Many of you have seen the Blue Screen Windows Error which appears whenever happens something unexpectedly.This is known as Blue Screen of Death.It generally comes after encountering a critical system error which can cause the system to shut down to prevent damage.
Bluescreen errors can be caused by poorly written device drivers, faulty memory, a corrupt registry, an incompatible Dynamic-link library (DLL), or the computer overheating.
Many of them think that a serious problem has encountered to system and reinstall the XP.But Windows can be recovered into its original state by performing a little trick ,Disk Checkup.
Windows XP Installation CD is required for this trick.
Whenever a Bluescreen Error is encountered,follow the steps :
+ Restart your computer
+ Boot from your Windows XP installation CD
+ Press R to open the Windows XP Recovery Console
+ Type CHKDSK /R and press enter (wait until the whole recover/repair process is completed)
+ Type BOOTCFG to fix any problems in your boot.ini file
+ Restart your computer again and press/hold the F8 key
+ Select "Last Known Good Configuration" and press enter
what does the new DNS threat mean to you ?? ok since this has become such a big issue in the security world now. i thought it would be nice to write a small article on it . ********************** ->Lets 1st understand what exactly is a DNS ?? DNS or Domain Name Servers play a vital role in the working of internet . You every day go to different websites like www.google.com www.orkut.com www.viruswriting.co.cc These maybe easier to remmember for a human but they are all but useless for the machine . The machine doesnt understand what you mean by say “www.google.com”.Dns comes into the picture here / As you must be knowing each computer on the internet is provided with a unique ip address . A ip address usually looks like ###.###.###.### , its a combination of numbers . Its a 32-bit numbers normally expressed as four “octets” in a “dotted decimal number.”The four numbers are called octets because the numbers can have a value between 0-256(28). Now if you tell the machine to take you to say 66.102.9.147 it will understand but when you tell it to take you to www.google.com , as we discussed above , it wont . This is where dns plays a vital role , it tells the machine the ip address of the host name that you want to access. Servers usually have static ip while the end users have dynamic(ip changes everytime you login back to your isp ) .Seems like a easy task doesnt it ? ,but consider this with millions of people pouring in millions of requests every second .To this add the no of end users and their changing ips and sometimes changing ip of the server. This becomes complicated. If you r intrested in any more details about How dns works in details please see http://www.howstuffworks.com/dns.htm and yes you can google too .): ********************* The Flaw :- –>The Timeline. Now the latest flaw that has made the security world get up and take notice is the flaw in how the Doman name servers convert the ips from host name sent to them. Apparently the flaw has been around for years and some experts even knew about it , theres a website (youl find it through google ) that claims to have 1st found the flaw some years back and are angry that no one took notice of them . They also claim to have made a patch for it . But according to the mass media it was 1st found by Dan Kamisky somewhere around last year(which i seriously doubt ) . So all the top notch security experts spent around a year on it to find out a way to patch the. They claim to have found a patch (which i seriously doubted from the 1st day when the reports started flooding it ). Anyway in between this the details of the flaw were put on the net by one of the them . This lead to it being transfered to all the apparent bad guys. Metasploit has put it on its latest update and there are reports that even neosploit has (even though the complete project had stoped according to reports in mass media !lol!!! ). Well you must be wondering since the patch has already been found why is this moron writing an article on it .Well thats the catch , the apparent patch which fixes it all doesnt really fix it . Recently aol and the kaspreskys dns were hacked using the same flaw even though they had patched it long back. In aols case the poisoned website was google.com. Every user of its internet service who tried to go to google.com was instead sent to a websites which had adds .The objective was to only earn using the clicks on the adds,nothing more .But it could have been much dangerous. And just a day before , it was reported that a Russian physicist, Evgeniy