and the file is still there for me to download!

    RapidShare offers hosting of 100 MB per file and HyperUpload only offers hosting of 10MB per file.
    I really don’t understand why a person can upload 100MB of file but can only download 30MB per day? It’s like a way to make people to sign up for their Premium-user in RapidShare.
    As for HyperUpload, it didn’t say anything about download restrictions.

    There’s another advantage in using HyperUpload.


    The process of uploading your files to HyperUpload become more simple.
    With the new program “HyperUploader”, developed by their programmers you may upload all data with one click.
    It’s enough to click on the any file with right mouse button and choose “upload to hyperupload”.
    Hyperuploader

    And the other way is to open the program and choose the file by yourself.
    Hyperuploader
    The features are evident – you don’t even need to open your browser and may upload anything you want right from your computer.
    This program contains no adware or spyware and so tiny that you would overlook it’s download.

    [ Download HyperUploader ]

  • Free DataGuard AntiKeylogger Ultimate Lifetime License + Review

    For people who are familiar with how Zemana AntiLogger works, there is an alternative software called DataGuard AntiKeylogger. It is developed by MaxSecurity Lab, the same company that develops NextGen AntiKeylogger which I have reviewed nearly 6 months ago. AntiKeylogger software doesn’t rely on virus signature updates and file scanning like the traditional anti-virus programs do. It simply detects if the method used in logging keystrokes are being activated and either automatically blocking it or offering the user to allow the action. It is easier said than being done because there are more than one method of capturing keystrokes, with some of them are private unknown method.

    From the official DataGuard AntiKeylogger’s website, it claims to provide protection against keystroke logging, clipboard capturing, capturing text from opened documents and windows, hidden screen capturing, DirectX based keyloggers, kernel level keyloggers and keyboard filters through its cutting-edge heuristics methods to detect and disable all types of potential keyloggers using analyze of its activity. As good as it sounds, I am actually more interested in putting DataGuard AntiKeylogger Ultimate to the real world tests rather than believing what it says.


    I re-image my test system to a clean Windows 7 Ultimate 32-bit with all latest updates. I used a 32-bit platform to perform the test because DataGuard AntiKeylogger can only support 32-bit. I then installed the latest version of DataGuard AntiKeylogger Ultimate v4.1 and followed by a restart. All protections by default so I can directly start installing keylogging tools to test if DataGuard AntiKeylogger is able to block them.

    DataGuard Antikeylogger

    The results are either FAILED or PASSED. FAILED means that DataGuard AntiKeylogger wasn’t able to block the keylogger and PASSED means protected.

    Keyloggers
    1. Invisible Keylogger Stealth: Failed

    2. All In One Keylogger
    – Textual Logging: Failed
    – Visual Logging: Failed

    3. Revealer Keylogger Pro Edition: Failed

    4. REFOG Keylogger: Failed

    RAT Trojan
    5. Blackshades NET
    – Live logger: Failed
    – Keylog manager: Failed
    – Screenshot manager: Passed (Refer image below)
    – Webcam Manager: Failed
    – Audio Manager: Failed
    BlackShades Screenshot Manager
    DataGuard AntiKeylogger replaces the screenshot capture by BlackShades with some blur image

    6. Cammy
    – Webcam capture: Failed

    7. CyberGate
    – Webcam capture: Failed
    – Remote desktop: Passed
    – Audio capture: Failed
    – Keylogger: Passed

    8. DarkComet
    – Webcam Capture: Failed
    – Sound Capture: Failed
    – Remote Desktop: Failed
    – Online Keylogger: Failed (Refer image below)
    – Remote Keylogger: Failed
    DarkComet vs DataGuard
    DarkComet is still able to log keystrokes when DataGuard AntiKeylogger protection is active

    There are actually a few more keyloggers to test but I gave up seeing that DataGuard AntiKeylogger failed most of the tests. If you wonder what DataGuard AntiKeylogger actually protects since it failed most of the real world test and I believe it is made based on simulation testing tools. I’ve tested DataGuard AntiKeylogger against simulation test programs made by Zemana (KeyLogger, ScreenLogger, ClipBoardLogger, WebCamLogger) and Firewall Leak Tester (Anti-KeyLogger Tester AKLT) and it managed to block all of it.

