StechkOv's Blog

Binary

2008-05-08T19:18:00.000-07:00

The Alphabet in Binary Code

Letter	Binary Code
A	01000001
B	01000010
C	01000011
D	01000100
E	01000101
F	01000110
G	01000111
H	01001000
I	01001001
J	01001010
K	01001011
L	01001100
M	01001101
N	01001110
O	01001111
P	01010000
Q	01010001
R	01010010
S	01010011
T	01010100
U	01010101
V	01010110
W	01010111
X	01011000
Y	01011001
Z	01011010

Letter	Binary Code
a	01100001
b	01100010
c	01100011
d	01100100
e	01100101
f	01100110
g	01100111
h	01101000
i	01101001
j	01101010
k	01101011
l	01101100
m	01101101
n	01101110
o	01101111
p	01110000
q	01110001
r	01110010
s	01110011
t	01110100
u	01110101
v	01110110
w	01110111
x	01111000
y	01111001
z	01111010

Mystery on History...What a Coincidence!

2008-05-06T05:06:00.000-07:00

History Mystery

Have your history teacher explain this?

Abraham Lincoln was elected to Congress in 1846.
John F. Kennedy was elected to Congress in 1946.

Abraham Lincoln was elected President in 1860.
John F. Kennedy was elected President in 1960.

Both were particularly concerned with civil rights.
Both wives lost their children while living in the White House.

Both Presidents were shot on a Friday.
Both Presidents were shot in the head

Now it gets really weird.

Lincoln 's secretary was named Kennedy.
Kennedy's Secretary was named Lincoln .

Both were assassinated by Southerners.
Both were succeeded by Southerners named Johnson.

Andrew Johnson, who succeeded Lincoln , was born in 1808.
Lyndon Johnson, who succeeded Kennedy, was born in 1908.

John Wilkes Booth, who assassinated Lincoln , was born in 1839.
Lee Harvey Oswald, who assassinated Kennedy, was born in 1939.

Both assassins were known by their three names.
Both names are composed of fifteen letters.

Now hang on to your seat.

Lincoln was shot at the theater named 'Ford.'
Kennedy was shot in a car called ' Lincoln ' made by 'Ford.'

Lincoln was shot in a theater and his assassin ran and hid in a warehouse.
Kennedy was shot from a warehouse and his assassin ran and hid in a theater.

Booth and Oswald were assassinated before their trials.

And here's the kicker...

A week before Lincoln was shot, he was in Monroe , Maryland
A week before Kennedy was shot, he was with Marilyn Monroe.

Did You Ever See A Dog Like This???!!

2008-05-06T04:50:00.000-07:00

The Hulk Dog....
The Very Very Muscular Big Wendy

This has been a Rare genetic mutation which increases muscles, weight of this sleek breed!
=================
Monday, June 25, 2007
People mistake her for a pitbull with a pinhead, but Wendy the whippet is one rare breed.

So rare that the Central Saanich dog recently graced the New York Times. She also had several of her photos shown on The Today Show, all because of a rare genetic mutation that has led to her being the Incredible Hulk of dogs.

Wendy is a 27-kilogram rippling mass of muscle. Forget the so-called six-pack stomach: Wendy has a 24-pack. And the muscles around her neck are so thick, they look like a lion's ruff.

Wendy the Whippet has a genetic disorder that has resulted in an exceptionally muscular appearance.
Bruce Stotesbury, Times Colonist

"People have referred to her as Arnold Schwarzenegger," says doting owner Ingrid Hansen, stroking Wendy's sleek black coat and white chest.

Wendy was recently part of a genetics study done in the U.S. on mutation in the myostatin gene in whippets, which resemble greyhounds in appearance. The National Institute of Health study reported that whippets with one single defective copy of the gene have increased muscle mass that can enhance racing performance in the breed, known for speeds up to 60 kilometres an hour.

But whippets with two mutated copies of the gene become "double-muscled," like Wendy. It has been seen before in one human, and also in mice, cattle and sheep, says the study.

The uber-muscled whippets are called "bullies," not because of their nature -- Wendy likes nothing better than a good back scratch and isn't shy about sitting in your lap to ask for one -- but because of their size. She's about twice the weight of an average whippet, but with the same height and small narrow head -- and the same size heart and lungs, which means she probably won't live as long as normal whippets.

Hansen has had Wendy, now four, since she bought the dog from a Shawnigan Lake breeder when she was eight months old.

Wendy landed in clover. She lives on an acreage, runs around with other dogs and horses, sleeps on Hansen's bed and pretty much anywhere else she wants to.

People are often afraid when the muscle-bound dog runs up to them on her dainty whippet-thin legs, but they soon realize she's friendly, Hansen said.

Featured Instructable #1

2008-02-16T05:42:00.000-08:00

40$ USB super telescope, easy to make, sees craters on the moon

40$ USB Spy Telescope - video powered by Metacafe

ere's what you need:

1. A webcam (I used a quickcam 4000 from logitech I still had)
2. A telelens, the more focal length the more magnification you'll get, the lens I'm using here is 80-210mm, you can get them at ebay starting from 12dollars. Many people have old tele lenses left from the analog camera era so there are plenty of them on the web.
3. Some standard pvc plumbing materials: pvc pipes, a diameter adapter to fit different diameters and some end caps. What you need precisely depends on your lens. More details on this can be seen on the next steps.
4. It's not part of the telescope itself, but it is important to have a tripod since the magnification is very large so any movement will ge greatly magnified. So without a tripod as a stable base, you won't be able to use your telescop

Connect the webcam to the lens
First you need to take the webcam apart until you're left with the pcb and the microphone and button. Unscrew the original lens of the webcam and remove it completely.

Next you have to go to the local hardware store and find the pvc part that fits your lens or gets very very close to fitting so you can easily fill up the gap with some tightly wound tape. I made 2 of these telescopes and didn't have problems finding a perfect match, but that could just be luck. You'll also need an endcap for this phase.

Make a hole just as large as the optical tube of the webcam exactly in the middle of the endcap. It must be exactly, or performance will reduce. Now you can put everything together. Fit the adapter to the lens, put on the endcap (I needed an extra piece of pipe to reach the endcap diameter) and put the webcam in. The hole in my encap was to tight I could just lock the webcam in. If yours is a little looser, use some tape. The webcam must be about 3cm behind the rear end of the tele lens.

Now you can try it. Hook it up to a pc and put it on a tripod. Aim at something more than 50 meters away and see if you can focus by turning the focus ring of the tele lens. If you can't, then you must play with the distance between the tele lens and the webcam. You may need to change the length of the adapter a bit. Once this is done, you can glue (or tape) everything together. Make sure that all the parts are perfectly aligned in a straight line, this is also vital for the best results.

Make a housing for the webcam
It's very easy to make a housing, just use 2 encaps and a piece of pipe with a slot for the USB wire. It can all be glued or taped together.

On the pictures, you can see the various stages of assembly. One endcap needs quite a big hole, otherwise the parts on the pcb will touch the endcap tilting the webcam pcb which is bad for optical quality.

Demonstration 1: Weather station
These pictures show the weatherstation on my neighbors house. The first picture is made with my normal photo camera without zooming. The circle shows what the telescope is aimed at. The second and third picture are made with the telescope at 100mm and 210mm zoom setting.

Demonstration 2: Antenna mast at 450m
The first picture is made with my normal camera again. The antenna mast is in the circle. It's 450m away, I checked this with my gps. The second picture is with the telescope at maximum zoom.

Demonstration 3: The Moon!
Here are 2 pictures of the moon.

You can easily see craters and mountains.

I hope you enjoyed this project!

Make Your Own Roll-Up Keyboard...

2008-02-16T05:18:00.000-08:00

Have you ever wanted one of those pricy roll up keyboard but didn't want to spend the money? Here is a quick and dirty way to make your own.

For this project you will need:

1 USB Keyboard
1 Screw driver with interchangable bits
Handful of small project sized nuts and bolts

Using the screwdriver deconstruct the keyboard.

Remove the keyboard's membrane switch pad and control board. The membrane consists of 3 separate layers tacked together.

Using the rubber pad, plate and nuts & bolts, reassemble the membrane to the control board. Make sure that the traces of the membrane line up with the traces on the control board. If your keyboard had a socket and ribbon cable just reinsert the cable and you ready to label the keys.

After the long process of labeling the keys you are now ready to use your roll up flexible keyboard. Using a text editor check to make sure all your keys function. HINT: to save time label only the keys you use most, or learn to touch type :)

Convert your 4th Gen iPod to use Flash Memory

2008-01-15T04:24:00.000-08:00

Convert your 4th Gen iPod to use Flash Memory
We all have or know of someone who has an iPod with a dead hard drive. Of course you can simply buy another drive but you're back to the same power-hungry, failure-prone, fragile rotating media. Instead, upgrade your iPod to use Flash Memory. Sure a hard drive can hold all 30,000 of your songs, but even a 4GB card can hold over 24 hours of music - I usually change out songs often enough that I don't need to carry 20+ Gig of songs at all times.

Before you comment, I know there are a few people out there who have already done the upgrade. I don't claim to be the first to do this but I am the first to write an instructable for it (I think).

Let's get started!

What You Need

1) , you cannot simply replace the hard drive with a flash card. The 1.8" drive and CF interfaces are similar but you will need an adapter to bridge the interface from the card to the HD connector on the iPod.

I purchased the adapter for under $15 from an Asian vendor on eBay. It is not pretty but it works.

2) You will also need some cardboard and some hot melt glue or double sided foam tape.

3) iPod-Opening tools (non-marking plastic tools and/or flathead screwdriver.

5) Your iPod wall charger unit

5) Of course, you will need a fully ATA-Compliant Compact Flash card. Any size will work, but you can now get 8GB cards for under $70 as of this writing. I've had good luck with Transcend and Sandisk. Check the specs, not all cards will work.

Open Your iPod
There are literally thousands of DIY guides and tutorials on how to properly open up your iPod, so I won't go into it here. I will assume that if you're actually willing to do this hack to your iPod you already know or can easily figure out how to open it up.

Remove Hard Drive

Be careful here, don't just yank out the old hard drive!

First, unplug the battery from the circuit board to prevent any accidental shorts.

Next, carefully remove the drive by slowly separating the drive from the connector. Use your fingernails or a small screwdriver to gradually separate the two. A little on one side and then the other until it is out.

Prep and Install the Flash Card
Once the drive is out, use it as a template to cut out a small piece or cardboard. This will take the place of the hard drive and prevent the adapter and connector assembly from bouncing around inside your iPod.

Next, plug in your flash card into the card adapter and plug the adapter into the HD connector as shown.

Use some hot melt glue or foam tape to secure the adapter to the cardboard and the cardboard to the logic board.

Plug the battery back in and get ready to test it!

Test The iPod's Functionality and Restore

Carefully put the iPod pieces back together but don't snap closed just yet.

Plug your iPod into the PC using the dock connector. If iTunes does not automatically open up, do so now.

At this time, iTunes should recognize your iPod and will give you the option to restore the iPod to its original settings. Click OK and wait for it to finish.

Once the restore process is complete, your iPod will display a message telling you that the unit needs to be plugged into its wall charger to complete the process. Plug in the iPod for a few minutes and check to see that your iPod works as it should !

Before And After

Some of the differences between the old HD unit and my new flash version:

iPod now weighs 22% less! 5.5 oz vs. 4.3 oz

iPod is now much more rugged and will no longer suffer from shock-induced hard drive failure.

Oh yeah, I'm still tallying up the battery gains but you can imagine how much less power the CF card will consume compared to the hard drive.

Earn Money In Clicking ADS

2008-01-12T17:11:00.000-08:00

when i saw this one in a blog...lately...
ummm....i think thats 2005...
i tried it and did not get much...
10$ per week is nice right??

you will just have to click and click ads and your earning instant cash...
i dont want to expose mo CCs in Online Shopping websites...
even if it is..hacker protected...

so i tried this one...
i registered in about 4 sites i think...
and now im earning...
almost 30$ per week...
its absolutely amazing!!!

just registered and..

download a program...
booooommmm!!!!!!!!!!!!!

instant cash!!
heres how to make it...

register to paypal...
with a valid email...
use personal acount...
if ask to add CC...just cancel....

and then register to...
TitanClicks
You Will get 0.25 each click thats the biggest one..in my first day...
i got 0.500 in just 5 mins.
it depends if there are many ads many earnings...

DailyClicks
You Will Earn 0.05 each click....
thats not so high but it helps....

Paid
and this you will also get 0.05 per click...

TurboBUX
earn 0.05

Bux.to
earn 0.11 - 0.15 per click

Bux3
just like bux.to

and then...
download the programs here....Autoclickers
and run it...
login in....
and start autoclickin....

2007-11-21T02:46:00.000-08:00

I've just received a good question in Forum on whether she should stop and kill all rundll32 processes...

Previously I've written a guide on how to identify svchost.exe in your Windows and here's another process that might be showing in your Windows Task List but you can never know what is it. The process is rundll32.exe. Rundll32.exe is part of Windows found in Windows\System32 and used to run program code in DLL files as if it were an actual program. DLL files can't be executed directly, that's why it needs rundll32.exe to run it.

Many viruses also use this name or similar names such as 'rundII32' (uppercase i appears the same as lowercase L in many fonts). It's also commonly used by spyware to launch its own code. As you can see at the my Windows Task Manager, I can only see rundll32.exe being loaded and it did not show what DLL is being loaded.

Here's how to identify what DLL files are being loaded in rundll32.exe on Windows XP Professional.

You can use HijackThis to do a system scan to find out which DLL is being automatically loaded with Rundll32.exe. Here's an example of my HijackThis log file showing 2 entries of rundll32.exe loading NvCpl.dll and NvMcTray.dll whenever Windows is booted up.

tasklist /m /fi "IMAGENAME eq rundll32.exe"
Do take note that Windows XP Home edition does not have "tasklist.exe". The modules(DLLs) is displayed on the right side of the tasklist result. You'll probably see a lot of modules being displayed and it takes a little experience to identify any dangerous DLLs on the list. What you can do is filter out all the system files and dependencies used by Rundll32.exe. If you're unsure, you can always do a search in Google on the dll filename or you can ask in forums.

Notice the NvMcTray.dll that's loaded in rundll32.exe? That's the same result as using HijackThis.

OK, now you've learn how to identify loaded DLLs in rundll32.exe. But there are also spywares and virus that replaces Windows original rundll32.exe with a fake one. When you have a bad or corrupted rundll32.exe, you'll have problems in opening Control Panel and etc... To check whether your rundll32.exe has been modified or replaced with a virus, you can open rundll32.exe with Notepad. Once you've opened rundll32.exe with Notepad, FIND for the word "paddings". If the word paddings is in rundll32.exe, it means that you're using a fake rundll32.exe.

To restore a clean version of Rundll32.exe from Windows CD:

1. Boot in to Safe Mode
2. Put in Windows XP CD-ROM.
3. Open command prompt (Go to Start -> Run and type cmd)
4. Assuming D: is the drive letter for your CD-ROM, type expand D:\i386\rundll32.ex_ %Systemroot%\rundll32.exe and press Enter.

5. Restart your computer

Are You Sure...9/11 event is a coincidence?

2007-11-20T03:47:00.000-08:00

Now listen to me! Read through all of
this, and don't stop till you hit the
bottom, or you'll regret it!

united we stand

1) New York City has 11 letters

2) Afghanistan has 11 letters.

3) Ramsin Yuseb (The terrorist who
threatened to destroy the Twin Towers
in 1993) has 11 letters.

4) George W Bush has 11 letters.

5) The two twin towers make an "11"

This could be a mere coincidence, but
this gets more interesting:

2) The first plane crashing against
the Twin Towers was flight number
11.

3) Flight 11 was carrying 92
passengers. 9 + 2 = 11

4) Flight 77 which also hit Twin
Towers, was carrying 65 passengers. 6
+ 5 = 11

5) The tragedy was on September 11, or
9/11 as it is now known. 9 + 1+ 1 = 11

6) The date is equal to the US
emergency services telephone number
911.
9 + 1 + 1 = 11.

Sheer coincidence..?! Read on and make
up your own mind:

1) The total number of victims inside
all the hi-jacked planes was 254. 2 +
5 + 4 = 11.

2) September 11 is day number 254 of
the calendar year. Again 2 + 5 + 4 =
11.

3) The Madrid bombing took place on
3/11/2004. 3 + 1 + 1 + 2 + 4 = 11.

4) The tragedy of Madrid happened 911
days after the Twin Towers incident.

Now this is where things get totally
eerie:

The most recognised symbol for the US,
after the Stars & Stripes, is the
Eagle. The following verse is taken
from the Quran, the Islamic holy
book:

"For it is written that a son of
Arabia would awaken a fearsome Eagle.
The wrath of the Eagle would be felt
throughout the lands of Allah and lo,
while some of the people trembled in
despair still more rejoiced: for the
wrath of the Eagle cleansed the lands
of Allah and there was peace."

That verse is number 9.11 of the Quran.

Still uncovinced about all of this..?!
Try this and see how you feel
afterwards, it made my hair stand on
end:

Op en Microsoft Word and do the
following, try this for real! I did
it and it scared the living crap out
of me!!!!!!!

1. Type in capitals Q33 NY. This is
the flight number of the first
plane to hit one of the Twin Towers.

2. Highlight the Q33 NY.

3. Change the font size to 48.

4. Change the actual font to wingdings
{scarie st part of all}

Extremly scary huh?
[[it acc. is scary!!!]]

no w repost this within 911 seconds
with the title "Weird 9/11 facts" OR
your family's next plane trip will be
shorter..

How To Make Windows xp sp2 Bootable CD(Used In Formatting)

2007-11-19T04:08:00.000-08:00

Slipstreaming Windows xp service Pack 2 and Create Bootable CD

Slipstreaming a Service Pack, is the process to integrate the Service Pack into the installation so that with every new installation the Operating System and Service Pack are installed at the same time.

Slipstreaming is usually done on network shares on corporate systems. But with the advent of CD burners, it does actually make some sense for the home user or small business user to do the same.

Microsoft added the ability to Slipstream a Service Pack to Windows 2000 and Windows XP. It not only has the advantage that when you (re)install your OS, you don't have to apply the Service Pack later, also if you update any Windows component later, you'll be sure that you get the correct installation files if Windows needs any.

requirements:
Windows xp cd(installer)with sp1 or with sp2..
A Good CD-RW Drive
A Blank Disc
Nero 6-8
iso buster 1.6 or higher
a hdd with a wide space...
Windows xp sp2 Network install(can be downloaded in microsoft website)

Download the (full) "Network Install" of the Service Pack (English version [266 MB]), and save it to a directory (folder) on your hard drive (in my case D:\XP-SP2). Other languages can be downloaded from the Microsoft Download Web site.

Note: do not use spaces in the folder name!

Next copy your Windows xp cd to your hard drive. Just create a folder (I used \XP-CD), and copy all the contents of your Windows xp cd in that folder.

Next, open a Command Prompt (Start > Run > cmd), and go to the folder where you downloaded SP2 (cd \foldername). Type the command: servicepack filename /integrate:drive/path. In my example the command is WindowsXP-KB835935-SP2-ENU /integrate:D:\XP-CD.

If you get the error:

When ready, you should get a confirmation. Windows xp service Pack 2 has now been Slipstreamed into your original Windows XP files.

Now We Are Gonna Make And Burn Our Bootble xp cd

Creating a Bootable CD

For this part I used IsoBuster and Nero Burning rom 6 (make sure you have the latest version, but at least 5.5.9.0).

After you install IsoBuster, you can choose to use only the product's free functionality for what we want to do, IsoBuster will look like the image below (you need to have your original Windows xp cd in the CD-rom drive).

Start to extract the boot loader from the original Windows xp cd. Using IsoBuster, select the "folder" Bootable CD, and right-click Microsoft Corporation.img. From the menu choose Extract Microsoft Corporation.img, and extract it to the folder on your hard drive where you have your Windows XP files (D:\XP-CD in my case).

Next, start Nero Burning rom, and choose CD-rom (Boot) in the New Compilation window. On the Boot tab, select Image file under Source of boot image data, and browse to the location of the Microsoft Corporation.img file. Also enable Expert Settings, choosing No Emulation, and changing the Number of loaded sectors to 4 (otherwise it won't boot!)

The iso tab should be configured correctly as shown below:

If you have an older version of Nero you won't have the option Do Not Add ";1" iso file version extention under Relax iso Restrictions. You won't be able to boot your new CD, so update Nero!
You can configure the Label tab to your liking, I would however recommend that you keep the Volume Label the same as on your original Windows xp cd. Here are some (English) Labels:

* Windows xp professional: wxpccp_EN
* Windows xp home: wxhccp_EN
* Windows xp professional oem: WXPoem_EN
* Windows xp home oem: WXHoem_EN

Next press New, and from the File Browser window, select the files and folders from your slipstreamed location (in my case D:\XP-CD). Now drag & drop the selected files in the iso1 window.

Next, burn your new CD.

You now have a Bootable, Slipstreamed Windows xp service Pack 2 CD!

here are some screenshots of my done project..

An excerpt from Takedown. Kevin Mitnick

2007-11-16T23:32:00.000-08:00

Who is Kevin Mitnick? The picture that emerged after his arrest in Raleigh, N.C. last February was of a 31-year old computer programmer, who had been given a number of chances to get his life together but each time was seduced back to the dark side of the computer world. Kevin David Mitnick reached adolescence in suburban Los Angeles in the late 1970s, the same time the personal computer industry was exploding beyond its hobbyist roots. His parents were divorced, and in a lower-middle-class environment that lacked adventure and in which he was largely a loner and an underachiever, he was seduced by the power he could gain over the telephone network. The underground culture of phone phreaks had already flourished for more than a decade, but it was now in the middle of a transition from the analog to the digital world. Using a personal computer and modem it became possible to commandeer a phone company's digital central office switch by dialing in remotely, and Kevin became adept at doing so. Mastery of a local telephone company switch offered more than just free calls: It opened a window into the lives of other people to eavesdrop on the rich and powerful, or on his own enemies.

Mitnick soon fell in with an informal phone phreak gang that met irregularly in a pizza parlor in Hollywood. Much of what they did fell into the category of pranks, like taking over directory assistance and answering operator calls by saying, "Yes, that number is eight-seven-five-zero and a half. Do you know how to dial the half, ma'am?" or changing the class of service on someone's home phone to payphone status, so that whenever they picked up the receiver a recorded voice asked them to deposit twenty cents. But the group seemed to have a mean streak as well. One of its members destroyed files of a San Francisco-based computer time-sharing company, a crime that went unsolved for more than a year -- until a break-in at a Los Angeles telephone company switching center led police to the gang.

The case was actually solved when a jilted girlfriend of one of the gang went to the police...

That break-in occurred over Memorial Day weekend in 1981, when Kevin and two friends decided to physically enter Pacific Bell's COSMOS phone center in downtown Los Angeles. COSMOS, or Computer System for Mainframe Operations, was a database used by many of the nation's phone companies for controlling the phone system's basic recordkeeping functions. The group talked their way past a security guard and ultimately found the room where the COSMOS system was located. Once inside they took lists of computer passwords, including the combinations to the door locks at nine Pacific Bell central offices and a series of operating manuals for the COSMOS system.. To facilitate later social engineering they planted their pseudonyms and phone numbers in a rolodex sitting on one of the desks in the room. With a flourish one of the fake names they used was "John Draper," who was an actual computer programmer also known as the legendary phone phreak, Captain Crunch, the phone numbers were actually misrouted numbers that would ring at a coffee shop pay phone in Van Nuys.

The crime was far from perfect, however. A telephone company manager soon discovered the phony numbers and reported them to the local police, who started an investigation. The case was actually solved when a jilted girlfriend of one of the gang went to the police, and Kevin and his friends were soon arrested. The group was charged with destroying data over a computer network and with stealing operator's manuals from the telephone company. Kevin, 17 years old at the time, was relatively lucky, and was sentenced to spend only three months in the Los Angeles Juvenile Detention Center, followed by a year's probation.

A run-in with the police might have persuaded most bright kids to explore the many legal ways to have computer adventures, but Mitnick appeared to be obsessed by some twisted vision. Rather than developing his computer skills in creative and productive ways, he seemed interested only in learning enough short-cuts for computer break-ins and dirty tricks to continue to play out a fantasy that led to collision after collision with the police throughout the 1980s. He obviously loved the attention and the mystique his growing notoriety was bringing. Early on, after seeing the 1975 Robert Redford movie Three Days of the Condor, he had adopted Condor as his nom de guerre. In the film Redford plays the role of a hunted CIA researcher who uses his experience as an Army signal corpsman to manipulate the phone system and avoid capture. Mitnick seemed to view himself as the same kind of daring man on the run from the law.
After he was released, he obtained the license plate "X HACKER" for his Nissan...

His next arrest was in 1983 by campus police at the University of Southern California, where he had gotten into minor trouble a few years earlier, when he was caught using a university computer to gain illegal access to the ARPAnet. This time he was discovered sitting at a computer in a campus terminal room, breaking into a Pentagon computer over the ARPAnet, and was sentenced to six months at the California Youth Authority's Karl Holton Training School, a juvenile prison in Stockton, California. After he was released, he obtained the license plate "X HACKER" for his Nissan, but he was still very much in the computer break-in business. Several years later he went underground for more than a year after being accused of tampering with a TRW credit reference computer; an arrest warrant was issued, but it later vanished from police records without explanation.

By 1987, Mitnick seemed to be making an effort to pull his life together, and he began living with a woman who was taking a computer class with him at a local vocational school. After a while, however, his obsession drew him back, and this time his use of illegal telephone credit card numbers led police investigators to the apartment he was sharing with his girlfriend in Thousand Oaks, California. He was convicted of stealing software from the Santa Cruz Operation, a California software company, and in December 1987, he was sentenced to 36 months probation. That brush with the police, and the resultant wrist slap, seemed only increase his sense of omnipotence.

In 1987 and 1988, Kevin and a friend, Lenny DiCicco, fought a pitched electronic battle against scientists at Digital Equipment's Palo Alto research laboratory. Mitnick had become obsessed with obtaining a copy of Digital's VMS minicomputer operating system, and was trying to do so by gaining entry to the company's corporate computer network, known as Easynet. The computers at Digital's Palo Alto laboratory looked easiest, so every night with remarkable persistence Mitnick and DiCicco would launch their modem attacks from a small Calabasas, California company where DiCicco had a computer support job. Although Reid discovered the attacks almost immediately, he didn't know where they were coming from, nor did the local police or FBI, because Mitnick was manipulating the telephone network's switches to disguise the source of the modem calls.
...he agreed to one year in prison and six months in a counseling program for his computer "addiction."

The FBI can easily serve warrants and get trap-and-trace information from telephone companies, but few of its agents know how to interpret the data they provide. If the bad guy is actually holed up at the address that corresponds to the telephone number, they're set. But if the criminal has electronically broken into to the telephone company's local switch and scrambled the routing tables, they're clueless. Kevin had easily frustrated their best attempts at tracking him through the telephone network using wiretaps and traces. He would routinely use two computer terminals each night -- one for his forays into Digital's computers, the other as a lookout that scanned the telephone company computers to see if his trackers were getting close. At one point, a team of law enforcement and telephone security agents thought they had tracked him down, only to find that Mitnick had diverted the telephone lines so as to lead his pursuers not to his hideout in Calabasas, but to an apartment in Malibu. Mitnick, it seemed, was a tough accomplice, for even as they had been working together he had been harassing DiCicco by making fake calls to DiCicco's employer, claiming to be a Government agent and saying that DiCicco was in trouble with the Internal Revenue Service. The frustrated DiCicco confessed to his boss, who notified DEC and the FBI, and Mitnick soon wound up in federal court in Los Angeles. Although DEC claimed that he had stolen software worth several million dollars, and had cost DEC almost $200,000 in time spent trying to keep him out of their computers, Kevin pleaded guilty to one count of computer fraud and one count of possessing illegal long-distance access codes.

It was the fifth time that Mitnick had been apprehended for a computer crime, and the case attracted nationwide attention because, in an unusual plea bargain, he agreed to one year in prison and six months in a counseling program for his computer "addiction." It was a strange defense tactic, but a federal judge, after initially balking, bought the idea that there was some sort of psychological parallel between the obsession Mitnick had for breaking in to computer systems and an addict's craving for drugs. After he finished his jail time and his halfway-house counseling sentence for the 1989 Digital Equipment conviction Mitnick moved to Las Vegas and took a low-level computer programming position for a mailing list company. His mother had moved there, as had a woman who called herself Susan Thunder who had been part of Mitnick's phone phreak gang in the early 1980s, and with whom he now became reacquainted. It was during this period that he tried to "social engineer" me over the phone. In early 1992 Mitnick moved back to the San Fernando Valley area after his half-brother died of an apparent heroin overdose. He briefly worked for his father in construction, but then took a job he found through a friend of his father's at the Tel Tec Detective Agency . Soon after he began, someone was discovered illegally using a commercial database system on the agency's behalf, and Kevin was once again the subject of an FBI investigation. In September the Bureau searched his apartment, as well as the home and workplace of another member of the original phone phreak gang. Two months later a federal judge issued a warrant for Mitnick's arrest for having violated the terms of his 1989 probation. There were two charges: illegally accessing a phone company computer, and associating with one of the people with whom he'd originally been arrested in 1981. His friends claimed Mitnick had been set up by the detective firm; whatever the truth, when the FBI came to arrest him, Kevin Mitnick had vanished.

His escape, subsequently reported in the Southern California newspapers, made the authorities look like bumblers who were no match for a brilliant and elusive cyberthief.

In late 1992 someone called the California Department of Motor Vehicles office in Sacramento, and using a valid law enforcement requester code, attempted to have driver's license photographs of a police informer faxed to a number in Studio City, near Los Angeles. Smelling fraud, D.M.V. security officers checked the number and discovered that it was assigned to a Kinko's copy shop, which they staked out before faxing the photographs. But somehow the spotters didn't see their quarry until he was going out the door of the copy shop. They started after him, but he outran them across the parking lot and disappeared around the corner, dropping the documents as he fled. The agents later determined that they were covered with Kevin Mitnick's fingerprints. His escape, subsequently reported in the Southern California newspapers, made the authorities look like bumblers who were no match for a brilliant and elusive cyberthief.

2007-11-16T06:36:00.000-08:00

Riza's Bio
Well before The Bio...a typical Filipina beauty, is Canada’s bet in this year’s Miss Earth and the first time her feet landed in Manila she became an instant favorite. Actually, she’s consistently in the top 4 list of various message boards. Who knows, she might be the 6th Miss Earth!
Riza was born to parents who hail from Bulacan and Bataan in the Philippines, but she was raised in Canada. Numerous sources reveal that she is 21 years old. Riza’s grandparents inspired her to become a soldier in the Canadian Forces Army Reserve. She is a reporter for the Army News as well. Riza was a student at the University of Calgary studying Biological Science. She had hopes of becoming a doctor.

Riza is the October 2007 cover girl for FHM Philippines. Wow, you gotta check out her hot pictures over there! Oh, and if you’re interested, she sat down with them for an interview too.

You can currently see Riza on Pinoy Big Brother Celebrity Edition 2. She has been dubbed the “Desirable Diva” and is a self-proclaimed virgin. She was not allowed to date until she turned 18 years old. Riza has been recently linked to Filipino singer Mark Bautista.

U.S. Government Joins Microsoft Against States

2007-11-14T04:19:00.000-08:00

by Keith Ward
12 November 2007

The 2002 consent decree that partially governs Microsoft's actions about its monopolistic business practices was originally supposed to expire today. But Redmond is currently locked in a battle with a coalition of states that want to see federal oversight extended for another half-decade.

On Friday, Microsoft picked up an ally -- the very same government. The U.S. Department of Justice joined Microsoft in its attempt to persuade U.S. District Court Judge Colleen Kollar-Kotelly that the consent decree has done its job and should expire this month.

At issue is the antitrust settlement that followed the Court's original finding that Microsoft had unfairly stifled competition through its Windows monopoly. Among other things, the decree stipulates that Windows development is supervised by a technical committee, and ensures that rivals have an even playing field. The current deadline was moved from today until Jan. 31 of next year.

The DOJ's brief argues that the states' rationale for extending the decree are illogical and even contradict their own past claims. The group of 17 states are led, as they have been throughout, by California and New York (called "Movants" in the brief). "The California and New York Movants advance inadequate and mutually inconsistent arguments to justify extension of the Final Judgments; both state groups argue theories, moreover, that are directly contravened by the states' own past statements and actions," the document states.

The brief argues a number of points, but the main argument it asserts is that the original consent decree was properly adhered to by Microsoft. In fact, the DOJ asserts, even some of the contesting states have said as much. "As the New York Group informed the Court two months ago, the Final Judgments "have achieved [their] goals" and "are enabling the competition they are designed to protect." The California Movants do not provide any evidence that the goals of the expiring provisions of the Final Judgments have not been achieved, when those goals are properly considered in light of the Court of Appeals decision and this Court's ruling. Accordingly, there is no legal basis upon which to seek such an extension," it reads.

The states have until Friday to respond to Microsoft and the DOJ's latest briefs.

You can contact the editors about U.S. Government Joins Microsoft Against States at editor@reddevnews.com.

Original Post

Fix Firefox's memory problems, says Mozilla director

2007-11-14T04:16:00.000-08:00

Gregg Keizer

Click Here For More Info!

November 12, 2007 (Computerworld) Mozilla Corp. must address Firefox's memory problems if it's serious about entering the mobile browser market, a member of the company's board of directors said over the weekend.

The on-again, off-again debate over whether Firefox has a memory leak was dragged back into the limelight by Christopher Blizzard, a Red Hat Inc. developer and longtime contributor to Firefox who also sits on Mozilla's board. "As Mozilla starts down the path to running in the mobile space, we are spending time looking at memory pressure issues more closely," Blizzard said in a posting to his personal blog on Saturday, referring to the leak that many users believe plagues Firefox.

The longer Firefox runs and more pages it opens, the theory goes, the larger its appetite for memory. At some point, the load is significant enough to hinder performance or in some cases, lock the browser. But closing tabs doesn't reclaim the memory; only shutting down the browser and restarting does.

Blizzard stopped short of calling the leak a feature, as other Firefox developers have in the past, but neither did he embrace the idea that one really exists. "It sounds like the early data suggests that Mozilla really doesn't leak that much memory at all," he said. "But it does thrash the [memory] allocator pretty hard and that's what causes the perception of memory leaks."

Even bringing up the idea of a memory leak was enough to bring out users who swore it was a reality, not just a perception. "I don't know if Mozilla actually leaks memory, but it's performance certainly degrades with use," said a user identified as sb in a comment to Blizzard's blog. "My browser is nice and snappy right at start-up, taking [a] 600MB footprint. After three days of intensive use, it's up to a 1.1GB footprint; no big deal, but it often locks up for multiple seconds."

According to tests run by another Firefox developer, Stuart Parmenter, the issue isn't so much an actual leak, but one of memory fragmentation, where large amounts of free memory are scattered between small blocks of used memory. "It makes it very difficult for us to get big chunks of contiguous memory to give back to the OS," said Parmenter. "This makes us look big."

Whether the leak is real and measurable or as Parmenter speculated, more fragmentation than a true leak, Blizzard tied work on the problem to Mozilla's move into the mobile market, which currently is dominated by Opera Software ASA's Opera Mini. Apple Inc., which this summer introduced a mobile edition of its Safari browser in the iPhone, and more recently, in the iPod Touch, would also be a mobile rival to Mozilla. "Over the next few months, it will be very interesting to see what happens with both memory usage and perceived performance, especially as we connect numbers to a successful mobile strategy," said Blizzard.

That in itself came in for criticism from at least a few Firefox users. "So basically what you're saying is that you didn't really care about the problem until you went into the mobile space, where the problem was going to lose you money," said Karl Shea in another comment appended to Blizzard's post. "Memory leaks, fragmentation or whatever the real problem is has been a problem since 1.0. Well, I'm glad financial matters finally pushed the issue."

Blizzard rebutted Shea a few comments later. "Mobile is a factor, but it's certainly not the main driver. We know that [will] this have a positive impact in both desktop users and mobile, so it's worth the investment."

Mozilla's embryonic mobile strategy hasn't been officially spelled out, but Jay Sullivan, a mobile software developer recently hired by the company, has posted several entries in the last two weeks, including one titled "Mobile and the Mozilla manifesto," where he argues for taking Firefox mobile.

"My read on the Mozilla manifesto tells me that there's not only an opportunity presented by mobile, but that we have a responsibility to help crack open the mobile environment," said Sullivan.

We're still struggling with security, admits Microso

2007-11-14T04:13:00.000-08:00

By Jeremy Kirk, IDG news service

Microsoft is still experiencing pain as it struggles to bring its own security products and service up to speed.
Microsoft released Windows Live OneCare for consumers in May 2006 and its Forefront Client Security for enterprises earlier this year. Both products entered a saturated security market populated by experienced security-specialist companies such as Symantec, McAfee and Trend Micro.

When Microsoft began investing in the security field around 2003, the company didn't have "the ability to speak AV," said Vinny Gullotto, general manager of the company's Malware Protection Centre. Now, that ability is much more developed, said Gullotto, who spoke early this week on the sidelines of IT Forum in Barcelona, the company's largest customer event in Europe.

At least initially, Windows Live OneCare didn't fare well in malware detection tests, but Microsoft is improving its performance, Gullotto said.

Between September 2006 and September this year, Microsoft has improved its malware detection rate by about 20 points, Gullotto said. Now, Microsoft's detection rate is usually between 91 percent to 95 percent, depending on the testing plan, he said.

At least as recently as May, Microsoft's OneCare and Forefront products, which share the same set of malware detection signatures, only had a 76 percent detection rate, according to AV-Test, a German anti-virus testing organisation that often performs tests on commission for technology magazines.

One way to improve detection rates is to increase the number of signatures, Gullotto said. Many testing organisations test anti-virus software against a batch of malicious software samples and rank those products according to how well the samples are flagged.

But generating more signatures demands more analysts and research capacity. Microsoft is investing heavily in both of those areas, although Gullotto declined to say how much.

Microsoft used to only have one malware research lab, based in Washington . This year, Microsoft has opened new labs in Tokyo, Dublin and Melbourne to allow it to respond to customers 24 hours a day worldwide.

