Simple Tweaks for Peak PC Graphics Performance

Adjust the settings for your graphics board and display to improve image quality.

When it comes to your PC, looks definitely matter. Tiny text, blurry images, and flickering screens aren't just annoying, they can lead to eyestrain, lost productivity, and a bill from the glazier for replacing the window you toss your monitor through out of frustration. But you don't have to give your display the heave-ho: A few simple adjustments to your graphics card and other Windows settings can ensure peak visual performance.

Your PC's graphics card is controlled by its Windows driver, so get the latest driver release for your board. To see what version you have, right-click the desktop and choose Properties to open the Display Properties dialog box, then click Settings, Advanced, Adapter (in Windows XP, also select Properties, Driver).

Visit your graphics-card vendor's Web site to download the most recent version of the driver, but don't install beta drivers. These are works in progress that may cause more trouble than they're worth.

Sight-Saving Settings

Here are a few settings that should be available for all graphics drivers.

Resolution: This is the number of dots--or pixels (short for "picture elements")--displayed on your screen. The higher the resolution, the more dots per inch, and the sharper the displayed image (if your monitor supports the higher resolution). High resolutions increase the processing demands on your graphics board and PC.

The graphics cards in most computers made in the last three or four years support resolutions of at least 1024 by 768--meaning the screen image is composed of an orthogonal array 1024 pixels across and 768 pixels tall--and some support screen resolutions as high as 1600 by 1200. However, many older systems, as well as some newer budget systems, have a top resolution of only 800 by 600.

To adjust screen resolution, open Display Properties and click Settings. Slide the 'Screen area' or 'Screen resolution' bar to a higher (More) or lower (Less) resolution. Though higher resolutions improve image quality, they also shrink icons, text, and other on-screen objects. Experiment to find the setting that's right for you. For most people, 1024 by 768 is the highest resolution they can read easily on a 17-inch CRT monitor.

Color depth: This setting is the number of colors that your graphics card supports. The more colors available for use, the more realistic the image, but again, the more colors on your screen, the greater the processing demands on your system.

Your graphics card's color-depth settings are listed in Display Properties under the Settings tab on the Colors drop-down menu ('Color quality' in Windows XP). Each is named for the number of bits it assigns to each pixel: True Color (also called 24-bit color) makes 16,777,216 colors available, while High Color (16 bits) supports 65,536 colors. At lower than 16-bit color, your images may suffer. Many drivers no longer offer 8-bit (256 colors) or 15-bit (32,536 colors) settings.

New PCs often support 32-bit color, which offers the same 16 million-plus colors as True Color. The extra 8 bits control image opacity. This is useful in fast-moving 3D games but of little help in most business apps.

Refresh rate: Expressed in hertz, or cycles per second, this tells how often the phosphors that glow to create an image on a CRT screen are reenergized--that is, the times per second that the screen's image is redrawn. A refresh rate that's too low can cause annoying screen flicker. Even if you don't see the flicker, slow refreshes can cause eyestrain and headaches.

Conventional wisdom says your refresh rate should be no less than 72 Hz. Some experts say the minimum rate is 80 Hz. Try different refresh rates until you find the one that works for you. Note that if your refresh rate is too high, you could lose image opacity. Still, few of us can discern rates higher than 85 Hz.

To adjust your screen's refresh rate in Windows XP, open Display Properties and click Settings, Advanced, Adapter, List All Modes. Pick a combination of refresh rate, screen resolution, and color depth from the list of supported values.

To change your refresh rate in other versions of Windows, open Display Properties and then click Settings, Advanced, Adapter. Select an option from the 'Refresh rate' drop-down menu. If you see no options there, however, your graphics board and monitor don't support multiple refresh rates.

Even in that case, you might be able to increase your display's refresh rate by decreasing your screen resolution or your color depth. All three specs compete for graphics-processing capacity, so if your graphics system is running at its maximum, try increasing one setting and lowering another. For example, reducing color depth from 32-bit to 16-bit--no big deal if you never look at photos--may free up enough processing power to let you bump your refresh rate from an annoying 60 Hz to an eye-pleasing 72 Hz. Or you may be able to increase resolution from 800 by 600 to 1024 by 768. There's no guarantee, but these tricks might work.

Windows automatically sets your screen refresh rate to a safe but slow 60 Hz when it can't detect your monitor. To confirm that Windows XP correctly recognizes your monitor, open Display Properties and click Settings, Advanced, Monitor. If your monitor isn't listed under 'Monitor type', download and install the device's driver from the manufacturer's Web site.

In other versions of Windows, verify that Plug and Play is enabled. Make sure your monitor is listed under 'Display' on the Settings tab in Display Properties, and then click Advanced, Monitor. Verify that Automatically detect Plug & Play monitors is checked. If it isn't, select it and then reset your refresh rate to a level that is higher than Windows' default 60 Hz.

DirectX: This Windows component controls multimedia functions. To check your current DirectX version, click Start, Run, type dxdiag, and click OK. Choose the System tab and look under System Information on the lower part of the screen. DirectX 9 is the latest version; if you don't have it, download it from Microsoft.

Touch Those Dials!

You can improve the image quality of your monitor via its built-in controls. The options vary by display manufacturer and model, but you should find brightness and other controls on most monitors.

Adjust brightness and contrast: Use this gray-scale image on your screen. Be sure you can see as many of the image's 17 shades as possible; the two or three darkest may be tough to view in a bright room.

Center and align: Few monitors come straight from the factory with optimal screen geometry. Use your monitor's screen-placement controls to center your displayed image, keep its edges straight, and minimize unfilled screen space.

To avoid eyestrain and other physical problems, put the top of the screen at eye level and at arm's length from your head (your best position may vary). Orient your screen to avoid glare from lights and windows. If that's not possible, get a glare filter such as Kensington's $34 GlareMaster.

Clean it: Gently wipe your screen with a soft, lightly moistened cloth. Unless the monitor is really filthy, avoid cleaning solutions, which can damage delicate screen coatings. Clean the dust from the cooling vents in the monitor's case; overheating is your display's lethal enemy.

Graphics Triage

If your screen goes blank, the problem is likely due to a disconnected monitor cable, an unplugged power cord, or a too-low brightness setting. Monitors do die, however. If you smell something burning or hear popping sounds, your monitor could be failing--turn it off immediately. Monitors have been known to spontaneously combust.

Corrupted graphics drivers cause all kinds of PC problems. To check for a damaged graphics driver, install the plain-vanilla VGA driver that comes with Windows. If your troubles disappear, reinstall a clean copy of the monitor's original driver, or an updated version.

Some graphics boards don't work or play well with other hardware devices. Windows allows you to disable graphics-acceleration functions for the sake of compatibility. Open Display Properties and click Settings, Advanced, Troubleshooting in Windows XP and 2000, or Settings, Advanced, Performance in Windows 98 and Me. Move the slider under 'Hardware acceleration' to the left to disable your graphics acceleration.

A shaking or shimmering image on your screen may be due to nearby magnetic fields. Keep clocks and other appliances that use electric motors, and those that use a lot of electricity (such as microwave ovens), far from your monitor. Power lines behind walls can cause interference, so try moving the display away from nearby walls.