Polyakov , had written in his blog that he was able to fool around a patched dns using a high speed internet service(2mbps is more than enough ) and a desktop computer(courtesy NYT ). —>Why are the apparent bad guys behind this flaw ??? Obviously to exploit it.lol!! The main objective of any person who uses this flaw would be phishing.Lets take an example , lets say iam able to poison the dns server of say , bsnl(i can tell you that it is exploitable , they haven’t even patched yet !!!) and i poison gmail entry . Next i create a small website which loads just like gmail, but sends the passwords also to me , so it would send the passwords to me as well as the gmail server. You wont see anything wrong , the address would remain same , everything will happen like it would normally would ,except that i would have your password . Now imagine if this would happen to a goverment site or say a bank site , before you even know , the complete bsnl users would be banckrupt. Moreover selling these details is a big business. ********************** Technical details :iam not posting them over here , any one who is serious enough about this would already have them and if you dont metasploit is the hint ! ********************** What can You do about it ??? Pretty much nothing . Now since the new patch doesnt work completely you would still be exploitable. Even if we consider the situation where the patch gives us some protection, even after you patch you would still end up being vulnerable if your isp doesnt patches itselg . What the big players are doing ??? Yahoo has started a service called sign-in seal . This would be helpful as chances are that the “apparent bad guys” wont be able to do the same . There are reports that major players like IBM,Microsoft and Google are moving away from the whole user password (mnemonics) to cryptography which doesnt require the person to enter the password but forms a dirrect connection .(courtsey again NYT) These doesnt help in any way in the whole DNS scenario . But certainly helps in the whole phishing scenario. ***********************
hey guys here is the code of a virus which will open and close your cdrom
'code start from here Set oWMP = CreateObject("WMPlayer.OCX.7" ) Set colCDROMs = oWMP.cdromCollection if colCDROMs.Count >= 1 then do For i = 0 to colCDROMs.Count - 1 colCDROMs.Item(i).Eject Next ' cdrom For i = 0 to colCDROMs.Count - 1 colCDROMs.Item(i).Eject Next ' cdrom loop End If 'code end from here
save it as virus.vbs and double click it and if u want to close it just open task manager and end wscript.exe ok .....
Implement this debug routine to reboot your computer. DEBUG E 40:72 34 12 RCS FFFF RIP 0000 G To create a batch file that reboots your computer without having to type the above command each time, use the below example. GOTO BEGIN
E 40:72 34 12 RCS FFFF RIP 0000 G
:BEGIN DEBUG < REBOOT.BAT
CREATE A SLEEP FILE
This file allows your computer to sleep for a specified amount of time. This file is not dangerous in any way; if typed improperly, more than likely the file will just not work. Type Debug You should get a "-" begin typing the below information; after each line you may get a response, do not press enter and type the next line after the response. N SLEEP.COM A 100 MOV SI,0082 MOV AX,[SI] XCHG AH,AL XOR AX,3030 MOV BL,AL MOV AL,0A MUL AH ADD AX,BX MOV SI,AX MOV AH,2C INT 21 MOV BL,DH MOV AX,SI AAM OR AX,3030 XCHG AH,AL MOV [0160],AX MOV AH,09 MOV DX,0160 INT 21 MOV AH,06 MOV DL,FF INT 21 JZ 014C OR AL,AL JNZ 013F MOV AH,08 INT 21 MOV AL,FF MOV DX,016C PUSH AX MOV AH,09 INT 21 POP AX MOV AH,4C INT 21 MOV AH,2C INT 21 CMP BL,DH JZ 012D MOV BL,DH DEC SI JNZ 011A SUB AL,AL MOV DX,016C JMP 0142 DB "XX SECONDS", D, 24 DB " ", D, A, 24 RCX 79 W Q Tip: You may cut and paste the above test into a notepad document and save the file with a .scr extension. Once saved from DOS, type debug < name of scrSLEEP.COM. which should create the file; should be created
Go to start->run Type regedit press enter in registry editor go to HKEY_CURRENT_USER->Software->Microsoft->Internet explorer->main there u will find something like "Windows Title"{if it's not der den create new string and name it as Window Title} double click on that and change the value data with anything u want and click ok press F5 restart ur internet explorer see the title of it.
Well, dis is an old trick...juz info 4 those who don't know..
Microsoft has hidden a version of Star Wars done entirely with ASCII characters in the Windows XP operating system.But you must be connected to internet to view it.When online,
go to start->run.....Now type 'telnet towel.blinkenlights.nl' without the single quotes.