Last year, it took Microsoft three days to respond to a query from one of its customers regarding security, Gullotto said. Now, that response time is down to between six to eight hours, but Gullotto said they'd like it to be around a maximum of six hours.

To meet that goal, Microsoft is hiring experts for all three new labs, Gullotto said, but "I'm not satisfied with it. We want to hire more experienced people." Over the last few years, Microsoft has had success in recruiting experienced security analysts from companies such as F-Secure, Trend Micro and McAfee.

The growth in the number of malicious software samples circulating on the Internet is "just immense at this particular point in time," Gullotto said. Microsoft is also trying to build more tools that can automatically analyse malware, he said.

In another improvement, Microsoft plans to update spyware signatures in its OneCare, ForeFront and Defender products once a day rather than twice a week as is done now, Gullotto said. Spyware is the term for an unwanted program that records and transmits information about a person's PC, often without the user's consent or knowledge.

Safely Editing the Registry...

2007-11-11T05:09:00.001-08:00

Windows XP has a vast number of configuration dialogs, but some adjustments can be performed only by directly editing the Registry. Frequently, tips involving Registry tweaks include stern warnings to back up the Registry before making any change. The Windows XP Backup applet can back up the Registry along with other elements of the System State, but the resulting data file can occupy hundreds of megabytes. You're better off saving a system restore point each time you're about to edit the Registry. Better still, you can use Regedit to back up only the Registry keys that will be changed.

Click on Start | Run and enter Regedit to launch the Registry editor. To back up an individual key you plan to edit, navigate to the key and right-click on it. Choose Export from the menu, and save the key to a REG file. Open the REG file in Notepad and insert a few comment lines that describe the source and purpose of the tweak. (To create a comment line, simply put a semicolon at the start of the line.)

Now go ahead and make all the changes to Registry keys and values specified by the tip you're applying. Any time you add a new key or value, make a note of it with another comment line in the REG file. When you're done, save the REG file and close Notepad.

If later you want to undo this Registry tweak, just double-click on the REG file and confirm that you want to add it to the Registry. This will restore any deleted keys or values and will restore the original data for any values whose data was changed. Note that this will not remove new keys or values that were added; that's why you need to make comments about such changes.

Right-click on the REG file and choose Edit, which will open it in Notepad. Check for comments about keys or values that were added, and if you find any, use Regedit to delete them. You can delete the REG file itself once you've completed this process

Slow Loggon Time, one fix for problem

2007-11-11T05:08:00.003-08:00

My problem was a 1 min login delay due the aktiveds.dll that loads at startup (thanks to NicTech Networks Inc.). The following advice worked for me so I guess it works for any .dll made by NicTech since they all use the same registry folder....

Open up regedit.exe and find THIS folder. Navigate to it by clicking the +'s to expand
things like you would in Windows explorer:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Guardian

Right click over "Guardian" in the left pane.
Left click on "Permissions"
Left click "SYSTEM" once to highlight it.
Check "deny" in all boxes that you can at the bottom (Probably only 2)
Left click Apply
Left Click OK

Say "OK" to any warnings about permissions
**Reboot** the system

then problems solved

I got this information from another forum. I had this problem for about six weeks and was just about ready to reformat my hard drive. Worked great for me, hope this helps out somebody else.

The Modern Phreakers Guide To Beige Boxing

2007-11-11T05:08:00.001-08:00

*Note: If this version is fucked because of the text then goto
www.angelfire.com/linux/ircratm/beigebox.txt and read it there...
sorry about the faults.

Table Of Contents
I. Introduction
II. Parts
III. Construction
IV. How To Use
V. Different Uses
VI. Other Ways of Beige Boxing
VII. Greets

Introduction://
Well as the title states this is the “Modern Phreakers Guide To Beige Boxing”.
Most people think phreaking is a dead art, but a few boxes remain. The Beige Box,
also known as the Lineman’s Handset, is alive and kicking. What the beige box does
is lets you “jack” into another person’s phone from outside their house. This can be
very useful for prank calls, tapping a phone line, long distance that you don’t want
to pay for, and connecting to the internet through 56k for those extremely sensitive
hacks.

Parts://
Interested so far? Ok well this is all you will need:
1. A crappy ass phone that you wont miss (As small as possible)
2. Wire clippers
3. Wire Strippers
4. Alligator Clips
5. Tape

Most of these are common things you can find or steal from your dad. RadioSlut
(radio shack) carries alligator clips and so do hardware stores.

Construction://
I’m gone go describe the way the wires are arranged inside a telephone line that
runs from your phone to the jack in the wall so there will be no confusion *cough*
CYRUS *cough*. I will break it up into 3 stages.

Stage 1: Outer Casing...... The un-touched phone line
Stage 2: Inner Wires....... This contains 4 wires (or two if you have a gay phone like me)
Stage 3: Exposed Wire...... The actual exposed wires.

Ok now take the outer casing and cut all the way through the wire right before the
male plug (the part that goes into the jack in your wall). Then take your wire
strippers and strip that wire back 5 inches so you can see the other four wires.
Clip the two wires on both sides (unless you only have two) so the two inner wires
are the only ones left. Then strip the two inner wires about half an inch so you have
fully exposed the wire. Now you take your alligator clips and attach one to each wire,
making sure the wire is up inside the clip good and the exposed wire is touching the
metal on the clip. Tape the wire down good so it won’t move or come out and BOOM you
have just completed your first beige box.

How To Use://
Well here is the fun part; usage of your newly built Beige Box. What you are looking
for is a box outside the house that all the phone lines run to. It should be about
10”x10” and were I live you need a screw driver to get into it. Once you have found
it you should see a bunch of wires running to four round things that are positioned
like so:

O O

O O

Ok now take your alligator clips and put them on the two bottom ones or the two top
ones, either way it should work, now pick up your box and you should hear a dial tone,
dial out like you normally would.

Different Uses://
Hmmm well if you haven’t figured out what you’re gonna use this for then why are you
building it? Maybe you want to call your online girlfriend long distance, maybe you
want to harass the operator for fun, maybe you want free phone sex, or maybe you
wanna hook up your laptop and dial out. All this can be accomplished by using the
beige box. But I warn you, if someone picks up on the line and hears you talking they
are going to get suspicious, so don’t call someone who will rat on you or say your
name while using it.

Other Ways of Beige Boxing://
Yes there are other ways, and some are extremely nifty. Some modern terminals (Things
outside the house) have jacks so you don’t need to build one, just take a regular
phone and plug it in like you normally would, but that disables your ability to
listen or fuck with the person talking so I don’t use this method. Another way is
take your beige box to a COCOT pay phone and either follow the wires that run from
the phone till you can expose them or cut the wire on the handset at the actual
payphone and hook it up there.

Greets://
Yo I wanna thank the guy who taught me how to phreak, his name is The1, also I wanna
thank cyrus for your constructive criticism and mikecc for testing my tutorial out
(even tho ive tried explaining it to ya before). I’ll be releasing more phreaking
tutorials later and only on ODSOURCE.COM so look for them.

Tcpip A Mammoth Description, Short and easy-Everything U want to know

2007-11-11T05:07:00.001-08:00

::::TCP\IP: A Mammoth Description By Ankit Fadia ankit@bol.net.in::::

TCP\IP or Transmission Control Protocol \ Internet Protocol is a stack or collection of various protocols. A
protocol is basically the commands or instructions using which two computers within a local network or the
Internet can exchange data or information and resources.

Transmission Control Protocol \ Internet Protocol or the TCP\IP was developed around the time of the
ARPAnet. It is also known as the Protocol Suite. It consists of various protocols but as the TCP
(Transmission Control Protocol) and the IP (Internet Protocol) are the most, well known of the suite of
protocols, the entire family or suite is called the TCP\IP suite.

The TCP\ IP Suite is a stacked suite with various layers stacked on each other, each layer looking after one
aspect of the data transfer. Data is transferred from one layer to the other. The Entire TCP\ IP suite can be
broken down into the below layers-:

Layer Name Protocol

Link Layer (Hardware, Ethernet) ARP, RARP, PPP, Ether
Network Layer(The Invisible Layer) IP, ICMP
Transport Layer UDP, TCP
Application Layer(The Visible Layer) The Actual running Applications like-: FTP client, Browser
Physical Layer (Not part of TCP \IP) Physical Data Cables, Telephone wires

Data travels from the Link Layer down to the Physical Layer at the source and at the destination it travels
from the Physical Layer to the Link Layer. We will later discuss what each layer and each protocol does.

The TCP\IP suite not only helps to transfer data but also has to correct various problems that might occur
during the data transfer. There are basically two types of most common errors that might occur during the
process of data transfer. They are-:

Data Corruption -: In this kind of error, the data reaches the destination after getting corrupted.
Data Loss -: In this kind of error, the entire collection of packets which constitute the data to be transferred
does not reach the destination.

TCP\IP expects such errors to take place and has certain features which prevent, such error which might
occur.

Checksums-: A checksum is a value (Normally, a 16 Bit Value) that is formed by summing up the Binary
Data in the used program for a given data block. The program being used is responsible for the calculation
of the Checksum value. The data being sent by the program sends this calculated checksum value, along
with the data packets to the destination. When the program running at the destination receives the data
packets, it re-calculates the Checksum value. If the Checksum value calculated by the Destination program
matches with the Checksum Value attached to the Data Packets by the Source Program match, then the data
transfer is said to be valid and error free. Checksum is calculated by adding up all the octets in a datagram.

Packet Sequencing-: All data being transferred on the net is broken down into packets at the source and
joined together at the destination. The data is broken down into packets in a particular sequence at the
source. This means that, for example, the first byte has the first sequence number and the second byte the
second sequence number and so on. These packets are free to travel independently on the net, so
sometimes, when the data packets reach the destination they arrive, out of sequence, which means that the
packet which had the first sequence number attached to it does not reach the destination first. Sequencing
defines the order in which the hosts receive the data packets or messages. The application or the layer
running at the destination automatically builds up the data from the sequence number in each packet.
The source system breaks the data to be transferred into smaller packets and assigns each packet a unique
sequence number. When the destination gets the packets, it's starts rearranging the packets by reading the
sequence numbers of each packet to make the data received usable.

For example, say you want to transfer a 18000 octet file. Not all networks can handle the entire 18000
octet packets at a time. So the huge file is broken down into smaller say 300 octet packets. Each packet has
been assigned a unique sequence number. Now when the packets reach the destination the packets are put
back together to get the usable data. Now during the transportation process, as the packets can move
independently on the net, it is possible that the packet 5 will arrive at the destination before packet 4
arrives. In such a situation, the sequence numbers are used by the destination to rearrange the data packets
in such a way that even if Data packet 5 arrived earlier, Packet 4 will always precede Packet 5.

A data can easily be corrupted while it is being transferred from the source to the destination. Now if a
error control service is running then if it detects data corruption, then it asks the source to re-send the
packets of data. Thus only non corrupted data reaches the destination. An error control service detects and
controls the same two types of errors-:

1.) Data Loss
2.) Data Corruption

The Checksum values are used to detect if the data has been modified or corrupted during the transfer from
source to destination or any corruption in the communication channel which may have caused data loss.
Data Corruption is detected by the Checksum Values and by performing Cyclic Redundancy Checks
(CRC 's). CRC 's too like the Checksums are integer values but require intensely advanced calculation and
hence are rarely used.

There is yet another way of detecting data corruption-: Handshaking.

This feature ensures demands that both the source and destination must transmit and receive
acknowledgement messages, that confirm transfer of uncorrupted data. Such acknowledgement messages
are known as ACK messages.

Let's take an example of a typical scenario of data transfer between two systems.
Source Sends MSG1 to Destination. It will not send MSG2 to Destination unless and until it gets the MSG
ACK and destination will not send more requests for data or the next request message (MSG2) unless it
gets the ACK from Source confirming that the MSG1 ACK was received by it. If the source does not get a
ACK message from the destination, then something which is called a timed-out occurs and the source will
re send the data to destination.

So this means that if A sends a data packet to B and B checksums the data packet and finds the data
corrupted, then it can simply delete for a time out to take place. Once the time out takes place, A will re
send the data packet to B. But this kind of system of deleting corrupt data is not used as it is inefficient and
time consuming.

Instead of deleting the corrupt data and waiting for a time out to take place, the destination (B) sends a not
acknowledged or NACK message to source(A). When A gets the NACK message, instead of waiting for a
time out to take place, it straightaway resends the data packet.

An ACK message of 1000 would mean that all data up to 1000 octets has been received till now.

TCP/ IP is a layered suite of protocols. All layers are equally important and with the absence of even a
single layer, data transfer would not have been possible. Each TCP/ IP layer contributes to the entire
process of data transfer. An excellent example, is when you send an email. For sending mail there is a
separate protocol, the SMTP protocol which belongs to the Application layer. The SMTP Application
protocol like all other application layer protocols assumes that there is a reliable connection existing
between the two computers. For the SMTP application protocol to do what it is designed for, i.e. to send
mail, it requires the existence of all other Layers as well. The Physical Layer i.e. cables and wires is
required to transport the data physically. The Transmission Control Protocol or the TCP protocol which
belongs to the Transport Layer is needed to keep track of the number of packets sent and for error
correction. It is this protocol that makes sure that the data reaches the other end. The TCP protocol is called
by the Application Protocol to ensure error free communication between the source and destination. For the
TCP layer to do its work properly i.e. to ensure that the data packets reach the destination, it requires the
existence of the Internet Protocol or IP. The IP protocol contains the Checksum and Source and
Destination IP address.

You may wonder why do we need different protocols like TCP and IP and why not bundle them into the
same Application protocol.? The TCP protocol contains commands or functions which are needed by
various application protocols like FTP, SMTP and also HTTP. The TCP protocol also calls on the IP
protocol, which in turn contains commands or functions which some application protocols require while
others don?t. So rather than bundling the entire TCP and IP protocol set into specific application protocols,
it is better to have different protocols which are called whenever required.

The Link Layer which is the Hardware or Ethernet layer is also needed for transportation of the data
packets. The PPP or the Point to Point Protocol belongs to this layer. Before we go on let's get accustomed
with certain TCP\IP terms. Most people get confused between datagrams and packets and think that they
are one and the same thing . You see, a datagram is a unit of data which is used by various protocols and a
packet is a physical object or thing which moves on a physical medium like a wire. There is a remarkable
difference between a Packet and a Datagram, but it is beyond the scope of this book. To make things easier
I will use only the term datagram (Actually this is the official term.)while discussing various protocols.

Two different main protocols are involved in transporting packets from source to destination.

1.) The Transmission Control Protocol or the TCP Protocol
2.) The Internet Protocol or the IP protocol.

Besides these two main protocols, the Physical Layer and the Ethernet Layer are also indispensable to data
transfer.

THE TRANSPORT LAYER

The TCP protocol

The Transmission Control Protocol is responsible for breaking up the data into smaller datagrams and
putting the datagrams back to form usable data at the destination. It also resends the lost datagrams to
destination where the received datagrams are reassembled in the right order. The TCP protocol does the
bulk of work but without the IP protocol, it cannot transfer data.

Let's take an example to make things more clearer. Let's say your Internet Protocol Address or IP address is
xxx.xxx.xxx.xxx or simply x and the destination's IP is yyy.yyy.yyy.yyy or simply y. Now As soon as the
three-way connection is established between x and y, x knows the destination IP address and also the Port
to which it is connected to. Both x and y are in different networks which can handle different sized packets.
So in order to send datagrams which are in receivable size, x must know what is the maximum datagram
size which y can handle. This too is determined by both x and y during connection time.

So once x knows the maximum size of the datagram which y can handle, it breaks down the data into
smaller chunks or datagrams. Each datagram has it's own TCP header which too is put by TCP.
A TCP Header contains a lot of information, but the most important of it is the Source and Destination IP
and Port numbers and yes also the sequence number.

**************
HACKING TRUTH: Learn more about Ports, IP's, Sockets in the Net Tools Manual
**************
The source which is your computer(x) now knows what the IP Addresses and Port Numbers of the
Destination and Source computers are. It now calculates the Checksum value by adding up all the octets of
the datagram and puts the final checksum value to the TCP Header. The different octets and not the
datagrams are then numbered. An octet would be a smaller broken down form of the entire data. TCP then
puts all this information into the TCP header of each datagram. A TCP Header of a datagram would finally
look like -:

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Acknowledgment Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data | |U|A|P|R|S|F| |
| Offset| Reserved |R|C|S|S|Y|I| Window |
| | |G|K|H|T|N|N| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | Urgent Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| The Actual Data form the next 500 octets |
| |

There are certain new fields in the TCP header which you may not know off. Let's see what these new
fields signify. The Windows field specifies the octets of new data which is ready to be processed. You see
not all computers connected to the Internet run at the same speed and to ensure that a faster system does not
send datagrams to a slow system at a rate which is faster than it can handle, we use the Window field. As
the computer receives data , the space in the Window field gets decreased indicating that the receiver has
received the data. When it reaches zero the sender stops sending further packets. Once the receiver finishes
processing the received data, it increases the Window field, which in turn indicates that the receiver has
processed the earlier sent data and is ready to receive more chunks of data.

The Urgent Field tells the remote computer to stop processing the last octet and instead receive the new
octet. This is normally not commonly used.

The TCP protocol is a reliable protocol, which means that we have a guarantee that the data will arrive at
the destination properly and without any errors. It ensures that the data being received by the receiving end
is arranged in the same correct order in which it was sent.

The TCP Protocol relies on a virtual circuit between the client and the host. The circuit is opened via a 3
part process known as the three part handshake. It supports full duplex transportation of data which means
that it provides a path for two way data transfer. Hence using the TCP protocol, a computer can send and
receive datagrams at the same time.

Some common flags of TCP are-:

RST [RESET]- Resets the connection.
PSH [PUSH] - Tells receiver to pass all queued data to the application running.
FIN [FINISH] - Closes connection following the 4 step process.
SYN Flag - means that the machine sending this flag wants to establish a three way handshake i.e.
a TCP connection. The receiver of a SYN flag usually responds with an ACK message.

So now we are in a position to represent a three way TCP Handshake:

A <---SYN---> B
A <---SYN/ACK? B
A <---ACK---> B

A sends a SYN flag to B saying " I want to establish a TCP connection", B responds to the SYN with the
ACK to the SYN flag. A again responds to the ACK sent by B with another ACK.

Read RFC 793 for further in depth details about the TCP protocol.

The User Datagram Protocol or the UDP Protocol

The User Data protocol or the UDP is yet another protocol which is a member of the Transport Layer. TCP
is the standard protocol used by all systems for communications. TCP is used to break down the data to be
transported into smaller datagrams, before they (the datagrams) are sent across a network. Thus we can say
that TCP is used where more than a single or multiple datagrams are involved.

Sometimes, the data to be transported is able to fit into a single datagram. We do not need to break the data
into smaller datagrams as the size of the data is pretty small. The perfect example of such data is the DNS
system. To send out the query for a particular domain name, a single datagram is more than enough. Also
the IP that is returned by the Domain Name Server does not require more than one datagram for
transportation. So in such cases instead of making use of the complex TCP protocol, applications fall back
to the UDP protocol.

The UDP protocol works almost the way TCP works. But the only differences being that TCP breaks the
data to be transferred into smaller chunks, does sequencing by inserting a sequence number in the header
and no error control. Thus we can conclude by saying that the UDP protocol is an unreliable protocol with
no way to confirm that the data has reached the destination.

The UDP protocol does insert a USP header to the single datagram it is transporting. The UDP header
contains the Source and Destination IP Addresses and Port Numbers and also the Checksum value. The
UDP header is comparatively smaller than the TCP Header.

It is used by those applications where small chunks of data are involved. It offers services to the User's
Network Applications like NFS(Network File Sharing) and SNMP.

Read RFC 768 for further in depth details about the UDP protocol.

THE NETWORK LAYER

The IP Protocol

Both the TCP and the UDP protocols, after inserting the headers to the datagram(s) given to them pass
them to the Internet Protocol or the IP Protocol. The main job of the IP protocol is to find a way of
transporting the datagrams to the destination receiver. It does not do any kind of error checking.

The IP protocol too adds it's own IP Header to each datagram. The IP header contains the source and
destination IP addresses, the protocol number and yet another checksum. The IP header of a particular
datagram looks like-:

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live | Protocol | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TCP header info followed by the actual data being transferred|
| |

The Source and destination IP addresses and needed so that?well it is obvious isn't it? The Protocol
number is added so that the IP protocol knows to which Transport Protocol the datagram has to be passed.
You see various Transport Protocols are used like for example TCP or UDP. So this protocol number is
inserted to tell IP the protocol to which the datagram has to be passed.

It too inserts it's own Checksum value which is different from the Checksum Value inserted by the
Transport Protocols. This Checksum has to be inserted as without it the Internet Protocol will not be able to
verify if the Header has been damaged in the transfer process and hence the datagram might reach a wrong
destination. The Time to Live field specifies a value which is decreased each time the datagram passes
through a network. Remember Tracert?

The Internet Protocol Header contains other fields as well, but they are quite advanced and cannot be
included in a manual which gives an introduction to the TCP\IP protocol. To learn more about the IP
protocol read RFC 791.

The Internet Control Message Protocol or the ICMP

The ICMP protocol allows hosts to transfer information on errors that might have occurred during the data
transfer between two hosts. It is basically used to display error messages about errors that might occur
during the data transfer. The ICMP is a very simple protocol without any headers. It is most commonly
used to diagnose Network Problems. The famous utility PING is a part of the ICMP protocol. ICMP
requests do not require the user or application to mention any port number as all ICMP requests are
answered by the Network Software itself. The ICMP protocol too handles only a single datagram. That's
why we say in PING only a single datagram is sent to the remote computer. This protocol can remote many
network problems like Host Down, Congested Network etc

Read RFC 792 for further in depth details about the ICMP protocol.

The Link Layer

Almost all networks use Ethernet. Each machine in a network has it's own IP address and it's Ether
Address. The Ether Address of a computer is different than it's IP address. An Ether Address is a 42 bit
address while the IP address is only a 32 bit address. A Network must know which computer to deliver the
datagram to. Right? For this the Ether Header is used.

The Ether Header is a 14 octet header that contains the Source and Destination Ethernet address, and a type
code. Ether too calculates it's own Checksum value. The Type code relates to the protocol families to be
used within the Network. The Ether Layer passes the datagram to the protocol specified by this field after
inserting the Ether Header. There is simply no connection between the Ethernet Address and the IP address
of a machine. Each machine needs to have a Ethernet to IP address translation table on its hard disk.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ethernet destination address (first 32 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ethernet dest (last 16 bits) |Ethernet source (first 16 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ethernet source address (last 32 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type code |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| IP header, then TCP header, then your data |
| |
| |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Ethernet Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Address Resolution Protocol or ARP

Data before being transmitted across the Internet or across a local network is broken down into smaller
Packets which are suitable for transfer over the net. These packets have the Source and Destination IP's but
for the transfer to take place the suitable Hardware Addresses or the MAC addresses must also be known.
That is where ARP comes in.

To get the Hardware MAC addresses, ARP or Address Resolution Protocol sends a request message. The
Router replies with the Hardware Address. It is similar to the DNS and it too has a cache. This cache can be
a bit vulnerable as a Hacker could forge a connection from a remote machine claiming to be one of the
cached locations. So we can conclude that ARP translates IP's into Ethernet Addresses. One thing to
remember about ARP is that it only translates outgoing packets.

There is also something called the RARP which is an abbreviation for Reverse Address Resolution
Protocol, which like the name says does exactly reverse of what ARP does.

There is simply no algorithm to get the Ethernet Address from the IP Address. To carry out such
translations, each computer has a file which has a table with rows for each computer and two columns for
their corresponding IP address and Ethernet Address. The File is somewhat like the following-:

Internet Protocol Address Ethernet Address
Computer Name xxx.xy.yy.yx 08-00-39-00-2F-C3

Say there are a system in a Network (A) and an unidentified system (B) contacts it. Now A only knows the
IP address of B. Now A will first try to identify whether B is the same network so that it can directly
communicate via Ethernet. So it will first check the IP to MAC address translation table which it has. If it
finds the IP in the table then well and good and A will establish a connection with B via Ethernet.

On the Other hand if A does not find any match for the specific IP, it will send out a request in the form of
a 'Broadcast'. All computers within the Network will receive this broadcast and will search their own IP to
MAC translation table and will reply with the necessary MAC address. A basic difference between an Ip
address and MAC address is that an IP is the form xxx.xxx.xxx.xxx and a MAC address is in the form
xx:xx:xx:xx:xx:xx and one is 32 bit while the other is 40 bit.

Read RFC 826 for further in depth details about the ARP protocol.

Application Layer

Till now you have learnt how data is broken down into smaller chunks, and transferred to the destination,
where the chunks are rearranged. But there is yet another aspect to a successful data transfer process, which
we have not discussed yet: The Application Protocols and the Application Layer itself. A host which
receives datagrams has many applications or services (daemons) running which are ready to establish a
TCP connection and accept a message. Datagrams travelling on the Internet must know which application
they have to establish connection with, which application they have to send the message to. A typical web
server will have the FTP daemon, the HTTP daemon, the POP daemon, and the SMTP daemon running.
Wouldn't the datagrams get confused as to which daemon to send the message to.

For the datagrams to know which computer to send the message to, we have IP addresses. The datagram
knows what daemon or application to send the message to by the Port Number attached to the IP address of
the Destination. A TCP address is actually fully described by 4 numbers; The IP address of the Source and
Destination and the TCP Port Numbers of each end to which data is to be sent. These numbers are found in
the TCP Header.

To make it simpler to understand I have included an excerpt from the Net Tools Chapter:

What is all the hype about socket programming? What exactly are sockets?

TCP\IP or Transmission Control Protocol\ Internet Protocol is the language or the protocol used by
computers to communicate with each other over the Internet. Say a computer whose IP address is
99.99.99.99 wants to communicate with another machine whose IP address is 98.98.98.98 then would will
happen?

The machine whose IP is 99.99.99.99 sends a packet addressed to another machine whose IP is
98.98.98.98. When 98.98.98.98 receives the packet then it verifies that it got the message by sending a
signal back to 99.99.99.99.But say the person who is using 99.99.99.99 wants to have simultaneously more
than one connections to 98.98.98.98.....then what will happen? Say 99.99.99.99 wants to connect to
the FTP daemon and download a file by FTP and at the same time it wants to connect to 98.98.98.98's
website i.e. The HTTP daemon. Then 98.98.98.98. will have 2 connects with 99.99.99.99 simultaneously.
Now how can 98.98.98.98.distinguish between the two connections...how does 98.98.98.98. know which
is for the FTP daemon and which for the HTTP daemon? If there was no way to distinguish between the
two connections then they would both get mixed up and there would be a lot of chaos with the message
meant for the HTTP daemon going to the FTP daemon. To avoid such confusion we have ports. At each
port a particular service or daemon is running by default. So now that the 99.99.99.99 computers knows
which port to connect to, to download a FTP file and which port to connect to, to download the web page,
it will communicate with the 98.98.98.98 machine using what is known as the socket pair which is a
combination of an IP address and a Port. So in the above case the message which is meant for the FTP
daemon will be addressed to 98.98.98.98 : 21 (Notice the colon and the default FTP port suceeding it.).
So that the receiving machine i.e. 98.98.98.98 will know for which service this message is meant for and to
which port it should be directed to.

In TCP\IP or over the Internet all communication is done using the Socket pair i.e. the combination of the
IP address and the port.

*****************
HACKING TRUTH: Learn More about Ports, IP addresses and Sockets by reading the Net Tools Chapter.
*****************
The Application Layers basically consists of the Applications running on your computer and the
Applications running on the host to which you are connected. Say you are viewing the Hotmail Site, then
the application layer comprises of the Web Browser running on your computer and the HTTP daemon
running at Hotmail's server and the Application Protocol being used to communicate is HyperText Transfer
Protocol.

As soon as a TCP connection is established the Applications running on Each end decide the language or
protocol to be used to communicate and send datagrams.

IP Spoofing Torn Apart

IP spoofing is the most exciting topic you will hear wannabe hackers talking about. It is also a subject
about which no one knows much. Before we continue I would like to tell you that IP Spoofing is quite
difficult to understand and a lot of people have trouble understanding how it is done. The other downside it
has is the fact that it can almost not be done using a Windows system and a system administrator can easily
protect his system from IP spoofing

So what is IP Spoofing? IP Spoofing is a trick played on servers to fool the target computer into thinking
that it is receiving data from a source other than you. This in turn basically means to send data to a remote
host so that it believes that the data is coming from a computer whose IP address is something other than
yours. Let's take an example to make it clear:

Your IP is : 203.45.98.01 (REAL)
IP of Victim computer is: 202.14.12.1 (VICTIM)
IP you want data to be sent from: 173.23.45.89 (FAKE)

Normally sitting on the computer whose IP is REAL, the datagrams you send to VICTIM will appear to
have come from REAL. Now consider a situation in which you want to send a datagram to VICTIM and
make him believe that it came from a computer whose IP is FAKE. This is when you perform IP Spoofing.

The Main problem with IP Spoofing is that even if you are able to send a spoofed datagram to the remote
host, the remote host will reply not to your real IP but to the Fake IP you made your datagram seem to have
come from. Getting confused? Read the following example to clear up your mind.

Taking the same IP's as in the last example, consider the following scenario. Now, if REAL connects to
VICTIM, after the standard three way handshake has taken place, and VICTIM sends an ACK message to
REAL. Now if you spoof you IP, to say FAKE, then VICTIM will try to establish a TCP connection and
will send an ACK message to FAKE. Now lets assume that FAKE is alive, then as it had not requested the
ACK message (sent by VICTIM to FAKE) it will reply with a NACK message which would basically end
the connection and no further communication between FAKE and VICTIM would take place. Now if
FAKE doesn't exist then the ACK message sent by VICTIM will not get any reply and in the end the
connection times out.

Due to this FAKE and REAL IP reasons, when a person is trying to perform an IP Spoof, he does not get
any response from the remote host and has no clue whether he has been successful or not. If he has made
any progress or not. You are as good as blind, with no medium through which you could get feedback.

IP Spoofing can be successful only if the computer with the FAKE IP does not reply to the victim and not
interrupt the spoofed connection. Take the example of a telephone conversation, you can call up a person
' x ' and pretend to be ' y ' as long as ' y ' does not interrupt the conversation and give the game away.

So why would you need to perform IP Spoofing-:

1.) To Pretend that you are some other computer whose IP address is amongst the trusted list of computers
on the victim's disk. This way you are exploit the 'r' services and gain access to the network as you are
then believed to be from a trusted source.
2.) To Disguise or Mask your IP address so that the victim does not know who you really are and where
the data is coming from.

If you ever read the alt.2600 or the alt.hacking newsgroup, you would probably find many postings like "I
have Win98, how do I Spoof my IP" or even " I do not know TCP/IP. tell me how to perform IP spoofing".
You see the very fact that they are posting such questions and expect to learn how to spoof their IP without
even knowing a bit about TCP\IP, confirms the fact that they would not be able to perform IP Spoofing. No
I am not saying that asking questions is bad, but you see not knowing something is not so bad, but not
knowing something and showing ignorance towards learning it is really, really bad.

You see IP spoofing is a very complex and difficult to perform subject. You need to hog entire TCP/IP and
Networking Protocols manuals and need to be able to write C programs which will help you in the
Spoofing process. It is amazing how people even think that they can spoof their IP without even knowing
what TCP/IP stands for.

You see all packets travelling across the Internet have headers which contain the source and destination IP
addresses and port numbers, so that the packet knows where to go and the destination knows where the
packet has come from and where to respond. Now the process of Spoofing means to change the source IP
address contains by the Header of the packet, in turn fooling the receiver of the Packets into believing that
the packet came from somewhere else, which is a fake IP. Now let's again look at the IP Header of a
datagram.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Time to Live | Protocol | Header Checksum |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Destination Address |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| TCP header info followed by the actual data being transferred |
|

Now basically to perform IP spoofing we need to be able to change the value of the field, Source Address.
Now to this you need to be able to guess sequence numbers which is quite a sophisticated process and I will
try to explain it as clearly as possible. Before we go on, you need to understand the fact the IP spoofing is
not the entire process, it is just a stepping stop in the entire process of fooling the remote host and
establishing a trust relationship with the remote host.

So how do these trust relationships take place? Well all of you are encountered with some form of
authentication process or the other. Now the Username-Password pair is the most commonly used form of
authentication, with which we are very much familiar. Now what happens in the Username-Password form
of authentication is that the remote host to which the client is connected to challenges the client by asking
the User to type in the Username and Password. So in this form of authentication, the User needs to
intervened and the remote host challenges the user to enter the Username and Password which act as a from
of authentication.

Now other than the Password-Username form of authentication there is yet another form of authentication
most users do not know of. This is the Client IP. In this form of authentication, what happens is that the
remote host gets or find out the IP address of the client and compares it with a predefined list of IP's. If the
IP of the client who is trying to establish a connection with the remote host is found in the list of IP's
maintained by the host, then it allows the client access to the shell 'without a password' as the identity of
the client has already been authenticated.

Such kind of rust relationships are common in Unix Systems which have certain 'R services' like rsh ,
rlogin , rcp which have certain security problems and should be avoided. Despite the threat involved most
ISP's in India still keep the ports of the R services open to be exploited by Hackers. You normally establish
a Rlogin trust relationship by using the Unix command,

$>rlogin IP address

**************
HACKING TRUTH: Well there is definitely a cooler way of establishing a trust relationship with a remote
host, using Telnet. The default port numbers at which the R services run are 512, 513,514
**************

So how do I spoof my IP? Well in short, to spoof your IP, you need to be able to predict sequence numbers,
this will clearer after reading then next few paragraphs.

To understand Sequence Numbers you need to go back to, how the TCP protocol works. You already
know that TCP is a reliable protocol and has certain in-built features which have the ability to rearrange, re-
send lost, duplicated or out of sequence data. To make sure that the destination is able to rearrange the
datagrams in the correct order, TCP inserts two sequence numbers into each TCP datagram. One Sequence
number tells the receiving computer where a particular datagram belongs while the second sequence
number says how much data has been received by the sender. Anyway, let's move on, TCP also relies on
ACK and NACK messages to ensure that all datagrams have reached the destination error free.
Now we need to reanalyze the TCP Header to understand certain other aspects of sequence numbers and
the ACK Number.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Acknowledgment Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data | |U|A|P|R|S|F| |
| Offset| Reserved |R|C|S|S|Y|I| Window |
| | |G|K|H|T|N|N| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | Urgent Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| The Actual Data form the next 500 octets |
| |

You see the TCP Header contains a Sequence Number which actually represents the sequence number of
the first byte of that particular TCP segment. A sequence number is a 32 Bit number which is attached to
all bytes (data) being exchanged across a Network. The ACK Number Field in the TCP header, actually
contains the value of the sequence number which it expects to be the next. Not only that, it also does what
it was meant to do, acknowledge data received. Confused? Read it again till you get the hang of it.

When a connection is established, the initial sequence number or ISN is initialized to 1. This ISN number
is then incremented by 128,000 every second. There is a certain patter according to which the sequence
numbers increment or change which makes then easy to predict.

To successfully perform IP spoofing or in order to predict Sequence Numbers, you need to be running a
form of UNIX, as Windows does not provide the users with access to really advanced system stuff.
Without a form of Unix IP Spoofing is almost impossible to do.

This text is not the ultimate guide to IP Spoofing and was aimed at only giving you a general outline of the
whole process. Sequence number Prediction is really, really sophisticated and difficult to understand, but
not impossible to do. However a system administrator can easily save his systems from IP spoofing and this
actually makes it quite useless, nonetheless truly exciting. If You really want to learn IP Spoofing I suggest
you read IP Spoofing Demystified by daemon9/route/infinity which was a part of Issue 48 of PHRACK
magazine, File 14 of 18. Go to the Archive Section of their site, http://www.phrack.com and click on Issue
48.

This brings me to the other purpose people use IP Spoofing, IP Masking. Now to something as simple as
mask or hide your IP you do not need to go through the complex procedure of guessing sequence numbers
and performing IP Spoofing. There are proxy servers to do that for you. Read the Net Tools chapter for
further details.

Port Scanning in Networking Terms

Earlier we learnt what a Port scan is why it is considered to be such a important tool of getting information
about the remote host, which in turn can be used to exploit any vulnerabilities and break into the system.
We all know how a manual Port Scan works. You launch Telnet and manually Telnet to each Port jotting
down information that you think is important. In a manual Port Scan, when you telnet to a port of a remote
host, a full three way handshake takes place, which means that a complete TCP connection opens.

The earliest and the oldest version of Port Scanners used the same technique. They connected to each port
and established a full three way handshake for a complete TCP connection. The downside of such port
scanners was the fact that as a full TCP connection was being established, the system administrator could
easily detect that someone is trying to port scan his systems to find a vulnerability. However such port
scanning methods also had a bright side, as an actual TCP connection was being established, the port
scanning software did not have to build a Fake Internet Protocol Packet. (This IP Packet is used to scan the
remote systems.) Such TCP scanners too relied on the three-way TCP handshake to detect if a port is open
or not. The Basic process of detecting whether a port is open or not has been described below:

1.) You send a TCP Packet containing the SYN flag to remote host.
2.) Now the remote host checks whether the port is open or not. If the port is open then it replies with a
TCP packet containing both an ACK message confirming that the port is open and a SYN flag. On the
other hand if the port is closed then the remote host sends the RST flag which resets the connection, in
short closes the connection.
3.) This third phase is optional and involves the sending of an ACK message by the client.

As TCP Scanners were detectable, programmers around the world developed a new kind of port scanner,
the SYN Scanner, which did not establish a complete TCP connection. These kinds of port scanners remain
undetectable by only sending the first single TCP Packet containing the SYN flag and establishing a half
TCP Connection. T understand the working of a SYN or Half SYN Port Scanner simply read its 4 step
working-:

1. SYN Port Scanner sends the first TCP packet containing the SYN flag to the remote host.
2. The remote system replies with, either a SYN plus ACK or a RST.
3. When the SYN Port scanner receives one of the above responses, it knows whether the respective port
is open or not and whether a daemon is ready listening for connections.

The SYN Port Scanners were undetectable by most normal system port scan detectors, however newer post
scan detectors like netstat and also some firewalls can filter out such scans. Another downside to such
scanning is that the method in which the scanner makes the IP packet varies from system to system.