If your screen image is washed in blue, red, or green, check for a loose cable connecting your graphics board to your monitor. Look for bent pins inside the cable connector; you can often straighten them with needle-nose pliers. If on-screen objects have a rainbow cast, some monitors have convergence controls that you can use to tune the image.

Living in a Flat World

Notebook displays are fine-tuned in the factory to work with the system's other hardware; your desktop's flat panel likely isn't. And tuning an LCD isn't the same as tuning a CRT monitor. If both your LCD and graphics board support Digital Visual Interface connections, make sure they're using them. Vendors don't always ship a DVI cable with cards that produce both analog and digital signals, so you'll have to replace the analog cable. If your display supports DVI but your graphics card doesn't, upgrade your card.

Make sure your LCD is set to its native resolution. Many flat-panel displays don't look good at other resolutions. Unfortunately, some 15-inch LCDs have a native resolution of 1024 by 768 dpi, which makes text minuscule. The solution is to open Display Properties, click Appearance, and change the setting on the 'Font size' drop-down menu to increase the size of your text. (Most browsers include their own font-size settings.)

In Windows XP, open Display Properties, click Appearance, Effects, and check Use the following method to smooth screen fonts. Select ClearType to see a big improvement in the appearance of many of your fonts.

"Single-click to open an item" IF the Folder Options is grayed out... beer.gif

When you open Folder Options, the entry Single-click to open an item (point to select) is dimmed. This happens if classic shell is enforced. The option Show Common tasks in folders will also grayed out. This may be a network policy setting. If your system is in a Domain, the best option is to contact your network admin. For standalone PCs, try the setting given below.

RESOLUTION

Open Registry Editor (Regedit.exe) and navigate to:

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

-and-

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Backup the registry (export the branch) before modifying the values. Read this document for more information

In the right-pane, set ClassicShell to 0. Restart for the changes to take effect. The "Single click" folder option should now be restored.

If the problem persist and if you are using Windows XP Professional Edition, load the Group Policy Editor (GPEDIT.MSC) and go to:

User Configuration | Windows components | Windows Explorer

Double-click the entry "Turn on classic shell" and set it to "Not Configured

Single Click ShutDown..

Did you know that in Windows XP you can shut down your computer from the (eventually DOS prompt) command line box? Moreover, you can do this by clicking your mouse only once.

All you need to do is... right-click on an empty Desktop spot -> select New -> Shortcut -> type shutdown followed by a space, and then enter one or more of the parameters listed below -> click Next -> type a suggestive name for your new shortcut -> finally, click Finish.

This is the Shutdown.exe (located in %systemroot%\System32, usually C:\Windows\System32) syntax:

shutdown [-i|-l|-s|-r|-a] [-f] [-m \\computername] [-t xx] [-c "Text"] [-d[u][p]:xx:yy]

Valid command line switches:

-a = Abort system shutdown in progress ONLY IF the -t xx timeout option was already set to ANY value other than 0. ALL switches except -l and -m are ignored during abort.

-c "Text" = Text comment (case insensitive) to be displayed in the Message area of the System Shutdown window. MUST be enclosed between quotes. Maximum allowed 127 ASCII characters.

-d [u][p]:xx:yy = Reason code for shutdown:

u = User code.

p = Planned shutdown code.

xx = Major reason code. Positive integer number less than 256.

yy = Minor reason code. Positive integer number less than 65536.

-f = Force running applications to close without warning.

-i = Display the shutdown interface (GUI). MUST be the first option!

-l = Log off the current user of the local computer (default action). Can NOT be used with the -m option unless the current user has Sysadmin rights, in which case the -m switch takes precedence.

-m \\computername = Remote/network computer name (most always case sensitive) to log off/restart/shut down. Current user MUST have Sysadmin rights to be allowed to use this switch!

-s = Shut down the local computer.

-r = Shut down and restart (reboot) the local computer.

-t xx = Set shutdown timer to timeout for xx seconds. IF NOT specified defaults to 20 seconds. Allowed values between 0 and 99 seconds. The -a switch is the ONLY one that CAN be used during the timeout period.

NOTES:

The dash (-) in front of these switches can be replaced by a forward slash (/).

Spaces are NOT required to separate the shutdown command from ANY following switches, but ARE required to separate ANY switch from its following parameter(s), if any.

For example:

shutdown -s -c "Shutting down!" -t 3

tells your computer to shutdown after waiting for 3 seconds while the System Shutdown window will display text above in the Message area.

Optional: after you're done creating your customized shortcut for shutdown -> right-click on it -> select Properties -> enter your desired key "combo" in the Shortcut Key box (e.g. Ctrl + Alt + End) -> click OK/Apply.

From now on just left-click on your shutdown shortcut or hit that key combination to turn off/restart/log off your computer. 

Slow Loggon Time, one fix for problem

My problem was a 1 min login delay due the aktiveds.dll that loads at startup (thanks to NicTech Networks Inc.). The following advice worked for me so I guess it works for any .dll made by NicTech since they all use the same registry folder....

Open up regedit.exe and find THIS folder. Navigate to it by clicking the +'s to expand

things like you would in Windows explorer:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Guardian

Right click over "Guardian" in the left pane.

Left click on "Permissions"

Left click "SYSTEM" once to highlight it.

Check "deny" in all boxes that you can at the bottom (Probably only 2)

Left click Apply

Left Click OK

Say "OK" to any warnings about permissions

**Reboot** the system

then problems solved

I got this information from another forum. I had this problem for about six weeks and was just about ready to reformat my hard drive. Worked great for me, hope this helps out somebody else.

Some Cool Site For Tutorials

Hey there.

Just found this cool Tutorial site on the net, and I want to share it with you all. A great deal of topics are on that site, from Programming to networking to XML to Cracking to Security. Everything is on it. Did I mention: "Stealing ISP Accounts"?

I find this site the best for Tutorials. Maybe it aint worth it. Try it yourself, and judge 

http://www.arson-network.com

Some Google Tricks Again

A few things you might want to try with Google:

Hand type the following prefixes and note their utility:

link:url Shows other pages with links to that url.

related:url same as "what's related" on serps.

site:domain restricts search results to the given domain.

allinurl: shows only pages with all terms in the url.

inurl: like allinurl, but only for the next query word.

allintitle: shows only results with terms in title.

intitle: similar to allintitle, but only for the next word. "intitle:webmasterworld google" finds only pages with webmasterworld in the title, and google anywhere on the page.

cache:url will show the Google version of the passed url.

info:url will show a page containing links to related searches, backlinks, and pages containing the url. This is the same as typing the url into the search box.

spell: will spell check your query and search for it.

stocks: will lookup the search query in a stock index.

filetype: will restrict searches to that filetype. "-filetype:doc" to remove Microsoft word files.

daterange: is supported in Julian date format only. 2452384 is an example of a Julian date.

maps: If you enter a street address, a link to Yahoo Maps and to MapBlast will be presented.

phone: enter anything that looks like a phone number to have a name and address displayed. Same is true for something that looks like an address (include a name and zip code)

site:www.somesite.net "+www.somesite.+net"

(tells you how many pages of your site are indexed by google)

allintext: searches only within text of pages, but not in the links or page title

allinlinks: searches only within links, not text or title

I hope there is something new in here for you and maybe this infos will be helpfull for ya.