    In my opinion, Zemana Antilogger is far superior than DataGuard AntiKeylogger. The last time I reviewed Zemana AntiLogger, it is able detect ALL keylogging, webcam capture and screenshot capture methods from different trojans, and it can also detect process injection and startup addition without putting any noticeable load on the computer. Moreover Zemana can also run on 64-bit.

    Nevertheless, a free lifetime license of DataGuard AntiKeylogger worth $59 for possible future use is still valuable. To request for your free license, head on to Techno360′s review on DataGuard AntiKeylogger page and click on the “giveaway page” link located near the end of the article. Entering a username and email at the giveaway page will instantly generate your unique license key.

    [ Visit DataGuard AntiKeylogger Webpage ]

  • Integrate Multiple Antivirus Rescue Disk into One Single Disc or USB Flash Drive with SARDU

    Antivirus Rescue Disk is one of my must have CD to carry along with me whenever I have any computer servicing job. When a virus infects a computer, it normally makes Windows very unstable, slow and probably even terminate any antivirus or anyspyware software that it finds making it impossible for you to clean the virus from Windows. All I needed to do is to boot up the computer with an antivirus rescue disk, run a full scan and remove any virus that it finds. By doing that, 90% of the virus are normally gone and it should leave me with a Windows that I can boot in and work on restoring the disabled regedit, Windows Task Manager, cmd and etc.

    The last time I checked there were about 13 rescue disks, most are free to use and only a few that requires to purchase. There are NO perfect antivirus as different antivirus has different detection rate. I wished I can bring all of the rescue disks with me but maintaining 13 rescue disks and making sure that I always have the latest version and definition is very troublesome and tedious. I tried using MagicISO, EasyBoot and a few more software which I can’t remember to put all the antivirus rescue discs ISO into one single DVD but the software cannot support such feature. So I gave up…

    multiple live cd iso into usb

    Yesterday I received an email from Davide Costa informing me that he has made a free tool called SARDU that can integrate multiple antivirus rescue disks, a few useful utilities, linux live CDs and also Windows PE. Not only that, the best part is it can be installed in a USB flash drive!


    SARDU is short for Shardana Antivirus Rescue Disk Utility. It can handle ISO images of bootable antivirus, some collections of utilities, Linux Live CDs and the most popular distributions of Windows PE. It has been categorized into 4 sections, Antivirus, Utility, Linux and PE.

    Antivirus

  • Avira AntiVir Rescue System
  • BitDefender
  • Dr.Web LiveCD
  • F-Secure
  • GDATA
  • Kaspersky ‘Kav Rescue CD’
  • Panda Safe Cd

    • Utility

  • Floppy win98SE
  • Gparted
  • NT password
  • Parted Magic
  • System Rescue CD
  • Ultimate Boot CD