UDP Scanning

It is yet another port scanning technique which can be used to scan a UDP port to see if it is listening. To
detect an open UDP port, simply send a single UDP Packet to the port. If it is listening, you will get the
response, if it is not, then ICMP takes over and displays the error message, " Destination Port
Unreachable".

FIN Port Scanners

FIN Port Scanners are my favorite type of port scanners. They send a single packet containg the FIN flag. If
the remote host returns a RST flag then the port is closed, if no RST flag is returned, then it is open and
listening.

Some port scanners also use the technique of sending a ACK packet and if the Time To Live or ttl of the
returning packets is lower than the RST packets received (earlier), or if the windows size is greater than
zero, then the port is probably open and listening.

The Following is the code of a supposedly Stealth Port Scanner which appeared in the Phrack Magazine.

/*
* scantcp.c
*
* version 1.32
*
* Scans for listening TCP ports by sending packets to them and waiting for
* replies. Relys upon the TCP specs and some TCP implementation bugs found
* when viewing tcpdump logs.
*
* As always, portions recycled (eventually, with some stops) from n00k.c
* (Wow, that little piece of code I wrote long ago still serves as the base
* interface for newer tools)
*
* Technique:
* 1. Active scanning: not supported - why bother.
*
* 2. Half-open scanning:
* a. send SYN
* b. if reply is SYN|ACK send RST, port is listening
* c. if reply is RST, port is not listening
*
* 3. Stealth scanning: (works on nearly all systems tested)
* a. sends FIN
* b. if RST is returned, not listening.
* c. otherwise, port is probably listening.
*
* (This bug in many TCP implementations is not limited to FIN only; in fact
* many other flag combinations will have similar effects. FIN alone was
* selected because always returns a plain RST when not listening, and the
* code here was fit to handle RSTs already so it took me like 2 minutes
* to add this scanning method)
*
* 4. Stealth scanning: (may not work on all systems)
* a. sends ACK
* b. waits for RST
* c. if TTL is low or window is not 0, port is probably listening.
*
* (stealth scanning was created after I watched some tcpdump logs with
* these symptoms. The low-TTL implementation bug is currently believed
* to appear on Linux only, the non-zero window on ACK seems to exists on
* all BSDs.)
*
* CHANGES:
* --------
* 0. (v1.0)
* - First code, worked but was put aside since I didn't have time nor
* need to continue developing it.
* 1. (v1.1)
* - BASE CODE MOSTLY REWRITTEN (the old code wasn't that maintainable)
* - Added code to actually enforce the usecond-delay without usleep()
* (replies might be lost if usleep()ing)
* 2. (v1.2)
* - Added another stealth scanning method (FIN).
* Tested and passed on:
* AIX 3
* AIX 4
* IRIX 5.3
* SunOS 4.1.3
* System V 4.0
* Linux
* FreeBSD
* Solaris
*
* Tested and failed on:
* Cisco router with services on ( IOS 11.0)
*
* 3. (v1.21)
* - Code commented since I intend on abandoning this for a while.
*
* 4. (v1.3)
* - Resending for ports that weren't replied for.
* (took some modifications in the internal structures. this also
* makes it possible to use non-linear port ranges
* (say 1-1024 and 6000))
*
* 5. (v1.31)
* - Flood detection - will slow up the sending rate if not replies are
* recieved for STCP_THRESHOLD consecutive sends. Saves alot of resends
* on easily-flooded networks.
*
* 6. (v1.32)
* - Multiple port ranges support.
* The format is: |[,|,...]
*
* Examples: 20-26,113
* 20-100,113-150,6000,6660-6669
*
* PLANNED: (when I have time for this)
* ------------------------------------
* (v2.x) - Multiple flag combination selections, smart algorithm to point
* out uncommon replies and cross-check them with another flag
*
*/

#define RESOLVE_QUIET

#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include "resolve.c"
#include "tcppkt03.c"

#define STCP_VERSION "1.32"
#define STCP_PORT 1234 /* Our local port. */
#define STCP_SENDS 3
#define STCP_THRESHOLD 8
#define STCP_SLOWFACTOR 10

/* GENERAL ROUTINES ------------------------------------------- */

void banner(void)
{
printf("\nscantcp\n");
printf("version %s\n",STCP_VERSION);
}
void usage(const char *progname)
{
printf("\nusage: \n");
printf("%s [sf]\n\n",progname);
printf("\t : 0: half-open scanning (type 0, SYN)\n");
printf("\t 1: stealth scanning (type 1, FIN)\n");
printf("\t 2: stealth scanning (type 2, ACK)\n");
printf("\t : source address (this host)\n");
printf("\t : target to scan\n");
printf("\t : ports/and or ranges to scan - eg: 21-30,113,6000\n");
printf("\t : microseconds to wait between TCP sends\n");
printf("\t : seconds to wait for TCP replies\n");
printf("\t[sf] : slow-factor in case sends are dectected to be too fast\n\n");
}
/* OPTION PARSING etc ---------------------------------------- */
unsigned char *dest_name;
unsigned char *spoof_name;
struct sockaddr_in destaddr;
unsigned long dest_addr;
unsigned long spoof_addr;
unsigned long usecdelay;
unsigned waitdelay;

int slowfactor = STCP_SLOWFACTOR;

struct portrec /* the port-data structure */
{
unsigned n;
int state;
unsigned char ttl;
unsigned short int window;
unsigned long int seq;
char sends;

} *ports;

char *portstr;

unsigned char scanflags;

int done;

int rawsock; /* socket descriptors */
int tcpsock;

int lastidx = 0; /* last sent index */
int maxports; /* total number of ports */

void timeout(int signum) /* timeout handler */
{ &

Stop Annoying Pop-ups Without Pop-up Blockersoutli

2007-11-11T05:06:00.000-08:00

Did you ever go to warez/cracks sites (which we all know is BAD!) only to be bombarded with 10 windows opening up at a time, with porn, spam etc?

I've discovered a VERY easy way to block about 90-95% of this sh!t, without using any pop-up stopping programs (I hate installing that garbage!).

This is for Internet Explorer 6.0, but I'm sure that it can work with other browsers if you take the time to fiddle around.

Here's how you do it...

1) Go to TOOLS and then INTERNET OPTIONS.

2) Click the SECURITY tab, move the slider up to HIGH and click APPLY.

This applies the highest security settings to IE, which blocks EVERYTHING, including JavaScript, Applets, and so on that pop-ups are based upon.

The catch is this... Some places like online banks and other web sites need these functions to work properly... So you'll need to re-enable one important thing...

1) Go to TOOLS and then INTERNET OPTIONS.

2) Click the SECURITY tab, CUSTOM LEVEL, scroll down to SCRIPTING, and under ACTIVE SCRIPTING, select the ENABLE radio button.

3) Click APPLY and you're pretty much done!

Note: This does NOT completely remove pop-ups and other annoyances, but it sure helps ALOT, without having to trash your computer with pop-up blockers

Who Is Seeding The Net With Spyware?

2007-11-11T05:05:00.000-08:00

Who's Seeding the Net With Spyware?

Young surfers pick up paychecks for posting misleading pitches armed with invasive programs.

It's tough enough sometimes to figure out where you picked up that spyware, but have you ever wondered who planted that digital parasite?

It's likely a young man, maybe a college student, just making a few bucks spreading pop-up ads that contain a package unwelcome by many. And it's a growing cottage industry.

How It Works

Spyware follows your Internet surfing habits and serves up advertisements. You typically pick up spyware by clicking on links, which may not make it clear that you're downloading a "bonus" program when you read an ad or download a program you want.

The Federal Trade Commission defines spyware as "software that aids in gathering information about a person or organization without their knowledge and which may send such information to another entity without the consumer's consent, or asserts control over a computer without the consumer's knowledge." The federal government and several states are considering antispyware laws, and Utah recently enacted one.

FTC and industry leaders have urged Congress to resist spyware legislation, instead pushing for the industry to adopt self-regulatory practices. They fear that proposed laws define the practice too vaguely, and would prohibit other marketing practices that benefit consumers. But some lawmakers worry that the tech industry will not regulate spyware aggressively enough to protect consumers.

Meanwhile, computer users continue to face the side effects of spyware on their systems: bogged-down Internet connections, identity theft, lost documents, system problems, and potential loss of privacy.

Who's Behind It

The people distributing the links for spyware downloads are paid about 15 cents every time an unsuspecting surfer clicks on their misleading bait.

"Friends signed me up one night, after we'd been drinking," says one twenty-something man, who plants spyware for pay. "They said it was an easy way to make some money."

"All I had to do was sign up and post fake ads, saying things like 'to see my picture click here.' Then when they clicked, it told them they had to download software to see the pictures."

But the user downloaded no pictures; instead, they got the greeting, "Come back later to see my photo." The ad is bogus, but the contamination of the computer is real.

He says open forums and other unregulated sites are the best places to post ads, because large numbers of people are likely to click on the phony links.

"You have to move around," he says, noting that if users complain, he'll be kicked off a site, or a section of a site. For example, he will just move to a different part of a classified advertisement site, he says. "It's really easy, so reposting your ad is not a big deal."

At 15 cents per hit, he got checks every two weeks for a few hundred dollars each.

"I could have made a lot more," he says, adding that he really isn't doing it anymore. "All I had to do was put more ads up and I would have doubled or tripled my profits."

What's the Risk?

The foot soldiers who spread spyware may also become victims of the companies behind the software.

Many companies paying individuals to spread spyware post a disclaimer on their own Web site. It often contains a clause telling readers that if they commit fraud the company has the right to pull their paycheck.

However, the new Utah Spyware Control Act and other privacy laws sometimes invoked to combat spyware consider posting spyware to be fraud.

The spyware spreaders may not be reading the disclaimer themselves. But they do understand the company is paying them to trick people into downloading software, the young man says.

Does he feel any remorse for contaminating the computers of naive users? "Look, they're perverts if they click on my ads," he says, noting that the ads imply pornographic pictures await. "I say some nasty stuff, so, no, I don't feel bad." Anyone online should have a spyware blocker, spam blocker, and a firewall anyway, he said. "If they don't, they're just stupid."

A Challenging Battle

Placing ads online can be a tempting and easy way to make money from home, notes Ray Everette-Church, chief privacy officer for antispam product vendor Turn Tide.

"It is very successful," Everette-Church says. "Hundreds of thousands of dollars a month is generated in this tiered structural referral." He is serving as an expert witness for the plaintiffs in an ongoing adware case arguing against pop-up ads.

Millions of Americans online haven't protected their PCs, and pursuing perpetrators of spyware is more complicated than in other criminal investigations, according to Mozelle Thompson, an FTC commissioner.

"It's hard to identify how many companies are engaged in dangerous spyware, or spyware in general," Thompson says. "The definition of spyware is too broad."

The surreptitious nature of spyware makes it more difficult to track who, where, and how the spyware is disseminated, Thompson told a House subcommittee at a recent hearing.

"Consumer complaints, for instance, are less likely to lead directly to targets than in other law enforcement investigations, because consumers often do not know that spyware has caused the problems or, even if they do, they may not know the source of the spyware," he said at the April hearing.

Where You Can Find Horses...

2007-11-11T05:04:00.000-08:00

Trojan Secret Ports
TCP 1 Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250
TCP 28 Amanda.200
TCP 31 MastersParadise.920
TCP 68 Subseven.100
TCP 142 NetTaxi.180
TCP 146 Infector.141, Intruder.100, Intruder.100
TCP 171 ATrojan.200
TCP 285 WCTrojan.100
TCP 286 WCTrojan.100
TCP 334 Backage.310
TCP 370 NeuroticKat.120, NeuroticKat.130
TCP 413 Coma.109
TCP 420 Breach.450
TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100
TCP 623 Rtb666.160
TCP 660 Zaratustra.100
TCP 661 Noknok.800, Noknok.820
TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110
TCP 667 SniperNet.210, Snipernet.220
TCP 668 Unicorn.101, Unicorn.110
TCP 680 Rtb666.160
TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332
TCP 785 NetworkTerrorist.100
TCP 800 NeuroticKitten.010
TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130
TCP 901 NetDevil.130, NetDevil.140
TCP 1000 DerSpaeher.200
TCP 1001 Silencer.100
TCP 1008 AutoSpy.100
TCP 1010 DerSpaeher.200
TCP 1015 Doly.150
TCP 1111 TPort.100
TCP 1130 Noknok.800, Noknok.820
TCP 1207 SoftWAR.100
TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200
TCP 1245 VoodooDoll.006
TCP 1269 Matrix.130
TCP 1480 RemoteHack.130
TCP 1568 RemoteHack.100, RemoteHack.110
TCP 1600 DirectConnection.100
TCP 1601 DirectConnection.100
TCP 1602 DirectConnection.100
TCP 1634 NetCrack.100
TCP 1784 Snid.120, Snid.212
TCP 1999 TransmissionScout.100, TransmissionScout.110
TCP 2000 ATrojan.200, InsaneNetwork.400
TCP 2001 DIRT.220, TrojanCow.100
TCP 2003 TransmissionScout.100, TransmissionScout.110
TCP 2023 RipperPro.100
TCP 2040 InfernoUploader.100
TCP 2115 Bugs.100
TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
TCP 2332 SilentSpy.202
TCP 2589 Dagger.140
TCP 2600 DigitalRootbeer.100
TCP 2989 Rat.200
TCP 3128 MastersParadise.970
TCP 3129 MastersParadise.920, MastersParadise.970
TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
TCP 3215 BlackStar.100, Ghost.230
TCP 3333 Daodan.123
TCP 3410 OptixPro.100, OptixPro.110
TCP 3456 Force.155, TerrorTrojan.100
TCP 3505 AutoSpy.130, AutoSpy.140
TCP 3586 Snid.120, Snid.212
TCP 3700 PortalOfDoom.100
TCP 3723 Mantis.100
TCP 3800 Eclypse.100
TCP 3996 RemoteAnything.364
TCP 4000 SkyDance.220, SkyDance.229
TCP 4201 Wartrojan.160, Wartrojan.200
TCP 4225 SilentSpy.202
TCP 4321 Bobo.100
TCP 4444 AlexTrojan.200, Crackdown.100
TCP 4488 EventHorizon.100
TCP 4523 Celine.100
TCP 4545 InternalRevise.100, RemoteRevise.150
TCP 4567 FileNail.100
TCP 4666 Mneah.100
TCP 4950 ICQTrojan.100
TCP 5005 Aladino.060
TCP 5025 Keylogger.WMRemote.100
TCP 5031 NetMetro.104
TCP 5032 NetMetro.104
TCP 5033 NetMetro.104
TCP 5050 RoxRat.100
TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040
TCP 5190 MBomber.100
TCP 5277 WinShell.400
TCP 5343 WCRat.100
TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300
TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100
TCP 5534 TheFlu.100
TCP 5550 XTCP.200, XTCP.201
TCP 5555 Noxcape.100, Noxcape.200
TCP 5695 Assassin.100
TCP 5714 WinCrash.100
TCP 5741 WinCrash.100
TCP 5742 WinCrash.103
TCP 5802 Y3KRat.160
TCP 5810 Y3KRat.160
TCP 5838 Y3KRat.170
TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5880 Y3KRat.140
TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5883 Y3KRat.110, Y3KRat.140
TCP 5884 Y3KRat.140, Y3KRat.150
TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5886 Y3KRat.120, Y3KRat.140
TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
TCP 5890 Y3KRat.140
TCP 6400 Thething.100, Thething.150
TCP 6556 AutoSpy.120, AutoSpy.122
TCP 6655 Aqua.020
TCP 6660 LameSpy.095
TCP 6666 LameRemote.100, ProjectMayhem.100
TCP 6669 Vampire.100
TCP 6670 DeepThroat.200, DeepThroat.210
TCP 6671 DeepThroat.310
TCP 6699 HostControl.101
TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190
TCP 6712 Subseven.100
TCP 6713 Subseven.100
TCP 6767 NTRC.120
TCP 6776 SubSeven.180, SubSeven.190, Subseven.200
TCP 6789 Doly.200
TCP 6796 SubSeven.214
TCP 6912 ShitHeep.100
TCP 6939 Indoctrination.100
TCP 6953 Lithium.100
TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120
TCP 6970 Danton.330
TCP 7001 Freak88.100
TCP 7119 Massaker.100
TCP 7200 Massaker.110
TCP 7300 Coced.221
TCP 7301 Coced.221
TCP 7306 NetSpy.200, NetSpy.200
TCP 7410 Phoenix.190, Phoenix.200
TCP 7511 Genue.100
TCP 7609 Snid.120, Snid.212
TCP 7614 Wollf.130
TCP 7648 BlackStar.100, Ghost.230
TCP 7788 Last.2000, Matrix.200
TCP 7826 MiniOblivion.010, Oblivion.010
TCP 7887 SmallFun.110
TCP 7891 Revenger.100
TCP 7979 VagrNocker.200
TCP 7997 VagrNocker.200
TCP 8000 XConsole.100
TCP 8011 Way.240
TCP 8012 Ptakks.215, Ptakks.217
TCP 8110 LoseLove.100
TCP 8111 LoseLove.100
TCP 8301 LoseLove.100
TCP 8302 LoseLove.100
TCP 8372 NetBoy.100
TCP 8720 Connection.130
TCP 8734 AutoSpy.110
TCP 8811 Force.155
TCP 8899 Last.2000
TCP 9000 Aristotles.100
TCP 9301 LoseLove.100
TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170
TCP 9401 InCommand.100, InCommand.110, InCommand.170
TCP 9402 InCommand.100, InCommand.110
TCP 9561 CRatPro.110
TCP 9563 CRatPro.110
TCP 9580 TheefLE.100
TCP 9696 Danton.210, Ghost.230
TCP 9697 Danton.320, Danton.330, Ghost.230
TCP 9870 R3C.100
TCP 9872 PortalOfDoom.100
TCP 9873 PortalOfDoom.100
TCP 9874 PortalOfDoom.100
TCP 9875 PortalOfDoom.100
TCP 9876 Rux.100, SheepGoat.100
TCP 9877 SmallBigBrother.020
TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120
TCP 9879 SmallBigBrother.020
TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300
TCP 10001 DTr.130, DTr.140
TCP 10013 Amanda.200
TCP 10067 PortalOfDoom.100
TCP 10100 Gift.240
TCP 10101 NewSilencer.100
TCP 10167 PortalOfDoom.100
TCP 10528 HostControl.100, HostControl.260
TCP 10607 Coma.109
TCP 10666 Ambush.100
TCP 11011 Amanda.200
TCP 11050 HostControl.101
TCP 11051 HostControl.100, HostControl.260
TCP 11223 AntiNuke.100, Progenic.100, Progenic.110
TCP 11225 Cyn.100, Cyn.103, Cyn.120
TCP 11306 Noknok.800, Noknok.820
TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 11991 PitfallSurprise.100
TCP 12043 Frenzy.2000
TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400
TCP 12346 Netbus.160, Netbus.170
TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317
TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402
TCP 12389 KheSanh.210
TCP 12478 Bionet.210
TCP 12623 Buttman.090, Buttman.100
TCP 12624 Buttman.090, Buttman.100
TCP 12625 Buttman.100
TCP 12904 Akropolis.100, Rocks.100
TCP 13473 Chupacabra.100
TCP 13753 AFTP.010
TCP 14100 Eurosol.100
TCP 14194 CyberSpy.840
TCP 14286 HellDriver.100
TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14501 PCInvader.060, PCInvader.070
TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070
TCP 14504 PCInvader.050, PCInvader.060
TCP 15092 HostControl.100, HostControl.260
TCP 15382 SubZero.100
TCP 15432 Cyn.210
TCP 15555 ICMIBC.100
TCP 16322 LastDoor.100
TCP 16484 MoSucker.110
TCP 16661 Dfch.010
TCP 16969 Progenic.100
TCP 16982 AcidShiver.100
TCP 17300 Kuang.200
TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521
TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100
TCP 17593 AudioDoor.120
TCP 19191 BlueFire.035, BlueFire.041
TCP 19604 Metal.270
TCP 19605 Metal.270
TCP 19991 Dfch.010
TCP 20000 Millenium.100
TCP 20001 Millenium.100, PshychoFiles.180
TCP 20002 AcidKor.100, PshychoFiles.180
TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220
TCP 21212 Schwindler.182
TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135
TCP 21579 Breach.2001
TCP 21584 Breach.2001
TCP 21684 Intruse.134
TCP 22068 AcidShiver.110
TCP 22115 Cyn.120
TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600
TCP 22223 Rux.400, Rux.500, Rux.600
TCP 22456 Bla.200, Bla.503
TCP 22457 AcidShiver.120, Bla.200, Bla.503
TCP 22784 Intruzzo.110
TCP 22845 Breach.450
TCP 22847 Breach.450
TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100
TCP 23032 Amanda.200
TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110
TCP 23456 EvilFTP.100, VagrNocker.400
TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155
TCP 23477 DonaldDick.153
TCP 24000 Infector.170
TCP 24307 Wildek.020
TCP 25386 MoonPie.220
TCP 25486 MoonPie.220
TCP 25555 FreddyK.100, FreddyK.200
TCP 25556 FreddyK.100
TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400
TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400
TCP 25982 MoonPie.135, MoonPie.200
TCP 26274 Delta.050
TCP 27160 MoonPie.135, MoonPie.200
TCP 27184 Alvgus.100, Alvgus.800
TCP 27374 Muerte.110, Subseven.210, SubSeven.213
TCP 28429 Hack'a'Tack.2000
TCP 28430 Hack'a'Tack.2000
TCP 28431 Hack'a'Tack.2000
TCP 28432 Hack'a'Tack.2000
TCP 28433 Hack'a'Tack.2000
TCP 28434 Hack'a'Tack.2000
TCP 28435 Hack'a'Tack.2000
TCP 28436 Hack'a'Tack.2000
TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400
TCP 29891 Unexplained.100
TCP 30000 Infector.170
TCP 30001 Error32.100
TCP 30003 LamersDeath.100
TCP 30029 AOLTrojan.110
TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131
TCP 30103 NetSphere.131
TCP 30947 Intruse.134
TCP 31320 LittleWitch.400, LittleWitch.420
TCP 31337 BackOrifice.120, Khaled.100, OPC.200
TCP 31415 Lithium.101
TCP 31416 Lithium.100, Lithium.101
TCP 31557 Xanadu.110
TCP 31631 CleptoManicos.100
TCP 31745 Buschtrommel.100, Buschtrommel.122
TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112
TCP 31887 BDDT.100
TCP 31889 BDDT.100
TCP 32100 ProjectNext.053
TCP 32418 AcidBattery.100
TCP 32791 Akropolis.100, Rocks.100
TCP 33291 RemoteHak.001
TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214
TCP 33577 SonOfPsychward.020
TCP 34324 TelnetServer.100
TCP 34763 Infector.180, Infector.190, Infector.200
TCP 35000 Infector.190, Infector.200
TCP 35600 Subsari.140
TCP 36794 BugBear.100
TCP 37237 Mantis.020
TCP 37651 YAT.210
TCP 37653 YAT.310
TCP 40308 Subsari.140
TCP 40412 TheSpy.100
TCP 40421 MastersParadise.970
TCP 40422 MastersParadise.970
TCP 40999 DiemsMutter.110, DiemsMutter.140
TCP 41626 Shah.100
TCP 44444 Prosiak.070
TCP 45673 Akropolis.100, Rocks.100
TCP 47262 Delta.050
TCP 48006 Fragglerock.200
TCP 49683 HolzPferd.210
TCP 50000 Infector.180
TCP 50130 Enterprise.100
TCP 50766 Fore.100
TCP 51234 Cyn.210
TCP 51966 Cafeini.080, Cafeini.110
TCP 54321 PCInvader.010
TCP 57341 NetRaider.100
TCP 57922 Bionet.084
TCP 58008 Tron.100
TCP 58009 Tron.100
TCP 59090 AcidReign.200
TCP 59211 DuckToy.100, DuckToy.101
TCP 59345 NewFuture.100
TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101
TCP 60411 Connection.100, Connection.130
TCP 60412 Connection.130
TCP 60552 RoxRat.100
TCP 63536 InsaneNetwork.500
TCP 63878 AphexFTP.100
TCP 63879 AphexFTP.100
TCP 64969 Lithium.100
TCP 65000 Socket.100
UDP 1 SocketsDeTroie.250
UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820
UDP 1130 Noknok.800, Noknok.820
UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310
UDP 2989 Rat.200
UDP 3128 MastersParadise.970
UDP 3129 MastersParadise.920, MastersParadise.970
UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110
UDP 3333 Daodan.123
UDP 3800 Eclypse.100
UDP 3996 RemoteAnything.364
UDP 4000 RemoteAnything.364
UDP 5555 Daodan.123
UDP 5881 Y3KRat.110, Y3KRat.140
UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150
UDP 5883 Y3KRat.110, Y3KRat.140
UDP 5884 Y3KRat.140, Y3KRat.150
UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5886 Y3KRat.120, Y3KRat.140
UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140
UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150
UDP 6953 Lithium.100
UDP 8012 Ptakks.217
UDP 10067 PortalOfDoom.100
UDP 10167 PortalOfDoom.100
UDP 10666 Ambush.100
UDP 11225 Cyn.100, Cyn.103, Cyn.120
UDP 11306 Noknok.800, Noknok.820
UDP 12389 KheSanh.210
UDP 12623 Buttman.090, Buttman.100
UDP 12625 Buttman.100
UDP 14100 Eurosol.100
UDP 23476 DonaldDick.155
UDP 26274 Delta.050
UDP 27184 Alvgus.100
UDP 28431 Hack'a'Tack.2000
UDP 28432 Hack'a'Tack.2000
UDP 28433 Hack'a'Tack.2000
UDP 28434 Hack'a'Tack.2000
UDP 28435 Hack'a'Tack.2000
UDP 28436 Hack'a'Tack.2000
UDP 29891 Unexplained.100
UDP 30103 NetSphere.131
UDP 31320 LittleWitch.400, LittleWitch.420
UDP 31337 BackOrifice.120, OPC.200
UDP 31416 Lithium.100, Lithium.101
UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112
UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112
UDP 33333 Blackharaz.100
UDP 47262 Delta.050
UDP 49683 HolzPferd.210
UDP 60000 MiniBacklash.100

When Good Discs Go Bad..

2007-11-11T04:26:00.001-08:00

Burning Questions

When Good Discs Go Bad

Ever wonder what makes a disc bad? Here's why they vary in quality, and why you should worry about the discs you've entrusted with your data.

Melissa J. Perenson, PC World
Tuesday, June 15, 2004

Burning CDs and DVDs is the easy part.

Knowing your data will be there when you go back to it days, months, or even years later--well, that's a bit harder. Not all discs are created equal, as Fred Byers, information technology specialist at the National Institute of Standards and Technology, can attest.

Byers is part of a team heading up an independent study of DVD media quality. Based on the first wave of testing results, the situation is murky at best.

"We've found the quality varies, depending upon the type of dye used to make the write-once discs and [on the] the manufacturer," reports Byers. Even discs from the same manufacturer, with the same brand, can test differently, Byers adds. "But there was more of a significant difference when you compared discs between manufacturers," he explains.

DVD Media Quality: The First Tests

In the first phase of testing, completed late last year, NIST focused on the most popular media: write-once, single-layer DVD-R and +R discs. Rewritable discs will be tested in the second phase, slated to start this fall. An interesting footnote to the study's methodology: NIST uses media purchased off store shelves and via Web sites; and while researchers are tracking the media by brand, they are not tracking the specific factory source of the media tested. For example, a given manufacturer's discs could originate from different production lines, which could account for a variation in disc quality by the same manufacturer.

Hearing that there's a difference between the generic, unbranded 100-spindle value-pack of media purchased online and the branded offerings you might find on a Best Buy store shelf is not surprising. After all, as David Bunzel, president of the Optical Storage Technology Association, points out: "With a generic product, there's no consumer recourse. It's buyer beware."

If a disc isn't properly manufactured, the consequences can be dire. At best, the disc will fail immediately during the burn process; this is a best-case scenario because then you know from the start that the disc is faulty. At worst, you may get an abundance of errors during the burn process. These errors won't interrupt the burning process, and since write-once and rewritable DVD media have built-in error correction to compensate for scratches and other abnormalities on the disc (as do their CD cousins), any errors will be virtually invisible to you. You'll only know they're there if you use a disc diagnostics program, such as those offered by Ahead Software or Plextor. Nor will these errors affect the playback of the disc--initially.

Down the road, however, such invisible-to-the-eye errors can reduce the effectiveness of a DVD's built-in error correction so that if some other issue develops on your disc, such as a scratch, you could end up with an unreadable disc when you go back to it months or years later.

But what would cause such a wide disparity in media quality between branded discs from the same vendor?

"We don't know why it's different--it could be a different dye, it could be a different manufacturing process," notes Byers. "Manufacturers are constantly trying to improve their dye formulas--in theory improving the disc."

Nonetheless, at the same time, competitive forces are driving manufacturers to find ways to economize on production costs. And cost-cutting measures can result in discs that don't perform as well as those generated during an earlier production run, either in terms of failing outright or not burning at the maximum possible speed on a given DVD drive. "It varies over time, as the output changes," Byers says.

Brand Disparity

As for the disparity between brands that NIST found, the distinguishing factors come down to quality control and the dyes used in disc production. Declining to name names, Byers points out that "some manufacturers make their own discs, and some purchase them from someplace else--which opens you to variations in the manufacturing plant, or changes in the source [of that media]."

Vendors like Maxell and Verbatim manufacture discs on their own production lines, as do Asian manufacturers CMC Magnetics, RiData, Taiyo Yuden, and others; other name brands contract with a third-party manufacturer to produce discs to their own specs; and still others just buy third-party-produced media wholesale, without imposing their own set of quality controls on the media production.

The intricacies of disc production and quality control aren't the only variables that seem to affect media. More surprising is the number of discs that seem to have a propensity for specific hardware.

"One thing we've found in compatibility testing [of DVD-R and +R media] is that it's a relationship between a specific brand of media and the manufacturer of the hardware," observes Byers. "There was no one drive that played every single type of compatible media, and there was no one media brand that played perfectly in every drive."

And, he adds, sounding as frustrated as any consumer might, "You can't say there's a clear, delineated set of reasons as to why."

A Grading System?

One of the most common questions I hear is, "What's a good brand of media to buy?" DVD and CD media are so commonplace nowadays that it's easy to forget the complexities that go into producing them. And if anything in that production process is off, it could, in time, affect the integrity of the data you've burned to a disc.

"It's very tough to answer that kind of question, because there are so many variables," says Byers. "You don't get 100 percent yield when you manufacture these discs. We can talk about the materials that produce a good disc, but it also has to do with the manufacturing process. So, just to say the materials to look for doesn't necessarily relate to it being a better disc." The same is true vice versa.

So how can you know that the media you're using will last you for the duration, so those archived photos will still be there when you go back to a disc 20 years from now--or more?

For the moment, you can't. All DVD and CD vendors make vague claims about disc life expectancy being somewhere between 60 and 100 years--when the discs are treated with care and stored properly.

But NIST's Byers is seeking to change that. At an OSTA meeting in San Francisco this week, Byers is proposing an industry-wide grading system to indicate disc quality.

Byers is motivated by the desire to see a uniform mechanism in place to guide institutions and individuals who'll be storing data, music, videos, and images for long periods of time. "They need to be confident in their purchasing, so they can plan for their strategies in storing their information," Byers says. "Long-term storage has different meanings: For some, 30 years might be enough. For others, 50 or 75 years might be archive, or long-term, quality."

Longevity

Under Byers's proposal, a series of tests would be developed to determine whether a DVD would last for a given number of years. "If you were to purchase a disc in a store with a grade that indicates it has passed a test to last X number of years, it removes a lot of uncertainty for the consumer, and it can save some expense in premature migration [to a new storage technology], or loss of data because they waited too long [and the disc was no longer playable]," he says.

Although some archivists--both individual and professional--are concerned about whether today's digital storage mediums will be readable 50 or 100 years from now, Byers believes the bigger concern for users will be when to migrate their data to the next technology, "before the existing technology is obsolete."

The Disc Rot Myth

Media obsolescence isn't the only thing people fear after committing a personal library's worth of data to CDs and DVDs. But some worries--namely, fear of disc rot--are not fully warranted.

Like a bad seed, the myth of disc rot self-perpetuates, cropping up every now and again as a sudden and mortal threat to your copious collection of prerecorded and self-created discs.

The myth was once rooted in fact. It is true that back in the 1980s, with the first generation of prerecorded audio CDs, the edges of the discs were not always sealed properly, which allowed moisture to get into the disc. Replicated, prerecorded discs use aluminum for the reflective layer; when moisture came into contact with the aluminum on prerecorded discs, explains Byers, it in turn oxidized, causing the aluminum to become dull. "That's where the term 'rot' started," he says.

But that problem was quickly identified and overcome. "The manufacturers learned what was going on, so now the edges of discs are sealed with a lacquer," according to Byers. Though the problem is typically associated with CDs, Byers notes that the potential for interaction with oxygen is the same with both CD-ROMs and DVD-ROMs.

The so-called rot issue does not apply to recordable discs. For one thing, recordable optical media do not use aluminum; instead, they use silver, and very rarely gold, or a silver-gold alloy, for the reflective layer. "If the silver comes into contact with sulfates [i.e., pollution, or high humidity], it could affect the silver, but the likelihood of that is less than the likelihood of moisture coming into contact with the aluminum on prerecorded discs," says Byers.

Enduring Myth

The term rot has persisted, however inaccurately, as a means of identifying a plethora of problems with optical discs. "If you get a faulty disc and see a problem that you can visually see, you call it rot, but it could be the way the disc was manufactured," says Byers. "Or if it was subjected to extreme moisture and that moisture came into contact with the aluminum, it could be that the reflectivity has changed. It's not really rot, it's oxidation of aluminum. It should be a rare event on a disc, unless it's defective."

Beyond the realm of defective discs, improper handling can cause otherwise good discs to go bad. Since there's little protection between the label side of a CD and the data layer itself, "scratches on the label side can scratch the metal, and that will ruin the data," says Byers. It's not an issue for DVDs, though, since the dye layer is sandwiched between two plastic layers.

Byers observed a similar problem occurring with press-on labels: "For long-term storage, we recommend not using press-on labels on CDs; when these start to dry up, they can peel the metal right up, damaging data."

Hacking Windows XP Registry

2007-11-11T04:25:00.000-08:00

Structure of Windows XP Registry :

When you will open the Windows XP Registry , you will see it's divided into two panes. On the left side there are Five main
Keys as shown below. These can be expanded to several Sub-Keys, which further has many Sub-Keys.

+HKEY_CLASSES_ROOT

+HKEY_CURRENT_USER

+HKEY_LOCAL_MACHINE

+HKEY_USERS

+HKEY_CURRENT_CONFIG

Before you try out the Tweaks, learn how to Backup and Restore Windows XP Registry.
Types of Registry Backups :
It?s very important that before you do editing you make a backup of the current registry. If you ignore this warning, it might prove deadly for you?so better listen to me J
Open your registry. Go to Start>Run , type regedit . When you invoke the Export function from File>Export, you are given a choice of different file types that can be saved :
Registration Files (*.reg)
Registry Hive Files (*.*)
Text Files (*.txt)
Win9x/NT 4 Registration Files (*.reg)
All Files

Each one of the different file types above plays an important role in how the data you export is saved. Choosing the wrong type can give you unexpected results. So let me explain you quickly these file types.

Registrations Files : The Registration Files option creates a .reg file. This is the most well known file format used for backing up the registry. The Registration File can be used in two ways. As a text file it can be read and edited using Notepad outside of Registry Editor. Once the changes have been made and saved, right clicking the file and using the [Merge] command adds the changed file back into the registry. If you make additions to the registry using regedit and then merge the previously saved Registration File, anything that you've added via regedit will not be removed, but changes you make to data using regedit that previously existed in the saved Registration File will be overwritten when it is merged

Registry Hive Files : Unlike the Registration Files option above, the Registry Hive Files option creates a binary image of the selected registry key. The image file is not editable via Notepad nor can you view its contents using a text editor. However, what the Registry Hive Files format does is create an image perfect view of the selected key and allow you to import it back into the registry to insure any problematic changes you made are eliminated.

Text Files : This option does just as the name suggests. It creates a text file containing the information in the selected key. It's most useful purpose is creating a record or snapshot of a key at a particular point in time that you can refer back to if necessary. It cannot be merged back into the registry like a Registration File.

Win9x/NT 4 Registration Files : This option creates a .reg file in the same manner used by the Registration Files option. It's used by previous Windows versions and serves no purpose in XP unless you want to merge a key from XP into a previous version of Windows.

Out of the give above choices , the safest method of backing up registry is to use Registry Hive Files option. No matter what ever you do or goes wrong in editing, importing the image of the key will eliminate all changes.

**Note-> I have included the exact name/value between [ ] brackets. [ & ] should be ignored, only the data inside them should be considered.

1. Customize Windows Media Player Title Bar

Change the title bar to read Windows Media Player provided by , so if I had entered text ?Abhishek Bhuyan? , it would read: Windows Media Player provided by Abhishek Bhuyan

[Start] [Run] [Regedit]

Go to HKEY_CURRENT_USER\Software\Policies\Microsoft
Create the Key [WindowsMediaPlayer]
Create String value named [TitleBar]

Data Type: REG_SZ // Value Name: TitleBar
Double click TitleBar and Enter the text to be displayed in the title bar.

Exit Registry / Reboot

2. Minimize Outlook 2002 to the System Tray

If you frequently access Outlook during the day it?s more convenient to have it minimized to the system tray rather than invoking it each time you need to send/receive e-mail. This tweak minimizes Outlook 2002 to the system tray:

[Start] [Run] [Regedit]

Go to HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Preferences

Modify/Create Data Type DWORD named [MinToTray]
Setting for Value Data: [0 = Disabled / 1 = Enabled]

Exit Registry / Reboot

3. Specify Default IE Download Directory

This tweak changes the default directory where downloads initiated in Internet Explorer are stored on the system.