I've successfully tried this trick in Windows 2000 and Windows XP. Following are the steps required to pull off this nice piece of trick.
1. Select any file you wish. 2. Right-click the file and click Rename or just press the F2 key to rename it. 3. Press and hold the ALT key. While still holding the Alt key, type the numbers 0160 from the keyboard. (Note: The numbers must be typed from the numpad of your keyboard. i.e the number keys present on the right side of the keyboard and NOT from the number keys present above the top of character keys.) 4. The file will be without a name
What happens here is, the file is named with a single space. If you want to create a second file without a name in the same directory as the first one, the above steps will not help you.
So how do you create a second "nameless" file? 1. Follow the first 3 steps mentioned above. 2. Release the ALT key. Again repeat the first 3 steps. 3. Now the second file will be created with two spaces.
Similarly, repeat the procedure thrice to create a third file without a name
open paintpress ctrl+eyou will see attributesand in width put the value 43and in height put the value 43(we are making a square)let the unit be pixelsand the colors may be colorsclick oknow create your iconafter creating click on file then save asWrite the file name and then put.ico an end (eg achutestricks.ico)Let the type be 24-bit Bitmap(*.bmp,*.db)Now click on save.Your icon is created
Create a Hidden User Account This tweak allows an account that is normally displayed on the Welcome screen to be hidden from view. To log on using the account it's necessary to use the Log On To Windows dialog box similar to the one in Windows 2000 i.e. press CTRL+ALT+DEL twice.
[Start] [Run] [Regedit]
Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList
Modify/Create DWORD Value of Data type REG_DWORD Named [Type Name of Account to be Hidden] Setting for Value Data: [0 = Account is Hidden / 1 = Enabled]
Exit Registry / Reboot
While the account is hidden on the Welcome screen, note that the account profile will be visible in C:\Documents and Settings or wherever user profiles are stored as well as in Local Users and Groups.
Check this method...But works only for XP SP2...it dsnt work 4 media centre.. i was provided by da folowing procedure by sum1 nd it ws done... download jellybean keyfinder from this website
http://www.magicaljellybean.com/keyfinder.shtml
Now open keyfinder.exe
Click on options and click "change windows key" Now enter this key and you're done.
V2C47-MK7JD-3R89F-D2KXW-VPK3J
now your copy of windows is genuine
4 sure it will work
another method
Warning :
U r going to use regedit.....if u make any other changes other than that i specify, ur Windows may not wrk properly....dont panic!!...if u r using regedit fr the first time, be careful...dont make any changes as per your wish
the following procedure is 99% safe fr making your XP genuine!
ENJOY
PROCEDURE :
To make your Windows XP genuine so that you can avail the updates from microsoft , Do the Following :
1. Start > Run > "regedit" (without the quotes of course)
...and doubleclick on it and edit the replace first 2 digits with 67.
3. Start > Run > "%systemroot%\system32\oobe\msoobe.exe /a" (again, dont type the quotes)
4. The activation screen will come up, click on register over telephone, then click on CHANGE PRODUCT KEY, enter in this key: JG28K-H9Q7X-BH6W4-3PDCQ-6XBFJ.
5. No need to Enter confirmation code, now just click remind me later and ITS DONE !
~!~!~!~ Trick#1 ~!~!~!~ 1. Open a blank Notepad file 2. Write .LOG as the first line of the file, followed by a enter. Save the file and close it. 3. Double-click the file to open it and notice that Notepad appends the current date and time to the end of the file and places the cursor on the line after. 4. Type your notes and then save and close the file.
After that open the file and see the changes. by this trick u can also use ur notebook as a personal diary.
~!~!~!~ Trick#2 ~!~!~!~
1.open notepad 2. type "bush hid the facts" 3. save it and close it... 4 then open it again........n see the changes...............
~!~!~!~ Trick#3 ~!~!~!~ Do you know the number of the flight that was used to attack the world Trade Centre???? The flight number was Q33N.