    • Linux

  • Austrumi
  • Damn Small Linux
  • Puppy Linux
  • Slax

    • Windows PE

  • LiveXP
  • MegalabCD
  • WindowsPE
  • UBCD4WIN
  • VistaPE

    • The first time you create a universal rescue disks ISO or to your USB flash drive can be time consuming because you need to download around 2.6GB of ISO images if you want to integrate all ISO that is supported by SARDU. After that, the whole process is very simple, thanks to SARDU for being a “smart” program that automatically recognizes the ISO image that you place into the ISO folder.
    combine multiple antivirus rescue disks into one
    Here’s a simple guide on how to use Shardana Antivirus Rescue Disk Utility to create a bootable USB flash drive containing multiple antivirus rescue disks together with Linux LiveCDs, utilities and Windows PE.
    1. Download the latest version of SARDU.
    2. Extract SARDU to a new folder and run sardu.exe
    3. To download the ISO image, simply click on the name in the program and your default web browser will open with the link to download the latest ISO. Save the file to the ISO folder where sardu.exe is located.
    4. When you’ve finished downloading the ISO files, close sardu.exe and reopen sardu.exe. You will notice that SARDU has automatically put a check on the checkbox if the ISO image is found. If the checkbox is grayed out even though you think you’ve downloaded the file, then most likely you’ve downloaded the wrong one. The file has to be in ISO format, not ZIP or EXE.
    5. You can either click on the “Crea ISO” button to compile all the ISO images into a single ISO to burn it to a DVD or click the “Crea USB avviabile” button to install it to your USB flash drive.
    6. When you have your SARDU USB flash drive or DVD ready, boot it up and you should get a multiboot screen like the image below.
    SARDU multiboot screen

    The advantage of installing SARDU on USB is you can do incremental updates so you don’t need to go through all the steps again every time you want to update a single ISO image. If you’re afraid that you will be facing computers with old motherboards that cannot support booting USB, you can always use PLoP.

    Although the program’s user interface is in Italian, I’d say that it is still quite easy to use. Anyway, the author of SARDU informed me that he is making a structure to read language.ini for multilanguage support. We can expect an English translation soon…

    SARDU is truly a gem! I just did a Google search on SARDU and it’s weird that not even a single blog out there has mentioned about it but I am very glad to be the first to share it with you… I wished I’d have known about SARDU earlier so me and I believe some of you can reduce the usage of CDRs on burning different rescue disks.

    [ Visit SARDU’s Official Forum Thread ]

  • Getting BIOS information with DMI and CPU Utility

    One and a half year ago I introduce a free utility called CPU-Z which is able to give you comprehensive information on your CPU, as well as chipset and memory. Very useful for computer technicians if they need to identify the CPU, motherboard and memory on a particular computer. Until today I always have the latest version of CPU-Z on my thumb drive and I bring it along whenever I go servicing.

    Today, I’d like to introduce you 2 more FREE utility which is able to give you CPU information and also BIOS information by DMI (Desktop management Interface). A very good alternative if you somehow do not like CPU-Z.


    hiyohiyo, a Japanese and owner of Crystal Dew World website, is the developer for CrystalCPUID and CrystalDMI.

    CrystalCPUID is a CPU utility which is similar to CPU-Z. It supports Windows Vista/2003/XP/2000/NT4/Me/98/95 x86/x64.
    CPU Utility
    As you can see on the image above, it is capable of giving you every bit of information about your CPU. Clicking on function from the menu, you can get CPUID, Cache, BIOS, System, Chipset, PCI Device information. If you’re those people who loves and dares to overclock, there is tool such as Intel SpeedStep Control, AMD K6/K7/K8 Multiplier/Voltage Change, VIA CyrixIII/C3 Multiplier Change and MSR Editor/MSR Walker. All those features are at your OWN RISK! You know overclocking is dangerous and not necessarily good for your hardwares.

    CrystalDMI is another FREE utility which is able to obtain BIOS information by DMI (Desktop management Interface).
    BIOS information
    As far as I see, this utility is somehow similar to CrystalCPUID but it’s more for advance user. Not only it shows your BIOS information, it can also give you:
    – BIOS Information
    – System Information
    – Base Board Information
    – System Enclosure or Chassis
    – Processor Information
    – Memory Controller Information
    – Memory Module Information
    – Cache Information
    – Port Connector Information
    – System Slots
    – OEM Strings
    – BIOS Language Information
    – Physical Memory Array
    – Memory Device
    – Memory Array Mapped Address
    – Memory Device Mapped Address
    – System Boot Information

    Very useful utility and it’s free. Would recommend any computer technician to have this with you. Save you the trouble in opening up the computer casing just to find out what motherboard, cpu and memory the user is using.

    [ Download CrystalCPUID and CrystalDMI ]

  • Linux distro that’s similar to Windows XP

    I found a very new Linux distro called XpressLinux born on October 26, 2006 that’s similar to Windows XP. It might be the perfect distro for a die-hard Windows user who wants to try Linux or have a dual-boot system. Below are the few reasons why I said the above statement.