[Start] [Run] [Regedit]

Go to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer

Modify/Create String Value of Data type REG_SZ Named [Download Directory]
Value Data: [Enter Path to Directory to be Assigned as Defualt for Downloads]

Exit Registry / Reboot

4. Force Use of Classic Start Menu

This tweak loads the Classic Start Menu and makes it impossible to change back to the Windows XP version

[Start] [Run] [Regedit]

Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Modify/Create the DWORD Value of Data type REG_DWORD Named [NoSimpleStartMenu]
Value Data: [0 = Default / 1 = Force Classic Start Menu]

Exit Registry / Reboot

5. Hide/Show Internet Explorer Desktop Icon

By default, Windows XP does not show the Internet Explorer icon on the Windows desktop. Using the registry tweak below allows you to control whether or not the Internet Explorer icon is displayed.

[Start] [Run] [Regedit]

Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Modify/Create DWORD Value of Data type REG_DWORD Named [NoInternetIcon]
Setting for Value Data: [0 = Disabled / 1 = Enabled]

Exit Registry / Reboot

6. Increase Menu Display Speed

When you click on the Start Menu there is some delay to display the contents , just for no reason. Effects are pretty though. The default speed can be adjusted with a quick registry entry.

The default value is 400. Set it to 0 and the delay is gone. If you are not able to adjust pick a number that suits your style and make the change.

[Start] [Run] [Regedit]

Go to HKEY_CURRENT_USER\Control Panel\Desktop

Modify/Create String value of Data type REG_SZ Named [MenuShowDelay]

Value Data: [Default = 400 / Adjust to Preference]

Exit Registry / Reboot

7. Change the Location of Special Folders

This tweak allows changing the location of special folders on the system. Any of the folders listed in the registry key may be moved.

[Start] [Run] [Regedit]

Go to : HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserShell Folders

Modify/Create String value of Data type REG_SZ Named [Various Folder Names]

Data Type: REG_SZ [String Value] // Value Name: Consult RegEdit for Folder Names

Value Data: [Move the folder to the new desired location using explorer, and then edit the matching folder in RegEdit to reflect the new folder location]

Exit Registry and Reboot

8. Faster Browsing in Windows Explorer on Network Computers

By default, a Windows XP machine connecting to a Windows 95/98/Me computer will search for scheduled tasks or enabled printers on the remote computer. Two sub-keys control this behavior. Deleting them will speed up browsing on the remote computer.

[Start] [Run] [Regedit]

Go to : HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\RemoteComputer\NameSpace

To Disable Scheduled Task Checking
Value Name: {D6277990-4C6A-11CF-8D87-00AA0060F5BF}
Delete the sub-key in the left pane of Registry Editor

To Disable Printer Checking
Value Name: {2227A280-3AEA-1069-A2DE-08002B30309D}
Delete the sub-key in the left pane of Registry Editor

Exit Registry / Reboot

9. Add Administrator Account to Log In Screen

When Windows XP is first installed it requires you to enter at least one name of a user who will access the computer. Once you create this name the default Administrator account vanishes. To access it, press Ctrl-Alt-Delete twice at the Welcome screen to retrieve the standard Windows 2000 logon dialog. Log on as Administrator from this point. To log the Administrator off, click [Start] [Log Off] and [Log Off] when the [Log Off Windows] selection box appears. The Log On screen with the available users will be displayed.

To Make the Administrator Account Always Visible on the Login Screen use this Registry Tweak.

[Start] [Run] [Regedit]

Go to: HKEY_LOCALMACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList

Modify/Create DWORD Value of Data type REG_DWORD Named [Administrator]
Setting for Value Data: [0 = Disabled / 1 = Enabled]

Exit Registry / Reboot

10. Increase Internet Download Connections

Increase Simultaneous Internet Download Connections. Increases the number of allowed simultaneous connections to ten (10).

[Start] [Run] [Regedit]

Go to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

Modify/Create DWORD Value of Data type REG_DWORD Named [MaxConnectionsPer1_0Server]
Setting for Value Data: [0000000a]

Modify/Create DWORD Value of Data type REG_DWORD Named [MaxConnectionsPerServer]
Setting for Value Data: [0000000a]

Exit Registry / Reboot

11. Connected Web Files and Folders

Connecting web files and folders allows a primary .htm or .html file to be moved in conjunction with files associated with the primary document. Once the primary document has been defined, create a sub-folder using the same name as the primary document but assign it a .files extension. Whenever the primary file is moved, the sub-folder will also move and remain as a sub-folder of the primary.

[Start] [Run] [Regedit]

Go to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer

Modify/Create DWORD Value of Data type REG_DWORD Named [NoFileFolderConnection]
Setting for Value Data: [0 = Enabled (Default) / 1 = Disabled]

Exit Registry / Reboot

12. Hide/Show My Documents Folder on Desktop

By default, Windows XP does not show the My Documents folder on the Windows desktop. Using the registry tweak below allows you to control whether or not My Documents is displayed.

[Start] [Run] [Regedit]

Go to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\CLSID\{450D8FBA-AD25-11D0-98A8-0800361B1103}\ShellFolder

Modify/Create DWORD Value of Data type REG_DWORD Named [Attributes]
Setting for Value Data: [Default = 0xf0400174 / Hidden = 0xf0500174]

Exit Registry / Reboot

13. Create a Hidden User Account

This tweak allows an account that is normally displayed on the Welcome screen to be hidden from view. To log on using the account it's necessary to use the Log On To Windows dialog box similar to the one in Windows 2000 i.e. press CTRL+ALT+DEL twice.

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon\SpecialAccounts\UserList

Modify/Create DWORD Value of Data type REG_DWORD Named [Type Name of Account to be Hidden]
Setting for Value Data: [0 = Account is Hidden / 1 = Enabled]

Exit Registry / Reboot

While the account is hidden on the Welcome screen, note that the account profile will be visible in C:\Documents and Settings or wherever user profiles are stored as well as in Local Users and Groups.

14. Create Legal Notice Logon Dialog Box

In situations where you need users to read a legal notice before logging on, this tweak will create the caption for the notice.

Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Modify/Create String Value of Data type REG_SZ Named [LegalNoticeCaption]
Value Data for LegalNoticeCaption: [Type the Caption for the Dialog Box]

Modify/Create String Value of Data type REG_SZ Named [LegalNoticeText]
Value Data for LegalNoticeText: [Type the Data for the Legal Notice]

Exit Registry / Reboot

15. Manage Internet Explorer Error Reporting

This tweak removes the IE Error Reporting tool from appearing with the option to send browser debugging reports to Microsoft.

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main

Note:- Create both values listed below and set according to the bold type for the tweak to function properly.

Modify/Create DWORD Value of Data type REG_DWORD Named [IEWatsonEnabled]
Value Data: [0 - Disabled / 1 - Enabled]

Modify/Create DWORD Value of Data type REG_DWORD Named [IEWatsonDisabled]
Value Data: [0 - Disabled / 1 - Enabled]

Exit Registry / Reboot

16. Customize Logon and Security Dialog Title

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\ CurrentVersion\Winlogon

Modify/Create String Value of Data type REG_SZ Named [Welcome]
Value Data: [0 = Disabled / 1 = Enabled]

Exit Registry / Reboot

17. Customize Logon Box Message

This is the message displayed on the Classic Logon box, not the XP ?Welcome? logon screen

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\ CurrentVersion\Winlogon

Modify/Create String Value of Data type REG_SZ Named [LogonPrompt]
Value Data: [Enter the text of the message]

Exit Registry / Reboot

18. Welcome Screen Logon Vs Classic Logon

This tweak specifies whether the Welcome screen or the Classic logon will be used to access Windows XP.

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Modify/Create DWORD Value of Data type REG_DWORD Named [LogonType]
Value Data: [0 - Classic Mode / 1 - Welcome Screen]

Exit Registry / Reboot

19. QoS (Quality Of Service) Bandwidth Reserve Setting

By default, Windows XP reserves 20% of the connection bandwidth for QoS traffic. This tweak allows the setting to be altered to a different percentage of connection bandwidth. If the system uses more than a single adapter for network connections, each adapter may be set individually by navigating to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Psched\Parameters\Adapters\{Adpater-ID} rather than HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Psched

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Psched

Modify/Create DWORD Value of Data type REG_DWORD Named [NonBestEffortLimit]
Setting for Value Data: [Enter as a Percentage / Default Value = 20]

Exit Registry / Reboot

20. Enable/Disable Save Password in DUN

This tweak saves user passwords for Dial Up Networking so they do not have to be re-entered each session.

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\Parameters

Modify/Create DWORD Value of Data type REG_DWORD Named [DisableSavePassword]
Setting for Value Data: [0 = Disabled (Passwords Saved) / 1 = Enabled (Passwords Not Saved)]

Exit Registry / Reboot

21. Change the Registered Organization/Owner of Windows XP

This tweak allows modification of the registered owner and organization of the Windows XP software.

Note:- This tweak has nothing to do with Windows Product Activation (WPA) and will not allow you to register illegal XP software.

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion

Modify/Create String Value of Data type REG_SZ Named [RegisteredOrganization] or [RegisteredOwner]
Setting for Value Data: [Modify the Values to Reflect Current Information]

Exit Registry / Reboot

22. Remove Links Folder in Favorites

The Links folder is part of Favorites whether it's being accessed through Internet Explorer or the Favorites menu in the Start Menu. This tweak will remove it from those locations.

[Start] [Run] [Regedit]

Go to: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar

Modify/Create String Value of Data type REG_SZ Named [LinksFolderName]
Value Data: [Set the String Value to a blank string]

Open Internet Explorer and manually delete the Links folder from Favorites Menu.
The Links folder will not be recreated.

Exit Registry / Reboot

23. Enable/Disable Active Window Tracking to Mouse Movements

When the mouse is moved over an open window it automatically sets the focus to that particular window. It does not bring the window to the foreground of the open windows.

[Start] [Run] [Regedit]

Go to: HKEY_CURRENT_USER\Control Panel\Mouse

Modify/Create DWORD Value of Data type REG_DWORD Named [ActiveWindowTracking]
Setting for Value Data: [0 = ActiveWindowTracking Disabled / 1 = ActiveWindowTracking Enabled]

Exit Registry / Reboot

24. Auto Disconnect for Internet Explorer

Use this edit to automatically disconnect from Internet Explorer after a specified length of time has elapsed. Use this trick on anyone whom you don?t like using your computer with net J

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters

Modify/Create DWORD Value of Data type REG_DWORD Named [Autodisconnect]
Value Data: [Enter a new disconnect time. Use Hexadecimal if you are unfamiliar with Binary]

Exit Registry / Reboot

25. Auto Reboot on System Crash

By default, when the Windows XP operating system crashes an automatic reboot of the system occurs. While this behavior can be convenient, the downside is the error message accompanying the crash is not visible. Often times this information can be a great help in troubleshooting the source of the crash. This behavior can be modified in two ways; via the registry or using the System Properties property sheet.

[Start] [Run] [Regedit]

Registry Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CrashControl

Modify/Create DWORD Value of Data type REG_DWORD Named [AutoReboot]
Setting for Value Data: [0 = AutoReboot Disabled / 1 = AutoReboot Enabled]

Exit Registry / Reboot

Open System Properties via Start > Control Panel > Performance and Maintenance > System

[System Properties may also be opened using the WinKey+Pause key combination]

Select the Advanced tab and then click Settings in the Startup and Recovery section

In System Failure section, clear the checkbox next to Automatically Restart

Click OK and OK to exit

26. Modify Control Panel Categories

Even if you like the new style for Control Panel, you might at times wish you could shift some items around into a different category. It's possible.

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\{305CA226-D286-468e-B848-2B2E8E697B74} 2

Modify/Create DWORD Value of Data type REG_DWORD Named [Choose one of the applets with .cpl extension]

Setting for Value Data: [Select the value from table below]

Other Control Panel Options 0
Appearance and Themes 1
Printers and Other Hardware 2
Network and Internet Connections 3
Sounds, Speed, and Audio Devices 4
Performance and Maintenance 5
Date, Time, Language, and Regional Options 6
Accessibility Options 7
Add or Remove Programs 8
User Accounts 9

Exit Registry / Reboot

To further customize the items that appear in the new Control Panel, do a search of your system for all files that end in .cpl extension. If they aren't already listed, you can add them with a new DWORD value and then assign them to a category of your choosing.

27. Enable/Disable Run Commands Specific to the Registry

This tweak controls the use of the Run command on the local machine

[Start] [Run] [Regedit]

Go to: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Policies\Explorer

Create a DWORD value of Data Type REG_DWORD for each Run function that will be disabled.

Modify/Create the Value Name [DisableLocalMachineRun]
Modify/Create the Value Name [DisableLocalMachineRunOnce]

Modify/Create the Value Name [DisableCurrentUserRun]
Modify/Create the Value Name [DisableCurrentUserRunOnce]

Setting for Value Data: [0 = Disabled / 1 = Enabled]

Exit Registry / Reboot

28. Enable/Disable System Properties Access from My Computer

This tweak removes access to System Properties via My Computer as well as via Control Panel.

[Start] [Run] [Regedit]

Go to: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Modify/Create DWORD Value of Data type REG_DWORD Named [NoPropertiesMyComputer]
Value Data: [0 - Display Properties / 1 - Hide Properties]

Exit Registry / Reboot

29. Uninstall Programs Manually

Just because Windows XP has the Add/Remove Programs feature it doesn't mean your application will appear in the list. Furthermore, even if it does appear, it's no guarantee that the uninstall feature will work. When you run across one of these situations the items listed below will help in getting rid of the application. Be aware that these steps may not remove everything associated with the application and can impact other applications on the computer. Have a backup or restore point and use caution.

Find the directory for the application and delete all the files in the directory. Delete the directory.

Open regedit and navigate to HKEY_LOCAL_MACHINE\SOFTWARE and find the folder for the application. Delete the folder.

Open regedit and navigate to HKEY_CURRENT_USER\SOFTWARE and find the folder for the application. Delete the folder.

To remove the application entry from Add/Remove Programs (if present) open regedit and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall and find the folder for the application. Delete the folder.

Some applications have Services attached to them. If this is the case, navigate to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services, locate and delete the service.

In Windows Explorer, navigate to the individual user settings and delete program references. Common places to check would be:

C:\Documents and Settings\All Users\Start Menu\Programs and delete relevant entries.

C:\Documents and Settings\All Users\Start Menu\Programs\Startup and delete relevant entries.

C:\Documents and Settings\%YourUserID%\Start Menu\Programs and delete relevant entries.

[Do this for each User ID listed]

C:\Documents and Settings\%YourUserID%\Start Menu\Programs\Startup and delete relevant entries.

[Do this for each User ID listed]

If no entries were found in the previous step and the application launches automatically, navigate to

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows

and delete the entry.

30. Create a right-click command prompt option

You can right-click a folder to get a list of actions you can apply to it. Here?s a way to create an action on that right-click menu that opens a command prompt window with that folder as the current directory. In a text editor such as Notepad, type the following exactly:

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\Folder\shell\Cmd Here]

@=?Command &Prompt Here?

[HKEY_CLASSES-ROOT\Folder\shell\Cmd Here\command]

@=?cmd.exe /k pushd %L?

Save the file with any name you want, with a .reg extension. Then double-click the saved file and choose Yes to merge the file?s information into the Registry. You can delete the file. Right-click any folder and you?ll see the CommandPrompt Here option.

31. Adjusting System Restore values

The new System Restore feature in Windows XP automatically backs up a snapshot of your system, including your Registry, every 24 hours. It also saves restore points for 90 days. Neither of these values is directly editable in the System Restore program, but you can change them in the Registry. Go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\SystemRestore

You?ll find an assortment of settings here. To change the interval between automatically created restore points, change the RPGlobalInterval setting. To change the number of days that a restore point is retained, change the RPLifeInterval setting.

System Restore time intervals are measured in seconds, not days, so you must convert the number of days you want into seconds. There are 86,400 seconds in a day, so multiply 86,400 by the number of days you want to determine the value. (There are 3,600 seconds in an hour, I hope you know)

32. Erase the swap file at shutdown

You might be concerned about someone browsing your users? swap files and gathering up little bits of their sensitive data. A remote possibility, to be sure, but it could happen. For that extra measure of security, go to:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management

Set the ClearPageFileAtShutdown DWORD to 1. This will make shutdowns take longer, because it overwrites everything in the swap file with zeroes. Don?t turn this feature on unless you have a serious security threat.

33. Delete the Files Stored on This Computer category in the My Computer window

In Windows XP, the My Computer window?s listing is broken down by categories: Hard Disk Drives, Devices with Removable Storage, and so on. One of these categories is Files Stored on This Computer, which appears at the top of the My Computer window. If a user doesn?t need it , you can get rid of it. To do so, go to:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\
NameSpace\Delegate Folders

Delete the {59031a47-3f72-44a7-89c55595fe6b30ee} subkey to remove the category.

34. Change the desktop cleanup frequency

Through Display Properties (Desktop tab, Customize Desktop button, General tab), you can turn on and off a feature that runs the Desktop Cleanup Wizard every 60 days. You don?t have an option to set a different interval there, but you can change the interval in the Registry. To do so, go to:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\CleanupWiz

Change the Days Between Clean Up Value to some other number of days (in decimal format).

35. Sort menus alphabetically

When you install a new program for a user, it doesn?t find its place in the alphabetical Start menu hierarchy right away; it hangs out at the bottom for a little while. If your users employ the Classic Start menu, they can re-alphabetize it manually by right-clicking the taskbar and choosing Properties, clicking the Customize button next to the Classic Start Menu, and clicking the Sort button. With the Windows XP style of Start menu, however, you don?t have an equivalent button. To make Windows always alphabetize the list, remove the permissions from the Registry key that controls the sort order for the Start menu. To do so, go to:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder

Choose Edit | Permissions and click the Advanced button. Deselect the Inherit From Parent The Permission Entries That Apply To Child Objects check box and then click Copy when the Security dialog box pops up. Click OK and clear the Full Control entry for your account and all security groups you are a member of. Leave only Read permission.

36. Prevent programs from loading at startup

Remember back in the good old days of Windows 3.1 when you could open up the Win.ini file in a text editor and remove an item from the RUN= line to disable it from running at startup? With Windows 9x and above, the Win.ini file became less useful because 32-bit programs were set to run at startup from within the Registry instead.

One way to selectively disable programs from loading at startup is to use MSCONFIG (from the Run command) to deselect certain items. Another way to remove them is to edit the Registry directly. Consider the following locations:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

for applications that start up for all users

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run

for applications that start up when the current user logs on

Remove the entry for a program by right-clicking it and selecting Delete to prevent it from loading.

37. Change categories in the Control Panel

Windows XP?s Control Panel is broken down by category in the default Category view, but the group to which an item belongs is not always obvious. If you disagree with Microsoft?s assignments, you can switch them around. To assign a different category to an item, go to:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Control Panel\Extended Properties\
{305CA226-D286-468e-B848-2B2E8E697B74} 2

Find the item you want to change and double-click it to bring up a dialog box. Change the item?s DWORD value to your preference. Use the Table given below as a guide (shown with decimal numbers, which is the way you should enter them).

DWORD value to set

Other Control Panel Options 0

Appearance and Themes 1

Printers and Other Hardware 2

Network and Internet Connections 3

Sounds, Speed, and Audio Devices 4

Performance and Maintenance 5

Date, Time, Language, and Regional Options 6

Accessibility Options 7

Add or Remove Programs 8

User Accounts 9

38. Grouping multiple open windows

Windows XP will group multiple open windows (IE windows for example) into one group on the task bar to keep the taskbar clear. This can be annoying at times - especially when comparing different web pages because you have to go back to the task bar, click on the group and then click on the page you want and then you only get one page because you have to click on each one separately. I think the default for this is 8 windows - any combination of apps or utilities open.

You can modify this behavior by adding this registry key at:

HKEY_CURRRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\

add a Dword value of type REG_DWORD named [TaskbarGroupSize]

modify "TaskbarGroupSize" entry to be the number of windows you want open before XP starts to group them on the task bar.

A value of 2 will cause the Taskbar buttons to always group

Another tweak is to disable or enable recent documents history. This can be done at:

HKEY_CURRRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

this key should already be present - if it isn't you'll need to add it:

Add a Binary value of type REG_BINARY named [NoRecentDocsHistory]

modify it so that value reads 01 00 00 00

39. Disable Tips

To disable Ballon tips in Windows XP do this registry tweak

Go to : HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced

Create a new DWORD value, name it EnableBalloonTips, and set it equal to 0. If EnableBalloonTips is already there and equal to 1, set it equal to 0. Quit the registry editor, log off, and log back on. Voila! Your computer will stop talking down to you.

40. Add/Remove optional features of Windows XP

To dramatically expand the list of applications you can remove from Windows XP after installation, navigate to C:\WINDOWS\inf and open the sysoc.inf file. {Opps , if you didn?t find the inf directory, you are right. It?s a hidden folder, so go to Tools>Folder Options> View , enable Show Hidden Files & Folders.}

[Version]

Signature = "$Windows NT$"

DriverVer=07/01/2001,5.1.2600.0

[Components]

NtComponents=ntoc.dll,NtOcSetupProc,,4

WBEM=ocgen.dll,OcEntry,wbemoc.inf,hide,7

Display=desk.cpl,DisplayOcSetupProc,,7

Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,7

NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7

iis=iis.dll,OcEntry,iis.inf,,7

com=comsetup.dll,OcEntry,comnt5.inf,hide,7

dtc=msdtcstp.dll,OcEntry,dtcnt5.inf,hide,7

IndexSrv_System = setupqry.dll,IndexSrv,setupqry.inf,,7

TerminalServer=TsOc.dll, HydraOc, TsOc.inf,hide,2

msmq=msmqocm.dll,MsmqOcm,msmqocm.inf,,6

ims=imsinsnt.dll,OcEntry,ims.inf,,7

fp_extensions=fp40ext.dll,FrontPage4Extensions,fp40ext.inf,,7

AutoUpdate=ocgen.dll,OcEntry,au.inf,hide,7

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7

RootAutoUpdate=ocgen.dll,OcEntry,rootau.inf,,7

IEAccess=ocgen.dll,OcEntry,ieaccess.inf,,7

Games=ocgen.dll,OcEntry,games.inf,,7

AccessUtil=ocgen.dll,OcEntry,accessor.inf,,7

CommApps=ocgen.dll,OcEntry,communic.inf,HIDE,7

MultiM=ocgen.dll,OcEntry,multimed.inf,HIDE,7

AccessOpt=ocgen.dll,OcEntry,optional.inf,HIDE,7

Pinball=ocgen.dll,OcEntry,pinball.inf,HIDE,7

MSWordPad=ocgen.dll,OcEntry,wordpad.inf,HIDE,7

ZoneGames=zoneoc.dll,ZoneSetupProc,igames.inf,,7

[Global]

WindowTitle=%WindowTitle%

WindowTitle.StandAlone="*"

The entries that include the text hide or HIDE will not show up in Add/Remove Windows Components by default. To fix this, do a global search and replace for ,hide and change each instance of this to , (a comma). Then, save the file, re launch Add/Remove Windows Components,

41. Remove Windows Messenger

It seems that a lot of people are interested in removing Windows Messenger for some reason, though I strongly recommend against this: In Windows XP, Windows Messenger will be the hub of your connection to the .NET world, and now that this feature is part of Windows, I think we're going to see a lot of .NET Passport-enabled Web sites appearing as well. But if you can't stand the little app, there are a couple of ways to get rid of it, and ensure that it doesn't pop up every time you boot into XP. The best way simply utilizes the previous tip:

If you'd like Windows Messenger to show up in the list of programs you can add and remove from Windows, navigate to C:\WINDOWS\inf and open sysoc.inf (see the previous tip for more information about this file). You'll see a line that reads:

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7

Change this to the following and Windows Messenger will appear in Add or Remove Programs, then Add/Remove Windows Components, then , and you can remove it for good:

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,7

42. Rename multiple files ( it is not a Registry tweak though. I thought this to be really cool, so I have put it here)

A new, small, neat feature for Windows XP deals with renaming files. I personally have always wanted the OS to include a way to do a mass file renaming on a bunch of files. You can now rename multiple files at once .Its really simple:

Select several files in Explorer, press F2 and rename one of those files to something else. All the selected files get renamed to the new file name (plus a number added to the end). Simple J

I hope you enjoyed the above Registry tricks ! May be next time I?ll come up with more. That's all for now .
To know more tricks + topics on Hacking, Security, Programming.

What is the Registry?

2007-11-11T04:23:00.000-08:00

The Registry is a database used to store settings and options for the 32 bit versions of Microsoft Windows including Windows 95, 98, ME and NT/2000. It contains information and settings for all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to a Control Panel settings, or File Associations, System Policies, or installed software, the changes are reflected and stored in the Registry.

The physical files that make up the registry are stored differently depending on your version of Windows; under Windows 95 & 98 it is contained in two hidden files in your Windows directory, called USER.DAT and SYSTEM.DAT, for Windows Me there is an additional CLASSES.DAT file, while under Windows NT/2000 the files are contained seperately in the %SystemRoot%\System32\Config directory. You can not edit these files directly, you must use a tool commonly known as a "Registry Editor" to make any changes (using registry editors will be discussed later in the article).

The Structure of The Registry
The Registry has a hierarchal structure, although it looks complicated the structure is similar to the directory structure on your hard disk, with Regedit being similar to Windows Explorer.

Each main branch (denoted by a folder icon in the Registry Editor, see left) is called a Hive, and Hives contains Keys. Each key can contain other keys (sometimes referred to as sub-keys), as well as Values. The values contain the actual information stored in the Registry. There are three types of values; String, Binary, and DWORD - the use of these depends upon the context.

There are six main branches, each containing a specific portion of the information stored in the Registry. They are as follows:

* HKEY_CLASSES_ROOT - This branch contains all of your file association mappings to support the drag-and-drop feature, OLE information, Windows shortcuts, and core aspects of the Windows user interface.
* HKEY_CURRENT_USER - This branch links to the section of HKEY_USERS appropriate for the user currently logged onto the PC and contains information such as logon names, desktop settings, and Start menu settings.
* HKEY_LOCAL_MACHINE - This branch contains computer specific information about the type of hardware, software, and other preferences on a given PC, this information is used for all users who log onto this computer.
* HKEY_USERS - This branch contains individual preferences for each user of the computer, each user is represented by a SID sub-key located under the main branch.
* HKEY_CURRENT_CONFIG - This branch links to the section of HKEY_LOCAL_MACHINE appropriate for the current hardware configuration.
* HKEY_DYN_DATA - This branch points to the part of HKEY_LOCAL_MACHINE, for use with the Plug-&-Play features of Windows, this section is dymanic and will change as devices are added and removed from the system.

Each registry value is stored as one of five main data types:

* REG_BINARY - This type stores the value as raw binary data. Most hardware component information is stored as binary data, and can be displayed in an editor in hexadecimal format.
* REG_DWORD - This type represents the data by a four byte number and is commonly used for boolean values, such as "0" is disabled and "1" is enabled. Additionally many parameters for device driver and services are this type, and can be displayed in REGEDT32 in binary, hexadecimal and decimal format, or in REGEDIT in hexadecimal and decimal format.
* REG_EXPAND_SZ - This type is an expandable data string that is string containing a variable to be replaced when called by an application. For example, for the following value, the string "%SystemRoot%" will replaced by the actual location of the directory containing the Windows NT system files. (This type is only available using an advanced registry editor such as REGEDT32)
* REG_MULTI_SZ - This type is a multiple string used to represent values that contain lists or multiple values, each entry is separated by a NULL character. (This type is only available using an advanced registry editor such as REGEDT32)
* REG_SZ - This type is a standard string, used to represent human readable text values.

Other data types not available through the standard registry editors include:

* REG_DWORD_LITTLE_ENDIAN - A 32-bit number in little-endian format.
* REG_DWORD_BIG_ENDIAN - A 32-bit number in big-endian format.
* REG_LINK - A Unicode symbolic link. Used internally; applications should not use this type.
* REG_NONE - No defined value type.
* REG_QWORD - A 64-bit number.
* REG_QWORD_LITTLE_ENDIAN - A 64-bit number in little-endian format.
* REG_RESOURCE_LIST - A device-driver resource list.

Editing The Registry

The Registry Editor (REGEDIT.EXE) is included with most version of Windows (although you won't find it on the Start Menu) it enables you to view, search and edit the data within the Registry. There are several methods for starting the Registry Editor, the simplest is to click on the Start button, then select Run, and in the Open box type "regedit", and if the Registry Editor is installed it should now open and look like the image below.

An alternative Registry Editor (REGEDT32.EXE) is available for use with Windows NT/2000, it includes some additional features not found in the standard version, including; the ability to view and modify security permissions, and being able to create and modify the extended string values REG_EXPAND_SZ & REG_MULTI_SZ.

Create a Shortcut to Regedit
This can be done by simply right-clicking on a blank area of your desktop, selecting New, then Shortcut, then in the Command line box enter "regedit.exe" and click Next, enter a friendly name (e.g. 'Registry Editor') then click Finish and now you can double click on the new icon to launch the Registry Editor.

Using Regedit to modify your Registry
Once you have started the Regedit you will notice that on the left side there is a tree with folders, and on the right the contents (values) of the currently selected folder.

Like Windows explorer, to expand a certain branch (see the structure of the registry section), click on the plus sign [+] to the left of any folder, or just double-click on the folder. To display the contents of a key (folder), just click the desired key, and look at the values listed on the right side. You can add a new key or value by selecting New from the Edit menu, or by right-clicking your mouse. And you can rename any value and almost any key with the same method used to rename files; right-click on an object and click rename, or click on it twice (slowly), or just press F2 on the keyboard. Lastly, you can delete a key or value by clicking on it, and pressing Delete on the keyboard, or by right-clicking on it, and choosing Delete.

Note: it is always a good idea to backup your registry before making any changes to it. It can be intimidating to a new user, and there is always the possibility of changing or deleting a critical setting causing you to have to reinstall the whole operating system. It's much better to be safe than sorry!

Importing and Exporting Registry Settings

A great feature of the Registry Editor is it's ability to import and export registry settings to a text file, this text file, identified by the .REG extension, can then be saved or shared with other people to easily modify local registry settings. You can see the layout of these text files by simply exporting a key to a file and opening it in Notepad, to do this using the Registry Editor select a key, then from the "Registry" menu choose "Export Registry File...", choose a filename and save. If you open this file in notepad you will see a file similar to the example below:

Quote:

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=dword:00000000
"CmdLine"="setup -newsetup"
"SystemPrefix"=hex:c5,0b,00,00,00,40,36,02

The layout is quite simple, REGEDIT4 indicated the file type and version, [HKEY_LOCAL_MACHINE\SYSTEM\Setup] indicated the key the values are from, "SetupType"=dword:00000000 are the values themselves the portion after the "=" will vary depending on the type of value they are; DWORD, String or Binary.

So by simply editing this file to make the changes you want, it can then be easily distributed and all that need to be done is to double-click, or choose "Import" from the Registry menu, for the settings to be added to the system Registry.

Deleting keys or values using a REG file
It is also possible to delete keys and values using REG files. To delete a key start by using the same format as the the REG file above, but place a "-" symbol in front of the key name you want to delete. For example to delete the [HKEY_LOCAL_MACHINE\SYSTEM\Setup] key the reg file would look like this:

Quote:

REGEDIT4

[-HKEY_LOCAL_MACHINE\SYSTEM\Setup]

The format used to delete individual values is similar, but instead of a minus sign in front of the whole key, place it after the equal sign of the value. For example, to delete the value "SetupType" the file would look like:

Quote:

REGEDIT4

[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=-

Use this feature with care, as deleting the wrong key or value could cause major problems within the registry, so remember to always make a backup first.

Regedit Command Line Options
Regedit has a number of command line options to help automate it's use in either batch files or from the command prompt. Listed below are some of the options, please note the some of the functions are operating system specific.

* regedit.exe [options] [filename] [regpath]
* [filename] Import .reg file into the registry
* /s [filename] Silent import, i.e. hide confirmation box when importing files
* /e [filename] [regpath] Export the registry to [filename] starting at [regpath]
e.g. regedit /e file.reg HKEY_USERS\.DEFAULT
* /L:system Specify the location of the system.dat to use
* /R:user Specify the location of the user.dat to use
* /C [filename] Compress (Windows 98)
* /D [regpath] Delete the specified key (Windows 98)

Maintaining the Registry

How can you backup and restore the Registry?

Windows 95
Microsoft included a utility on the Windows 95 CD-ROM that lets you create backups of the Registry on your computer. The Microsoft Configuration Backup program, CFGBACK.EXE, can be found in the \Other\Misc\Cfgback directory on the Windows 95 CD-ROM. This utility lets you create up to nine different backup copies of the Registry, which it stores, with the extension RBK, in your \Windows directory. If your system is set up for multiple users, CFGBACK.EXE won't back up the USER.DAT file.

After you have backed up your Registry, you can copy the RBK file onto a floppy disk for safekeeping. However, to restore from a backup, the RBK file must reside in the \Windows directory. Windows 95 stores the backups in compressed form, which you can then restore only by using the CFGBACK.EXE utility.

Windows 98
Microsoft Windows 98 automatically creates a backup copy of the registry every time Windows starts, in addition to this you can manually create a backup using the Registry Checker utility by running SCANREGW.EXE from Start | Run menu.

What to do if you get a Corrupted Registry
Windows 95, 98 and NT all have a simple registry backup mechanism that is quite reliable, although you should never simply rely on it, remember to always make a backup first!

Windows 95
In the Windows directory there are several hidden files, four of these will be SYSTEM.DAT & USER.DAT, your current registry, and SYSTEM.DA0 & USER.DA0, a backup of your registry. Windows 9x has a nice reature in that every time it appears to start successfully it will copy the registry over these backup files, so just in case something goes wrong can can restore it to a known good state. To restore the registry follow these instruction:
[list=1]
* Click the Start button, and then click Shut Down.

* Click Restart The Computer In MS-DOS Mode, then click Yes.

* Change to your Windows directory. For example, if your Windows directory is c:\windows, you would type the following:

cd c:\windows

* Type the following commands, pressing ENTER after each one. (Note that SYSTEM.DA0 and USER.DA0 contain the number zero.)

attrib -h -r -s system.dat
attrib -h -r -s system.da0
copy system.da0 system.dat
attrib -h -r -s user.dat
attrib -h -r -s user.da0
copy user.da0 user.dat

* Restart your computer.

Following this procedure will restore your registry to its state when you last successfully started your computer.

If all else fails, there is a file on your hard disk named SYSTEM.1ST that was created when Windows 95 was first successfully installed. If necessary you could also change the file attributes of this file from read-only and hidden to archive to copy the file to C:\WINDOWS\SYSTEM.DAT.

Windows NT
On Windows NT you can use either the "Last Known Good" option or RDISK to restore to registry to a stable working configuration.

How can I clean out old data from the Registry?
Although it's possible to manually go through the Registry and delete unwanted entries, Microsoft provides a tool to automate the process, the program is called RegClean. RegClean analyzes Windows Registry keys stored in a common location in the Windows Registry. It finds keys that contain erroneous values, it removes them from the Windows Registry after having recording those entries in the Undo.Reg file.

Download from a paypal site without paying a penny!

2007-11-11T04:22:00.002-08:00

Just a little basic html tip for those who are trying to download an application from sites which has an paypal order page & link to start you off.

Use a proxy when you try this to hide your ip as some sites will record your ip when you connect for security.

1) Rightclick your mouse (ctrl+click) viewsource and open the source of the site in an a texteditor
2) Search for the word "return"
3) Next to it you can find the url for the thank you page
4) Copy the url and paste it in your browser and you will see the download link

This works only if you can download instantly after payment, it will not work if the link needs to be emailed to you.

You can try it here to start with:
Code:
http://www.ramphelp.com/halfpipe.html

About half way down the page you will find:

Copy the link into your browser and download.

Check For Dos, Check to see if you are infected.

2007-11-11T04:22:00.001-08:00

When you first turn on you computer (BEFORE DIALING INTO YOUR ISP),
open a MS-DOS Prompt window (start/programs MS-DOS Prompt).
Then type netstat -arn and press the Enter key.
Your screen should display the following (without the dotted lines
which I added for clarification).

-----------------------------------------------------------------------------
Active Routes:

Network Address Netmask Gateway Address Interface Metric
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
255.255.255.255 255.255.255.255 255.255.255.255 0.0.0.0 1

Route Table

Active Connections

Proto Local Address Foreign Address State

--------------------------------------------------------------------------------

If you see anything else, there might be a problem (more on that later).
Now dial into your ISP, once you are connected;
go back to the MS-DOS Prompt and run the same command as before
netstat -arn, this time it will look similar to the following (without
dotted lines).

-------------------------------------------------------------------------------------

Active Routes:

Network Address Netmask Gateway Address Interface Metric
0.0.0.0 0.0.0.0 216.1.104.70 216.1.104.70 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
216.1.104.0 255.255.255.0 216.1.104.70 216.1.104.70 1
216.1.104.70 255.255.255.255 127.0.0.1 127.0.0.1 1
216.1.104.255 255.255.255.255 216.1.104.70 216.1.104.70 1
224.0.0.0 224.0.0.0 216.1.104.70 216.1.104.70 1
255.255.255.255 255.255.255.255 216.1.104.70 216.1.104.70 1

Route Table

Active Connections

Proto Local Address Foreign Address State
TCP 0.0.0.0:0 0.0.0.0:0 LISTENING
TCP 216.1.104.70:137 0.0.0.0:0 LISTENING
TCP 216.1.104.70:138 0.0.0.0:0 LISTENING
TCP 216.1.104.70:139 0.0.0.0:0 LISTENING
UDP 216.1.104.70:137 *:*

--------------------------------------------------------------------------------

What you are seeing in the first section (Active Routes) under the heading of
Network Address are some additional lines. The only ones that should be there
are ones belonging to your ISP (more on that later). In the second section
(Route Table) under Local Address you are seeing the IP address that your ISP
assigned you (in this example 216.1.104.70).

The numbers are divided into four dot notations, the first three should be
the same for both sets, while in this case the .70 is the unique number
assigned for THIS session. Next time you dial in that number will more than
likely be different.

To make sure that the first three notation are as they should be, we will run
one more command from the MS-DOS window.
From the MS-DOS Prompt type tracert /www.yourispwebsite.com or .net
or whatever it ends in. Following is an example of the output you should see.