Speed Up Internet

Windows 2k/XP

1. First, open the Windows Registry using Regedit, and (after backing up) navigate to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider

2. Note the following lines (all hex dwords):

Class = 008 ( biggrin.gif - indicates that TCP/IP is a name service provider, don't change

LocalPriority = 1f3 (499) - local names cache

HostsPriority = 1f4 (500) - the HOSTS file

DnsPriority = 7d0 (2000) - DNS

NetbtPriority = 7d1 (2001) - NetBT name-resolution, including WINS

3. What we're aiming to do is increase the priority of the last 4 settings, while keeping their order. The valid range is from -32768 to +32767 and lower numbers mean higher priority compared to other services. What we're aiming at is lower numbers without going to extremes, something like what's shown below should work well:

4. Change the "Priority" lines to:

LocalPriority = 005 (5) - local names cache

HostsPriority = 006 (6) - the HOSTS file

DnsPriority = 007 (7) - DNS

NetbtPriority = 008 ( biggrin.gif - NetBT name-resolution, including WINS

5. Reboot for changes to take effect

2. Windows 9x/ME

1. The tweak is essentialy the same as in Windows 2000/XP, just the location in the Registry is slightly different. For a more detailed description see the Windows 2000/XP section above

2. Open the Windows Registry using Regedit, and (after backing up) navigate to:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\MSTCP\ServiceProvider

3. You should see the following settings:

Class=hex:08,00,00,00

LocalPriority=hex:f3,01,00,00

HostsPriority=hex:f4,01,00,00

DnsPriority=hex:d0,07,00,00

NetbtPriority=hex:d1,07,00,00

4. The "priority" lines should be changed to:

LocalPriority=hex:05,00,00,00

HostsPriority=hex:06,00,00,00

DnsPriority=hex:07,00,00,00

NetbtPriority=hex:08,00,00,00

5. Reboot for changes to take effect

3. System.ini IRQ Tweak - Windows 9x/ME ONLY

1. Find your Network Card's IRQ

1. In order to add the entry to your System.ini file, you'd first have to find your NIC's IRQ

2. Right-click on My Computer icon on your Desktop, then left-click on Properties (a shortcut for that would be to press the 'Windows' + 'Pause' keys). Navigate to Device Manager and double-click on Computer. Under "View Resources" you will find a list of IRQs, each with description of the device that's using it. Note the IRQ number used by your Network Adapter

2. Adding the entry to System.ini

1. Once you've found the IRQ of your Network Card, you need to reserve some RAM for its use, by adding an entry to the System.ini file. You can edit the file in any text editor, however the easiest way is to use Windows' built in "System Configuration Editor"

2. Navigate to Start > Run and type sysedit . Find the [386enh] Section in the System.ini file and add Irq[n]=4096 under it, where [n] is the IRQ number of your NIC and 4096 is the amount of RAM you want to reserve in Kbytes. We recommend using 4096, however you can experiment with different values if you want. Save changes in the file, exit and reboot for changes to take effect.

Note: If you choose to try different values, keep in mind that reserving too much RAM for your NIC will decrease the amount of RAM available for applications, while reserving too little might not give the desired effect

3. Additional Thoughts

1. The only negative effect of the System.ini IRQ tweak is that it will reduce the amount of RAM available for running applications a bit, by reserving some specifically for your Network Card's use. The gain in performance usually outweighs the negative effect by far, considering any Computer with 32Mb of RAM or more

2. This tweak may or may not work for you. It is not a documented tweak by Windows

3. Keep in mind that if you add hardware to your system the IRQ of the Network Adapter might change, in which case you will need to modify the setting in System.ini

4. In systems with multiple NICs, you might want to add the setting for both IRQs. Also, you could reserve RAM for other IRQs if you wish, just use common sense and don't forget it reduces the amount of RAM available for running applications

5. If you are using an USB device, it does not have a specific IRQ, however you can try adding the entry using the IRQ of the USB Controller

6. For internal Cable Modems, you'd have to add the entry using the IRQ of your modem, rather than the IRQ of a Network Card

RESULTS WILL VARY

No matter how good your systems may be, they're only as effective as what you put into them.

Mozilla Firefox, Speed it up!

Speed up Mozilla FireFox

--------------------------------------------------------------------------------

1. Type "about :config" in the adress field.

2. Set the value of network.http.pipelining to "true".

3. Set the value of network.http.pipelining.maxrequests to "100".

4. Set the value of network.http.proxy.pipelining to "true"

5. Set the value of nglayout.initialpaint.delay to "0" (not availible in newer versions) 

Windows uses 20% of your bandwidth Here's how to Get it back

A nice little tweak for XP. Microsoft reserve 20% of your available bandwidth for their own purposes (suspect for updates and interrogating your machine etc..)

Here's how to get it back:

Click Start-->Run-->type "gpedit.msc" without the "

This opens the group policy editor. Then go to:

Local Computer Policy-->Computer Configuration-->Administrative Templates-->Network-->QOS Packet Scheduler-->Limit Reservable Bandwidth

Double click on Limit Reservable bandwidth. It will say it is not configured, but the truth is under the 'Explain' tab :

"By default, the Packet Scheduler limits the system to 20 percent of the bandwidth of a connection, but you can use this setting to override the default."

So the trick is to ENABLE reservable bandwidth, then set it to ZERO.

This will allow the system to reserve nothing, rather than the default 20%.

I have tested on XP Pro, and 2000

other o/s not tested.

Please give me feedback about your results

Speeding Up Menus

Go to Start --> Run --> Regedt32

Go to HKEY_CURRENT_USER\Control Panel\Desktop

Locate the key called "MenuShowDelay" and it is probably set to 400.

Change that value to 150.

Reboot your computer.

You should notice a slight increase in the speed of your menus

Stop A Restart Process In 3steps

Some times we need to stop some restart process quickly. In windows XP some times it gives auto restart warning and here is good solution for it.

1. Go to Start menu

2. Click on RUN

3. Enter the following command excluding hashcodes "shutdown -a"

its Done.

Stop Annoying Pop-ups Without Pop-up Blockersoutli

Did you ever go to warez/cracks sites (which we all know is BAD!) only to be bombarded with 10 windows opening up at a time, with porn, spam etc?

I've discovered a VERY easy way to block about 90-95% of this sh!t, without using any pop-up stopping programs (I hate installing that garbage!).

This is for Internet Explorer 6.0, but I'm sure that it can work with other browsers if you take the time to fiddle around.

Here's how you do it...

1) Go to TOOLS and then INTERNET OPTIONS.

2) Click the SECURITY tab, move the slider up to HIGH and click APPLY.

This applies the highest security settings to IE, which blocks EVERYTHING, including JavaScript, Applets, and so on that pop-ups are based upon.

The catch is this... Some places like online banks and other web sites need these functions to work properly... So you'll need to re-enable one important thing...

1) Go to TOOLS and then INTERNET OPTIONS.