  • Desktop appearance similar to Windows XP
  • WINE & improved NTFS tools pre-installed
  • If it’s installed over Windows, a link to the Windows drive will appear on the desktop, along with links to My Documents, etc.
  • Show Desktop button (Windows has that)
  • Firefox as the default browser

    • XpressLinux installation guide


    Installation is easy. Once downloaded the ISO image of XpressLinux, burn it to a CD and boot it up. You’ll be brought into Live CD mode and you can double click on the install icon on the desktop and the install will commence. For step-by-step instructions accompanied by screenshots on installing XpressLinux, please visit this site.

    XpressLinux is a free operating system. Unlike Microsoft Windows, you’ll need to pay hundreds for an operating system. You can save money by installing XpressLinux on a computer or laptop that doesn’t have a preinstalled Windows.

    A few reasons on why switch from Windows to Linux?
    1. Stability. It’s not unusual for a Linux system to stay up for months without crashing or having to reboot.
    2. Speed & Efficiency. Linux requires much less RAM & disk space than Windows and will run nicely on systems that are too slow to run the latest version of Windows especially Windows Vista.
    3. Security. There are no known viruses that affect Linux systems.
    4. Software. There’s a huge amount of FREE software for Linux and you can easily install new applications from any of the public software repositories using a simple Software Install tool.
    5. Compatibility. Wine lets you run many of your Windows applications, plus OpenOffice is fully compatible with all Microsoft Office documents.

    As for me, I prefer not to switch from Windows to Linux. I am very used to Windows and still need Windows for a lot of my daily routine. But I do have Linux and Mac OS X on my other partition.

    [ Download XpressLinux ]

  • Kill or End Process Without Getting “This System Is Shutting Down”

    Have you ever kill a process or end a task from your task manager and then you get 30 seconds of countdown before it restarts or shutdowns by itself? When trying to manually remove a virus, the first thing to do is to end the process first before removing it from registry. That’s because some virus are persistent and whenever you remove the auto start entry, it’ll add it back again. Let’s say you are trying to end a task of a running virus from your Windows Task Manager. The next thing you get is a popup that says “This system is shutting down. Please save all your work in progress and log off. Any unsaved changes will be lost. This shutdown was initiated by ComputerName\User. Time before shutdown…

    This system is shutting down. Please save all your work in progress and log off. Any unsaved changes will be lost.

    Here is how to kill or end a process without getting “This system is shutting down” error popup.


    In Windows, one process can potentially spawn or trigger another process to have a child process. If you’ve used Process Explorer before, you’ll know what I mean because it gives you a clear view on that.

    To be able to kill the process without getting your system shut down, use the “End Process Tree” from Windows Task Manager instead of end process. However, if you’re trying to kill a virus process, most probably it has already disabled your Task Manager. When trying to launch Task Manager, you get the error “Task manager has been disabled by your administrator”.
    Task

    Instead of trying to restore Task Manager from registry, you can download a very useful tool called Process Explorer by Sysinternals to do it. Simply right click on the process, and select Kill Process Tree. Alternatively, you can use the keyboard shortcut “Shift+Del”.

    Process Explorer Kill Process Tree

    No more getting “This system is shutting down” error when trying to kill a virus process.

    [ Download Sysinternals Process Explorer ]

  • Bypass, Remove and Disable Windows Genuine Notification

    Yes, I know you’ve read this in hundreds of websites and most of the methods to bypass, remove and disable Windows Genuine Notification are from Amit Agarwal Blogspot. This post is going to be different because I’ve discovered a much simpler way to do it! This method also passes Windows Genuine Advantage Diagnostic Site.