---------------------------------------------------------------------------------------

Tracing route to /www.motion.net [207.239.117.112]over a maximum of 30 hops:
1 128 ms 2084 ms 102 ms chat-port.motion.net [216.1.104.4]
2 115 ms 188 ms 117 ms chat-core.motion.net [216.1.104.1]
3 108 ms 116 ms 119 ms www.motion.net [207.239.117.112]
Trace complete.

------------------------------------------------------------------------------------------

You will see that on lines with the 1 and 2 the first three notations of the
address match with what we saw above, which is a good thing. If it does not,
then some further investigation is needed.

If everything matches like above, you can almost breath easier. Another thing
which should you should check is programs launched during startup. To find
these, Click start/programs/startup, look at what shows up. You should be
able to recognize everything there, if not, once again more investigation is
needed.

-------------------------------------------------------------------------------------------

Now just because everything reported out like we expected (and demonstrated
above) we still are not out of the woods. How is this so, you ask? Do you use
Netmeeting? Do you get on IRC (Internet Relay Chat)? Or any other program
that makes use of the Internet. Have you every recieved an email with an
attachment that ended in .exe? The list goes on and on, basically anything
that you run could have become infected with a trojan. What this means, is
the program appears to do what you expect, but also does just a little more.
This little more could be blasting ebay.com or one of the other sites that
CNNlive was talking about.

What can you do? Well some anti-virus software will detect some trojans.
Another (tedious) thing is to start each of these "extra" Internet programs
one at a time and go through the last two steps above, looking at the routes
and connection the program uses. However, the tricky part will be figuring
out where to tracert to in order to find out if the addresses you see in
step 2 are "safe" or not. I should forewarn you, that running tracert after
tracert, after tracert might be considered "improper" by your ISP. The steps
outlined above may not work exactly as I have stated depending upon your ISP,
but with a true ISP it should work. Finally, this advise comes with NO
warranty and by following my "hints' you implicitly release me from ANY and
ALL liability which you may incur.

Other options

Display protocol statistics and current TCP/IP network connections.
Netstat [-a] [-e] [-n] [-s] [-p proto] [-r] [intervals]

-a.. Display all connections and listening ports.
-e.. Display Ethernet statistics. This may be combined with the -s option.
-n.. Diplays address and port numbers in the numerical form.
-p proto..Shows connections for the protocol specified by proto; proto may be
TCP or UDP. If used with the -s option to display per-protocol statistics,
proto may be TCP, UDP, of IP.
-r.. Display the routing table.
-s.. Display per-protocol statistics. By default, statistics are shown for TCP
UDP and IP; the -p option may be used to specify a subset of the default
interval..Redisplay selected statistics, pausing intervals seconds between each
display. If omitted. netstat will print the current configuration information
once

Converting to NTFS

2007-11-11T04:19:00.001-08:00

Your hard drive must be formatted with a file system such as FAT, FAT32 or NTFS so that Windows can be installed on to it. This system determines how files are named, organised and stored on the drive. If you’re not using it already, NTFS (New Technology File System) is recommended for Windows XP because of the additional functionality it offers. If your PC came with Windows XP pre-installed then there’s a chance that you’re already using NTFS. If you’ve upgraded from Windows 98 or Windows Me you may still be using FAT or FAT 32. The option to change over to NTFS would have been available during the upgrade process. Don’t worry if you skipped this as it’s possible to convert at any time from within Windows XP without losing any data.

The recommended option
There are a number of features in Windows XP that will only work if the NTFS file system is present, which is why it’s suggested you make use of it. File and folder permissions, encryption and privacy options are just some of those you’ll be able to access. In particular, those of you who have set up user accounts will find NTFS invaluable. For instance, if you continue to use FAT or FAT32 anyone with physical access to the drive will be able to access the files and folders that are stored there. However, with NTFS you’ll be able to use a level of encryption (Professional Edition only) that will enable you to protect your data.

You’ll also find NTFS more reliable in that it’s more able to recover from disk errors than its FAT or FAT32 counterparts. A log of all disk activity is kept so should a crash occur, Windows XP can use this information to repair the file system when your PC boots up again. To find out what file system you’re using, open My Computer, right-click your main hard drive and choose Properties. Take a look at the General tab to see confirmation of the file system that’s in use.

Convert now
You can use the convert tool in Windows XP to change the file system on your hard disk from FAT or FAT32 to NTFS. The whole process is safe and your existing data won’t be destroyed. To begin, click Start -> Run, type cmd and press [Return]. At the command prompt type convert c: /fs:ntfs and press [Return] (where ‘c’ is the letter of the drive you’re converting). When you try and run the convert utility, it’s likely that Windows XP will be using your paging file so the process won’t be completed immediately. Therefore, you’ll see a brief message on screen informing you that the conversion will take place instead the next time Windows starts up. Having restarted, the Check Disk utility will run, the conversion will be performed automatically and you may find that your PC will reboot twice more.

The benefits
With your drive now running NTFS, it’s time to take advantage of the new options that are available. Having created a number of different user accounts you can now control the level of access that’s granted to individual users. For example, there are going to be certain files and folders that you’ll want some users to be able to access but not others. If you have Windows XP Professional Edition you can do this immediately.

Right-click any file or folder, choose Properties and select the Security tab. A dialog will be displayed showing the names of all your users. Alongside will be two columns which enable you to select levels of access for each of them, the permissions include Full Control, Modify, Read and Write. You can then check the appropriate box to determine whether or not to Allow or Deny a particular permission. For Windows XP Home Edition users, the Security tab won’t be immediately available. To access this option you’ll need to restart your PC, pressing [F8] until a menu appears. Next select Safe Mode and wait for Windows XP to start up. You can then set your options in the same way.

Another feature is NTFS compression. It’s quick and seamless as your file or folder is decompressed automatically when you access it. (Don’t confuse this with a Zip compression utility where the files need to be extracted before they can be accessed.) Although you may have used NTFS compression on a file or folder, there’s no way of telling just by looking at it. To remedy this, open My Computer, click Tools -> Folder Options and select the View tab. Under Advanced settings, scroll down and check the option ‘Show encrypted or compressed NTFS files in color’, then click Apply and OK. Take a look at your compressed items in My Computer and you’ll see the text label has changed from black to blue. Something else that’s exclusive to Professional Edition users is the Encrypting File System (EFS). You can use this to protect your important data so that no one else can read it. Your encrypted files and folders will only be accessible when you have logged into your user account successfully.

Computer Acronyms

2007-11-11T04:18:00.002-08:00

ADSL - Asymmetric Digital Subscriber Line
AGP - Accelerated Graphics Port
ALI - Acer Labs, Incorporated
ALU - Arithmetic Logic Unit
AMD - Advanced Micro Devices
APC - American Power Conversion
ASCII - American Standard Code for Information Interchange
ASIC - Application Specific Integrated Circuit
ASPI - Advanced SCSI Programming Interface
AT - Advanced Technology
ATI - ATI Technologies Inc.
ATX - Advanced Technology Extended

--- B ---
BFG - BFG Technologies
BIOS - Basic Input Output System
BNC - Barrel Nut Connector

--- C ---
CAS - Column Address Signal
CD - Compact Disk
CDR - Compact Disk Recorder
CDRW - Compact Disk Re-Writer
CD-ROM - Compact Disk - Read Only Memory
CFM - Cubic Feet per Minute (ft�/min)
CMOS - Complementary Metal Oxide Semiconductor
CPU - Central Processing Unit
CTX - CTX Technology Corporation (Commited to Excellence)

--- D ---

DDR - Double Data Rate
DDR-SDRAM - Double Data Rate - Synchronous Dynamic Random Access Memory
DFI - DFI Inc. (Design for Innovation)
DIMM - Dual Inline Memory Module
DRAM - Dynamic Random Access Memory
DPI - Dots Per Inch
DSL - See ASDL
DVD - Digital Versatile Disc
DVD-RAM - Digital Versatile Disk - Random Access Memory

--- E ---
ECC - Error Correction Code
ECS - Elitegroup Computer Systems
EDO - Extended Data Out
EEPROM - Electrically Erasable Programmable Read-Only Memory
EPROM - Erasable Programmable Read-Only Memory
EVGA - EVGA Corporation

--- F ---
FC-PGA - Flip Chip Pin Grid Array
FDC - Floppy Disk Controller
FDD - Floppy Disk Drive
FPS - Frame Per Second
FPU - Floating Point Unit
FSAA - Full Screen Anti-Aliasing
FS - For Sale
FSB - Front Side Bus

--- G ---
GB - Gigabytes
GBps - Gigabytes per second or Gigabits per second
GDI - Graphical Device Interface
GHz - GigaHertz

--- H ---
HDD - Hard Disk Drive
HIS - Hightech Information System Limited
HP - Hewlett-Packard Development Company
HSF - Heatsink-Fan

--- I ---
IBM - International Business Machines Corporation
IC - Integrated Circuit
IDE - Integrated Drive Electronics
IFS- Item for Sale
IRQ - Interrupt Request
ISA - Industry Standard Architecture
ISO - International Standards Organization

--- J ---
JBL - JBL (Jame B. Lansing) Speakers
JVC - JVC Company of America

- K ---
Kbps - Kilobits Per Second
KBps - KiloBytes per second

--- L ---
LG - LG Electronics
LAN - Local Are Network
LCD - Liquid Crystal Display
LDT - Lightning Data Transport
LED - Light Emitting Diode

--- M ---
MAC - Media Access Control
MB � MotherBoard or Megabyte
MBps - Megabytes Per Second
Mbps - Megabits Per Second or Megabits Per Second
MHz - MegaHertz
MIPS - Million Instructions Per Second
MMX - Multi-Media Extensions
MSI - Micro Star International

--- N ---
NAS - Network Attached Storage
NAT - Network Address Translation
NEC - NEC Corporation
NIC - Network Interface Card

--- O ---
OC - Overclock (Over Clock)
OCZ - OCZ Technology
OEM - Original Equipment Manufacturer

--- P ---
PC - Personal Computer
PCB - Printed Circuit Board
PCI - Peripheral Component Interconnect
PDA - Personal Digital Assistant
PCMCIA - Peripheral Component Microchannel Interconnect Architecture
PGA - Professional Graphics Array
PLD - Programmable Logic Device
PM - Private Message / Private Messaging
PnP - Plug 'n Play
PNY - PNY Technology
POST - Power On Self Test
PPPoA - Point-to-Point Protocol over ATM
PPPoE - Point-to-Point Protocol over Ethernet
PQI - PQI Corporation
PSU - Power Supply Unit

--- R ---
RAID - Redundant Array of Inexpensive Disks
RAM - Random Access Memory
RAMDAC - Random Access Memory Digital Analog Convertor
RDRAM - Rambus Dynamic Random Access Memory
ROM - Read Only Memory
RPM - Revolutions Per Minute

--- S ---
SASID - Self-scanned Amorphous Silicon Integrated Display
SCA - SCSI Configured Automatically
SCSI - Small Computer System Interface
SDRAM - Synchronous Dynamic Random Access Memory
SECC - Single Edge Contact Connector
SODIMM - Small Outline Dual Inline Memory Module
SPARC - Scalable Processor ArChitecture
SOHO - Small Office Home Office
SRAM - Static Random Access Memory
SSE - Streaming SIMD Extensions
SVGA - Super Video Graphics Array
S/PDIF - Sony/Philips Digital Interface

--- T ---
TB - Terabytes
TBps - Terabytes per second
Tbps - Terabits per second
TDK - TDK Electronics
TEC - Thermoelectric Cooler
TPC - TipidPC
TWAIN - Technology Without An Important Name

--- U ---
UART - Universal Asynchronous Receiver/Transmitter
USB - Universal Serial Bus
UTP - Unshieled Twisted Pair

--- V ---
VCD - Video CD
VPN - Virtual Private Network

--- W ---
WAN - Wide Area Network
WTB - Want to Buy
WYSIWYG - What You See Is What You Get

--- X ---
XGA - Extended Graphics Array
XFX - XFX Graphics, a Division of Pine
XMS - Extended Memory Specification
XT - Extended Technology

Change The Storage Location Of 'my Documents', a bit safer for when your PC crashes...

2007-11-11T04:18:00.001-08:00

I just found out about this today, and I use Windows XP for some time now, so i guess there are others out there who don't know about this yet.

But normally windows saves the "My Documents" folder on your C-drive. But when you right-click on it and go to properties, you can change the location where you want windows to save your Documents folder.
I have a partition set up with just windows on it, and all my things i want to keep are on different partitions/disks. So now I put My Documents on another partition than where I have windows installed. If windows screws up and you have to format your C-drive again, your documents will be spared at least...

Calculating OFFSETS

2007-11-11T04:17:00.001-08:00

Introduction

This tutorial is more of a tip than a tutorial. It just explains how to calculate offsets for jumps and calls within the program you are patching.

Types of Jumps/Calls

Here I will just describe the different types of jumps and calls which you will come across:

Short Jumps
Short jumps be they conditional or unconditional jumps are 2 bytes long (or 1 nibble if your Californian ;-). These are relative jumps taken from the first byte after the two bytes of the jump. Using short jumps you can jump a maximum of 127 bytes forward and 128 bytes backwards.

Long Jumps
Long jumps if they are relative are 6 bytes long for conditional jumps and are 5 bytes long for unconditional jumps. For conditional jumps 2 bytes are used to identify that it is a long jump and what type of jump (je, jg, jns etc) it is. The other 4 bytes are used to show how far away the target location is relative to the first byte after the jump. In an unconditional jump only 1 byte is used to identify it as a long unconditional jump and the other 4 are used to show it's target's relative position, as with the conditional jumps.

Calls
There are two different types of calls which we will use. The normal type of call works the same as the long jumps in that it is relative to it's current position. The other type gives a reference to a memory location, register or stack position which holds the memory location it will call. The position held by the later is direct e.g. the memory location referenced may contain 401036h which would be the exact position that you would call, not relative to the position of the call. The size of these types of calls depends on any calculations involved in the call i.e. you could do: 'call dword ptr [eax * edx + 2]'. Long jumps can also be made using this method, but I didn't say that earlier as to avoid repetition.

Tables
Here is a brief list of all the different types of jumps/calls and their appropriate op-codes. Where different jumps have the same Op-Codes I have grouped them:

Jump Description Short Op-Code Long Op-Code
call procedure call E8xxxxxxxx N/A
jmp u nconditional jump EBxx E9xxxxxxxx
ja/jnbe jump if above 77xx 0F87xxxxxxxx
jae/jnb/jnc jump if above or equal 73xx 0F83xxxxxxxx
jb/jc/jnae jump if below 72xx 0F82xxxxxxxx
jbe/jna jump if below or equal 76xx 0F86xxxxxxxx
jcxz/jecxz jump if cx/ecx equals zero E3xx N/A
je/jz jump if equal/zero 74xx 0F84xxxxxxxx
jne/jnz jump if not equal/zero 75xx 0F85xxxxxxxx
jg/jnle jump if greater 7Fxx 0F8Fxxxxxxxx
jge/jnl jump if greater or equal 7Dxx 0F8Dxxxxxxxx
jl/jnge jump if less 7Cxx 0F8Cxxxxxxxx
jle/jng jump if less or equal 7Exx 0F8Exxxxxxxx
jno jump if not overflow 71xx 0F81xxxxxxxx
jnp/jpo jump if no parity/parity odd 7Bxx 0F8Bxxxxxxxx
jns jump if not signed 79xx 0F89xxxxxxxx
jo jump if overflow 70xx 0F80xxxxxxxx
jp/jpe jump if parity/parity even 7Axx 0F8Axxxxxxxx
js jump if sign 78xx 0F88xxxxxxxx

Calculating Offsets (finding in the xx's in table)

You will need to be able to calculate offsets when you add jumps and make calls within and to the code you have added. If you choose to do this by hand instead of using a tool then here are the basics:

For jumps and calls further on in memory from your current position you take the address where you want to jump/call and subtract from it the memory location of the next instruction after your call/jump i.e.:

(target mem address) - (mem location of next instruction after call/jump)

Example
If we wanted to jump to 4020d0 and the next instruction *after* the jump is at location 401093 then we would use the following calculation:

4020d0 - 401093 = 103d

We then write the jump instruction in hex as e93d100000 where e9 is the hex op-code for a long relative jump and 3d100000 is the result of our calculation expanded to dword size and reversed.

For jumps and calls to locations *before* the current location in memory you take the address you want to call/jump to and subtract it from the memory location of the next instruction after your call/jump, then subtract 1 and finally perform a logical NOT on the result i.e.

NOT(mem address of next instruction - target mem address - 1)

Example
If we wanted to call location 401184 and the address of the next instruction after the call is 402190 then we do the following calculation:

NOT(402190 - 401184 - 1 ) = ffffeff4

We can then write our call instruction in hex as e8f4efffff where e8 is the hex op-code for relative call and f4efffff is the result of the calculation in reverse order.

If you want to practice with different examples then the best way to do this is to use a disassembler like WDASM which shows you the op-codes and try and work out the results yourself. Also as an end note you don't have to perform these calculations if you have enough room to make your jump or call instruction into an absolute jump call by doing the following as represented in assembler:

mov eax, 4020d0
call eax (or jmp eax)

Final Notes

Make life easier and use a program to do this ;-)

BulletProof FTP Server Tutorial

2007-11-11T04:16:00.000-08:00

thanks to someone for this tut.

Configuring your Bulletproof FTP Server Tutorial

I am not sure where I found this tutorial, It’s been a while…It might even have been here... ..So if it is one of yours, my hat goes off to you once again....

After reading the excellent tutorial on "Creating an FTP" that Norway posted…

(I would suggest reading and following his tutorial first, then following up with this one)

I thought that perhaps this tutorial might be pretty helpful for those interested in knowing how to configure their Bulletproof FTP Server that don't already know how... Here's how to get started…

This is for the BulletProof FTP Server 2.10. However, It should work fine on most following versions as well.

I'm assuming you have it installed and cracked.

Basics
1. Start the program.
2. Click on Setup > Main > General from the pull-down menu.
3. Enter your server name into the 'Server Name' box. Under Connection set the “Max number of users" to any number. This is the limit as to how many users can be on your sever at any time.
4. Click on the 'options' tab of that same panel (on the side)
5. Look at the bottom, under IP Options. Put a check in the box “Refuse Multiple Connections from the same IP”. This will prevent one person from blocking your FTP to others.
6. Also put a check in the 'Blocked Banned IP (instead of notifying client). VERY IMPORTANT! If somebody decides to 'Hammer' (attempt to login numerous times VERY quickly) your server/computer may CRASH if you don't enable this.
7. Click on the 'advanced' tab
8. At the bottom again look at the 'hammering area'
9. Enable 'anti-hammer' and 'do not reply to people hammering' Set it for the following: Block IP 120 min if 5 connections in 60 sec. You can set this at whatever you want to but that is pretty much a standard Click 'OK'

Adding Users
11. Setup > User accounts form pull-down.
12. Right click in the empty 'User Accounts' area on the right: choose 'Add'
13. Enter account name. (ie: logon name)
14. In the 'Access rights' box right click: choose ‘Add’.
15. Browse until you find the directory (folder) you want to share. In the right column you will see a bunch of checkboxes. Put a check in the following ones: Read, Write, Append, Make, List, and +Subdirs. Press 'select'.
16. Enter a password for your new FTP account.
17. Click on 'Miscellaneous' in the left column. Make sure 'Enable Account' is selected. Enable 'Max Number of Users' set it at a number other than zero. 1 for a personal account and more that one for a group account. Enable 'Max. no. of connects per IP' set it at 1

18. Under 'Files' enable 'show relative path' this is a security issue. A FTP client will now not be able to see the ENTIRE path of the FTP. It will only see the path from the main directory. Hide hidden flies as well.
Put a tick in both of these.

Advanced:
You don't need to do any of this stuff, but It will help tweak your server and help you maintain order on it. All of the following will be broken down into small little areas that will tell you how to do one thing at a time.

Changing the Port
The default port is always 21, but you can change this. Many ISPs will routinely do a scan of its own users to find a ftp server, also when people scan for pubs they may scan your IP, thus finding your ftp server. If you do decide to change it many suggest that you make the port over 10,000.
1. Setup > Main > General
2. In the 'Connection' Area is a setting labeled 'Listen on Port Number:'
3. Make it any number you want. That will be your port number.
4. Click 'OK'

Making an 'Upload Only' or 'Download Only' ftp server.
This is for the entire SERVER, not just a user.
1. Setup > Main > Advanced
2. In the advanced window you will have the following options: uploads and downloads, downloads only, and uploads only. By default upload and download will be checked. Change it to whatever you want.
3. Click 'OK’

While you are running your server, usually you will end up spending more time at your computer than you normally do. Don't be afraid to ban IP's. Remember, on your FTP you do as you want.

When you are online you must also select the open server button next to the on-line button which is the on-line Button

You also have to use the actual Numbered ip Address ie: 66.250.216.67

Or even Better yet, get a no-ip.com address

Block Adservers

2007-11-11T04:15:00.000-08:00

f you wanna remove those nasty ads from the pages which waste lot of time and bandwidth then here is something for you I belive it will help you a lot

how it works
It's possible to set up a name server as authoritative for any domain you choose, allowing you to specify the DNS records for that domain. You can also configure most computers to be sort of mini-nameservers for themselves, so that they check their own DNS records before asking a nameserver. Either way, you get to say what hostname points to what IP address. If you haven't guessed already, the way you block ads it to provide bogus information about the domains we don't want to see - ie, all those servers out there that dedicate their existence to spewing out banner ads.

The hosts file

Probably the most common way people block ads like this is with something called the "hosts file". The hosts file is a simple list of hostnames and their corresponding IP addresses, which your computer looks at every time you try and contact a previously unknown hostname. If it finds an entry for the computer you're trying to reach, it sets the IP address for that computer to be whatever's in the hosts file.

127.0.0.1 is a special IP address which, to a computer, always means that computer. Any time a machine sends a network request to 127.0.0.1, it is talking to itself. This is very useful when it comes to blocking ads, because all we have to do is specify the IP address of any ad server to be 127.0.0.1. And to do that, all we have to do is edit the hosts file. What will happen then is something like this:

1. you visit a web page
2. the web page contains a banner ad stored on the server "ads.example.com"
3. your computer says "ads.example.com? never heard of it. wait a second, let's see if I've got the number on me..."
4. your computer finds its hosts file and checks to see if ads.example.com is listed
5. it finds the hostname, which points to 127.0.0.1
6. "great", says the computer, and sends off a request to 127.0.0.1 for the banner ad that's supposed to be on the page
7. "oh", says the computer, and fails to show anything because it just sent a request to itself for a banner ad

Where's my hosts file?

* Windows 95 / 98 / ME: C:\Windows (I think)
* Windows NT: C:\WinNT\hosts
* Windows 2000: C:\WinNT\system32\drivers\etc\
* Windows XP: C:\Windows\System32\drivers\etc
* FreeBSD / Linux / Mac OS X / Unixish operating systems: /etc/hosts
* Classic Mac OS: please read this helpful information submitted by David "iNerd" B
* Mac OS 9: Marcia Skidmore sent in details that hopefully explain what you need to know

The format of the hosts file is very simple - IP address, whitespace, then a list of hostnames (except for older Macs; please see above). However, you don't need to know anything about the format if you don't want to as you can just view the list hosts file.

Of course, that's not the only way to use the list, but it's probably the most simple for most people.

here is the hosts list which are serving you the ads just append it to your hosts file and enjoy ad free surfing makes things faster. if you want ad from certain site then just remove it from the list below.