2) Click the SECURITY tab, CUSTOM LEVEL, scroll down to SCRIPTING, and under ACTIVE SCRIPTING, select the ENABLE radio button.

3) Click APPLY and you're pretty much done!

Note: This does NOT completely remove pop-ups and other annoyances, but it sure helps ALOT, without having to trash your computer with pop-up blockers

System Changes To Foil Hackers And Browser Hijacke

 Hackers and Browser Hijacking is one area of the Net that affects everyone at some stage.

In addition to having third party utilities such as SpyBot, Anti Virus scanners and firewalls installed there are some changes that can be made to Windows 2000/XP. Below are some details to make your system safer from hackers and hijackers.

Some of these tips require editing of the Registry so it is wise to either backup the registry and/or create a Restore Point.

1. Clearing the Page File at Shutdown

Windows 2000/XP paging file (Sometimes called the Swap File) can contain sensitive information such as plaintext passwords. Someone capable of accessing your system could scan that file and find its information. You can force windows to clear out this file.

In the registry navigate to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management and add or edit the DWORD ClearPageFileAtShutdown. Set it to 1.

Note that when you do this, the system will take much longer to shut down: a system with a really big Page File (! Gig or more) may take a minute or two longer.

2. Disable the POSIX and OS/2 Subsystem.

Windows 2000 and XP come with little-documented subsystems it at allow compatibility with UNIX and OS/2 systems These rues systems are enabled by default but so rarely used that they are best off bring disabled completely to prevent possible service hijackings.

To disable these subsystems, open the registry and navigate to HKEY LOCAL MACHINESYSTEMCurrentControlSetControlSession ManagerSubSystems. Delete the subkeys Os2 and Posix. then reboot.

3. Never leave default passwords blank.

On installation, Windows 2000 sets up an Administrator account with total system access and prompts for a password. Guess what: by default, it allows that password to be blank. If a user doesn't want to type a password, he can simply click Next and the system will be an open door for anyone who wants to log on. Always opt for a password of some kind when setting up the default account on a machine.

4. Install Windows In a different directory.

Windows usually installs itself in the WINDOWS directory. Windows NT 4 0 and 2000 Will opt for WINNT. Many worms and other rogue programs assume this to be the case and attempt to exploit those folders files. To defeat this install Windows to another directory when you're setting it up - you can specify the name of the directory during setup. WINDIR is okay; so some people use WNDWS - A few (not that many) programs may not install properly if you install Windows to another folder but t hey are very few and they are far between

5. Fake out hackers with a dummy Administrator account

Since the default account in Windows 2000 is always named Administrator, an enterprising hacker can try to break into your system by attempting to guess the password on that account. It you never bothered to put a password on that account, say your prayers.

Rather than be a sucker to a hacker, put a password on the Administrator account it you haven't done so already. Then change the name of the Administrator account. You'll still be able to use the account under its new name, since Windows identifies user accounts by a back-end ID number rather than the name. Finally, create a new account named Administrator and disable it. This should frustrate any would -be break-ins.

You can add new accounts and change the names of existing accounts in Windows 2000 through the Local Users and Groups snap in. Right-click on My Computer, select Manager, open the Local Users and Groups subtree, look in the Users folder and right-click on any name to rename it. To add a new user, right-click on the containing folder and select New User. Finally, to disable an account, double-click it, check the Account is disabled box and click OK.

Don't ever delete the original Administrator account. Some programs refuse to install without it and you might have to log in under that account at some point to setup such software. The original Administrator account is configured with a security ID that must continue to be present in the system.

6. Disable the Guest account

Windows XP comes with a Guest account that's used for limited access, but it's still possible to do some damage with it. Disable it completely if you are not using it. Under Control Panel, select User Accounts, click on Guest Account and then select Turn Off the Guest Account.

7. Set the Hosts file to read-only to prevent name hijacking.

This one's from (and to a degree, for) the experts. The HOSTS file is a text file that all flavors of Windows use to hold certain network addresses that never change. When a network name and address is placed in HOSTS, the computer uses the address listed there for that network name rather than performing a lookup (which can take time). Experts edit this file to place their most commonly-visited sites into it, speeding things up considerably.

Unfortunately hijackers and hackers also love to put their own information into it - redirecting people from their favorite sites to places they don't want to go. One of the most common entries in HOSTS is local host which is set 1770.0.1. This refers to the local machine and if this entry is damaged the computer can behave very unpredictably.

To prevent HOSTS from being hijacked, set it to read-only. Go to the folder %Systemroot%system32driversetc, right-click on HOSTS, select Properties check the Read-Only box and click OK. If you want to add your own entries to HOSTS, you can unprotect it before doing so, but always remember to set it to read-only after you're done.

8. Disallow changes to IE settings through IE

This is another anti hijacker tip. IE can be set so that any changes to its settings must be performed through the Internet icon in the Control Panel, rather than through IE's own interface. Some particularly unscrupulous programs or sites try to tamper with setting by accessing the Tools, Options menu in IE. You can disable this and still make changes to IE's settings through the Control Panel.

Open the Registry and browse to HKEY_CURRENT_USER SoftwarePoliciesMicrosoftInternet ExplorerRestrictions. Create or edit a new DWORD value named NoBrowserUptions and set it to 1 (this is a per-user setting). Some third-party programs such as Spybot Search And Destroy allow you to toggle this setting.

You can also keep IE from having other programs rename its default startup page, another particularly annoying form of hijacking. Browse to HKEY.CURRENT USERSoftwarePolicies MicrosoftInternet ExploreControl Panel and add or edit a DWORD, Homepage and set it to 1.

9. Turn off unneeded Services

Windows 2000 and XP both come with many background services that don't need to he running most of the time: Alerter, Messenger, Server (If you're running a standalone machine with no file or printer shares), NetMeeting Remote Desktop Sharing, Remote Desktop Help Session Manager (the last two if you're not using Remote Desktop or NetMeeting), Remote Registry, Routing and Remote Access (if you're not using Remote Access), SSDP Discovery Service, Telnet, and Universal Plug and Play Device Host.

A good resource and instruction on which of these services can be disabled go to /http://www.blkviper.com/WinXP/

10. Disable simple File Shares.

In Windows XP Professional, the Simple File Sharing mode is easily exploited, since it’s a little too easy to share out a file across your LAN (or the NET at large). To turn it off, go m My Computer, click Tools, Folder Option and the View tab, and uncheck Use Simple file sharing (Recommended). Click OK. When you do this you can access the Security tab in the Properties window for all folders; set permissions for folders; and take ownership of objects (but not in XP Home)

System File Checker....

Scans and verifies the versions of all protected system files after you restart your computer. Syntax

sfc [/scannow] [/scanonce] [/scanboot] [/revert] [/purgecache] [/cachesize=x]

Parameters

/scannow

Scans all protected system files immediately.

/scanonce

Scans all protected system files once.

/scanboot

Scans all protected system files every time the computer is restarted.

/revert

Returns the scan to its default operation.

/purgecache

Purges the Windows File Protection file cache and scans all protected system files immediately.

/cachesize=x

Sets the size, in MB, of the Windows File Protection file cache.