    There are 3 types of notification messages that you might get if you’re using a pirated version of Microsoft Windows XP provided you’ve installed KB905474 update.
    The following notification messages will appear on computers that are running a copy of Windows that has failed the Windows Genuine Advantage validation process:


    1• Logon notification
    When you log on to a non-genuine copy of Windows XP, you receive the following logon notification error message:
    You may be a victim of software counterfeiting. This copy of Windows is not genuine and is not eligible to receive all updates and product support from Microsoft.
    Click Get Genuine now to get more information and resolve this issue.
    Bypass, Remove and Disable Windows Genuine Notification
    When you receive this message, you have the following two options:
    • You can click Get Genuine to start the Get genuine Windows process.
    • You can click Resolve Later. If you use this option, an icon will be available in the notification area that you can double-click to start the Get genuine Windows process.

    2• Balloon notification
    After you log on to a non-genuine copy of Windows XP, you receive a balloon notification message in the notification area that is specific to the validation failure. You can click the balloon notification or the notification area icon to open the Windows Genuine Advantage Validation Failure Web page. This Web page gives you the specifics of the validation failure and the steps that you can take to make the operating system genuine.
    Bypass, Remove and Disable Windows Genuine Notification

    3• Desktop banner text
    If you use the Resolve Later option, the following banner text appears on the locked desktop:
    This copy of Windows is not genuine.
    You may be the victim of software counterfeiting
    Bypass, Remove and Disable Windows Genuine Notification

    I’ve discovered a more easier way to bypass Windows Genuine Notification and at the same time, able to use Windows Update!
    A little reminder that bypassing, removing or disabling Windows Genuine Notification is WRONG! This is for your educational purposes.

    Follow the steps posted here and the Windows Genuine Notification nag will stop after a restart. You can also use Windows Automatic Updates and also will have no problem in downloading files from Microsoft site.
    It only involves replacing ONE file. It’s that simple 😉

  • Mozilla Firefox 1.5.0.3 is official!

    Mozilla Firefox 1.5.0.3
    Few days ago Mozilla Firefox 1.5.0.3 installer was found on their FTP but they have not announced it on their website yet.
    Today, Mozilla Firefox 1.5.0.3 is oficially released and it contains only 1 but very important security fix for denial of service vulnerability.

    Title: Deleted object reference when designMode=”on”
    Impact: Critical
    Date: May 2, 2006
    Reporter: Martijn Wargers, Nick Mott, splices
    Affects: Firefox 1.5
    Fixed in: Firefox 1.5.0.3

    Description
    Martijn Wargers and Nick Mott each described crashes that were discovered to ultimately stem from the same root cause: attempting to use a deleted controller context when designMode was turned on. This generally results in crashing the browser, but in theory references to deleted objects can be abused to run malicious code.
    “splices” reported the same crash at the fan site MozillaZine and on Bugtraq, incorrectly describing it as a buffer overflow.
    Older clients, including Firefox 1.0.x and the Mozilla Suite 1.7.x, are not affected.

    Workaround
    Temporarily disable JavaScript until you can upgrade to a fixed version. (Now you have a fixed version, so you don’t need to temporarily disable JavaScript.)

    [ Download Mozilla Firefox 1.5.0.3 ]

    P/S: For your info, I’ve also found Mozilla Firefox 1.5.0.4 on Mozilla’s FTP 😉

  • Easily Turn your Laptop into Wireless Access Point in 3 Steps without Installing any Software

    Some hotels only provides an Internet connection via wired LAN and only some parts of it has wifi connection. If you urgently need a wifi in your room for your smartphone to get online, one solution is to make use of a laptop that is running on Windows 7 and turn it into an access point or wifi hotspot so that your smartphone can connect to your laptop and get the Internet connection from there. It may sound difficult but in fact it is very easy as all you need to do is visit a website, fill up the form, click a button and perform a simple Internet Connection Sharing configuration. Other than that, the computer must have Java installed. If you haven’t noticed, I did not say anything about download or installing any third party software to do this.


    First you need to make sure that the following requirements are met:
    1. The computer gets the Internet connection from wired LAN
    2. The computer has a wireless adapter
    3. The computer is running Windows 7
    4. The computer has Java installed

    Follow the steps below to turn your computer into an access point or hotspot.