QUOTE
127.0.0.1 007arcadegames.com
127.0.0.1 101order.com
127.0.0.1 123banners.com
127.0.0.1 123found.com
127.0.0.1 180searchassistant.com
127.0.0.1 180solutions.com
127.0.0.1 247media.com
127.0.0.1 247realmedia.com
127.0.0.1 24pm-affiliation.com
127.0.0.1 2log.com
127.0.0.1 2o7.net
127.0.0.1 4affiliate.net
127.0.0.1 4d5.net
127.0.0.1 7adpower.com
127.0.0.1 911promotion.com
127.0.0.1 a-counter.kiev.ua
127.0.0.1 a.consumer.net
127.0.0.1 a.gismeteo.ru
127.0.0.1 a.mktw.net
127.0.0.1 a.r.tv.com
127.0.0.1 a.xanga.com
127.0.0.1 a32.g.a.yimg.com
127.0.0.1 aaddzz.com
127.0.0.1 abcnews.footprint.net
127.0.0.1 abetterinternet.com
127.0.0.1 abz.com
127.0.0.1 ac.rnm.ca
127.0.0.1 accelerator-media.com
127.0.0.1 accipiter.speedera.net
127.0.0.1 action.ientry.net
127.0.0.1 actionsplash.com
127.0.0.1 actualdeals.com
127.0.0.1 ad-annex.com
127.0.0.1 ad-flow.com
127.0.0.1 ad-images.suntimes.com
127.0.0.1 ad-logics.com
127.0.0.1 ad-rotator.com
127.0.0.1 ad-server.gulasidorna.se
127.0.0.1 ad-souk.com
127.0.0.1 ad-space.net
127.0.0.1 ad-tech.com
127.0.0.1 ad-universe.com
127.0.0.1 ad-up.com
127.0.0.1 ad.100.tbn.ru
127.0.0.1 ad.37.com
127.0.0.1 ad.4web.cz
127.0.0.1 ad.71i.de
127.0.0.1 ad.a8.net
127.0.0.1 ad.abcnews.com
127.0.0.1 ad.abctv.com
127.0.0.1 ad.about.com
127.0.0.1 ad.aboutit.de
127.0.0.1 ad.aboutwebservices.com
127.0.0.1 ad.aftonbladet.se
127.0.0.1 ad.allstar.cz
127.0.0.1 ad.altervista.org
127.0.0.1 ad.asap-asp.net
127.0.0.1 ad.bondage.com
127.0.0.1 ad.centrum.cz
127.0.0.1 ad.cgi.cz
127.0.0.1 ad.chip.de
127.0.0.1 ad.clix.pt
127.0.0.1 ad.digitallook.com
127.0.0.1 ad.directconnect.se
127.0.0.1 ad.disney.go.com
127.0.0.1 ad.domainfactory.de
127.0.0.1 ad.dvdforum.nu
127.0.0.1 ad.e-kolay.net
127.0.0.1 ad.e-not.net
127.0.0.1 ad.eurosport.com
127.0.0.1 ad.ezpeer.com
127.0.0.1 ad.fido.net
127.0.0.1 ad.fragzone.se
127.0.0.1 ad.free6.com
127.0.0.1 ad.grafika.cz
127.0.0.1 ad.harmony-central.com
127.0.0.1 ad.hbv.de
127.0.0.1 ad.howstuffworks.com
127.0.0.1 ad.hyena.cz
127.0.0.1 ad.iinfo.cz
127.0.0.1 ad.ilse.nl
127.0.0.1 ad.img.yahoo.co.kr
127.0.0.1 ad.infoseek.com
127.0.0.1 ad.investopedia.com
127.0.0.1 ad.ir.ru
127.0.0.1 ad.itmedia.co.jp
127.0.0.1 ad.jetsoftware.com
127.0.0.1 ad.keenspace.com
127.0.0.1 ad.krutilka.ru
127.0.0.1 ad.leadcrunch.com
127.0.0.1 ad.linx.cz
127.0.0.1 ad.liveinternet.ru
127.0.0.1 ad.lupa.cz
127.0.0.1 ad.mediastorm.hu
127.0.0.1 ad.mgd.de
127.0.0.1 ad.moscowtimes.ru
127.0.0.1 ad.musicmatch.com
127.0.0.1 ad.mwizard.net
127.0.0.1 ad.nachtagenten.de
127.0.0.1 ad.nozonedata.com
127.0.0.1 ad.nrk.no
127.0.0.1 ad.pbs.bb.ru
127.0.0.1 ad.playground.ru
127.0.0.1 ad.preferances.com
127.0.0.1 ad.rambler.ru
127.0.0.1 ad.reunion.com
127.0.0.1 ad.seznam.cz
127.0.0.1 ad.simgames.net
127.0.0.1 ad.spieletips.de
127.0.0.1 ad.suprnova.org
127.0.0.1 ad.surfsecret.com
127.0.0.1 ad.sweclockers.com
127.0.0.1 ad.t2t2.com
127.0.0.1 ad.tbn.ru
127.0.0.1 ad.tiscali.com
127.0.0.1 ad.tisnet.net.tw
127.0.0.1 ad.tomshardware.com
127.0.0.1 ad.top50.to
127.0.0.1 ad.tv2.no
127.0.0.1 ad.tweakpc.de
127.0.0.1 ad.uk.tangozebra.com
127.0.0.1 ad.uol.com.br
127.0.0.1 ad.usatoday.com
127.0.0.1 ad.way.cz
127.0.0.1 ad.wz.cz
127.0.0.1 ad.yadro.ru
127.0.0.1 ad.yieldmanager.com
127.0.0.1 ad.yourmedia.com
127.0.0.1 ad01.mediacorpsingapore.com
127.0.0.1 ad1.emediate.dk
127.0.0.1 ad1.gamezone.com
127.0.0.1 ad1.hardware.no
127.0.0.1 ad1.kde.cz
127.0.0.1 ad1.lbe.ru
127.0.0.1 ad1.outpost.com
127.0.0.1 ad1.zendmedia.com
127.0.0.1 ad2.atlas.cz
127.0.0.1 ad2.bb.ru
127.0.0.1 ad2.insitemedia.hu
127.0.0.1 ad2.lbe.ru
127.0.0.1 ad2.linx.cz
127.0.0.1 ad2.linxcz.cz
127.0.0.1 ad2.lupa.cz
127.0.0.1 ad2.mamma.com
127.0.0.1 ad2.seznam.cz
127.0.0.1 ad2.tisnet.net.tw
127.0.0.1 ad3.tisnet.net.tw
127.0.0.1 ad4.atlas.cz
127.0.0.1 ad4.tisnet.net.tw
127.0.0.1 ad41.atlas.cz
127.0.0.1 ad4ex.com
127.0.0.1 adbanner.ro
127.0.0.1 adboost.de.vu
127.0.0.1 adbot.com
127.0.0.1 adbot.theonion.com
127.0.0.1 adbrite.com
127.0.0.1 adbureau.net
127.0.0.1 adbutler.com
127.0.0.1 adbutler.de
127.0.0.1 adcell.de
127.0.0.1 adcenter.mdf.se
127.0.0.1 adcenter.net
127.0.0.1 adcentriconline.com
127.0.0.1 adcept.net
127.0.0.1 adclick.com
127.0.0.1 adclick.gamespy.com
127.0.0.1 adclick.mint.se
127.0.0.1 adclick.ro
127.0.0.1 adclient.rottentomatoes.com
127.0.0.1 adclient1.tucows.com
127.0.0.1 adcomplete.com
127.0.0.1 adcontent.gamespy.com
127.0.0.1 adcontroller.unicast.com
127.0.0.1 adcreative.tribuneinteractive.com
127.0.0.1 adcycle.com
127.0.0.1 adcycle.icpeurope.net
127.0.0.1 addcontrol.net
127.0.0.1 addesktop.com
127.0.0.1 addfreestats.com
127.0.0.1 addme.com
127.0.0.1 addynamix.com
127.0.0.1 adengage.com
127.0.0.1 adext.inkclub.com
127.0.0.1 adfarm.mediaplex.com
127.0.0.1 adfiles.api.no
127.0.0.1 adflight.com
127.0.0.1 adfly.com
127.0.0.1 adhostcenter.com
127.0.0.1 adi.mainichi.co.jp
127.0.0.1 adimage.asiaone.com.sg
127.0.0.1 adimages.been.com
127.0.0.1 adimages.carsoup.com
127.0.0.1 adimages.go.com
127.0.0.1 adimages.homestore.com
127.0.0.1 adimages.sanomawsoy.fi
127.0.0.1 adimg.cnet.com
127.0.0.1 adimg.com.com
127.0.0.1 adimg1.chosun.com
127.0.0.1 adimgs.sapo.pt
127.0.0.1 adincl.gopher.com
127.0.0.1 adition.de
127.0.0.1 adition.net
127.0.0.1 adjuggler.yourdictionary.com
127.0.0.1 adlegend.com
127.0.0.1 adlink.de
127.0.0.1 adlog.com.com
127.0.0.1 adlogix.net
127.0.0.1 adm.ad.asap-asp.net
127.0.0.1 adman.freeze.com
127.0.0.1 admanagement.ch
127.0.0.1 admanager.beweb.com
127.0.0.1 admanager.btopenworld.com
127.0.0.1 admanager.carsoup.com
127.0.0.1 admanager.persianblog.com
127.0.0.1 admaximize.com
127.0.0.1 admedia.ro
127.0.0.1 admeta.com
127.0.0.1 admex.com
127.0.0.1 adminder.com
127.0.0.1 adminshop.com
127.0.0.1 admonitor.com
127.0.0.1 admonitor.net
127.0.0.1 admotion.com.ar
127.0.0.1 adnet.biz
127.0.0.1 adnews.maddog2000.de
127.0.0.1 ado.internet.cz
127.0.0.1 adorigin.com
127.0.0.1 adpepper.dk
127.0.0.1 adpick.switchboard.com
127.0.0.1 adprofile.net
127.0.0.1 adprojekt.pl
127.0.0.1 adpush.dreamscape.com
127.0.0.1 adq.nextag.com
127.0.0.1 adremedy.com
127.0.0.1 adremote.pathfinder.com
127.0.0.1 adrenaline.cz
127.0.0.1 adrenalinesk.sk
127.0.0.1 adreporting.com
127.0.0.1 adres.internet.com
127.0.0.1 adrevolver.com
127.0.0.1 adrevolver.holzmannverlag.de
127.0.0.1 adriver.ru
127.0.0.1 adroar.com
127.0.0.1 adrotate.de
127.0.0.1 adrotator.net
127.0.0.1 ads-205.quarterserver.de
127.0.0.1 ads-de.spray.net
127.0.0.1 ads.100asians.com
127.0.0.1 ads.5ci.lt
127.0.0.1 ads.aceweb.net
127.0.0.1 ads.adshareware.net
127.0.0.1 ads.adultfriendfinder.com
127.0.0.1 ads.advance.net
127.0.0.1 ads.adverline.com
127.0.0.1 ads.affiliates.match.com
127.0.0.1 ads.allsites.com
127.0.0.1 ads.alwayson-network.com
127.0.0.1 ads.amazingmedia.com
127.0.0.1 ads.amdmb.com
127.0.0.1 ads.aol.com
127.0.0.1 ads.as4x.tmcs.net
127.0.0.1 ads.asia1.com.sg
127.0.0.1 ads.asiafriendfinder.com
127.0.0.1 ads.aspalliance.com
127.0.0.1 ads.battle.net
127.0.0.1 ads.belointeractive.com
127.0.0.1 ads.berlinonline.de
127.0.0.1 ads.betanews.com
127.0.0.1 ads.bfast.com
127.0.0.1 ads.bigcitytools.com
127.0.0.1 ads.bigfoot.com
127.0.0.1 ads.billiton.de
127.0.0.1 ads.bitsonthewire.com
127.0.0.1 ads.blick.ch
127.0.0.1 ads.bloomberg.com
127.0.0.1 ads.bluemountain.com
127.0.0.1 ads.box.sk
127.0.0.1 ads.businessweek.com
127.0.0.1 ads.canalblog.com
127.0.0.1 ads.canoe.ca
127.0.0.1 ads.cavello.com
127.0.0.1 ads.cbc.ca
127.0.0.1 ads.cdfreaks.com
127.0.0.1 ads.centraliprom.com
127.0.0.1 ads.cgnetworks.com
127.0.0.1 ads.channel4.com
127.0.0.1 ads.cimedia.com
127.0.0.1 ads.clearchannel.com
127.0.0.1 ads.collegclub.com
127.0.0.1 ads.com.com
127.0.0.1 ads.currantbun.com
127.0.0.1 ads.cyberfight.ru
127.0.0.1 ads.cybersales.cz
127.0.0.1 ads.danworld.net
127.0.0.1 ads.datingyes.com
127.0.0.1 ads.dbforums.com
127.0.0.1 ads.ddj.com
127.0.0.1 ads.deltha.hu
127.0.0.1 ads.dennisnet.co.uk
127.0.0.1 ads.desmoinesregister.com
127.0.0.1 ads.detelefoongids.nl
127.0.0.1 ads.developershed.com
127.0.0.1 ads.deviantart.com
127.0.0.1 ads.digitalmedianet.com
127.0.0.1 ads.digitalpoint.com
127.0.0.1 ads.directionsmag.com
127.0.0.1 ads.discovery.com
127.0.0.1 ads.dk
127.0.0.1 ads.dmk-internet.com
127.0.0.1 ads.e-planning.net
127.0.0.1 ads.edbindex.dk
127.0.0.1 ads.einmedia.com
127.0.0.1 ads.erotism.com
127.0.0.1 ads.esmas.com
127.0.0.1 ads.eu.msn.com
127.0.0.1 ads.eudora.com
127.0.0.1 ads.exhedra.com
127.0.0.1 ads.ezboard.com
127.0.0.1 ads.fairfax.com.au
127.0.0.1 ads.filmup.com
127.0.0.1 ads.firingsquad.com
127.0.0.1 ads.flooble.com
127.0.0.1 ads.floridatoday.com
127.0.0.1 ads.fool.com
127.0.0.1 ads.forbes.com
127.0.0.1 ads.forbes.net
127.0.0.1 ads.forium.de
127.0.0.1 ads.fortunecity.com
127.0.0.1 ads.foxkidseurope.net
127.0.0.1 ads.freecity.de
127.0.0.1 ads.freeze.com
127.0.0.1 ads.friendtest.com
127.0.0.1 ads.ft.com
127.0.0.1 ads.g4techtv.com
127.0.0.1 ads.game.net
127.0.0.1 ads.gamecity.net
127.0.0.1 ads.gamecopyworld.no
127.0.0.1 ads.gameforgeads.de
127.0.0.1 ads.gamershell.com
127.0.0.1 ads.gamespy.com
127.0.0.1 ads.gamespyid.com
127.0.0.1 ads.gamigo.de
127.0.0.1 ads.gawker.com
127.0.0.1 ads.gettools.com
127.0.0.1 ads.globeandmail.com
127.0.0.1 ads.gotfrag.com
127.0.0.1 ads.goyk.com
127.0.0.1 ads.grindinggears.com
127.0.0.1 ads.guardian.co.uk
127.0.0.1 ads.guardianunlimited.co.uk
127.0.0.1 ads.hbv.de
127.0.0.1 ads.heartlight.org
127.0.0.1 ads.herald-sun.com
127.0.0.1 ads.hollywood.com
127.0.0.1 ads.humorbua.no
127.0.0.1 ads.iafrica.com
127.0.0.1 ads.iboost.com
127.0.0.1 ads.icq.com
127.0.0.1 ads.ign.com
127.0.0.1 ads.imdb.com
127.0.0.1 ads.img.co.za
127.0.0.1 ads.indya.com
127.0.0.1 ads.indystar.com
127.0.0.1 ads.inetfast.com
127.0.0.1 ads.inetinteractive.com
127.0.0.1 ads.infi.net
127.0.0.1 ads.infospace.com
127.0.0.1 ads.internic.co.il
127.0.0.1 ads.inthemix.com.au
127.0.0.1 ads.ipowerweb.com
127.0.0.1 ads.isoftmarketing.com
127.0.0.1 ads.itv.com
127.0.0.1 ads.iwon.com
127.0.0.1 ads.jimworld.com
127.0.0.1 ads.jpost.com
127.0.0.1 ads.jubii.dk
127.0.0.1 ads.katz.ws
127.0.0.1 ads.kinobox.cz
127.0.0.1 ads.krawall.de
127.0.0.1 ads.leo.org
127.0.0.1 ads.linuxjournal.com
127.0.0.1 ads.linuxquestions.org
127.0.0.1 ads.linuxsecurity.com
127.0.0.1 ads.lnkworld.com
127.0.0.1 ads.localnow.com
127.0.0.1 ads.lycos-europe.com
127.0.0.1 ads.lycos.com
127.0.0.1 ads.madison.com
127.0.0.1 ads.mariuana.it
127.0.0.1 ads.mcafee.com
127.0.0.1 ads.mediaodyssey.com
127.0.0.1 ads.mediaturf.net
127.0.0.1 ads.metropol.dk
127.0.0.1 ads.mgnetwork.com
127.0.0.1 ads.monster.com
127.0.0.1 ads.msn.com
127.0.0.1 ads.multimania.lycos.fr
127.0.0.1 ads.musiccity.com
127.0.0.1 ads.myguysolutions.com
127.0.0.1 ads.mysimon.com
127.0.0.1 ads.nandomedia.com
127.0.0.1 ads.nationalreview.com
127.0.0.1 ads.neoseeker.com
127.0.0.1 ads.neowin.net
127.0.0.1 ads.netmechanic.com
127.0.0.1 ads.newcity.com
127.0.0.1 ads.newcitynet.com
127.0.0.1 ads.newdream.net
127.0.0.1 ads.newmedia.cz
127.0.0.1 ads.newsint.co.uk
127.0.0.1 ads.newsobserver.com
127.0.0.1 ads.newsquest.co.uk
127.0.0.1 ads.newtimes.com
127.0.0.1 ads.ngenuity.com
127.0.0.1 ads.ninemsn.com.au
127.0.0.1 ads.nola.com
127.0.0.1 ads.nordichardware.se
127.0.0.1 ads.ntadvice.com
127.0.0.1 ads.nwsource.com
127.0.0.1 ads.nyi.net
127.0.0.1 ads.nyjournalnews.com
127.0.0.1 ads.nypost.com
127.0.0.1 ads.nytimes.com
127.0.0.1 ads.nzcity.co.nz
127.0.0.1 ads.ole.com
127.0.0.1 ads.oneplace.com
127.0.0.1 ads.onlineguiden.com
127.0.0.1 ads.optusnet.com.au
127.0.0.1 ads.orsm.net
127.0.0.1 ads.osdn.com
127.0.0.1 ads.osnews.com
127.0.0.1 ads.ourbrisbane.com
127.0.0.1 ads.overclockers.at
127.0.0.1 ads.pcper.com
127.0.0.1 ads.peel.com
127.0.0.1 ads.phparena.net
127.0.0.1 ads.phpclasses.org
127.0.0.1 ads.pittsburghlive.com
127.0.0.1 ads.planet.nl
127.0.0.1 ads.pni.com
127.0.0.1 ads.powweb.com
127.0.0.1 ads.premiumnetwork.com
127.0.0.1 ads.primeinteractive.net
127.0.0.1 ads.prisacom.com
127.0.0.1 ads.pro-market.net
127.0.0.1 ads.realcities.com
127.0.0.1 ads.realmedia.de
127.0.0.1 ads.recoletos.es
127.0.0.1 ads.rediff.com
127.0.0.1 ads.rivals.net
127.0.0.1 ads.rottentomatoes.com
127.0.0.1 ads.rp-online.de
127.0.0.1 ads.rpgdot.com
127.0.0.1 ads.rpgui.com
127.0.0.1 ads.satyamonline.com
127.0.0.1 ads.savannahnow.com
127.0.0.1 ads.scifi.com
127.0.0.1 ads.sexplanets.com
127.0.0.1 ads.shareprovider.com
127.0.0.1 ads.sify.com
127.0.0.1 ads.simtel.net
127.0.0.1 ads.smartclick.com
127.0.0.1 ads.softwareoutfit.com
127.0.0.1 ads.space.com
127.0.0.1 ads.sptimes.com
127.0.0.1 ads.stationplay.com
127.0.0.1 ads.stileproject.com
127.0.0.1 ads.storagereview.net
127.0.0.1 ads.stratics.com
127.0.0.1 ads.switchboard.com
127.0.0.1 ads.techtv.com
127.0.0.1 ads.telegraaf.nl
127.0.0.1 ads.telegraph.co.uk
127.0.0.1 ads.theglobeandmail.com
127.0.0.1 ads.thestar.com
127.0.0.1 ads.thewebfreaks.com
127.0.0.1 ads.thottbot.com
127.0.0.1 ads.tiscali.fr
127.0.0.1 ads.tmcs.net
127.0.0.1 ads.top500.org
127.0.0.1 ads.townhall.com
127.0.0.1 ads.tripod.com
127.0.0.1 ads.tripod.lycos.co.uk
127.0.0.1 ads.tripod.lycos.de
127.0.0.1 ads.tripod.lycos.nl
127.0.0.1 ads.tucows.com
127.0.0.1 ads.ucomics.com
127.0.0.1 ads.uigc.net
127.0.0.1 ads.unixathome.org
127.0.0.1 ads.urli.net
127.0.0.1 ads.usatoday.com
127.0.0.1 ads.v3.com
127.0.0.1 ads.v3exchange.com
127.0.0.1 ads.vesperexchange.com
127.0.0.1 ads.videoaxs.com
127.0.0.1 ads.virtual-nights.com
127.0.0.1 ads.virtualcountries.com
127.0.0.1 ads.vnuemedia.com
127.0.0.1 ads.vnumedia.com
127.0.0.1 ads.wanadooregie.com
127.0.0.1 ads.weather.ca
127.0.0.1 ads.weather.com
127.0.0.1 ads.web.aol.com
127.0.0.1 ads.web.cs.com
127.0.0.1 ads.web.de
127.0.0.1 ads.web21.com
127.0.0.1 ads.webattack.com
127.0.0.1 ads.webheat.com
127.0.0.1 ads.webnet.advance.net
127.0.0.1 ads.whi.co.nz
127.0.0.1 ads.winsite.com
127.0.0.1 ads.wunderground.com
127.0.0.1 ads.x10.com
127.0.0.1 ads.x10.net
127.0.0.1 ads.xtra.co.nz
127.0.0.1 ads.yourfreedvds.com
127.0.0.1 ads.zdnet.com
127.0.0.1 ads001.webwombat.com.au
127.0.0.1 ads1.advance.net
127.0.0.1 ads1.akkuna.com
127.0.0.1 ads1.canoe.ca
127.0.0.1 ads1.erotism.com
127.0.0.1 ads1.mediacapital.pt
127.0.0.1 ads1.sptimes.com
127.0.0.1 ads1.theglobeandmail.com
127.0.0.1 ads10.speedbit.com
127.0.0.1 ads2.advance.net
127.0.0.1 ads2.akkuna.com
127.0.0.1 ads2.clearchannel.com
127.0.0.1 ads2.collegclub.com
127.0.0.1 ads2.collegeclub.com
127.0.0.1 ads2.exhedra.com
127.0.0.1 ads2.firingsquad.com
127.0.0.1 ads2.gamecity.net
127.0.0.1 ads2.jubii.dk
127.0.0.1 ads2.oneplace.com
127.0.0.1 ads2.osdn.com
127.0.0.1 ads2.top500.org
127.0.0.1 ads3.advance.net
127.0.0.1 ads3.gamecity.net
127.0.0.1 ads360.com
127.0.0.1 ads4.advance.net
127.0.0.1 ads4.clearchannel.com
127.0.0.1 ads4.gamecity.net
127.0.0.1 ads4.realcities.com
127.0.0.1 ads4homes.com
127.0.0.1 ads5.advance.net
127.0.0.1 ads5.canoe.ca
127.0.0.1 ads6.advance.net
127.0.0.1 ads6.gamecity.net
127.0.0.1 ads7.gamecity.net
127.0.0.1 ads8.com
127.0.0.1 adsag.com
127.0.0.1 Adsatt.ABCNews.starwave.com
127.0.0.1 adsatt.espn.go.com
127.0.0.1 adsatt.espn.starwave.com
127.0.0.1 Adsatt.go.starwave.com
127.0.0.1 adscholar.com
127.0.0.1 adscpm.com
127.0.0.1 adsdaq.com
127.0.0.1 adserv.aip.org
127.0.0.1 adserv.gamezone.de
127.0.0.1 adserv.geocomm.com
127.0.0.1 adserv.happypuppy.com
127.0.0.1 adserv.iafrica.com
127.0.0.1 adserv.lwmn.net
127.0.0.1 adserv.quality-channel.de
127.0.0.1 adserv1.winboard.org
127.0.0.1 adserve.viaarena.com
127.0.0.1 adserver.71i.de
127.0.0.1 adserver.adultfriendfinder.com
127.0.0.1 adserver.allerinternett.com
127.0.0.1 adserver.anm.co.uk
127.0.0.1 adserver.ath.cx
127.0.0.1 adserver.billiger-surfen.de
127.0.0.1 adserver.billiger-telefonieren.de
127.0.0.1 adserver.bluewin.ch
127.0.0.1 adserver.colleges.com
127.0.0.1 adserver.com
127.0.0.1 adserver.conjelco.com
127.0.0.1 adserver.developersnetwork.com
127.0.0.1 adserver.digitoday.com
127.0.0.1 adserver.dotcommedia.de
127.0.0.1 adserver.eudora.com
127.0.0.1 adserver.filefront.com
127.0.0.1 adserver.freecity.de
127.0.0.1 adserver.freenet.de
127.0.0.1 adserver.friendfinder.com
127.0.0.1 adserver.gamesquad.net
127.0.0.1 adserver.garden.com
127.0.0.1 adserver.geizkragen.de
127.0.0.1 adserver.gr
127.0.0.1 adserver.hardwareanalysis.com
127.0.0.1 adserver.hispavista.com
127.0.0.1 adserver.humanux.com
127.0.0.1 adserver.ign.com
127.0.0.1 adserver.isonews.com
127.0.0.1 adserver.itsfogo.com
127.0.0.1 adserver.janes.com
127.0.0.1 adserver.jolt.co.uk
127.0.0.1 adserver.journalinteractive.com
127.0.0.1 adserver.legacy-network.com
127.0.0.1 adserver.libero.it
127.0.0.1 adserver.m2kcore.com
127.0.0.1 adserver.monster.com
127.0.0.1 adserver.news.com.au
127.0.0.1 adserver.ngz-network.de
127.0.0.1 adserver.nydailynews.com
127.0.0.1 adserver.nzoom.com
127.0.0.1 adserver.pl
127.0.0.1 adserver.plhb.com
127.0.0.1 adserver.portalofevil.com
127.0.0.1 adserver.portugalmail.net
127.0.0.1 adserver.portugalmail.pt
127.0.0.1 adserver.ro
127.0.0.1 adserver.sanomawsoy.fi
127.0.0.1 adserver.securityfocus.com
127.0.0.1 adserver.sharewareonline.com
127.0.0.1 adserver.snowball.com
127.0.0.1 adserver.startnow.com
127.0.0.1 adserver.terra.es
127.0.0.1 adserver.theonering.net
127.0.0.1 adserver.track-star.com
127.0.0.1 adserver.trb.com
127.0.0.1 adserver.tribuneinteractive.com
127.0.0.1 adserver.ugo.com
127.0.0.1 adserver.usermagnet.com
127.0.0.1 adserver.visions.de
127.0.0.1 adserver.webhostlist.de
127.0.0.1 adserver.yahoo.com
127.0.0.1 adserver1-images.backbeatmedia.com
127.0.0.1 adserver1.backbeatmedia.com
127.0.0.1 adserver1.mediainsight.de
127.0.0.1 adserver1.ogilvy-interactive.de
127.0.0.1 adserver1.shareconnector.com
127.0.0.1 adserver2.mediainsight.de
127.0.0.1 adserver2.popdata.de
127.0.0.1 adserver3.eudora.com
127.0.0.1 adserver4.eudora.com
127.0.0.1 adserversolutions.com
127.0.0.1 adservervv.geizkragen.de
127.0.0.1 adserving.eleven-agency.com
127.0.0.1 adservingcentral.com
127.0.0.1 adsfac.net
127.0.0.1 adshadow.net
127.0.0.1 adsmart.co.uk
127.0.0.1 adsmart.com
127.0.0.1 adsmart.net
127.0.0.1 adsmusic.com
127.0.0.1 adsnew.userfriendly.org
127.0.0.1 adsoftware.com
127.0.0.1 adsoldier.com
127.0.0.1 adsp.ilse.nl
127.0.0.1 adspace.ro
127.0.0.1 adsremote.scripps.com
127.0.0.1 adsrv.iol.co.za
127.0.0.1 adsweb.tiscali.cz
127.0.0.1 adsynergy.com
127.0.0.1 adsystem.tt-forums.net
127.0.0.1 adtech.de
127.0.0.1 adtech.m7z.net
127.0.0.1 adtoma.com
127.0.0.1 adtrade.net
127.0.0.1 adtrading.de
127.0.0.1 adtrak.net
127.0.0.1 adtrix.com
127.0.0.1 adv-banner.libero.it
127.0.0.1 adv.for-ua.com
127.0.0.1 adv.freeonline.it
127.0.0.1 adv.hwupgrade.it
127.0.0.1 adv.isdn.cz
127.0.0.1 adv.surinter.net
127.0.0.1 adv.webmd.com
127.0.0.1 adv.wp.pl
127.0.0.1 adv.yo.cz
127.0.0.1 adv1.videoprofessor.com
127.0.0.1 advariant.com
127.0.0.1 adventory.com
127.0.0.1 adverity.com
127.0.0.1 adverserve.net
127.0.0.1 advert.bayarea.com
127.0.0.1 advert.hi-media.com
127.0.0.1 advert.hu
127.0.0.1 adverticum.com
127.0.0.1 adverticum.net
127.0.0.1 advertiseireland.com
127.0.0.1 advertising.com
127.0.0.1 advertising.se
127.0.0.1 advertisingbanners.com
127.0.0.1 advertmarket.com
127.0.0.1 advertmedia.de
127.0.0.1 advertpro.sitepoint.com
127.0.0.1 adverts.carltononline.com
127.0.0.1 advertserve.com
127.0.0.1 advertwizard.com
127.0.0.1 adview.ppro.de
127.0.0.1 adviva.net
127.0.0.1 advlab.it
127.0.0.1 advnt.com
127.0.0.1 advnt01.com
127.0.0.1 advnt02.com
127.0.0.1 advnt03.com
127.0.0.1 advnt04.com
127.0.0.1 advspot.com
127.0.0.1 adware.hu
127.0.0.1 adwealth.com
127.0.0.1 adweb.integctr.com
127.0.0.1 adworldnetwork.com
127.0.0.1 adworx.at
127.0.0.1 adx.allstar.cz
127.0.0.1 adx.arip.co.th
127.0.0.1 adx.atnext.com
127.0.0.1 adx.nu
127.0.0.1 ady.arip.co.th
127.0.0.1 adz.afterdawn.net
127.0.0.1 affiliate.1800flowers.com
127.0.0.1 affiliate.7host.com
127.0.0.1 affiliate.cfdebt.com
127.0.0.1 affiliate.doubleyourdating.com
127.0.0.1 affiliate.dtiserv.com
127.0.0.1 affiliate.gamestop.com
127.0.0.1 affiliate.grasscity.com
127.0.0.1 affiliate.travelnow.com
127.0.0.1 affiliate.viator.com
127.0.0.1 affiliatefuel.com
127.0.0.1 affiliates.allposters.com
127.0.0.1 affiliates.internationaljock.com
127.0.0.1 affiliatetracking.net
127.0.0.1 affiliplus.de
127.0.0.1 afiliados.submarino.com.br
127.0.0.1 ah-ha.com
127.0.0.1 aim4media.com
127.0.0.1 alladvantage.com
127.0.0.1 amedia.techies.com
127.0.0.1 app.lstdesign.com
127.0.0.1 arc1.msn.com
127.0.0.1 as.cmpnet.com
127.0.0.1 as.fotexnet.hu
127.0.0.1 as1.falkag.de
127.0.0.1 as2.falkag.de
127.0.0.1 as3.falkag.de
127.0.0.1 as4.falkag.de
127.0.0.1 as5000.com
127.0.0.1 asv.gameplanet.co.nz
127.0.0.1 atdmt.com
127.0.0.1 atwola.com
127.0.0.1 audit.median.hu
127.0.0.1 audit.webinform.hu
127.0.0.1 autohits.dk
127.0.0.1 avatarresources.com
127.0.0.1 avenuea.com
127.0.0.1 avres.net
127.0.0.1 awarez.net
127.0.0.1 awrz.net
127.0.0.1 azjmp.com
127.0.0.1 azoogleads.com
127.0.0.1 babs.tv2.dk
127.0.0.1 backbeatmedia.com
127.0.0.1 banerovec.cz
127.0.0.1 banex.cz
127.0.0.1 banik.redigy.cz
127.0.0.1 banman.cz
127.0.0.1 banner.ad.nu
127.0.0.1 banner.buempliz-online.ch
127.0.0.1 banner.casino.net
127.0.0.1 banner.casinodelrio.com
127.0.0.1 banner.coza.com
127.0.0.1 banner.cz
127.0.0.1 banner.easyspace.com
127.0.0.1 banner.elisa.net
127.0.0.1 banner.getgo.de
127.0.0.1 banner.img.co.za
127.0.0.1 banner.inyourpocket.com
127.0.0.1 banner.jobsahead.com
127.0.0.1 banner.kiev.ua
127.0.0.1 banner.linux.se
127.0.0.1 banner.media-system.de
127.0.0.1 banner.mindshare.de
127.0.0.1 banner.musikmedia.de
127.0.0.1 banner.nixnet.cz
127.0.0.1 banner.noblepoker.com
127.0.0.1 banner.northsky.com
127.0.0.1 banner.orb.net
127.0.0.1 banner.penguin.cz
127.0.0.1 banner.relcom.ru
127.0.0.1 banner.rojakpot.com
127.0.0.1 banner.t-online.de
127.0.0.1 banner.tanto.de
127.0.0.1 banner.tpage.com
127.0.0.1 banner.webmersion.com
127.0.0.1 banner4all.dk
127.0.0.1 bannerads.de
127.0.0.1 bannerads.zwire.com
127.0.0.1 bannerbank.ru
127.0.0.1 bannerbox.hu
127.0.0.1 bannerboxes.com
127.0.0.1 bannercommunity.de
127.0.0.1 bannerexchange.cjb.net
127.0.0.1 bannerhost.com
127.0.0.1 bannerhosts.com
127.0.0.1 bannerimage.com
127.0.0.1 bannerlandia.com.ar
127.0.0.1 bannermall.com
127.0.0.1 bannermarkt.nl
127.0.0.1 bannerpower.com
127.0.0.1 banners.adultfriendfinder.com
127.0.0.1 banners.amigos.com
127.0.0.1 banners.arachne.cz
127.0.0.1 banners.asiafriendfinder.com
127.0.0.1 banners.babylon-x.com
127.0.0.1 banners.babylonbucks.com
127.0.0.1 banners.bol.com.br
127.0.0.1 banners.clubseventeen.com
127.0.0.1 banners.czi.cz
127.0.0.1 banners.de.clara.net
127.0.0.1 banners.directnic.com
127.0.0.1 banners.dot.tk
127.0.0.1 banners.easydns.com
127.0.0.1 banners.ebay.com
127.0.0.1 banners.freett.com
127.0.0.1 banners.friendfinder.com
127.0.0.1 banners.friendsfinder.com
127.0.0.1 banners.hetnet.nl
127.0.0.1 banners.internetsexprovider.com
127.0.0.1 banners.iq.pl
127.0.0.1 banners.isoftmarketing.com
127.0.0.1 banners.kfmb.com
127.0.0.1 banners.lifeserv.com
127.0.0.1 banners.linkbuddies.com
127.0.0.1 banners.netcraft.com
127.0.0.1 banners.one2one.com
127.0.0.1 banners.resultonline.com
127.0.0.1 banners.sexsearch.com
127.0.0.1 banners.tucson.com
127.0.0.1 banners.uk.clara.net
127.0.0.1 banners.wunderground.com
127.0.0.1 bannerserver.com
127.0.0.1 bannerserver.gator.com
127.0.0.1 bannersgomlm.com
127.0.0.1 bannersng.yell.com
127.0.0.1 bannerspace.com
127.0.0.1 bannerswap.com
127.0.0.1 bannertesting.com
127.0.0.1 bannieres.acces-contenu.com
127.0.0.1 bans.bride.ru
127.0.0.1 bansrv1.n1media.com
127.0.0.1 barnesandnoble.bfast.com
127.0.0.1 bbmedia.cz
127.0.0.1 bbn.img.com.ua
127.0.0.1 bestsearch.net
127.0.0.1 bidclix.com
127.0.0.1 bidclix.net
127.0.0.1 bigads.guj.de
127.0.0.1 bigbangmedia.com
127.0.0.1 billboard.cz
127.0.0.1 bizad.nikkeibp.co.jp
127.0.0.1 bizban.net
127.0.0.1 blast4traffic.com
127.0.0.1 blazefind.com
127.0.0.1 blogads.com
127.0.0.1 bluehavenmedia.com
127.0.0.1 bluestreak.com
127.0.0.1 bm.annonce.cz
127.0.0.1 bn.bfast.com
127.0.0.1 bnr.volgocity.ru
127.0.0.1 boom.ro
127.0.0.1 bpath.com
127.0.0.1 bravenet.com
127.0.0.1 bridgetrack.com
127.0.0.1 british-banners.com
127.0.0.1 bs.yandex.ru
127.0.0.1 bs001.gmx.net
127.0.0.1 bs002.gmx.net
127.0.0.1 bs003.gmx.net
127.0.0.1 bs004.gmx.net
127.0.0.1 bs005.gmx.net
127.0.0.1 bs006.gmx.net
127.0.0.1 bs007.gmx.net
127.0.0.1 bs008.gmx.net
127.0.0.1 bs009.gmx.net
127.0.0.1 bs010.gmx.net
127.0.0.1 bs011.gmx.net
127.0.0.1 bs012.gmx.net
127.0.0.1 bs013.gmx.net
127.0.0.1 bs014.gmx.net
127.0.0.1 bs015.gmx.net
127.0.0.1 bs016.gmx.net
127.0.0.1 bs017.gmx.net
127.0.0.1 bs018.gmx.net
127.0.0.1 bs019.gmx.net
127.0.0.1 bs020.gmx.net
127.0.0.1 bs021.gmx.net
127.0.0.1 bs022.gmx.net
127.0.0.1 bs023.gmx.net
127.0.0.1 bs024.gmx.net
127.0.0.1 bs025.gmx.net
127.0.0.1 bs026.gmx.net
127.0.0.1 bs027.gmx.net
127.0.0.1 bs028.gmx.net
127.0.0.1 bs029.gmx.net
127.0.0.1 bs030.gmx.net
127.0.0.1 bs031.gmx.net
127.0.0.1 bs032.gmx.net
127.0.0.1 bs033.gmx.net
127.0.0.1 bs034.gmx.net
127.0.0.1 bs035.gmx.net
127.0.0.1 bs036.gmx.net
127.0.0.1 bs037.gmx.net
127.0.0.1 bs038.gmx.net
127.0.0.1 bs039.gmx.net
127.0.0.1 bs040.gmx.net
127.0.0.1 bs041.gmx.net
127.0.0.1 bs042.gmx.net
127.0.0.1 bs043.gmx.net
127.0.0.1 bs044.gmx.net
127.0.0.1 bs045.gmx.net
127.0.0.1 bs046.gmx.net
127.0.0.1 bs047.gmx.net
127.0.0.1 bs048.gmx.net
127.0.0.1 bs049.gmx.net
127.0.0.1 budsinc.com
127.0.0.1 burstnet.akadns.net
127.0.0.1 burstnet.com
127.0.0.1 businessfactory.prospero.com
127.0.0.1 c.bigmir.net
127.0.0.1 c1.nowlinux.com
127.0.0.1 candidclicks.com
127.0.0.1 casalemedia.com
127.0.0.1 casalmedia.com
127.0.0.1 cash4banner.com
127.0.0.1 cash4banner.de
127.0.0.1 cash4popup.de
127.0.0.1 cashfiesta.com
127.0.0.1 cashpartner.com
127.0.0.1 cashpartner.net
127.0.0.1 casinogames.com
127.0.0.1 casinorewards.com
127.0.0.1 casinotraffic.com
127.0.0.1 casinotreasure.com
127.0.0.1 cat.clx.ru
127.0.0.1 cben1.net
127.0.0.1 cbx.net
127.0.0.1 cdn2.adsdk.com
127.0.0.1 centrport.net
127.0.0.1 cgicounter.puretec.de
127.0.0.1 ch.questionmarket.com
127.0.0.1 chart.dk
127.0.0.1 checkm8.com
127.0.0.1 chestionar.ro
127.0.0.1 ciaoclick.com
127.0.0.1 cibleclick.com
127.0.0.1 cityads.telus.net
127.0.0.1 cj.com
127.0.0.1 cjbmanagement.com
127.0.0.1 claria.com
127.0.0.1 click-fr.com
127.0.0.1 click.absoluteagency.com
127.0.0.1 click.fool.co.uk
127.0.0.1 click.fool.com
127.0.0.1 click.go2net.com
127.0.0.1 click2freemoney.com
127.0.0.1 click2paid.com
127.0.0.1 click4click.com
127.0.0.1 clickability.com
127.0.0.1 clickagents.com
127.0.0.1 clickbank.com
127.0.0.1 clickbank.net
127.0.0.1 clickbroker.com
127.0.0.1 clickbrokers.com
127.0.0.1 clickcash.webpower.com
127.0.0.1 clickedyclick.com
127.0.0.1 clickfinders.com
127.0.0.1 clickforwebmasters.com
127.0.0.1 clickhere.foronlinegames.com
127.0.0.1 clickhereforcellphones.com
127.0.0.1 clickhouse.com
127.0.0.1 clickhype.com
127.0.0.1 clickmedia.ro
127.0.0.1 clicks.equantum.com
127.0.0.1 clicks.jackpot.com
127.0.0.1 clicks.mods.de
127.0.0.1 clicks.stripsaver.com
127.0.0.1 clickserve.cc-dt.com
127.0.0.1 clicksor.com
127.0.0.1 clickthrutraffic.com
127.0.0.1 clicktracks.com
127.0.0.1 clicktrade.com
127.0.0.1 clickxchange.com
127.0.0.1 clickz.com
127.0.0.1 clictrafic.com
127.0.0.1 clients.tbo.com
127.0.0.1 clixgalore.com
127.0.0.1 cnt.one.ru
127.0.0.1 cnt1.pocitadlo.cz
127.0.0.1 code-server.biz
127.0.0.1 colonize.com
127.0.0.1 comclick.com
127.0.0.1 commission-junction.com
127.0.0.1 commissionmonster.com
127.0.0.1 commonname.com
127.0.0.1 compactbanner.com
127.0.0.1 comprabanner.it
127.0.0.1 contextclick.com
127.0.0.1 cookies.cmpnet.com
127.0.0.1 cornflakes.pathfinder.com
127.0.0.1 count.rin.ru
127.0.0.1 counted.com
127.0.0.1 counter.bloke.com
127.0.0.1 counter.cnw.cz
127.0.0.1 counter.cz
127.0.0.1 counter.nowlinux.com
127.0.0.1 counter.rambler.ru
127.0.0.1 counter.search.bg
127.0.0.1 counter.times.lv
127.0.0.1 counter.webtrends.net
127.0.0.1 counter.yadro.ru
127.0.0.1 counters.honesty.com
127.0.0.1 counts.tucows.com
127.0.0.1 coupling-media.de
127.0.0.1 crazypopups.com
127.0.0.1 creative.whi.co.nz
127.0.0.1 creatives.as4x.tmcs.net
127.0.0.1 cserver.mii.instacontent.net
127.0.0.1 ctnetwork.hu
127.0.0.1 ctxtads.overture.com
127.0.0.1 custom-click.com
127.0.0.1 customad.cnn.com
127.0.0.1 cyberbounty.com
127.0.0.1 cybercount.com
127.0.0.1 cybereps.com
127.0.0.1 cybermonitor.com
127.0.0.1 cydoor.com
127.0.0.1 datingadvertising.com
127.0.0.1 dbbsrv.com
127.0.0.1 dcad.tnn.net
127.0.0.1 dclk.net
127.0.0.1 de.rottentomatoes.com
127.0.0.1 dealhelper.com
127.0.0.1 default-homepage-network.com
127.0.0.1 deloo.de
127.0.0.1 desktop.kazaa.com
127.0.0.1 dgm2.com
127.0.0.1 dgmaustralia.com
127.0.0.1 dialerporn.com
127.0.0.1 didtheyreadit.com
127.0.0.1 digits.com
127.0.0.1 direct-revenue.com
127.0.0.1 direct.lbe.ru
127.0.0.1 directleads.com
127.0.0.1 directtrack.com
127.0.0.1 directwebsearch.net
127.0.0.1 discountclick.com
127.0.0.1 divicash.com
127.0.0.1 dnads.directnic.com
127.0.0.1 domainsponsor.com
127.0.0.1 domainsteam.de
127.0.0.1 doubleclic.com
127.0.0.1 doubleclick.com
127.0.0.1 doubleclick.de
127.0.0.1 doubleclick.net
127.0.0.1 drinkmy.com
127.0.0.1 dw.com.com
127.0.0.1 e-bannerx.com
127.0.0.1 e2give.com
127.0.0.1 eadexchange.com
127.0.0.1 eads.com
127.0.0.1 ecoupons.com
127.0.0.1 elitetoplist.com
127.0.0.1 emarketer.com
127.0.0.1 emarketmakers.com
127.0.0.1 engage.everyone.net
127.0.0.1 engage.omaha.com
127.0.0.1 engine.awaps.net
127.0.0.1 engine.espace.netavenir.com
127.0.0.1 enginenetwork.com
127.0.0.1 entercasino.com
127.0.0.1 erotic-ad.com
127.0.0.1 escati.linkopp.net
127.0.0.1 eshopads2.com
127.0.0.1 espotting.com
127.0.0.1 estats.com
127.0.0.1 etracker.de
127.0.0.1 eu-adcenter.net
127.0.0.1 euniverseads.com
127.0.0.1 euro4banner.com
127.0.0.1 europeanbanners.com
127.0.0.1 euros4click.de
127.0.0.1 eusta.de
127.0.0.1 exchange-it.com
127.0.0.1 exchange.bg
127.0.0.1 exchangead.com
127.0.0.1 exchangeclicksonline.com
127.0.0.1 exit76.com
127.0.0.1 exitexchange.com
127.0.0.1 exitfuel.com
127.0.0.1 ext4.price.ru
127.0.0.1 extreme-dm.com
127.0.0.1 eyeblaster-bs.com
127.0.0.1 eyeblaster.com
127.0.0.1 eyewonder.com
127.0.0.1 ezula.com
127.0.0.1 f1organizer.com
127.0.0.1 falkag.de
127.0.0.1 falkag.net
127.0.0.1 fast-adv.it
127.0.0.1 fastclick.com
127.0.0.1 fastclick.com.edgesuite.net
127.0.0.1 fastclick.net
127.0.0.1 fastcounter.bcentral.com
127.0.0.1 feedbackresearch.com
127.0.0.1 ffxcam.fairfax.com.au
127.0.0.1 findcommerce.com
127.0.0.1 findyourcasino.com
127.0.0.1 fineclicks.com
127.0.0.1 first.nova.cz
127.0.0.1 flexbanner.com
127.0.0.1 flowgo.com
127.0.0.1 fmads.osdn.com
127.0.0.1 focalex.com
127.0.0.1 fragmentserv.iac-online.de
127.0.0.1 free-banners.com
127.0.0.1 freebanner.com
127.0.0.1 freelogs.com
127.0.0.1 freestat.pl
127.0.0.1 freestats.com
127.0.0.1 freewebcounter.com
127.0.0.1 *BLEEP*-access.com
127.0.0.1 g-wizzads.net
127.0.0.1 galaxien.com
127.0.0.1 gamblingbanner.com
127.0.0.1 gamehouse.com
127.0.0.1 gator.com
127.0.0.1 gcads.osdn.com
127.0.0.1 gcirm.californianonline.com
127.0.0.1 gemius.pl
127.0.0.1 giftsky.org
127.0.0.1 globaltrack.com
127.0.0.1 go-clicks.de
127.0.0.1 goingplatinum.com
127.0.0.1 gold.weborama.fr
127.0.0.1 goldstats.com
127.0.0.1 googlesyndication.com
127.0.0.1 gorillanation.com
127.0.0.1 gostats.com
127.0.0.1 gp.dejanews.com
127.0.0.1 grafstat.ro
127.0.0.1 herbalaffiliateprogram.com
127.0.0.1 hexusads.fluent.ltd.uk
127.0.0.1 hightrafficads.com
127.0.0.1 hit.bg
127.0.0.1 hit.gemius.pl
127.0.0.1 hit.webcentre.lycos.co.uk
127.0.0.1 hitbox.com
127.0.0.1 hitcents.com
127.0.0.1 hitexchange.net
127.0.0.1 hitfarm.com
127.0.0.1 hitlist.ru
127.0.0.1 hitlogger.com
127.0.0.1 hitlounge.com
127.0.0.1 hitometer.com
127.0.0.1 hits4me.com
127.0.0.1 hitslink.com
127.0.0.1 hotlog.ru
127.0.0.1 hotrank.com.tw
127.0.0.1 hotstatistics.com
127.0.0.1 httpads.com
127.0.0.1 httpool.com
127.0.0.1 humanclick.com
127.0.0.1 hurricanedigitalmedia.com
127.0.0.1 hyperbanner.net
127.0.0.1 hypercount.com
127.0.0.1 i-clicks.net
127.0.0.1 i1img.com
127.0.0.1 iad.liveperson.net
127.0.0.1 iadnet.com
127.0.0.1 idot.cz
127.0.0.1 igads.no.publicus.com
127.0.0.1 ilbanner.com
127.0.0.1 ilead.itrack.it
127.0.0.1 iliillliO00OO0.321.cn
127.0.0.1 image.ugo.com
127.0.0.1 imageads.canoe.ca
127.0.0.1 images.v3.com
127.0.0.1 imaginemedia.com
127.0.0.1 img.bannersxchange.com
127.0.0.1 imonitor.nethost.cz
127.0.0.1 imprese.cz
127.0.0.1 impressionz.co.uk
127.0.0.1 imrworldwide.com
127.0.0.1 inboxdollars.com
127.0.0.1 inc.com
127.0.0.1 indieclick.com
127.0.0.1 industrybrains.com
127.0.0.1 inet-traffic.com
127.0.0.1 infinite-ads.com
127.0.0.1 information.com
127.0.0.1 insightexpress.com
127.0.0.1 instacontent.net
127.0.0.1 instantmadness.com
127.0.0.1 intelliads.com
127.0.0.1 intellitxt.com
127.0.0.1 internet-optimizer.com
127.0.0.1 internetfuel.com
127.0.0.1 interreklame.de
127.0.0.1 ip.ro
127.0.0.1 ireklama.cz
127.0.0.1 is.casalemedia.com
127.0.0.1 itadnetwork.co.uk
127.0.0.1 itbannerexchange.com
127.0.0.1 itfarm.com
127.0.0.1 itop.cz
127.0.0.1 iwin.com
127.0.0.1 j.2004cms.com
127.0.0.1 jbeet.cjt1.net
127.0.0.1 jcontent.bns1.net
127.0.0.1 jcount.com
127.0.0.1 jedonkey.cjt1.net
127.0.0.1 jinisearch.co.uk
127.0.0.1 jkazaa.cjt1.net
127.0.0.1 jnova.cjt1.net
127.0.0.1 joetec.net
127.0.0.1 jokedollars.com
127.0.0.1 justwebads.com
127.0.0.1 kanoodle.com
127.0.0.1 kliks.nl
127.0.0.1 klipads.dvlabs.com
127.0.0.1 kliptracker.com
127.0.0.1 klix.cz
127.0.0.1 labeldaily.com
127.0.0.1 laih.com
127.0.0.1 lbn.ru
127.0.0.1 leadingedgecash.com
127.0.0.1 lightningcast.net
127.0.0.1 lightspeedcash.com
127.0.0.1 link4ads.com
127.0.0.1 linkbuddies.com
127.0.0.1 linkexchange.com
127.0.0.1 linkexchange.ru
127.0.0.1 linkprice.com
127.0.0.1 linkreferral.com
127.0.0.1 linksponsor.com
127.0.0.1 linkswaper.com
127.0.0.1 linksynergy.com
127.0.0.1 liquidad.narrowcastmedia.com
127.0.0.1 lnads.osdn.com
127.0.0.1 log.btopenworld.com
127.0.0.1 log.go.com
127.0.0.1 logging.to
127.0.0.1 logs.erasmas.com
127.0.0.1 look2me.com
127.0.0.1 lop.com
127.0.0.1 lstat.susanin.com
127.0.0.1 m.doubleclick.net
127.0.0.1 mads.gamespot.com
127.0.0.1 mainos2.mtv3.fi
127.0.0.1 marketbanker.com
127.0.0.1 marketing.centrebet.com
127.0.0.1 marketing.nyi.com
127.0.0.1 marketing.nyi.net
127.0.0.1 marketscore.com
127.0.0.1 mastermind.com
127.0.0.1 masterstats.com
127.0.0.1 matchcraft.com
127.0.0.1 maximumcash.com
127.0.0.1 maxserving.com
127.0.0.1 mbuyu.nl
127.0.0.1 media-adrunner.mycomputer.com
127.0.0.1 media-motor.net
127.0.0.1 media.bigstep.com
127.0.0.1 media.ftv-publicite.fr
127.0.0.1 mediacharger.com
127.0.0.1 mediadvertising.ro
127.0.0.1 mediageneral.com
127.0.0.1 mediamgr.ugo.com
127.0.0.1 mediaplazza.com
127.0.0.1 mediaplex.com
127.0.0.1 mediascale.de
127.0.0.1 mediavantage.de
127.0.0.1 megacash.de
127.0.0.1 megago.com
127.0.0.1 megawerbung.de
127.0.0.1 memorix.sdv.fr
127.0.0.1 metaad.econet.hu
127.0.0.1 metrics.webcriteria.net
127.0.0.1 microstatic.pl
127.0.0.1 microticker.com
127.0.0.1 mindseti.com
127.0.0.1 mirror.qkimg.net
127.0.0.1 mjxads.internet.com
127.0.0.1 mkt.cz
127.0.0.1 mojobucks.com
127.0.0.1 monsterpops.com
127.0.0.1 mostcash.com
127.0.0.1 ms-links.com
127.0.0.1 msads.net
127.0.0.1 mtree.com
127.0.0.1 multi1.rmuk.co.uk
127.0.0.1 musiccounter.ru
127.0.0.1 myaffiliateprogram.com
127.0.0.1 mystat.pl
127.0.0.1 mytrix.com
127.0.0.1 n69.com
127.0.0.1 naj.sk
127.0.0.1 navrcholu.cz
127.0.0.1 nedstat.com
127.0.0.1 nedstat.nl
127.0.0.1 nedstatbasic.net
127.0.0.1 netads.hotwired.com
127.0.0.1 netads.sohu.com
127.0.0.1 netdirect.nl
127.0.0.1 netpool.netbookia.net
127.0.0.1 netvertising.be
127.0.0.1 network.realmedia.com
127.0.0.1 new-ads.eurogamer.net
127.0.0.1 newads.cmpnet.com
127.0.0.1 newnet.qsrch.com
127.0.0.1 newtopsites.com
127.0.0.1 ng3.ads.warnerbros.com
127.0.0.1 ngadcenter.net
127.0.0.1 nitroclicks.com
127.0.0.1 nsads.hotwired.com
127.0.0.1 ntbanner.digitalriver.com
127.0.0.1 oas-central.realmedia.com
127.0.0.1 oas.benchmark.fr
127.0.0.1 oas.foxnews.com
127.0.0.1 oas.roanoke.com
127.0.0.1 oas.salon.com
127.0.0.1 oas.signonsandiego.com
127.0.0.1 oas.toronto.com
127.0.0.1 oas.uniontrib.com
127.0.0.1 oas.villagevoice.com
127.0.0.1 oascentral.chicagobusiness.com
127.0.0.1 oascentral.redherring.com
127.0.0.1 oascentral.theonion.com
127.0.0.1 oascentral.thesmokinggun.com
127.0.0.1 oasis.promon.cz
127.0.0.1 observer.cz
127.0.0.1 offeroptimizer.com
127.0.0.1 oneandonlynetwork.com
127.0.0.1 onestat.com
127.0.0.1 onresponse.com
127.0.0.1 openad.infobel.com
127.0.0.1 openad.travelnow.com
127.0.0.1 overpeer.com
127.0.0.1 overpro.com
127.0.0.1 overture.com
127.0.0.1 oxcash.com
127.0.0.1 p5.omaha.com
127.0.0.1 partner-ads.com
127.0.0.1 partner-source.com
127.0.0.1 partner.gonamic.de
127.0.0.1 partner.topcities.com
127.0.0.1 partner2profit.com
127.0.0.1 partnerkonto.de
127.0.0.1 partners.priceline.com
127.0.0.1 partners.starnetsystems.net
127.0.0.1 paycounter.com
127.0.0.1 paypopup.com
127.0.0.1 payserve.com
127.0.0.1 pbnet.ru
127.0.0.1 pcwizz.com
127.0.0.1 pennyweb.com
127.0.0.1 phoenix-adrunner.mycomputer.com
127.0.0.1 phpads.i-merge.net
127.0.0.1 pillscash.com
127.0.0.1 pimproll.com
127.0.0.1 planetactive.com
127.0.0.1 play4traffic.com
127.0.0.1 pointroll.com
127.0.0.1 pops.freeze.com
127.0.0.1 popup.msn.com
127.0.0.1 popupad.net
127.0.0.1 popupmoney.com
127.0.0.1 popupnation.com
127.0.0.1 popups.infostart.com
127.0.0.1 popupsponsor.com
127.0.0.1 popuptraffic.com
127.0.0.1 porntrack.com
127.0.0.1 postmasterbannernet.com
127.0.0.1 precisioncounter.com
127.0.0.1 premium-offers.com
127.0.0.1 premiumcash.de
127.0.0.1 primaryads.com
127.0.0.1 primetime.net
127.0.0.1 pro-advertising.com
127.0.0.1 profero.com
127.0.0.1 professorbanner.com
127.0.0.1 promote.pair.com
127.0.0.1 promozia.de
127.0.0.1 provexia.com
127.0.0.1 psstt.com
127.0.0.1 pub-g.ifrance.com
127.0.0.1 pub.club-internet.fr
127.0.0.1 pub.hardware.fr
127.0.0.1 pub.realmedia.fr
127.0.0.1 publi.grupocorreo.es
127.0.0.1 publi1.grupocorreo.es
127.0.0.1 publi2.grupocorreo.es
127.0.0.1 publiads.com
127.0.0.1 publicidad.elmundo.es
127.0.0.1 publicidad.ya.com
127.0.0.1 pubs.branchez-vous.com
127.0.0.1 pubs.lemonde.fr
127.0.0.1 q.azcentral.com
127.0.0.1 qckjmp.com
127.0.0.1 qksrv.net
127.0.0.1 quarterserver.de
127.0.0.1 questaffiliates.net
127.0.0.1 quinst.com
127.0.0.1 r.hotwired.com
127.0.0.1 r.kde.cz
127.0.0.1 rad.msn.com
127.0.0.1 radiate.com
127.0.0.1 rampidads.com
127.0.0.1 ranking-charts.de
127.0.0.1 ranking-hits.de
127.0.0.1 rankyou.com
127.0.0.1 rate.ru
127.0.0.1 rb1.design.ru
127.0.0.1 realads.realmedia.com
127.0.0.1 realclix.com
127.0.0.1 realmedia-a800.d4p.net
127.0.0.1 realtechnetwork.com
127.0.0.1 realtechnetwork.net
127.0.0.1 realtracker.com
127.0.0.1 redsherriff.com
127.0.0.1 referralware.com
127.0.0.1 regnow.com
127.0.0.1 reklam.rfsl.se
127.0.0.1 reklama.internet.cz
127.0.0.1 reklama.reflektor.cz
127.0.0.1 relmaxtop.com
127.0.0.1 remotead.cnet.com
127.0.0.1 reply.mediatris.net
127.0.0.1 retaildirect.realmedia.com
127.0.0.1 revenue.net
127.0.0.1 rewardster.com
127.0.0.1 richmails.com
127.0.0.1 richwebmaster.com
127.0.0.1 rightmedia.net
127.0.0.1 rightstats.com
127.0.0.1 rl.auto.ru
127.0.0.1 rle.ru
127.0.0.1 rmads.msn.com
127.0.0.1 rmedia.boston.com
127.0.0.1 rnd.yxo.ru
127.0.0.1 roar.com
127.0.0.1 roings.com
127.0.0.1 roosevelt.gjbig.com
127.0.0.1 rose.ixbt.com
127.0.0.1 rotabanner.dni.ru
127.0.0.1 rotabanner.izvestia.ru
127.0.0.1 rotabanner.rian.ru
127.0.0.1 rpts.net
127.0.0.1 ru-traffic.com
127.0.0.1 ru4.com
127.0.0.1 safe-audit.com
127.0.0.1 safelists.com
127.0.0.1 sageanalyst.net
127.0.0.1 searchlocate.com
127.0.0.1 searchramp.com
127.0.0.1 secure.webconnect.net
127.0.0.1 seeq.com
127.0.0.1 seo4india.com
127.0.0.1 separtnership.com
127.0.0.1 serv0.com
127.0.0.1 servads.aip.org
127.0.0.1 servedby.netshelter.net
127.0.0.1 servethis.com
127.0.0.1 serving-sys.com
127.0.0.1 sexcounter.com
127.0.0.1 sexlist.com
127.0.0.1 sextracker.com
127.0.0.1 sfads.osdn.com
127.0.0.1 shareasale.com
127.0.0.1 sher.index.hu
127.0.0.1 shinystat.it
127.0.0.1 siccash.com
127.0.0.1 sidebar.angelfire.com
127.0.0.1 sitemeter.com
127.0.0.1 sma.punto.net
127.0.0.1 smartadserver.com
127.0.0.1 smartclicks.net
127.0.0.1 smartdirect.com
127.0.0.1 smfgroup.cjb.net
127.0.0.1 smile.modchipstore.com
127.0.0.1 sn.baventures.com
127.0.0.1 softclick.com.br
127.0.0.1 software.global-netcom.de
127.0.0.1 softwaresponsor.com
127.0.0.1 specificclick.com
127.0.0.1 specificpop.com
127.0.0.1 spezialreporte.de
127.0.0.1 spinbox.maccentral.com
127.0.0.1 spinbox.net
127.0.0.1 spinbox.techtracker.com
127.0.0.1 spinbox.versiontracker.com
127.0.0.1 sponsor4you.net
127.0.0.1 sponsoradulto.com
127.0.0.1 sponsorpro.de
127.0.0.1 sponsors.thoughtsmedia.com
127.0.0.1 sprinks-clicks.about.com
127.0.0.1 spylog.com
127.0.0.1 spywarelabs.com
127.0.0.1 spywarenuker.com
127.0.0.1 ssads.osdn.com
127.0.0.1 starffa.com
127.0.0.1 start.freeze.com
127.0.0.1 stat.dealtime.com
127.0.0.1 stat.doxod.net
127.0.0.1 stat.pl
127.0.0.1 stat.webmedia.pl
127.0.0.1 stat.zenon.net
127.0.0.1 statcounter.com
127.0.0.1 static.itrack.it
127.0.0.1 static.smni.com
127.0.0.1 staticads.btopenworld.com
127.0.0.1 stats.blogger.com
127.0.0.1 stats.cts-bv.nl
127.0.0.1 stats.darkbluesea.com
127.0.0.1 stats.klsoft.com
127.0.0.1 stats4all.com
127.0.0.1 stop-popup-ads-now.com
127.0.0.1 sugoicounter.com
127.0.0.1 superclix.de
127.0.0.1 superstats.com
127.0.0.1 supertop.ru
127.0.0.1 supertop100.com
127.0.0.1 synergiinteractive.com
127.0.0.1 targad.de
127.0.0.1 targetnet.com
127.0.0.1 targetpoint.com
127.0.0.1 targetsaver.com
127.0.0.1 targetshop.com
127.0.0.1 teknosurf2.com
127.0.0.1 teknosurf3.com
127.0.0.1 test.com
127.0.0.1 textads.biz
127.0.0.1 textads.opera.com
127.0.0.1 textlinks.com
127.0.0.1 tfag.de
127.0.0.1 the-counter.net
127.0.0.1 theanswerto.com
127.0.0.1 thebannerguru.com
127.0.0.1 thecounter.com
127.0.0.1 thevictorynetwork.com
127.0.0.1 thinkingmedia.net
127.0.0.1 thisbanner.com
127.0.0.1 thruport.com
127.0.0.1 tier1network.com
127.0.0.1 tinybar.com
127.0.0.1 tmsads.tribune.com
127.0.0.1 toads.osdn.com
127.0.0.1 toolbar.netscape.com
127.0.0.1 top.list.ru
127.0.0.1 top.one.ru
127.0.0.1 top.proext.com
127.0.0.1 top100-images.rambler.ru
127.0.0.1 top100.mafia.ru
127.0.0.1 top20.com
127.0.0.1 topbarh.box.sk
127.0.0.1 toplist.cz
127.0.0.1 toplista.mw.hu
127.0.0.1 topping.com.ua
127.0.0.1 topprofits.info
127.0.0.1 toprebates.com
127.0.0.1 topsearcher.com
127.0.0.1 topshop-counter.rambler.ru
127.0.0.1 topstats.com
127.0.0.1 topstats.net
127.0.0.1 tps108.org
127.0.0.1 track.freexxxhost.net
127.0.0.1 tracking.frantic.com
127.0.0.1 tracking101.com
127.0.0.1 trackmysales.com
127.0.0.1 tradedoubler.com
127.0.0.1 traffic-exchange.com
127.0.0.1 trafficdiscount.com
127.0.0.1 trafficmp.com
127.0.0.1 trafficswarm.com
127.0.0.1 trafficsyndicate.com
127.0.0.1 traffictrader.net
127.0.0.1 trafficvenue.net
127.0.0.1 trafic.ro
127.0.0.1 traficdublu.ro
127.0.0.1 trafix.sk
127.0.0.1 trakkerd.net
127.0.0.1 trekblue.com
127.0.0.1 trekdata.com
127.0.0.1 tribalfusion.com
127.0.0.1 trix.net
127.0.0.1 truehits.net
127.0.0.1 truehits1.gits.net.th
127.0.0.1 truehits2.gits.net.th
127.0.0.1 tsms-ad.tsms.com
127.0.0.1 ukaffiliates2.com
127.0.0.1 ukbanners.com
127.0.0.1 ultimatecounter.com
127.0.0.1 updated.com
127.0.0.1 us.a1.yimg.com
127.0.0.1 usapromotravel.com
127.0.0.1 usmsad.tom.com
127.0.0.1 utarget.co.uk
127.0.0.1 utils.mediageneral.net
127.0.0.1 valuead.com
127.0.0.1 valueclick.com
127.0.0.1 valueclick.net
127.0.0.1 valuecommerce.com
127.0.0.1 valuesponsor.com
127.0.0.1 vendaregroup.com
127.0.0.1 vericlick.com
127.0.0.1 vg.ad.asap-asp.net
127.0.0.1 vibrantmedia.com
127.0.0.1 view4cash.de
127.0.0.1 viewpoint.com
127.0.0.1 vortextraffic.com
127.0.0.1 vx2.cc
127.0.0.1 w3exit.com
127.0.0.1 wannaclick.com
127.0.0.1 web-stat.com
127.0.0.1 web2.deja.com
127.0.0.1 webads.bizservers.com
127.0.0.1 webads.co.nz
127.0.0.1 webads.nl
127.0.0.1 webangel.ru
127.0.0.1 webcash.nl
127.0.0.1 webcounter.cz
127.0.0.1 webcounter.goweb.de
127.0.0.1 webmasterplan.com
127.0.0.1 webpdp.gator.com
127.0.0.1 webpower.com
127.0.0.1 websitefreepromotions.com
127.0.0.1 websponsors.com
127.0.0.1 webstars2000.com
127.0.0.1 webstat.com
127.0.0.1 webstat.net
127.0.0.1 webtraxx.de
127.0.0.1 webtrendslive.com
127.0.0.1 wegcash.com
127.0.0.1 wenksdisdkjeilsow.com
127.0.0.1 whenu.com
127.0.0.1 whispa.com
127.0.0.1 window.nixnet.cz
127.0.0.1 windupdates.com
127.0.0.1 wipub.com
127.0.0.1 worldbe.com
127.0.0.1 wtlive.com
127.0.0.1 wustat.windows.com
127.0.0.1 www-banner.chat.ru
127.0.0.1 www.adsxchange.lv
127.0.0.1 www.banner-link.com.br
127.0.0.1 www.dnps.com
127.0.0.1 www.kaplanindex.com
127.0.0.1 www.money4exit.de
127.0.0.1 www.photo-ads.co.uk
127.0.0.1 www.sponsor2002.de
127.0.0.1 x.mycity.com
127.0.0.1 xchange.ro
127.0.0.1 xiti.com
127.0.0.1 xq1.net
127.0.0.1 xtrocash.org
127.0.0.1 xxxcounter.com
127.0.0.1 xxxtoolbar.com
127.0.0.1 xzoomy.com
127.0.0.1 y.ibsys.com
127.0.0.1 yesadvertising.com
127.0.0.1 youclick2earn.com
127.0.0.1 z.times.lv
127.0.0.1 zanox-affiliate.de
127.0.0.1 zanox.com
127.0.0.1 zeads.com
127.0.0.1 zedo.com
127.0.0.1 zencudo.co.uk
127.0.0.1 zi.r.tv.com
127.0.0.1 zmedia.com