/?

Displays help at the command prompt.

Remarks

* You must be logged on as a member of the Administrators group to run sfc.

* If sfc discovers that a protected file has been overwritten, it retrieves the correct version of the file from the %systemroot%\system32\dllcache folder, and then replaces the incorrect file.

* If the %systemroot%\system32\dllcache folder becomes corrupt or unusable, use sfc /scannow, sfc /scanonce, or sfc /scanboot to repair the contents of the Dllcache directory.

Formatting legend

Format Meaning

Italic Information that the user must supply

Bold Elements that the user must type exactly as shown

Ellipsis (...) Parameter that can be repeated several times in a command line

Between brackets ([]) Optional items

Between braces ({}); choices separated by pipe (|). Example: {even|odd} Set of choices from which the user must choose only one

Courier font Code or program output

Windows File Protection

Using File Signature Verification

Driver Signing for Windows

Command-line reference A-Z

Please note that this Command Line reference is to varify the integrity of the WindowsXP DLL's that were shipped with Windows XP. It will try to repair damaged DLL's by prompting for the Windows CD.

The Windows XP System File Protection which remains active in the background monitors these DLL's and if it detects an altered DLL will alert a user with a popup message asking for the Windows XP CD. This is so that it can revert the corrupt DLL back to its original state.

SFC checker in Windows XP can only be ran by an Administrator and is not ran in the same way as its previous incarnation from the Windows 98 OS.

Translating Binary to Text

Translating Binary to Text: The Hard Way
A Tutorial for those willing to Learn

Contents
1. Introduction
2. The Binary System
3. Converting Binary to ASCII (Text)

Introduction:
We’ve all seen binary code. We’ve come to think of them as a bunch of ones and zeroes in long strings…
010010101010101001101011

But these ones and zeroes can also represent decimal numbers. First off, I will show you how to read these numbers as the decimal numbers we’re used to in our daily life. Then, I will show you how to use those numbers and your keypad to translate them into text. Note that your computer doesn’t use the decimal system, so technically, when it converts binary to text, it doesn’t go through the process I will show you. This is just a divertive way of explaining you how the binary system works.

The Binary System:
Here’s a simple example of binary:
10101

Let’s think of the example above as empty slots:
_ _ _ _ _

First off, you read binary from right-to-left. It’s just the way it’s designed. The first slot from the right represents a value of one, the second from the right a value of two, the third from the right a value of four, the fourth from the right a value of eight, the fifth from the right a value of sixteen, and the cycle continues by multiples of 2. This will never change.

By putting a 1 or a 0 in those slots you are either saying you want to corresponding value that’s attached to that slot or you don’t. A 1 means yes, and a 0 means no. For example, putting a zero in the first slot from the right, but a 1 in the second slot from the right means you want a two, but not a one:
_ _ _ 1 0

As such, the number above equals to a decimal value of two.

As an example, let’s say you want to represent eight in binary form. Well, thinking about the slots, you want the first slot to be 0 because you don’t want a one, you want the second slot to also be 0 because you don’t want a two, you want the third slot to also to be 0 because you don’t want a four, but you want the fifth slot to be 1 because you want a value of eight. As such, eight in binary form is:
1 0 0 0 (or simply 1000 without those underlines)

Now it is important to note that the amount of zeroes that precede the first value of one from the left is unimportant. So for example:
1 0 0 0 is the same as 0 0 0 1 0 0 0 (1000 = 000100)

To get it cleared up, here’s another example:
0 1 is the same as 1


Exercises: What do the following equal in decimal terms?
a) 100
b] 000100
c) 100000
d) 0010

Answers:
a) 4
b] 4
c) 32
d) 2

If you got the answers above right, then you pretty much understand the basics of binary.
Let’s now understand how to get the corresponding decimal values to the numbers which are not multiples of 2.

To get the total value of a binary number, add the values corresponding to each slot. So, for example, three in binary would be:
11

The above corresponds to three because if you add the total values of all the slots, that is to say a one from the slot to the right, and a two from the second slot to the right, then it equals three.

As another example, let’s say you want to represent 5 in binary terms. Then you would need a value of one to be added to a value of four, and you would not want a value of two:
101 [Reading from the right: 1(one) + 0(two) + 1(four) = five]

Here’s an additional example:
001011 [Reading from the right: 1(one) + 1(two) + 0(four) + 1(eight) + 0(sixteen) + 0(thirty-two) = eleven)



Exercises: What do the following equal in decimal terms?
a) 11011
b] 110
c) 010101
d) 10110

Answers:
a) 27
b] 6
c) 21
d) 22

If you got the above questions correct [without cheating], then you essentially understand the binary system. Understanding the binary system was the hard part. What follows is pretty easy.

3. Converting Binary to ASCII (Text)
ASCII is essentially the letters, numbers and symbols that are stored in our computers through the use of fonts. When the keyboard relays the buttons you pressed, it sends in a code which is then converted to the ASCII equivalent of “k” or “5” or whatever key you pressed.

Here’s an example of a message “hidden” in binary text:
0100100001100101011011000110110001101111

Now there are only so many letters, numbers and symbols stored for ASCII. Having sets of 8 digits for their binary equivalent is more than enough to represent all of these letters and the like. As such, all strings that represent text like in the above are separated into bits of 8 for simplicity:
01001000 01100101 01101100 01101100 01101111

Okay, so our example message was separated into 8 digit strings. The decimal value for each of these strings in the example was calculated for you.
01001000 = 72
01100101 = 101
01101100 = 108
01101100 = 108
01101111 = 111

The result was 72,101,108,108,111. Now, there is something called the ASCII table. It essentially corresponds to the binary numbers from yore to the equivalent letters/symbols/numbers. But since we found the decimal values of these binary strings, we can use a major shortcut.

By pressing ALT + [The Number], you will get the ASCII equivalent of that number. For example, by pressing the ALT key and at then (while keeping it down) the numbers 72 in any text editor, you will get the corresponding “H” to show up.

Let’s do so for the entire example message:
72 = H
101 = e
108 = l
108 = l
111 = o

So the entire “hidden” message translates to “Hello”.


Exercise: Decode the following message
010000110110111101101110011001110111001001100001011101000111010101101100011000010111010001
101001011011110110111001110011 00100001

Hint: The first step on your way to decoding the message (separated into bytes for you)
01000011 01101111 01101110 01100111 01110010 01100001 01110100 01110101 01101100 01100001 01110100 01101001 01101111 01101110 01110011 00100001


PS. Please note that this is the information as I've come to understand it. As such, it's somewhat easier to understand, but it may not necessarily be accurate. In other words, if another source contradicts what has been indicated here, that source is probably right. This text was completely written up by Unknown Great Person..

Trojan Ports.. Look At This...