    1. Open http://www.virtualaccesspoint.com/ page from your web browser and click on the Run button when asked if you want to run the application. Type in the SSID and the password key with a minimum length of 8 characters. Click the “Turn On Soft AP” button.

    Virtual Access Point

    2. You will be prompted by UAC to run turnonvp.bat file. Click the Yes button. A command prompt window will appear automatically running a few commands. When it is done, you can press any key to close the cmd window.

    turnonvpsc

    An additional Wireless Network Connection 2 using the Microsoft Virtual WiFi Miniport Adapter will be automatically created in Network Connections. The access point which you’ve just created is now visible and can be connected with the correct key. However one more step is required in order for the connected device to use the Internet connection.

    Additional Wireless Connection

    3. Go to Control Panel > Network and Sharing Center > Change adapter settings. Right click on Local Area Connection and select Properties. Go to the Sharing tab and check “Allow other network users to connect through this computer’s Internet connection“. Then at the “Select a private network connection” drop down menu, select Wireless Network Connection 2 and click the OK button to close the Local Area Connection Properties window.

    Internet connection sharing windows 7

    You can now use your smartphone or any device that has wifi connectivity to connect to the SSID which you’ve just created from your computer. To remove Wireless Network Connection 2 from Network Connections, go to Control Panel > System > Device Manager > Expand Network adapters > right click on Microsoft Virtual WiFi Miniport Adapter and select Uninstall. Creating a virtual access point can’t get any easier than this. It’s free and don’t require to download or install any third party software.

    Visit VirtualAccessPoint.com

  • Free Computer Live Help & Tech Support from Raymond.CC

    Fact: 98% of all personal computer problems are software related, this means that in almost all cases the computer technicians don’t need to physically “touch” your machine.

    Free Computer Live Remote Help

    Starting from tomorrow onwards, I will be providing FREE computer live help to people who are having problems with their computers. Doesn’t matter if it is a virus or spyware problem, Windows error, missing system files, or even you don’t know how to burn a CD, I will try my best to fix them or guide you on how to do it. Actually this idea has been on my mind for a very long time (more than a year) but I’ve never got the time to start the ball rolling. I already have a forum with many helpful members but sometimes it is tough understanding the user’s computer problems as they are probably beginners and it is not easy to describe the problem.


    I am not really comfortable in giving out my instant messenger contact to everyone because I know it’ll be flooded by newly added contacts, so this is how its going to work. You will need to go to the Live Support page. If I am online and available to provide live help, the button will show “Online“. Click on the button and you will be in queue if there is someone who came before you. If the button shows Offline, you don’t need to constantly refresh the page because the button will AUTOMATICALLY update if I changed my status to Online. Once your turn is up, we can chat without you installing any software. This is all done with the brilliant Live Help software which I’ve bought for US$119.95.

    If I require to access your computer to fix the problem, you’ll need to download a small and simple TeamViewer QuickSupport, a tiny executable that just has to be started. Just tell me the ID and Password that you see and I will be connected to your computer.

    During your remote repair session YOU will be able to observe all repairs LIVE by watching your screen while I try to solve your problem. Your computer mouse will actually move around on your computer screen right before your eyes. You can even watch and learn! Plus, YOU will be able to assume control at any time and no breach of security is possible. When I am finished, we will permanently remove your connection program and I will be unable to reconnect in future until you tell me your randomly generated password again. This entire process keeps you in complete control at all times, during and after the repair. In short, there is no way for me to reconnect to your computer WITHOUT your permission and you get to know whatever I do on your computer.

    So spread the news, and get free live remote computer help from Raymond at this live support page.