20 Great Google Secrets

2007-11-11T04:12:00.000-08:00

http://www.pcmag.com/article2/0,4149,1306756,00.asp

excl.gif No Active Links, Read the Rules - Edit by Ninja excl.gif

Google is clearly the best general-purpose search engine on the Web (see

www.pcmag.com/searchengines

But most people don't use it to its best advantage. Do you just plug in a keyword or two and hope for the best? That may be the quickest way to search, but with more than 3 billion pages in Google's index, it's still a struggle to pare results to a manageable number.

But Google is an remarkably powerful tool that can ease and enhance your Internet exploration. Google's search options go beyond simple keywords, the Web, and even its own programmers. Let's look at some of Google's lesser-known options.

Syntax Search Tricks

Using a special syntax is a way to tell Google that you want to restrict your searches to certain elements or characteristics of Web pages. Google has a fairly complete list of its syntax elements at

www.google.com/help/operators.html

. Here are some advanced operators that can help narrow down your search results.

Intitle: at the beginning of a query word or phrase (intitle:"Three Blind Mice") restricts your search results to just the titles of Web pages.

Intext: does the opposite of intitle:, searching only the body text, ignoring titles, links, and so forth. Intext: is perfect when what you're searching for might commonly appear in URLs. If you're looking for the term HTML, for example, and you don't want to get results such as

www.mysite.com/index.html

, you can enter intext:html.

Link: lets you see which pages are linking to your Web page or to another page you're interested in. For example, try typing in

link:http://www.pcmag.com

Try using site: (which restricts results to top-level domains) with intitle: to find certain types of pages. For example, get scholarly pages about Mark Twain by searching for intitle:"Mark Twain"site:edu. Experiment with mixing various elements; you'll develop several strategies for finding the stuff you want more effectively. The site: command is very helpful as an alternative to the mediocre search engines built into many sites.

Swiss Army Google

Google has a number of services that can help you accomplish tasks you may never have thought to use Google for. For example, the new calculator feature

(www.google.com/help/features.html#calculator)

lets you do both math and a variety of conversions from the search box. For extra fun, try the query "Answer to life the universe and everything."

Let Google help you figure out whether you've got the right spelling—and the right word—for your search. Enter a misspelled word or phrase into the query box (try "thre blund mise") and Google may suggest a proper spelling. This doesn't always succeed; it works best when the word you're searching for can be found in a dictionary. Once you search for a properly spelled word, look at the results page, which repeats your query. (If you're searching for "three blind mice," underneath the search window will appear a statement such as Searched the web for "three blind mice.") You'll discover that you can click on each word in your search phrase and get a definition from a dictionary.

Suppose you want to contact someone and don't have his phone number handy. Google can help you with that, too. Just enter a name, city, and state. (The city is optional, but you must enter a state.) If a phone number matches the listing, you'll see it at the top of the search results along with a map link to the address. If you'd rather restrict your results, use rphonebook: for residential listings or bphonebook: for business listings. If you'd rather use a search form for business phone listings, try Yellow Search

(www.buzztoolbox.com/google/yellowsearch.shtml).

Extended Googling

Google offers several services that give you a head start in focusing your search. Google Groups

(http://groups.google.com)

indexes literally millions of messages from decades of discussion on Usenet. Google even helps you with your shopping via two tools: Froogle
CODE
(http://froogle.google.com),

which indexes products from online stores, and Google Catalogs
CODE
(http://catalogs.google.com),

which features products from more 6,000 paper catalogs in a searchable index. And this only scratches the surface. You can get a complete list of Google's tools and services at

www.google.com/options/index.html

You're probably used to using Google in your browser. But have you ever thought of using Google outside your browser?

Google Alert

(www.googlealert.com)

monitors your search terms and e-mails you information about new additions to Google's Web index. (Google Alert is not affiliated with Google; it uses Google's Web services API to perform its searches.) If you're more interested in news stories than general Web content, check out the beta version of Google News Alerts

(www.google.com/newsalerts).

This service (which is affiliated with Google) will monitor up to 50 news queries per e-mail address and send you information about news stories that match your query. (Hint: Use the intitle: and source: syntax elements with Google News to limit the number of alerts you get.)

Google on the telephone? Yup. This service is brought to you by the folks at Google Labs

(http://labs.google.com),

a place for experimental Google ideas and features (which may come and go, so what's there at this writing might not be there when you decide to check it out). With Google Voice Search

(http://labs1.google.com/gvs.html),

you dial the Voice Search phone number, speak your keywords, and then click on the indicated link. Every time you say a new search term, the results page will refresh with your new query (you must have JavaScript enabled for this to work). Remember, this service is still in an experimental phase, so don't expect 100 percent success.

In 2002, Google released the Google API (application programming interface), a way for programmers to access Google's search engine results without violating the Google Terms of Service. A lot of people have created useful (and occasionally not-so-useful but interesting) applications not available from Google itself, such as Google Alert. For many applications, you'll need an API key, which is available free from
CODE
www.google.com/apis

. See the figures for two more examples, and visit

www.pcmag.com/solutions

for more.

Thanks to its many different search properties, Google goes far beyond a regular search engine. Give the tricks in this article a try. You'll be amazed at how many different ways Google can improve your Internet searching.

Online Extra: More Google Tips

Here are a few more clever ways to tweak your Google searches.

Search Within a Timeframe

Daterange: (start date–end date). You can restrict your searches to pages that were indexed within a certain time period. Daterange: searches by when Google indexed a page, not when the page itself was created. This operator can help you ensure that results will have fresh content (by using recent dates), or you can use it to avoid a topic's current-news blizzard and concentrate only on older results. Daterange: is actually more useful if you go elsewhere to take advantage of it, because daterange: requires Julian dates, not standard Gregorian dates. You can find converters on the Web (such as

CODE
http://aa.usno.navy.mil/data/docs/JulianDate.html

excl.gif No Active Links, Read the Rules - Edit by Ninja excl.gif

), but an easier way is to do a Google daterange: search by filling in a form at

www.researchbuzz.com/toolbox/goofresh.shtml or www.faganfinder.com/engines/google.shtml

. If one special syntax element is good, two must be better, right? Sometimes. Though some operators can't be mixed (you can't use the link: operator with anything else) many can be, quickly narrowing your results to a less overwhelming number.

More Google API Applications

Staggernation.com offers three tools based on the Google API. The Google API Web Search by Host (GAWSH) lists the Web hosts of the results for a given query

(www.staggernation.com/gawsh/).

When you click on the triangle next to each host, you get a list of results for that host. The Google API Relation Browsing Outliner (GARBO) is a little more complicated: You enter a URL and choose whether you want pages that related to the URL or linked to the URL

(www.staggernation.com/garbo/).

Click on the triangle next to an URL to get a list of pages linked or related to that particular URL. CapeMail is an e-mail search application that allows you to send an e-mail to google@capeclear.com with the text of your query in the subject line and get the first ten results for that query back. Maybe it's not something you'd do every day, but if your cell phone does e-mail and doesn't do Web browsing, this is a very handy address to know.

GSM Smartcard Emulator Released

2007-11-11T03:34:00.000-08:00

Dateline: 0300 Hrs 25 April 1998

Hamburg Computer Chaos Club announced that they had posted the source code and excutable for a GSM SIM card emulator. The emulator (gsm_emu) runs on DOS with a SEASON type interface. The SEASON interface is the most common interface in the world for hobbyist satellite television piracy.

Though the file released contains the source and the executable, it does not include any GSM SIM ID (IMSI) or Ki. It is possible to emulate a GSM SIM with this software providing you have the IMSI and Ki from a legitimate card. The Ki can be extracted from SIMs using the standard A3/A8 algorithms using software that is available on the internet. The extraction procedure takes eight to sixteen hours and requires physical access to the card. Over-The Air attacks, though not ruled out, may not be possible using this approach as the card is challenged roughly six times a second over the eight hour period.

Some GSM operators have already declared their intent to change from this now compromised set of algorithms. Others have stated that they had not used the algorithms in the form presented and that they had opted for more secure and carefully vetted algorithms. It is believed that Vodafone, one of the leading UK GSM operators is using 3DES and a page has been set up that lists the various operators who are known not to be using the compromised versions.

The GSM MoU Association, based strangely in Dublin, came out with the usual tripe that the afflicted seem to exude when their unbreakable systems are compromised.

A press release from the GSM MoU Association on 15-04-98 referred to the "recent, unsubstantiated, reports". Well the reports turned out to be true and it looks like the GSM MoU supplied their members with duff code. No amount of blustering is going to remove the fact that A3/A8 has been compromised. Only a replacement of algorithms and the associated hardware will do that.

According to the chairman of their security group, Charles Brookson, "Our customers can be assured that GSM remains a secure technology with standards of security greater than any other mobile public network." Now this sounds exactly like the rubbish that BSkyB, News Datacom and DirecTv came out with when their systems were compromised. The security of GSM has been weakened in the interests of the Intelligence Community. The compromise of these algorithms are only the cracks in the dam. The floodburst will occur if A5 is shown to be as compromisable. Perhaps A5 may be more secure and a simple magic keyword does not exist. One thing is clear - GSM is not secure!

From...
http://www.hackwatch.com/simcard.html

Stop Piracy?

2007-11-08T23:33:00.000-08:00

Stop Piracy Daw??
Stop Piracy???aahhaha…nkktwa cla alm nyo kau..hnd nyo mppgln ang piracy hanggat marami ang gmgmt at bumibili nito…. anung mapapala nyo jan?kht anung huli nyo..hnd nyo mauubos yan…tpos sa news my kinumpiska kaung mga CPU at mga gmt sa Computer Shop…tnanung nyo n muna sna ung mayAri ng Shop bago nyo kinumpiska k dba??ska anung alm nung tao dun sa license ng hardware n gngmt nya eh…andame kyng shop na npgbblhn ng hardware sa pinas un kya ang iraid nyo at iinspect nyo kung my license dn ang tnda nila…ska ala man lng kaung ads na para sa anti-piracy anti-illegal software alm nyo kung sa software yan ok lng eh pero alm nyo?ung sa hardware?hnd pwede un kc cla bumibili lng at ni hnd nga nmn alm yang gnyn eh n pati pla mga cd burner my license edi ang hulihin nyo ung mga supplier nyang alng license na hardware n yan para maubos..hnd ung mga small time ang pngtritripan nyo…nkktwa kya kau….ahahha….alm nyo kc ang hinuhuli ung big time seller o delaer ng hardware..n alang license kc kht kumpiskhn nyo p lht ng mga hardware n alng license sa pinas hanggat hnd nhuhuli ang bigtime supplier nitong mga ntwag na non-licensed software at hardware…..
Paalala lng hah…Bago kau manghuli pwede mgng fair kau…kc syempre sbhn n ntng ung iba lam nila un..syempre kht papanu mern prn hng nkakaalam nun….kya dpt sna nglgy kau ng ads sa tv sa dyaryo sa radyo lht ng pwedeng makaabot sa lht ng pinoy sa buong pinas hnd ung hanggang papel lng ang bnbgy nyo….kc un hnd aabot sa lht ng tao sa pinas un aabot sa basurhn un ahhaha,.,,.,,.,,

At ito pa ang sbi nyo STOP PIRACY AT ITS SOURCE?bkt source ba ung mga small time n computer shop?

Ska bkt nga ba kau nanghuhuli ng mga small time lng n gmgmt ng hardware na alang license.eh ang konti lng kya nun paisaisa lng dalawa gnn ahah…..alam ko n para cguru gmtn nyo sa mga bhy nyo bkt ala kau pambili???ahahahha…..
Ito walang sakitan ah….bato-bato sa langit ang tamaan wag magagalit…

Ngpapaliwanag lang po ahahha…!!!!

The Next Leap for Linux.. Is this the end of Windows as we know it?

2007-11-08T22:52:00.001-08:00

LINUX runs the Google servers that manage billions of searches each day. It also runs the TiVo digital video recorder, the Motorola Razr cellphone and countless other electronic devices.
Multimedia
Larry Magid on What’s New With the Linux Operating System (mp3)

But why would anyone want to use Linux, an open-source operating system, to run a PC? “For a lot of people,” said Jim Zemlin, executive director of the Linux Foundation, “Linux is a political idea — an idea of freedom. They don’t want to be tied to Microsoft or Apple. They want choice. To them it’s a greater cause.”

That’s not the most compelling reason for consumers. There is the price: Linux is free, or nearly so.

Unlike Windows from Microsoft and OS X from Apple, Linux is not owned, updated or controlled by a single company. Thousands of developers around the world work on Linux, making improvements and issuing new versions several times a year. Because the core Linux software is open source, these developers have the right — some would say responsibility — to borrow from one another’s work, constantly looking for enhancements.

But Linux has always had a reputation of being difficult to install and daunting to use. Most of the popular Windows and Macintosh programs cannot be used on it, and hand-holding — not that you get that much of it with Windows — is rare. But those reasons for rejecting Linux are disappearing.

Until recently, major PC makers shied away from Linux. Now the industry is watching as Dell is selling two Linux-equipped desktop models ($549 and $870, including a monitor) and a $774 notebook PC. (Hewlett-Packard offers Linux systems to businesses, and Lenovo, the Chinese company that bought I.B.M.’s PC division, sells Linux machines in China and says it will soon offer Linux-based computers in the United States.)

The Ubuntu version of Linux runs the Dell computers. Because Dell does not have to pay a licensing fee for the operating system, the computers are $80 cheaper than PCs with Windows Vista Home Premium or $50 cheaper than the stripped-down Vista Basic edition.

Ubuntu is generally regarded as one of the more consumer-friendly versions of Linux, so the Linux PC experience is similar to what you would get with a Windows-equipped Dell. When you start the machine, the screen looks familiar; preinstalled applications can easily be found and run from an Applications menu at the top left of the screen. A “Places” menu lets you search for files, and a System menu is there for setting preferences and finding help.

And there is a lot more than just an operating system. Ubuntu, like some other Linux distributions, comes with a lot of free software, including OpenOffice, an alternative to the Microsoft Office suite with a full-featured word processor, spreadsheet, database and presentation program. It also comes with the popular Firefox Web browser as well as an e-mail program, an instant messaging program, a graphic image editor, music player and a photo manager.

Thanks to open source developers, there are thousands more free programs. An Add/Remove function actually makes finding programs easier with Linux than it is for Mac and Windows. Without having to go to Web sites, it lets you browse through categories of software. It took me only seconds to find several additional music players, a PDF reader and other programs. In addition to downloading the software, this feature installs it and finds any necessary additional files.

You do not have to buy a new Dell PC to try Linux. You can order a free CD or download a copy of Ubuntu at ubuntu.com. The Ubuntu CD can be used to install Linux on a PC’s hard drive, or you can boot from the CD to test-drive the operating system on a Windows machine or an Intel-based Mac, without having to install or delete anything. Running Ubuntu from a CD is considerably slower than from a machine’s hard drive but all the functions are there, so it’s a good way to get a feel for how it works.

One challenge for Linux users is finding media players that work with encrypted music and DVDs. Ubuntu comes with a movie player, but it is not automatically configured to play copy-protected commercial DVDs. To watch a movie, the Linux user must install necessary codecs, or decoders. One way to do that is to first download a program called Automatix from www.getautomatix.com.

When you run that program you get an ominous warning that downloading and installing “non-free codecs without paying a fee to the concerned authorities constitutes a CRIME in the United States of America.” Users in the United States are advised: “please do not install option AUD-DVD.” Users who ignore that legal warning can then configure Ubuntu to play commercial DVDs.

There is no iTunes for Linux, but the Banshee Music Player is one of several programs that will let you sync unprotected music files from a Linux machine to an iPod or other MP3 player. It will not work with copy-protected music bought from iTunes or other online music stores. You can find it in the Sound & Video section of the Add/Remove utility or download it from banshee-project.org.

The hardest way to get Linux is to download the installation files. It is often difficult to figure out what files to download and in many cases you will have to burn those files to a CD or DVD. Windows users will need a commercial CD burning program or the free BurnCDCC (available at terabyteunlimited.com/utilities.html).

Linus Torvalds, the creator of Linux, acknowledged that “there are a few dark spots but they really tend to be fairly rare, and in practice quite often the biggest hurdle is simply that Linux mostly doesn’t come preinstalled and set up for you.” He also says that the easiest way to get Linux is to buy the DVD (or CD) from one of the most common sources. One way to ease the transition to Linux is to buy a support contract. For $50 you can download Novell’s version of Suse Linux with a year of support. For $35 more you get a CD.

After using the operating system for writing, Web surfing, graphic editing, movie watching and a few other tasks, it is easy to conclude that Linux can be an alternative to the major operating systems. But since common tasks like watching a movie or syncing an iPod require hunting for and installing extra software, Linux is best for technically savvy users or for people whose needs are so basic that they will never need anything other than the bundled software.

However, trying Linux — especially if you boot it from a CD — is a great way to find out what a lot of open-source adherents are so excited about.

And with prices starting as low as free, you certainly cannot complain about the price.

Microsoft say ‘Please use IE7 on a pirate Windows installation! We will even remove the protection for you!

2007-11-08T22:48:00.000-08:00

Users running pirated or counterfeit copies of Windows XP or Windows Server 2003 can now download Internet Explorer 7, Microsoft announced Thursday.

(See PCWorld Editor-in-Chief Harry McCracken’s take on the Microsoft decision.)

From the moment it released IE7 almost a year ago, Microsoft has restricted the browser to users who can prove they own a legitimate copy of the operating system. Before Microsoft allows the browser to download, it runs the user’s PC through a Windows Genuine Advantage (WGA) validation test, a prime part of XP’s antipiracy software.

When it instituted the requirement in 2006, Microsoft said rights to IE7 was one of the rewards for being legal. It changed its mind Thursday, saying the move is in users’ best interest.

“Because Microsoft takes its commitment to help protect the entire Windows ecosystem seriously, we’re updating the IE7 installation experience to make it available as broadly as possible to all Windows users,” said Steve Reynolds, an IE program manager in a posting to a Microsoft company blog. “With today’s ‘Installation and Availability Update,’ Internet Explorer 7 installation will no longer require Windows Genuine Advantage validation and will be available to all Windows XP users.”

Microsoft has consistently touted IE7 as a more secure browser, and post-launch patch counts back that up. In the past 11 months, IE6 for Windows XP SP2 has been patched for 22 vulnerabilities, 20 of them rated critical. IE7 for XP SP2, however, has been patched only 13 times; 10 of those fixes were ranked critical. In fact, when Microsoft announced that IE7 would not be offered to users running illegal copies of XP, some analysts questioned the company’s commitment to security.
Play for Market Share?

This is the first time that Microsoft has removed a WGA check for a major product. Among those that still require validation are Windows Defender, the company’s antispyware software, and Windows Media Player 11.

Several people who left comments on Reynold’s post wondered if there’s more to the decision than meets the eye. “I am guessing that this is in reaction to Firefox’s growing market share,” said someone identified as Dileepa. “I am not surprised at this at all.”

Mozilla’s Firefox has gained some ground on Internet Explorer since IE7’s launch. According to Net Applications, a Web metrics company, Firefox’s share is up by about two percentage points since October 2006, while IE’s total — IE6 and IE7 combined — slipped by more than three points.

IE7’s uptake was dramatic late last year, when it went from about a 3 percent share in October to 18 percent in December, but growth has slowed. Since April, for instance, it has increased its share by four percentage points, almost all of it at the expense of the older IE6.

The IE7 update also sports a few tweaks: The menu bar is now visible by default, for example, and a new administration kit that includes a revamped MSI installer is available to smooth corporate deployment.

Users can download IE7 from Microsoft’s site immediately or wait for it to appear in Windows Update as a high-priority item. It will take several months for Windows Update to roll out IE7 to all XP customers, and anyone dissatisfied with the new browser can downgrade to IE6 by using the Add/Remove Programs control panel applet.

A blocking tool kit is still available for companies and organizations that don’t use Windows Server Update Services and want to permanently prevent IE7 from automatically installing on PCs equipped with IE6.

if i will ask microsoft about it?
i will ask if.."Are Fools?Or You Loose To Pirate Users Who Bypassed Your Windows Validation...?!"
...
Firefox Is More Secure Though...

Lee-Softs New! in ViStart 2646...

2007-11-02T06:33:00.000-07:00

Lee-Softs VistaStart
ViStart is a start menu replacement
for Windows.
It completely revolutionises the
way you open programs by using a search engine built directly into ViStart. Allowing you to open programs in seconds! Usually when you want to open a program on Windows XP you have to go through all the hassle of finding it among your program list. But With ViStart, you simply begin typing the program’s name and it will find all programs that resemble your search text.

ViStart was programmed to mimic the functionality of Windows Vista. And unlike all other Start Menu replacements, ViStart completely synchronises with Windows. ViStart is the only start menu, that is said to completely mimic both Vista’s start menu in both functionality and appearance.

New! in ViStart 2646

Unlike previous builds. The component that displays the programs has been completely rewritten. To be faster then ever before. Also, ViStart will now operate on Tahoma in the event Segoe UI is installed. Though for true Vista simulation, i recommend installing Segoe UI.
Vistart Running on Windows XP
Also, the fade delay times between each option in ViStart has now been decreased. To truly emulate Vista’s fade support.