 TCP 1 Breach.2001, SocketsDeTroie.230, SocketsDeTroie.250

TCP 28 Amanda.200

TCP 31 MastersParadise.920

TCP 68 Subseven.100

TCP 142 NetTaxi.180

TCP 146 Infector.141, Intruder.100, Intruder.100

TCP 171 ATrojan.200

TCP 285 WCTrojan.100

TCP 286 WCTrojan.100

TCP 334 Backage.310

TCP 370 NeuroticKat.120, NeuroticKat.130

TCP 413 Coma.109

TCP 420 Breach.450

TCP 555 Id2001.100, PhaseZero.100, StealthSpy.100

TCP 623 Rtb666.160

TCP 660 Zaratustra.100

TCP 661 Noknok.800, Noknok.820

TCP 666 BackConstruction.210, BackConstruction.250, Bla.100, Bla.200, Bla.400, Bla.503, Cain.150, Dimbus.100, Noknok.820, Ripper.100, SatansBackdoor.100, SatansBackdoor.101, SatansBackdoor.102, Unicorn.100, Unicorn.101, Unicorn.110

TCP 667 SniperNet.210, Snipernet.220

TCP 668 Unicorn.101, Unicorn.110

TCP 680 Rtb666.160

TCP 777 Tiny.100, Undetected.230, Undetected.300, Undetected.310, Undetected.320, Undetected.330, Undetected.331, Undetected.332

TCP 785 NetworkTerrorist.100

TCP 800 NeuroticKitten.010

TCP 831 NeuroticKat.100, NeuroticKat.120, NeuroticKat.130

TCP 901 NetDevil.130, NetDevil.140

TCP 1000 DerSpaeher.200

TCP 1001 Silencer.100

TCP 1008 AutoSpy.100

TCP 1010 DerSpaeher.200

TCP 1015 Doly.150

TCP 1111 TPort.100

TCP 1130 Noknok.800, Noknok.820

TCP 1207 SoftWAR.100

TCP 1243 Subseven.100, SubSeven.110, SubSeven.180, SubSeven.190, Subseven.200

TCP 1245 VoodooDoll.006

TCP 1269 Matrix.130

TCP 1480 RemoteHack.130

TCP 1568 RemoteHack.100, RemoteHack.110

TCP 1600 DirectConnection.100

TCP 1601 DirectConnection.100

TCP 1602 DirectConnection.100

TCP 1634 NetCrack.100

TCP 1784 Snid.120, Snid.212

TCP 1999 TransmissionScout.100, TransmissionScout.110

TCP 2000 ATrojan.200, InsaneNetwork.400

TCP 2001 DIRT.220, TrojanCow.100

TCP 2003 TransmissionScout.100, TransmissionScout.110

TCP 2023 RipperPro.100

TCP 2040 InfernoUploader.100

TCP 2115 Bugs.100

TCP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310

TCP 2332 SilentSpy.202

TCP 2589 Dagger.140

TCP 2600 DigitalRootbeer.100

TCP 2989 Rat.200

TCP 3128 MastersParadise.970

TCP 3129 MastersParadise.920, MastersParadise.970

TCP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110

TCP 3215 BlackStar.100, Ghost.230

TCP 3333 Daodan.123

TCP 3410 OptixPro.100, OptixPro.110

TCP 3456 Force.155, TerrorTrojan.100

TCP 3505 AutoSpy.130, AutoSpy.140

TCP 3586 Snid.120, Snid.212

TCP 3700 PortalOfDoom.100

TCP 3723 Mantis.100

TCP 3800 Eclypse.100

TCP 3996 RemoteAnything.364

TCP 4000 SkyDance.220, SkyDance.229

TCP 4201 Wartrojan.160, Wartrojan.200

TCP 4225 SilentSpy.202

TCP 4321 Bobo.100

TCP 4444 AlexTrojan.200, Crackdown.100

TCP 4488 EventHorizon.100

TCP 4523 Celine.100

TCP 4545 InternalRevise.100, RemoteRevise.150

TCP 4567 FileNail.100

TCP 4666 Mneah.100

TCP 4950 ICQTrojan.100

TCP 5005 Aladino.060

TCP 5025 Keylogger.WMRemote.100

TCP 5031 NetMetro.104

TCP 5032 NetMetro.104

TCP 5033 NetMetro.104

TCP 5050 RoxRat.100

TCP 5151 OptixLite.020, OptixLite.030, OptixLite.040

TCP 5190 MBomber.100

TCP 5277 WinShell.400

TCP 5343 WCRat.100

TCP 5400 BackConstruction.120, BackConstruction.150, BladeRunner.080, DeepThroat.300

TCP 5401 BackConstruction.120, BackConstruction.150, BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100

TCP 5402 BackConstruction.210, BackConstruction.250, BladeRunner.080, DeepThroat.300, Mneah.100

TCP 5534 TheFlu.100

TCP 5550 XTCP.200, XTCP.201

TCP 5555 Noxcape.100, Noxcape.200

TCP 5695 Assassin.100

TCP 5714 WinCrash.100

TCP 5741 WinCrash.100

TCP 5742 WinCrash.103

TCP 5802 Y3KRat.160

TCP 5810 Y3KRat.160

TCP 5838 Y3KRat.170

TCP 5858 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5880 Y3KRat.140

TCP 5881 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

TCP 5883 Y3KRat.110, Y3KRat.140

TCP 5884 Y3KRat.140, Y3KRat.150

TCP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5886 Y3KRat.120, Y3KRat.140

TCP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140

TCP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

TCP 5889 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

TCP 5890 Y3KRat.140

TCP 6400 Thething.100, Thething.150

TCP 6556 AutoSpy.120, AutoSpy.122

TCP 6655 Aqua.020

TCP 6660 LameSpy.095

TCP 6666 LameRemote.100, ProjectMayhem.100

TCP 6669 Vampire.100

TCP 6670 DeepThroat.200, DeepThroat.210

TCP 6671 DeepThroat.310

TCP 6699 HostControl.101

TCP 6711 DeepThroat.300, Noknok.820, SubSeven.180, SubSeven.190

TCP 6712 Subseven.100

TCP 6713 Subseven.100

TCP 6767 NTRC.120

TCP 6776 SubSeven.180, SubSeven.190, Subseven.200

TCP 6789 Doly.200

TCP 6796 SubSeven.214

TCP 6912 ShitHeep.100

TCP 6939 Indoctrination.100

TCP 6953 Lithium.100

TCP 6969 2000Cracks.100, Bigorna.100, Danton.110, Danton.210, Danton.220, Danton.310, Danton.320, Danton.330, GateCrasher.110, NetController.108, Sparta.110, VagrNocker.120

TCP 6970 Danton.330

TCP 7001 Freak88.100

TCP 7119 Massaker.100

TCP 7200 Massaker.110

TCP 7300 Coced.221

TCP 7301 Coced.221

TCP 7306 NetSpy.200, NetSpy.200

TCP 7410 Phoenix.190, Phoenix.200

TCP 7511 Genue.100

TCP 7609 Snid.120, Snid.212

TCP 7614 Wollf.130

TCP 7648 BlackStar.100, Ghost.230

TCP 7788 Last.2000, Matrix.200

TCP 7826 MiniOblivion.010, Oblivion.010

TCP 7887 SmallFun.110

TCP 7891 Revenger.100

TCP 7979 VagrNocker.200

TCP 7997 VagrNocker.200

TCP 8000 XConsole.100

TCP 8011 Way.240

TCP 8012 Ptakks.215, Ptakks.217

TCP 8110 LoseLove.100

TCP 8111 LoseLove.100

TCP 8301 LoseLove.100

TCP 8302 LoseLove.100

TCP 8372 NetBoy.100

TCP 8720 Connection.130

TCP 8734 AutoSpy.110

TCP 8811 Force.155

TCP 8899 Last.2000

TCP 9000 Aristotles.100

TCP 9301 LoseLove.100

TCP 9400 InCommand.100, InCommand.110, InCommand.120, InCommand.130, InCommand.140, InCommand.150, InCommand.153, InCommand.160, InCommand.167, InCommand.170

