Life is Good, life is beautiful! Trojan Horse Attack Using Email Attachment

Today I receive an email with the title "Life is good, life is beautiful"..Guest what? It's an email with a trojan horse attached. Luckily my antivirus scanned it first and found it.

The attachment is bsaver.zip and the sender will say something like 'look at this beautiful screensaver in your attachment'. Well, if you don't have any email scanner, then you will be in a big trouble. However, if I'm not mistaken, as long as you don't download the attachment, you're safe from this threat.

Therefore, my advice, don't open any email attachment from someone you don't know without scanning it first. If you don't have any email scanner, use Avast! Antivirus, it has email scanner and the detection rate is good.

So, be careful of this email.

Things You Should Know When Downloading Files From The Internet

So, you are a new member of some underground forum which you have found from a friend. Suddenly, you find links to some warez software or some movies that you want to buy yesterday. But because of your empty pocket, you cancelled it. Then you download the files but it turns out to be a virus or spyware.

What I want to tell you here is just for information purpose. I don't recommend you guys to download illegal software or movies. But, this is The Internet, people can download whatever they want. Not just warez software, but downloading any files from the internet can become very risky if you don't know what you're downloading.


When downloading any files from The Internet, the safety and the security of your computer are important. You don't want to download any viruses or spyware to your computer. Therefore, I'm going to give you some advice on how you can keep your computer spyware-free when downloading files from the internet.

First, you need to look out for the file extension. Sometimes, files with .exe extension are viruses. But not all of them. So, when you've finished downloading the .exe extension files, scan the files with whatever antivirus you have. If you don't have any antivirus, GET ONE NOW.

There are lots of free antivirus out there. Go to download.com and search for Avast Antivirus or AVG or Antivir Personal. Download one of these antiviruses and scan the files.

Second, you need to look out for its size. Let's say you know that the software file size is 15 MB or 18 MB. But, the file that you want to download from the suspicious website is around 256 KB. This file might be a virus. Because the size is just not right. If you don't know what your file size is, search for it first on Google and look for its file size on different web sites.

If you've opened 20 sites and all the sites showing the same size, it might be the correct file. But, there is no guarantee because maybe all the files are a virus. However, this is unlikely to happen. But just be careful.

Third, use a firewall on your computer. Because, if the files you've downloaded is a threat, it will attempt to send personal information about you or download a software from the internet.

By having a firewall, you can block it. I use COMODO Firewall Pro. It's a good firewall and it's free.

So, you need to know these things if you want to download any files from the internet. Downloading files from The Internet is easy. However, many people are trying to take advantage of this by uploading viruses, spyware and such. Before this people know your credit card number, you better protect your computer from any threats.

IESMN.EXE , IESMIN.EXE Removal Instruction , Video Activex Access Removal

This is the removal instruction for IESMN.exe and IESMIN.exe. These two processes are part of 'video activex access' files located in your program files folder. You cannot delete this folder because everytime you're trying to delete it, Windows cannot delete it because the file is in use.

But, there is a step on how you can remove this spyware safely.

A pop-up will always appear on your desktop asking you to update your security because there is a virus or spyware on your computer. However, the truth is, the 'security update' is the spyware.

So, if you just follow the pop-up instruction and download the 'updates', you will get infeccted by this spyware.

It will install a 'security toolbar' on your Internet Explorer and it will change your homepage. I've helped my friend get rid of this spyware from his computer and I will explain how I done it.

First of all, I downloaded Spybot Search and Destroy to my friend's PC because my friends PC don't have this software. After I downloaded it, I immediately update the Spybot Search and Destroy.

Then, I ran it and clean every threat that it found. However, doing this step will not clean your computer thoroughly. The pop-up asking you to update your 'security' will always come out. You need to download two more software, HijackThis and SmitFraudFix. Just google these software and you can find a lot of places to download it.

Then, run the HijackThis and find any entry that has 'video activex access' and iesmn.exe or iesmn.exe. However, please be careful when deleting entries from HijackThis. Ask an expert if you don't know what to do. This step can affect your computer. Therefore, I advice you to ask an expert first. I'm just telling you this for information purpose.

If you don't want to run the HijackThis or if you don't know what to do when HijackThis finish scanning, then you can choose to run SmitFraudFix. You can run the SmitFraudFix also if the pop-up hasn't disappeared.. Google and download it, after that restart your computer and when you see 'press to run setup' or something similar, press F8 and choose safe mode.

Safe mode will make your computer to run only the essential programs and you can delete the spyware or any virus safely. In the safe mode, run the SmitFraudFix and choose clean registry.

When you're done, you will no longer see the 'security update' pop-up. I've done this steps and it works perfectly. So, I thought you can try it too.

Task Manager Is Disabled By Administrator, Folder Options in Tools is Missing , Cannot Run Regedit,

"Task Manager Is Disabled by Administrator"

Are you having this problem when you're trying to open your task manager?

Other than this problem, Do you have a problem opening your registry? Folder option in tools is missing?

I'm not so sure if there are other reasons in why this is happening. However,when I did the steps below, these three problems were fixed.

First of all, you need to download HijackThis. Just google it and download. Then, see the entries and if you see something similar like the entries below:

F2 - REG:system.ini: Shell=Explorer.exe RVHOST.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1

Delete these two entries. However, please ask an expert if you're not sure about this. Go to a computer tech forum, introduce yourself, and ask them about your HijackThis log..But, make sure you post it under HijackThis log section.

After you delete the two entries, open the 'Misc tools' section and 'open process manager'. See if there is any "Rvhost.exe" process running. If there is, stop the process, if there isn't, then you can proceed to registry editing.

*Warning!: Editing your registry and opening your windows folder should not be done unless you know what you're doing. I will not be responsible for anything that will happen after you do this step

Open your registry by typing 'regedit' in start->run, go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies and search for something like 'NoFolder Option' in explorer. Then delete the entry. Exit your registry.

Go to your windows folder and open the system32 folder (E.g. C:\Windows\System32\) and find 'rvhost' file and delete it. Then,restart your computer.

After doing this method, you will be able to access your registry, your folder option will be visible and you can open your task manager.

Try this method and see if it's working.