Vista Transformation Pack 8.0 Soon!!!!

2007-11-02T06:15:00.000-07:00

After VTP 7's Successful Release...
almost 4 month's ago....windowsxlive.net Proposed 2 weeks after 7.0 launched will have an update release and thats 7.0.1 and before they release that their server got some problem and datas of 7.0.1 that is almost finished was stolen and their latest backup is 2 weeks before 7.0's launch...

but we will be waiting for the launche of VTP 8.0 the latest Vista Transformation Pack....Only From windowsxlive.net....

and here are the features of newly designed Windows Vista Transformation Pack 8.0.0
-Fix reported bugs in previous version and update keep tracking programs to the latest up-to-date version
-More Vista’s features
-Refined collaborated 3rd-party applications for lower system requirements
-Bring back Vista Transformation Pack’s configuration file (vtp.sif) with user-friendly interface to use in program

and VTP 8 is planned to be released this Mid-November…

No ScreenShots Yet..

WindowsXlive..WE WILL BE WAITING FOR IT.....

Optimizing FireFox Browsers

2007-10-25T05:26:00.000-07:00

Tweaking In FireFox(by: request)
Reply #104 - Today at 8:22pm Quote Modify Remove
Performance Settings

THIS CONFIGURATION IS BASED ON THE "ABOUT:CONFIG" BEING TYPED IN THE ADDRESS BAR:

One of the limitations of pretty much all computer applications is the need to target for a general audience because of the wide array of computer components and varied network infrastructure. This is where tweaking comes in. Firefox by default is aimed at a general audience too and hopefully we can tune it more to the needs of the individual. The majority of the information comes from this excellent thread over at the MozillaZine Forum. The first post in particular goes through in great detail what each of the settings do. The thread however gets fairly long and convoluted and we attempt to summarize the contents of this thread along with a couple other sources into something that is easier to digest. As with the settings on the previous page, the contents are copied into the user.js file. We do not go into major detail about the setting as the thread goes into detailed explanations of what the settings mean in the first post. Instead, the configurations are culled from the thread of what people have reported to have worked for them along with some modifications on our end.

Quick and Dirty Settings

user_pref("network.http.pipelining", true);
user_pref("network.http.pipelining.firstrequest", true);
user_pref("network.http.pipelining.maxrequests", 8);
user_pref("nglayout.initialpaint.delay", 0);

These were some settings I ran across sometime ago. Pipelining does multiple data requests at once and should speed things up. I believe IE did this before and this was partially attributable to the speed advantage that IE had over older versions of Mozilla/Netscape. Initial Paint Delay actually slows down the rendering of the ENTIRE page but since users tend to start reading before the entire page is rendered, setting this to a low value gives the impression that the page loads faster.

The following configurations are based off of recommendations off of the Mozillazine thread with some editing on points that I do not agree with
Common to all configurations

These are the settings that seem to be common to all configuration files regardless of connection speed or computer speed with a couple of additions - plugin paths can be found with about:plugins and the bookmark menu delay is turned off.

user_pref("network.http.pipelining", true);
user_pref("network.http.proxy.pipelining", true);
user_pref("network.http.pipelining.maxrequests", 8);
user_pref("content.notify.backoffcount", 5);
user_pref("plugin.expose_full_path", true);
user_pref("ui.submenuDelay", 0);

Fast Computer Fast Connection

user_pref("content.interrupt.parsing", true);
user_pref("content.max.tokenizing.time", 2250000);
user_pref("content.notify.interval", 750000);
user_pref("content.notify.ontimer", true);
user_pref("content.switch.threshold", 750000);
user_pref("nglayout.initialpaint.delay", 0);
user_pref("network.http.max-connections", 48);
user_pref("network.http.max-connections-per-server", 16);
user_pref("network.http.max-persistent-connections-per-proxy", 16);
user_pref("network.http.max-persistent-connections-per-server", 8);
user_pref("browser.cache.memory.capacity", 65536);

A couple settings of note - Firefox is allocated 4096 KB of memory by default and in this configuration we give it roughly 65MB as denoted by the last line. This can be changed according to what is used.

Fast Computer, Slower Connection

This configuration is more suited to people without ultra fast connections. We are not talking about dial up connections but slower DSL / Cable connections.

user_pref("content.max.tokenizing.time", 2250000);
user_pref("content.notify.interval", 750000);
user_pref("content.notify.ontimer", true);
user_pref("content.switch.threshold", 750000);
user_pref("network.http.max-connections", 48);
user_pref("network.http.max-connections-per-server", 16);
user_pref("network.http.max-persistent-connections-per-proxy", 16);
user_pref("network.http.max-persistent-connections-per-server", 8);
user_pref("nglayout.initialpaint.delay", 0);
user_pref("browser.cache.memory.capacity", 65536);

Fast Computer, Slow Connection
user_pref("browser.xul.error_pages.enabled", true);
user_pref("content.interrupt.parsing", true);
user_pref("content.max.tokenizing.time", 3000000);
user_pref("content.maxtextrun", 8191);
user_pref("content.notify.interval", 750000);
user_pref("content.notify.ontimer", true);
user_pref("content.switch.threshold", 750000);
user_pref("network.http.max-connections", 32);
user_pref("network.http.max-connections-per-server", 8);
user_pref("network.http.max-persistent-connections-per-proxy", 8);
user_pref("network.http.max-persistent-connections-per-server", 4);
user_pref("nglayout.initialpaint.delay", 0);
user_pref("browser.cache.memory.capacity", 65536);

Slow Computer, Fast Connection
user_pref("content.max.tokenizing.time", 3000000);
user_pref("content.notify.backoffcount", 5);
user_pref("content.notify.interval", 1000000);
user_pref("content.notify.ontimer", true);
user_pref("content.switch.threshold", 1000000);
user_pref("content.maxtextrun", 4095);
user_pref("nglayout.initialpaint.delay", 1000);
user_pref("network.http.max-connections", 48);
user_pref("network.http.max-connections-per-server", 16);
user_pref("network.http.max-persistent-connections-per-proxy", 16);
user_pref("network.http.max-persistent-connections-per-server", 8);
user_pref("dom.disable_window_status_change", true);

OPTIMIZING CATEGORIES:
Fast Computer Fast Connection

user_pref("content.interrupt.parsing", true);
user_pref("content.max.tokenizing.time", 2250000);
user_pref("content.notify.interval", 750000);
user_pref("content.notify.ontimer", true);
user_pref("content.switch.threshold", 750000);
user_pref("nglayout.initialpaint.delay", 0);
user_pref("network.http.max-connections", 48);
user_pref("network.http.max-connections-per-server", 16);
user_pref("network.http.max-persistent-connections-per-proxy", 16);
user_pref("network.http.max-persistent-connections-per-server", 8);
user_pref("browser.cache.memory.capacity", 65536);

A couple settings of note - Firefox is allocated 4096 KB of memory by default and in this configuration we give it roughly 65MB as denoted by the last line. This can be changed according to what is used.

Slow Computer, Fast Connection

user_pref("content.max.tokenizing.time", 3000000);
user_pref("content.notify.backoffcount", 5);
user_pref("content.notify.interval", 1000000);
user_pref("content.notify.ontimer", true);
user_pref("content.switch.threshold", 1000000);
user_pref("content.maxtextrun", 4095);
user_pref("nglayout.initialpaint.delay", 1000);
user_pref("network.http.max-connections", 48);
user_pref("network.http.max-connections-per-server", 16);
user_pref("network.http.max-persistent-connections-per-proxy", 16);
user_pref("network.http.max-persistent-connections-per-server", 8);
user_pref("dom.disable_window_status_change", true);

One of the changes made for this particular configuration is the final line where the status bar is disabled for changing web pages to save processor time.

Common Tweaks

Common to all configurations

These are the settings that seem to be common to all configuration files regardless of connection speed or computer speed with a couple of additions - plugin paths can be found with about:plugins and the bookmark menu delay is turned off.

user_pref("network.http.pipelining", true);
user_pref("network.http.proxy.pipelining", true);
user_pref("network.http.pipelining.maxrequests", 8);
user_pref("content.notify.backoffcount", 5);
user_pref("plugin.expose_full_path", true);
user_pref("ui.submenuDelay", 0);

500$ gaming rig snaps

2007-10-13T19:38:00.000-07:00

The 500$ Gaming Rig!

2007-10-13T19:12:00.002-07:00

Specs:
RAM:2x 512mb Patriot DDR2 Ram
HDD:320 GB Barracuda 7200.10 By Seagate
GRAPHICS:Radeon HD 2600 Pro By Gigabyte
512GDDR2 128bit
Case:Coolermaster Centurion 5 CAC-T05 Black/Silver
Power Supply: 500w Silverstone ST50EF-Plus
MainBoard:AMD Platform MSI K9AGM2-FIH
Intel Platform ECS G33T-M2 (G33 Chipset)
Processor:2.1ghz AMD Athlon 64 BE-2350
1.8ghz Intel Pentium Dual Core E2160

TEST SETUP

CPU AMD :AMD Athlon X2 BE-2350 (65 nm; 2100 MHz, 2x512 kB L2 Cache)
CPU Intel :Intel Pentium Dualcore E2160 (65 nm; 1800 MHz, 1 MB Shared L2 Cache)
Motherboard AMD :MSI K9AGM2-FIH, Socket AM2 (Rev. 1.02)
AMD 690G Chipset
Motherboard Intel :Elitegroup G33T-M2, Socket 775 (Rev. 1.0)
Intel G33 Chipset
RAM :Patriot PDC21G6400LLK
2x 512 MB DDR2-800 (CL 5-5-5-15 2T)
Hard Disk Drive: Seagate Barracuda 7200.10
320 GB, 7.200 RPM, 16 MB cache, SATA/300
DVD-ROM :Samsung SH-S183
Graphics Card :Gigabyte Radeon HD 2600 Pro w/ Silent Pipe II Cooling
GPU: ATI Radeon HD 2600Pro (600 MHz)
RAM: 512 MB GDDR2 (800 MHz DDR)
Sound Card :Integrated
Power Supply :Silverstone ST50EF-Plus
ATX 2.2, 500 Watt

SYSTEM AND SOFTWARE DRIVERS:
OS :Windows XP Professional 5.10.2600, Service Pack 2
DirectX Version :9.0c (4.09.0000.0904)
Platform Drivers AMD :Version 8.40
Platform Drivers Intel :Version 8.3.0.1013
Graphics Drivers ATI

CALCULATIONS:AMD
Processor :Athlon X2 BE-2350
$ 92
Motherboard :MSI K9AGM2-FIH
$ 89
RAM :Patriot PDC21G6400K, 2x 512 MB DDR2-800
$ 49
Graphics Card :Gigabyte Radeon HD 2600 Pro
$ 85
Hard Drive :Seagate Barracuda 7200.10, SATA/300, 320 GB
$ 65
Power Supply :Silverstone ST50EF-Plus
$ 99
Case :Coolermaster Centurion 5 CAC-T05 Black/Silver
$ 49
Other :Samsung SH-S183 DVD-ROM
$ 30
Total Cost --$ 541--

CALCULATIONS:INTEL
Processor :Pentium Dual Core E2160
$ 92
Motherboard :Elitegroup G33T-M2
$ 89
RAM :Patriot PDC21G6400K, 2x 512 MB DDR2-800
$ 49
Graphics Card :Gigabyte Radeon HD 2600 Pro
$ 85
Hard Drive :Seagate Barracuda 7200.10, SATA/300, 320 GB
$ 65
Power Supply :Silverstone ST50EF-Plus
$ 99
Case :Coolermaster Centurion 5 CAC-T05 Black/Silver
$ 49
Other :Samsung SH-S183 DVD-ROM
$ 30
Total Cost --$ 558--

SO CHOOSE WHATS YOUR CHOICE NOW:
just leave a comment....
for your choice...

The 500$ Gaming Rig!

2007-10-13T19:12:00.001-07:00

You Really Wanna Know If She's Got A Crack On You?

2007-10-13T08:23:00.000-07:00

Love, Young love is great isn't it? But the problem is when you start out, how you would know whether she likes you, seems hard at first but by studying body movements, this could be a bit easier. Well to begin, there must be some hot girl or any you wish in your life in some way or another. Well step 2 is to start talking with her. Step 3 is to give it some time, talk, wait, talk, wait. This should do the trick.

Ok, if followed the steps, if you think she likes you then you could put into test to know whether she really likes you. When you go close to her and begin a conversation, girls unlike boys aren't open to everyone. If she likes you she probably would talk you open. then when she talks to you she would cast nervous glances at you, she would probably be asking herself "can I really make him mine" or "would he like me?" always the first gesture would be nervous glances. But if it’s not sorry about it

Occasional, slight coughs, running her fingers through, could prove to be signs of a crush. She would be self conscious, always making her hair, etc. girls like to their stuff. Running her fingers through hair is quite common; sometimes that gesture could be your lucky day it could be nothing at. All if isn't, I am sorry.

If you are a joker you’re in luck, because how dumb your joke or how un-funny they are, if she likes you she would probably laugh. Other girls may not laugh, others may comment on how bad the joke was or whatever. Some would even snub you, but if the girl likes you she would try her best to laugh, even a slight giggle or smile.

When you’re alone with her, and you will converse with each other, she would always maintain steady eye contact with you at almost all times, this could prove to be a sign that she likes you. You must learn to identify whether it is really love or just an act, but mostly it could be crush or love.

When she is in love or really likes her eyes would have sought of glowing effect, which she wouldn't show to others. It’s a great feeling and you probably would be able to identify it. This also is a sure sign to show that she really likes you.

For more tips visit:

http://www.loveingtip.blogspot.com/

9 Most Shocking Secrets Women don't want men to know

2007-10-13T08:14:00.000-07:00

Ever tried to wonder what's in a woman’s mind? What is she thinking about? Do you know that women do not always mean what they say. They might say something and mean the exact opposite. But what do women actually want? Read on to discover some of the most shocking secrets women don't want men to know.

Blonds aren’t always dumb- If you thought all of them were dumb than you are strongly mistaken. Hair colour does not affect a person's IQ. They only act dumb to seem cute or get you to spend money on them and if you do that than you are dumb not them.

Women get jealous as hell- They might deny it but the fact is they get extremely jealous even if their man talks to a random female or maybe a friend. She might pretend to act all nice but inside her jealousy volcano is about to erupt.

I am the sexiest of them all- Every woman has this mind frame no matter how much they try to deny it. Almost every woman wants to feel like the one and only beauty queen in the world as if nothing compares and demand royal treatment from all men.

Am I fat- I know you’ve heard this one time and again but let's all admit to it officially! No matter how skinny she is she would never consider herself thin. Almost every woman occasionally asks this annoying question- "Am I looking fat in this honey?”

They always lie about shopping- They might be out grocery shopping but always end up getting something for themselves which they thought was cute. They either try to hide it or lie about its price saying it was on sale.

Don't share secrets with them- If you have than you are already on prime time radio. Almost every woman shares each and every secret with her friends. They tend to share their secrets over a cup of coffee and have a good laugh over it. And yeh when I say secrets it means your private secrets as well ( he he) if you know what I mean.

What shoes are you wearing- If you thought it was a myth than think again. Women do judge a man by his shoes. So better make it a point to wear nice clean shoes the next time you walk out.

They know when you are cheating- Women have inbuilt instincts and emotion system which beeps and alerts when their man is cheating. No matter how big of a player you are you would always be caught no matter what.

Women prefer smart men only- Yes it is indeed a universal fact that women do prefer smart men no matter what they might say. They might settle for a man with less money but never with a man who is dumber than them. But how smart are you? Enter your zip code and take a smartness test, see where you stand-

This Article Is From:
Womens Secrets

How To Say I Love You In 3 Simple Steps

2007-10-13T08:12:00.000-07:00

well...its not the month of love but im gonna make it...

Saying I love you can be the hardest thing on this planet. How to say it? When to say it? Where to say it? Will he or she say yes or no? There are thousands of questions which dominate our mind just thinking about what’s going to happen after you say it. But the fact is if you say "I love you" in the right manner than you would never have to hear no for an answer. Read on to find out someone of the best ways on how to say I love you to your partner.

Give a pleasant surprise- There are places where you can say I love you to your partner but the timing and place has a big role to play in this situation. You simply can not approach your partner at the wrong place and say I love you directly. You might get rejected or maybe even have to face serious embarrassment.

Set up the stage for it- The best way to say I love you and get the same response from your partner is to set up the perfect moment and stage to say I love you. Take your partner out for a special dinner just for two and share a very intimate moment together. Overwhelm your partner with different surprises and when you feel the moment is right strike your partner with "I love you".

Don't think of the consequences- Just remember you would never know what’s going to happen unless you say it. Therefore stop scaring yourself thinking that he or she might reject you in the end just say what you have to say and that is "I love you". Once you say it your job is done and the load is off your chest. Also the way you say I love you matter a lot in getting the desired response. When you say I love you, you really have to mean it otherwise you might not get the same response.

What you don't know yet- Ever tried to wonder what's in a woman’s mind? What is she thinking about? Do you know that women do not always mean what they say. They might say something and mean the exact opposite. But what do women actually want? Read on to discover some of the most "Shocking Secrets" women don't want men to know-

How To Make A Girl Fall In Love With You..

2007-10-13T07:33:00.000-07:00

Getting a girl of your dreams is much like getting the car of your dream. But unlike a car which you can always bargain for, there is nothing like a 20 percent discount in courting the girl of your dreams, she's so sweet a thing to be discounted, you dearly are in love with her and your feelings for her can only be communicated not by the words of the mouth, but by the words of the heart. Getting the girl actually depends on how big your heart is - faint heart, never won fair lady.

The first step in the heart-winning exercise for any man is to make a good impression. In your doing so, you don't have to talk, dress or do the common things that all the Toms do to get a decent girl's attention. Be unique, that's all you need. Be a man of his own style. Dress decently - indecency can make one be mistaken for arrogance; watch your language - obscene language gives the impression of immaturity, being uncultured and cheap; be a man of good habits - don't drink or smoke like any other loser.

Let her fall in love gradually. Romance is an important part of falling in love. When in College I had a crush on the most beautiful lady in our first year lot. Though all senior guys were out to get that girl, I managed to divert her attention from the other guys. I wrote her three letters without disclosing my identity and slid into her room secretly; all I said was 'Yours Secret Admirer.' The first letter contained the meaning of her name, this I got by playing around with the initials of her name to make meaning. The second was a funny message that could only be read backwards and it was all about her physique and her smartness. In the third letter I told the girl to be ready to receive a rose flower from her admirer, but only if she could be kind enough to phone him using a number that I had included in the letter. The girl did phone me that very night, and her first words to me were, "Hallo Secret Admirer." So, the story of our love affair came to be. Later she told me that was so creative of me, no one had approached her in that manner. I made her fall in love with me in the romantic manner.

Befriending and understanding the girl you are out to get is the next important thing. This is what I also did. You have to understand that as a lady, she loves to be loved, adores to be adored and needs to be needed. This will move you closer to the girl and you'll get to know what she's into, what she likes and dislikes, and what her style is. Love is built upon friendship and it always leaves individuals better off having known each other should they break up. I and my College steady were to break some time later but to date, we are the best of buddies. Be sure that bringing out the selflessness friend in you will make her create room for you in her heart.

A shoulder to lean on and some good friend that she can always turn to is all that a lady wants. Please don't hesitate to be helpful and supportive. Be that friend who rekindles her zeal of hardworking and restoring hope back into her life when she looses hope. This above all other things will make you her daily vitamin simply because you bring out the best in her in terms of personality and character. In you, she'll have found that friend whom she can open up to, share with and advice each other on the rights and wrongs, the dos and don'ts of life. Don't forget to always be there to celebrate the good times, and to lend an ear when the girl needs you to listen as a friend.

Make the girl feel special; because she's someone's friend - your friend, and let her know that she too has touched your life in a unique way like no one else could. Compliment her for her company and for being there when you needed her, when you felt sad and all alone. Show appreciations for the comfort the girl offers you and for making you smile.

In your day to day talks, share your dreams, your world, and every aspect of your life with your girl. Always dream with her, build with her, and always cheer her on and encourage her. Tell your girl how you always think about her even when you try not to think about her. Let the girl know that she's your first thing in the morning and the last thing when you go to bed at night.

Her knowing that you were thinking of her when you slipped beneath the softness of your blanket and gave in to the bliss of sweet dreams, will make her go 'my my' and her heart will sing your name all the year round.

You have to be creative and constructive to keep girl's interest in you so full of life. I remember one time I told my girlfriend to be to imagine we are both deaf and dump. We then sat opposite each other on the table and started sharing our feelings for each other using eyes and hand signs. It turned out to be some fun. There was also this time that we were in the library and we decided we are not going to speak to each other verbal, so I wrote a love note on a paper and passed it across the table to her, she replied and on and on we carried on our love on paper conversation till we almost exhausted a whole rim of paper. At sometime, I noticed that some guys sited with us on the table were enjoying our ordeal than their studies. Such are the things that made the girl embrace my world. I remember her suggesting that we play deaf and dump two years after we broke up, can you imagine that?

Never fail to phone her, even when she least expects it. I once called some girl that I was interested in at four o'clock in the morning. When inquiring of what I was doing up so early, I told her I was in thirteenth heaven, where people think of their loved ones when they can't sleep. Wow! First thing early the next morning, she was at my door with a king-sized hug for me. No matter how many dates you take her, don't make any elbow - exceeding moves after any date, just drop her home and with a friendly handshake, wish her good night. Don't kiss her when she expects you to. Your respect as a gentleman will be earned on how patient you are with her when it comes to such matters as kissing her and accessing her inner graces.

The writing is on the wall that you want her, but you can't have her just yet. Increase your demand. Try to show her that men are also hard to get at times. Make her realize that when she feels a little dizzy, a little tired, a little sad, a little sick, a lot bored and very much cold, she's actually missing vitamin you. By this time, she'll be so much into you and since love is truthful and is characterized by open and honest communication, honestly promise her your everlasting devotion, loyalty, respect, and your unconditional love for a lifetime. Prove to her that you'll always be there for her, to listen and to hold her hand, and that you'll always do your best to make her happy, and feel loved.

Remember, patience is the key to her heart; be like that gardener watching a fruit as it hangs on the tree, day after day admiring it, but, exercising tremendous self-discipline, neither feeling the fruit, nor pinching it, nor testing it to see if it is ready. And then, one day he holds out his hand and the fruit simply drops into it, ripe, warm and eager to be eaten.

The patience and self-control which you practice will make you more attractive and charming. This will qualify you as her daily vitamin and win you that heart hers.

I wish you to meet the girl of your dreams ASAP, make her fall in love with you, and make her feel the happiest girl in the world!

Pentagons Security System Is Hacked???!!!

2007-10-12T18:31:00.000-07:00

A cyber-attack on the US’s Pentagon has forced it to take around 1500 of its computers offline. This is because an unknown hacker has successfully managed to penetrate one of the email systems at the Defense Department of the Pentagon.

Secretary of Defense Robert Gates said, “Elements of the OSD unclassified email system were taken offline yesterday afternoon, due to a detected penetration. We obviously have redundant systems in place, and there is no anticipated adverse impact on ongoing operations. There will be some administrative disruptions and personal inconveniences.”

Besides the above, the Pentagon Department of Defense did not reveal any other details on this. However, it is known that systems are expected to return to full operation very soon.

Here is what a Pentagon spokesman had to say on this issue, “The nature of the threat is large and diverse, and includes recreational hackers, self-styled cyber-vigilantes, various groups with nationalistic or ideological agendas, transnational actors and nation-states.”

Gates also said that a variety of precautionary measures were being taken and hence they expected the systems to be up and running again soon.

He also added that the Pentagon is an obvious target for hackers with hundreds of attacks being attempted each day. However, those who are caught will have to face a high penalty.

Also, when Gates was asked whether his own email account had been affected by the attack, he said, “I don’t use email. I’m a low-tech person.”

well..they have to improve there firewalls...encryption system...all of the defenses they have...^_^ peace mr. secretary of defense

Best Defense For Hackers,Spywares,Malwares,And some naughty Worms and Trojans

2007-10-12T18:14:00.000-07:00

You Got A trojan,malware,spyware,adware all of the sticky and naughty viruses in you system?

now you they cannot enter your pc..
the best defense for you is now here....

DSA(Dynamic Security Agent)
Features ―
Dynamic Security Agent is a signature-less, anti-malware and desktop defense application comprised of several distinct technology layers designed to block or mitigate the damage caused by intrusion, virus and other malware attacks. DSA features the following layers of defense technology:

- Application Monitor/Manager
- Registry Monitor
- Process Monitor/Manager
- Email Anomaly Analyzer/Manager
- System Anomaly Analyzer

DSA also detects malware and intrusions based on behaviors characteristic of unauthorized system use. Some of these include:

- Attempts to access a protected registry area
- Attempts to access a protected object
- Attempts to Initiate a foreign process
- Attempts to control Windows service
- Attempts to create a DNS request
- Attempts to initiate outgoing TCP traffic

General Capabilities ―
DSA’s layered approach to PC and enterprise endpoint defense addresses the Windows vulnerabilities and progressive techniques that hackers exploit to gain unauthorized system access and deliver malicious payloads. DSA provides Application Security by providing detailed alerts for incoming and outgoing application-specific Internet traffic. DSA also models and monitors system behavior to identify and block activity characteristic of known malware, hacking, phishing and other threat types so that personal computer users and IT managers within small, medium or large organizations can more effectively and proactively protect the environments and private data for which they are responsible.

Although DSA will detect, block and quarantine known and new forms of malicious software and other threats, it does not remove the malware. DSA is therefore an ideal complement to conventional virus and spyware scanning software as well as personal and server firewall applications. Neither DSA nor any other single layer of protection should be solely relied on to protect your system. DSA enables you to be aware of the activity on your computer and detects, blocks and alerts you to suspicious activity. These days, what seems normal online (a greeting card, banking site, attachment, etc.) may not be. DSA enables you to be aware, cautious and better protected.

Windows OS Exploits ―
For example, the WMF exploit allows a hacker to gain unauthorized access to your computer. In this scenario, a compromised/attack computer will send you a graphical file with the trusted extension “.wmf”. Internet Explorer will identify this legitimate file extension and will instruct the operating system to process it. Here’s where it all goes wrong. The file will in turn invoke another process, (which typically has an unusual name, i.e. a.exe). DSA will detect and block this “untrusted” process and generate an alert.

Malware: Virus, Spware, Trojan and Worm Defense ―
Viruses, Spyware, Trojans and Worms are all forms of malware that replicate, spread, steal personal information, and inflict damage to computers. DSA detects activity characteristic of malware infection such as attempts to access protected file objects, execution of WinAPI functions, and initiation of unknown processes, among others. Once detected, DSA blocks and quarantines the malware and alerts you of the security incident.

Rootkit Defense ―
By simple definition, a rootkit is a collection of software tools that an intruder can install on a computer to execute whatever criminal activity they have in mind. Rootkits are a particularly tricky form of malware to detect and defend against, as they are nearly invisible to most types of systems monitoring software. They allow an attacker to execute malicious programs invisibly as the rootkit is able to conceal files, running processes, and/or system data. Rootkits are a growing problem ― According to Microsoft, approximately 20 percent of the malware deleted by its malicious software removal tool are rootkits.

DSA can guard against rootkit-related attacks on a number of levels. DSA can detect when a rootkit is being installed by identifying when a registry key value is being modified. DSA can also detect rootkit activity based on the process, WinAPI call or executable that is launched as an output of the rootkit’s payload.

Hacker Defense ―
Hackers are criminals that leverage system vulnerabilities, social engineering, and other techniques to break into computer systems for the purpose of amusement, theft, vandalism, or other crime. DSA prevents hacker attacks by restricting access to unauthorized areas of your computer and controlling the manner in which applications, processes, and other system features operate. In addition, DSA provides additional layers of protection though system and email anomaly detection components that baseline normal computer operation and detect unacceptable deviations from typical use caused by intrusion (hackers) and viruses, spyware and other forms of malware. Hackers and their techniques continually evolve and become more effective at hiding. No security solution provides 100% protection from attacks, but DSA offers unique capabilities focused on deviations of typical behavior and can therefore adapt and evolve along with the threats themselves.

Signature-less, Zero-hour Desktop and Server Defense!

The web may be free, but we all know that to safely bank online, buy music, software, or books, or even simply surf the web, there is a price to pay. To combat online threats, firewall, anti-virus and anti-spyware software have become essential investments for any home or business computer. These programs monitor and control system access and scan and remove your system of malicious or spying software.

You Can Download It..here
Dynamic Security Agent Download

This The Best Defense I've Ever had...

Iba Talaga Kapag Inlove...

2007-10-08T04:41:00.000-07:00

Iba tlga kpg inlove k noh?
parng lagi kng nbubuwang ahehehhe...
ibng-iba ung energy mo kpg nkikita mo sya..
ehehhe...hnd ung malisyosong energy..ehhehe...

eehhehe..shes the one..ehehhe..

a short msg for you...

MICROSOFT WINDOWS VISTA RETAIL d-link leak

2007-09-29T16:47:00.000-07:00

windows vista retail d-link been leak..you can install vista by downloading this 3 files named: boot.wim-install.wim-X13-49120/X13-49120.exe..

i will not say the website that hosting it..search for it guys...

this is a big damage to my blog if i post the link because....microsoft will be angry..hahha...

just search it on google..

i got this from raymond.cc blog...

thanks for all of the infos in your blog...raymond..

Setting-Up your Computer Configuration For Extreme Performance

2007-09-29T05:38:00.000-07:00

Preparing Your System (1-8) Graphics Performance Tweaks (47-55)

1. Use 'whole system' performance benchmarks
2. Tweak insurance part 1: backing up and editing the registry
3. Tweak Insurance part 2: Creating a system restore point
4. Saving your hard drive space from the system restore utility
5. Tweak insurance part 3: Restoring BIOS defaults
6. Tweak insurance part 4: Use hardware profiles to experiment with system settings.
7. Editing BIOS settings
8. Editing registry settings without restarting

BIOS tweaks and Insight (9-13)

9. Change memory Latency times
10. Set the correct AGP mode
11. Update your bios
12. Disable unneeded ports
13. Disable built-in features on your motherboard

Overclocking your processor and memory (14-16)

14. Overclocking the memory/front side bus
15. Changing the CPU multiplier
16. Modify Processor and memory voltage

WindowsXP Software and Registry Performance Tweaks (17-46)

17. Stop the 'last access update' stamp
18. Disable the 8.3 naming convention
19. Keep Windows operating data in main memory
20. Obtain the newest drivers for your hardware
21. Disable performance counters
22. Move the page file from system drive
23. Create a 'permanent' page file
24. Optimize your page file size
25. Defrag page file with PageDefrag utility
26. Set priority for important programs
27. Check your hard drives with scandisk
28. Force XP to unload DLL files after closing a program
29. Thaw out your desktop
30. Speed up mouse movement, part 1
31. Speed up mouse movement, part 2
32. Create a RAID configuration
33. Disable the themes service
34. Remove the desktop picture
35. Change to the NTFS file system
36. Perform a manual Application and Boot file Defrag
37. Disable the hibernation feature
38. Disable automatic sensing on network cards
39. Use the prefetch switch to load applications faster
40. Verify DMA mode is set for all drives
41. Do a windows repair install
42. Stop hard disks spinning down
43. Reduce recycling bin reserved space
44. Enable write caching on hard disks
45. Defragment your hard disk(s)
46. Turn off the indexing service

47. 3d game benchmarks
48. Change your Monitor's refresh rate (CRT monitors only)
49. Fix the refresh rate for 3d games
50. Enable AGP Master 1WS Write/Read
51. Enable AGP Fast Write
52. Set Video Memory Cache Mode
53. Overclocking ATI video cards
54. Overclocking Nvidia Video cards
55. Disable VSYNC

Network and Internet Performance Tweaks (56-66)

56. Increase maximum number of simultaneous connection in Internet Explorer
57. b' devices slow down 802.11g networks
58. Proprietary modes for wireless networking
59. Closer is better for wireless
60. Enhance your Internet connection.
61. Increase DNS cache size
62. Disable DHCP with DSL connections
63. Do not cache failed DNS entries
64. Use CTRL+ENTER to speed up Internet address entering
65. Get a faster network connection to Windows 9x/ME computers
66. Remove the QoS Bandwidth Reserve Setting

WindowsXP User Interface Shortcuts and Hints (67-78)

67. Create shortcut keys
68. Create a custom shortcuts toolbar
69. Using ALT+TAB to switch between applications
70. Add the address taskbar to desktop
71. Disable error reporting
72. Reduce menu delays
73. Restore the Quick launch bar
74. Increase desktop graphic performance
75. Make 'my computer' open faster
76. Remove the need to enter a password to login to XP (be careful!)
77. Sort out spam
78. Keyboard shortcuts using the Win Key (ÿ)

Improving Windows XP boot speed (79-94)

79. Disable floppy drive seek
80. Set primary display adaptor
81. Enable quick POST/memory test
82. Eliminate unwanted programs from boot up
83. Scan your PC for spyware and Adware
84. Disable boot virus detection
85. Change boot sequence.
86. Disable the XP loading screen
87. Eliminate unwanted fonts to increase boot speed
88. Turn off bios disk detection
89. Use the Bootvis utility
90. Use the Intel application accelerator
91. Disable unnecessary services
92. Disable unneeded devices in device manager
93. Disable auto detection for empty IDE slots
94. Reduce wait time after XP boots

Increasing XP shutdown speed (95-99)

95. Increasing shutdown speed by reducing wait times part 1
96. Increasing shutdown speed by reducing wait times part 2
97. Increasing shutdown speed by reducing wait times part 3
98. Disable the Nvidia driver helper service
99. Auto kill tasks on shutdown

2007-09-20T01:20:00.000-07:00

Over My Head-Sum 41

RockIn Out...This video is by youtube submitted by:martini164

Sum 41 Rockzzz!!!

2007-09-20T01:14:00.000-07:00

Featuring: Sum 41 Live in Tokyo

The Hell Song-Sum 41

this song rocks my brain out...
sum 41 ROCKZZ!!!

How To Create a Fake and Harmless But Disgusting Virus!

2007-09-14T07:08:00.000-07:00

How to Create a Fake and Harmless Virus

Learn how to create a fake and harmless virus for windows. This is useful for a pranking, getting revenge, etc.. It is safe if you follow the instructions. It's pretty simple.
Steps

1. Right-click on your desktop, go to "New" and click "Create Shortcut"
2. A window will come up. Where it says "Location" enter: shutdown -s -t
3. The rest of the location is customizable. After the -t, press space and enter the amount of time you want someone to have until shutdown when virus is activated. Press space and enter -c then another space and in quotations, type in a comment that will appear when the computer is shutting down. Click "Next".
4. On the next screen, name your virus whatever you want, it will still have the same effect. Click "OK".
5. Your fake virus will be on your desktop as whatever you named it. Click to activate it. If done correctly a shutdown or log-off window will come up with the amount of time, your comment, and a bunch of other stuff. You can not abort the shutdown with task manager by trying to close the window or delete the processes.
6. TO ABORT THE FAKE VIRUS YOU MUST click the Start button on your taskbar and click run. Then type in: shutdown -a

Tips
• To make your virus more convincing, you could name it Internet Explorer and than right click your shortcut to the virus, click "Properties" than click "Change Icon". Then scroll through the list and click the Internet Explorer icon.

Running Multiple IE versions...in one PC

2007-09-14T06:59:00.000-07:00

i have 1 desktop pc.. i am using 2 kinds of browsers firefox and ie6 i dont want to update my ie6 because if i updated it my ie cannot be rolled back again.and i dont wnat to use system restore...and when i use ie7 its so slow...because of phishing so i used this to test whats fits for my pc....i am now using 3 kinds of browser 1e6,ie7,and firefowx ^_^ try it...

download it here..
http://tredosoft.com/files/multi-ie/multiple-ie-setup.exe

Ravmon.exe Removing Without any Software

2007-09-11T05:12:00.000-07:00

removing ravmon virus without anti-virus is easy, btw i havent met any antivirus which can remove this virus they can stop your pc from being infected but once you are infected they wont be able to remov it.
I dont know the actual name of this virus nor its effects
Anyways its very easy to remove it
you will have to follow just few simple steps.

* check if ur infected
* stop currently running virus
* delete virus files
* remove virus to run from startup

so here are the following steps explained
remember until you delete the virus files please open drives using address bar by typing C:\ D:\ X:\ as the virus is activated if you double click the drive
1. Right click any drive on your computer and see if right click menu shows some invalild characters
like this

If yes then you are infected.
2. Press Alt+Ctrl+Del to bring up the task manager (or right click taskbar to run it)

there will be a program in processes named “SVCHOST.EXE” there will be few svchost in small case but check one in capital letters, if you see more than one “SVCHOST.EXE” (all caps one) end the one with your username infront of it instead of LOCAL SERVICE, NETWORK SERVICE or SYSTEM.
by pressing end process
3. to delete the virus files you need to show system protected files.
for this goto
My Computer->(Menu) Tools-> Folder Options -> (Tab) View -> uncheck “Hide System protected files” -> press OK
If you are unable to unhide the system files you can use 3rd party softwares to browse drive and delete files, try ACDsee or WinRAR
Now open drive (by typing drive letter in address bar)
delete these 2 files

* Autorun.inf
* Ravmon.exe

also delete those in all drives (not CD(WR) or DVD(WR) drives) (and remember don’t double click else you will have to start over from top)

Open Windows folder and delete SVCHOST.EXE, SVCHOST.dll and MDM.EXE
Now restart the explorer.exe process by killing it in taskmanager and runing it again [(winkey + R), type “explorer” and hit enter]

now right click the drive letter and ull see a clean menu

congrats virus is removed

4. Now remove it from startup (Optional as files are deleted)
Winkey + R type “msconfig” hit enter

goto startup tab-> (uncheck) MDM -> OK -> Exit without Restart
How to prevent from this virus in feature
just right click any USB drive (that includes iPod) you have plugged into your PC
if they have currpoted menu the drive is infected
Access drive by typing drive letter and delete files from that drive
Remember you double click the curropted drive you get infected else ur safe