TCP 9401 InCommand.100, InCommand.110, InCommand.170

TCP 9402 InCommand.100, InCommand.110

TCP 9561 CRatPro.110

TCP 9563 CRatPro.110

TCP 9580 TheefLE.100

TCP 9696 Danton.210, Ghost.230

TCP 9697 Danton.320, Danton.330, Ghost.230

TCP 9870 R3C.100

TCP 9872 PortalOfDoom.100

TCP 9873 PortalOfDoom.100

TCP 9874 PortalOfDoom.100

TCP 9875 PortalOfDoom.100

TCP 9876 Rux.100, SheepGoat.100

TCP 9877 SmallBigBrother.020

TCP 9878 SmallBigBrother.020, TransmissionScout.100, TransmissionScout.110, TransmissionScout.120

TCP 9879 SmallBigBrother.020

TCP 9999 ForcedEntry.100, Infra.100, Prayer.120, Prayer.130, TakeOver.200, TakeOver.300

TCP 10001 DTr.130, DTr.140

TCP 10013 Amanda.200

TCP 10067 PortalOfDoom.100

TCP 10100 Gift.240

TCP 10101 NewSilencer.100

TCP 10167 PortalOfDoom.100

TCP 10528 HostControl.100, HostControl.260

TCP 10607 Coma.109

TCP 10666 Ambush.100

TCP 11011 Amanda.200

TCP 11050 HostControl.101

TCP 11051 HostControl.100, HostControl.260

TCP 11223 AntiNuke.100, Progenic.100, Progenic.110

TCP 11225 Cyn.100, Cyn.103, Cyn.120

TCP 11306 Noknok.800, Noknok.820

TCP 11831 Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400

TCP 11991 PitfallSurprise.100

TCP 12043 Frenzy.2000

TCP 12345 Fade.100, Netbus.160, Netbus.170, VagrNocker.400

TCP 12346 Netbus.160, Netbus.170

TCP 12348 Bionet.210, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.316, Bionet.317

TCP 12349 Bionet.084, Bionet.261, Bionet.280, Bionet.302, Bionet.305, Bionet.311, Bionet.313, Bionet.314, Bionet.316, Bionet.317, Bionet.401, Bionet.402

TCP 12389 KheSanh.210

TCP 12478 Bionet.210

TCP 12623 Buttman.090, Buttman.100

TCP 12624 Buttman.090, Buttman.100

TCP 12625 Buttman.100

TCP 12904 Akropolis.100, Rocks.100

TCP 13473 Chupacabra.100

TCP 13753 AFTP.010

TCP 14100 Eurosol.100

TCP 14194 CyberSpy.840

TCP 14286 HellDriver.100

TCP 14500 PCInvader.050, PCInvader.060, PCInvader.070

TCP 14501 PCInvader.060, PCInvader.070

TCP 14502 PCInvader.050, PCInvader.060, PCInvader.070

TCP 14503 PCInvader.050, PCInvader.060, PCInvader.070

TCP 14504 PCInvader.050, PCInvader.060

TCP 15092 HostControl.100, HostControl.260

TCP 15382 SubZero.100

TCP 15432 Cyn.210

TCP 15555 ICMIBC.100

TCP 16322 LastDoor.100

TCP 16484 MoSucker.110

TCP 16661 Dfch.010

TCP 16969 Progenic.100

TCP 16982 AcidShiver.100

TCP 17300 Kuang.200

TCP 17499 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521

TCP 17500 CrazzyNet.370, CrazzyNet.375, CrazzyNet.521

TCP 17569 Infector.141, Infector.160, Infector.170, Infector.180, Infector.190, Infector.200, Intruder.100, Intruder.100

TCP 17593 AudioDoor.120

TCP 19191 BlueFire.035, BlueFire.041

TCP 19604 Metal.270

TCP 19605 Metal.270

TCP 19991 Dfch.010

TCP 20000 Millenium.100

TCP 20001 Millenium.100, PshychoFiles.180

TCP 20002 AcidKor.100, PshychoFiles.180

TCP 20005 MoSucker.200, MoSucker.210, MoSucker.220

TCP 21212 Schwindler.182

TCP 21554 Exploiter.100, Exploiter.110, Girlfriend.130, GirlFriend.135

TCP 21579 Breach.2001

TCP 21584 Breach.2001

TCP 21684 Intruse.134

TCP 22068 AcidShiver.110

TCP 22115 Cyn.120

TCP 22222 Prosiak.047, Ruler.141, Rux.300, Rux.400, Rux.500, Rux.600

TCP 22223 Rux.400, Rux.500, Rux.600

TCP 22456 Bla.200, Bla.503

TCP 22457 AcidShiver.120, Bla.200, Bla.503

TCP 22784 Intruzzo.110

TCP 22845 Breach.450

TCP 22847 Breach.450

TCP 23005 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100

TCP 23006 Infinaeon.110, NetTrash.100, Oxon.110, WinRat.100

TCP 23032 Amanda.200

TCP 23432 Asylum.010, Asylum.012, Asylum.013, Asylum.014, MiniAsylum.110

TCP 23456 EvilFTP.100, VagrNocker.400

TCP 23476 DonaldDick.153, DonaldDick.154, DonaldDick.155

TCP 23477 DonaldDick.153

TCP 24000 Infector.170

TCP 24307 Wildek.020

TCP 25386 MoonPie.220

TCP 25486 MoonPie.220

TCP 25555 FreddyK.100, FreddyK.200

TCP 25556 FreddyK.100

TCP 25685 MoonPie.010, MoonPie.012, MoonPie.130, MoonPie.220, MoonPie.240, MoonPie.400

TCP 25686 MoonPie.135, MoonPie.200, MoonPie.400

TCP 25982 MoonPie.135, MoonPie.200

TCP 26274 Delta.050

TCP 27160 MoonPie.135, MoonPie.200

TCP 27184 Alvgus.100, Alvgus.800

TCP 27374 Muerte.110, Subseven.210, SubSeven.213

TCP 28429 Hack'a'Tack.2000

TCP 28430 Hack'a'Tack.2000

TCP 28431 Hack'a'Tack.2000

TCP 28432 Hack'a'Tack.2000

TCP 28433 Hack'a'Tack.2000

TCP 28434 Hack'a'Tack.2000

TCP 28435 Hack'a'Tack.2000

TCP 28436 Hack'a'Tack.2000

TCP 29559 DuckToy.100, DuckToy.101, Katux.200, Latinus.140, Latinus.150, Pest.100, Pest.400