  • MSN Messenger 7.5.0319 QFE Patch (80048820 error FIX)

    I found a leak of the brand new QFE Patch for MSN Messenger.
    The 2.33mb patch updates your MSN Messenger 7.5.0311 version to MSN Messenger 7.5.0319 and comes with the enhancements of improving the sign in process (80048820 error) more thoroughly, as well as the error reporting linked to it.
    MSN Messenger Error 80048820

    Something else that’s been fixed is a bug with emoticon shortcuts via the IME (Input Method Editor) in Korea.
    On a commercial note, the conversation window text ads will show properly on Dynamic Backgrounds from Blue Mountain.
    Finally, build 319 says goodbye to a bug in a DLL that would make MSN Messenger crash if you unplugged a USB device after running the Audio Video Tuning Wizard on that device.


    Because this QFE Patch hasn’t been officially released yet and it is thus unsupported by Microsoft, I do not recommend updating until further notice. But if you’re unable to run your MSN Messenger for days and weeks already, you can try updating using the QFE Patch and see if it fixs your 80048820 sign in error.

    Update 19 December 2005: A new full install MSN Messenger v7.5.0322 is out. Please download from this link. It should fix the MSN Messenger Error 80048820.

  • KeePass Review: Pros and Cons of this Password Manager

    Rule number one for using a password is do not repeat using them. If your email got hacked, all your other online accounts will be compromised together because they all use the same password. This is easier said than done because setting a different and complicated password for each online account will only risk forgetting them and then have to go through the time wasting process of resetting it and again, setting a new password.

    One way to solve it is to use a Password Manager software where you can set a really long password with a combination of words & letters and the best part is you don’t even have to remember it. All you need to do is to remember a single Master password and “rely” on the password manager to help you login to the other sites. Definitely sounds good but let us think of the real danger in using a password manager. What IF your master password gets stolen? Wouldn’t that be even more riskier because the hacker has a list of all the sites together with your login information? Today let’s take a look at KeePass, a very popular password manager because it is open source (free) and there are no backdoor secretly embedded to the software.


    KeePass Review
    The Pros of KeePass

    1. Portability
    KeePass has two versions, the installer and portable. Obviously the good thing about the portable version is you can save it on a USB flash drive and carry with you your password wherever you go and able to login to password protected websites on any computer.

    2. Free and Open Source
    KeePass is open source, meaning anyone can download the source code and check if it is truly clean without secret backdoor. Open source also means that it is free. You don’t need to purchase a license or pay subscription fees.

    3. Auto login with TCATO (two channel auto-type obfuscation)
    Auto login is very important because it prevents you from using the physical keyboard in the first place to login which can be captured and logged by keyloggers. The TCATO auto login feature in KeePass is smart enough to confuse the keylogger by using the Windows clipboard to transfer parts of the auto-typed text into the target application. I’ve tested it and the keylogger only managed to capture keystrokes like [Back][Left][Left][Right][Right]. Unfortunately the TCATO feature must be manually enabled because it is disabled by default. You can do so by editing an Entry, go to Auto-Type tab and check on Two-channel auto-type obfuscation.

    4. Works on all browsers without plugins
    KeePass is an independent software and works without installing any plugins to the web browser.

    The Cons of KeePass

    1. No on-screen keyboard
    In my opinion this is probably the most important missing feature on KeePass. When you run KeePass, it prompts you to enter the Master Password. That most important password CAN be captured by keylogger and now all the hacker need to do is to download the KeePass database file saved as Database.kdb (for v1) or NewDatabase.kdbx for v2 and above to obtain all your password. Do note that the OSK on-screen keyboard plugin for KeePass v1 uses the Windows on-screen keyboard which CAN be keylogged. Yes, the Windows On-Screen keyboard is useless and doesn’t outsmart keyloggers.

    2. Unsecure Windows Clipboard Handling
    It is stated that KeePass has protection against clipboard monitors but during testing the keylogger is able to log the clipboard when I double click on a field of the password list to copy its value to the Windows clipboard.

    3. No online service
    KeePass don’t come with an online service to sync your password or to even check what is your password. The password file is always kept locally on your side.

    KeePass is great especially the TCATO technology. However until KeePass implements an on-screen keyboard to enter Master Key, I wouldn’t recommend anyone to use it. There is no point in making something easier but comes with a huge risk.

    [ Visit KeePass Official Website ]