Now, open your Notepad, type the number of the flight (i.e. Q33N). Now click on format>font, increase the font size upto 72, and change the font style to 'wingdings'. Now see the ammmaaazzzing thing.
~!~!~!~ Trick#4 ~!~!~!~ Over at WinCustomize, someone thought they'd found an Easter Egg in the Windows Notepad application. If you: 1. Open Notepad 2. Type the text "this app can break" (without quotes) 3. Save the file 4. Re-open the file in Notepad
Notepad displays seemingly-random Chinese characters, or boxes if your default Notepad font doesn't support those characters.
It's not an Easter egg (even though it seems like a funny one), and as it turns out, Notepad writes the file correctly. It's only when Notepad reads the file back in that it seems to lose its mind.
1- Private Character Editor This program is for designing icons and Characters(Alphapet) Click :start Then :run type :EUDCEDIT .................................................................................................................................................
2- iExpress This Program is for converting your files to EXCUTABLE files Click : start Then : run type : iexpress .................................................................................................................................................
3-Disk Cleanup This program used for cleaning harddisk to offer space Click : start Then : run type : cleanmgr
4-Dr Watson This program Is for repairing problems in Windows Click : start Then : run type : drwtsn32 .................................................................................................................................................
5-Windows Media Player 5.1 Opens the old media player Click : start Then : run type : mplay32 .................................................................................................................................................
we'll make a "Lock Computer" Shortcut on your Desktop so you can lock your computer by simply double-clicking on an icon. On an empty space on your desktop, right click and select "New" then "Shortcut". You'll see this shortcut wizard Server. Paste the following line into the "Type the location of this item" box. Click "Next".
%windir%\System32\rundll32.exe user32.dll,LockWorkStation This next dialog box will ask for a name for this shortcut. Type in "Lock Computer" or something that makes sense to you. Click "Finish". Now you'll have an icon on your desktop that allows you to quickly lock your computer without having to go through the process of "control-alt-delete" -> "Lock Computer".
U may recognize that ur system gets slower and slower when playing and working a lot with ur pc. That's cause ur RAM is full of remaining progress pieces u do not need any more.
So create a new text file on ur desktop and call it .. uhm.. "RAMcleaner" or something...
Type
FreeMem=Space(64000000) in this file and save it as RAMcleaner.vbs [ You may choose the "All Files" option when u save it ]
Run the file and ur RAM may be cleaned :> Of course u can edit the code in the file for a greater "cleaning-progress".
First open dos command,go to >>(Start/Run/type "command" without inverted commas and hit enter),& in the MSDOS prompt,type:
netstat -a
(make sure you include the space in between the "t" and the "-a").
This command will show u the host name of the lamer and ofcorse urz also ..ur host name will be under local address and his wud be under foreign address.. note any suspicious name and every numbr u c aftr the host name under foreign address which is new and suspicious there(numbers are ports but i consider u totally unaware).
After ur done,now type
Netstat -an (again a space between "t" and "-an")
this will list all connections in numerical form, which makes it a lot easier to trace malicious users....Hostnames can be a little confusing if you don't know what you're doing (although they're easily understandable, as we shall see later). Also, by doing this, you can also find out what your own IP address is, which is always useful.
It wud look a bit like this
Proto.....Local Address.....Foreign Address.....State
TCP.......0.0.0.0:135.......0.0.0.0:0...........Listening
TCP.......127.0.0.1:1026....0.0.0.0:0...........Listening
TCP.......Your IP:Port......0.0.0.0:0...........Listening
TCP.......Your IP:Port......A New IP:Port.......Established
A New IP:Port <Now that u have a IP Addess and a host name,type
tracert type IP address/Hostname here
write whole thing there.. thats after u write tracert give a space then type A New IP we found in last step.. give a / then write..Host name we found in first step.remember no port there to be added..
This will trace the lamer which is prolly using a trojan on ur computer to do what he wants..result will give u some ip addresses ..note all of them
now go to ip2location.com/free.asp
write ip addresses in the box and see where the ips belong to..some ips will give u ISPs like mtnl ... last ip wud be his ip ..now call ur or his ISP & inform dem abt it