TCP 29891 Unexplained.100

TCP 30000 Infector.170

TCP 30001 Error32.100

TCP 30003 LamersDeath.100

TCP 30029 AOLTrojan.110

TCP 30100 NetSphere.127, NetSphere.130, NetSphere.131

TCP 30101 NetSphere.127, NetSphere.130, NetSphere.131

TCP 30102 NetSphere.127, NetSphere.130, NetSphere.131

TCP 30103 NetSphere.131

TCP 30947 Intruse.134

TCP 31320 LittleWitch.400, LittleWitch.420

TCP 31337 BackOrifice.120, Khaled.100, OPC.200

TCP 31415 Lithium.101

TCP 31416 Lithium.100, Lithium.101

TCP 31557 Xanadu.110

TCP 31631 CleptoManicos.100

TCP 31745 Buschtrommel.100, Buschtrommel.122

TCP 31785 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31787 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31789 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31791 Hack'a'Tack.100, Hack'a'Tack.112

TCP 31887 BDDT.100

TCP 31889 BDDT.100

TCP 32100 ProjectNext.053

TCP 32418 AcidBattery.100

TCP 32791 Akropolis.100, Rocks.100

TCP 33291 RemoteHak.001

TCP 33333 Blackharaz.100, Prosiak.047, SubSeven.214

TCP 33577 SonOfPsychward.020

TCP 34324 TelnetServer.100

TCP 34763 Infector.180, Infector.190, Infector.200

TCP 35000 Infector.190, Infector.200

TCP 35600 Subsari.140

TCP 36794 BugBear.100

TCP 37237 Mantis.020

TCP 37651 YAT.210

TCP 37653 YAT.310

TCP 40308 Subsari.140

TCP 40412 TheSpy.100

TCP 40421 MastersParadise.970

TCP 40422 MastersParadise.970

TCP 40999 DiemsMutter.110, DiemsMutter.140

TCP 41626 Shah.100

TCP 44444 Prosiak.070

TCP 45673 Akropolis.100, Rocks.100

TCP 47262 Delta.050

TCP 48006 Fragglerock.200

TCP 49683 HolzPferd.210

TCP 50000 Infector.180

TCP 50130 Enterprise.100

TCP 50766 Fore.100

TCP 51234 Cyn.210

TCP 51966 Cafeini.080, Cafeini.110

TCP 54321 PCInvader.010

TCP 57341 NetRaider.100

TCP 57922 Bionet.084

TCP 58008 Tron.100

TCP 58009 Tron.100

TCP 59090 AcidReign.200

TCP 59211 DuckToy.100, DuckToy.101

TCP 59345 NewFuture.100

TCP 60000 DeepThroat.300, MiniBacklash.100, MiniBacklash.101, MiniBacklash.101

TCP 60411 Connection.100, Connection.130

TCP 60412 Connection.130

TCP 60552 RoxRat.100

TCP 63536 InsaneNetwork.500

TCP 63878 AphexFTP.100

TCP 63879 AphexFTP.100

TCP 64969 Lithium.100

TCP 65000 Socket.100

UDP 1 SocketsDeTroie.250

UDP 666 Bla.200, Bla.400, Bla.503, Noknok.820

UDP 1130 Noknok.800, Noknok.820

UDP 2140 DeepThroat.100, DeepThroat.200, DeepThroat.310

UDP 2989 Rat.200

UDP 3128 MastersParadise.970

UDP 3129 MastersParadise.920, MastersParadise.970

UDP 3150 DeepThroat.100, DeepThroat.200, DeepThroat.310, MiniBacklash.110

UDP 3333 Daodan.123

UDP 3800 Eclypse.100

UDP 3996 RemoteAnything.364

UDP 4000 RemoteAnything.364

UDP 5555 Daodan.123

UDP 5881 Y3KRat.110, Y3KRat.140

UDP 5882 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.140, Y3KRat.150

UDP 5883 Y3KRat.110, Y3KRat.140

UDP 5884 Y3KRat.140, Y3KRat.150

UDP 5885 Y3KRat.110, Y3KRat.120, Y3KRat.140

UDP 5886 Y3KRat.120, Y3KRat.140

UDP 5887 Y3KRat.110, Y3KRat.120, Y3KRat.140

UDP 5888 Y3KRat.100, Y3KRat.110, Y3KRat.120, Y3KRat.150

UDP 6953 Lithium.100

UDP 8012 Ptakks.217

UDP 10067 PortalOfDoom.100

UDP 10167 PortalOfDoom.100

UDP 10666 Ambush.100

UDP 11225 Cyn.100, Cyn.103, Cyn.120

UDP 11306 Noknok.800, Noknok.820

UDP 12389 KheSanh.210

UDP 12623 Buttman.090, Buttman.100

UDP 12625 Buttman.100

UDP 14100 Eurosol.100

UDP 23476 DonaldDick.155

UDP 26274 Delta.050

UDP 27184 Alvgus.100

UDP 28431 Hack'a'Tack.2000

UDP 28432 Hack'a'Tack.2000

UDP 28433 Hack'a'Tack.2000

UDP 28434 Hack'a'Tack.2000

UDP 28435 Hack'a'Tack.2000

UDP 28436 Hack'a'Tack.2000

UDP 29891 Unexplained.100

UDP 30103 NetSphere.131

UDP 31320 LittleWitch.400, LittleWitch.420

UDP 31337 BackOrifice.120, OPC.200

UDP 31416 Lithium.100, Lithium.101

UDP 31789 Hack'a'Tack.100, Hack'a'Tack.112

UDP 31791 Hack'a'Tack.100, Hack'a'Tack.112

UDP 33333 Blackharaz.100

UDP 47262 Delta.050

UDP 49683 HolzPferd.210

UDP 60000 MiniBacklash.100

How to turn MSN Messenger Display Pictures into User Pictures on XP

For the pix you downloaded from MSN

If you’ve ever wanted to turn the display pictures you download from MSN into an account picture (the one that appears in your Start Menu next to your username) for XP here’s how.

1) In messenger Choose ==> Change Display Picture and then ==> Download more pictures.

2) Download the desired images.

3) Open 'Folder Options' in Explorer and make sure you can view Hidden Files and folders.

4) Navigate to X:\Documents and Settings\User_Name\Application Data\Microsoft\MSN Messenger, where X: is the drive XP is on and User_Name is your username.

5) In here you'll see folders with long numbers for names. The next bit is trial and error. If you go into each of the folders you should see that some of them have a folder called UserTile inside of them. In that directory it will have .dat files. The files which have TFR in their names are the images (to make your life easier there is a list at the bottom showing which file is which for a few of them).

6) Going through all the UserTile folders copy these .dat files to a new folder. Now rename them and change their extension from .dat to .bmp by right clicking on them and choosing 'Rename'. Then try to open them in MS Paint or the Windows Fax and Picture Viewer. Not all of them will work (I'm not sure if this is just because some of them aren't actually image files, but any you downloaded should do).

7) If you want to edit them open them up in MS Paint and then make changes there or copy and paste them into your favourite image editor (opening directly doesn't seem to work as the formats are bit messed up from the renaming). Make any changes you want and save (either as BMP, JPEG, GIF or PNG).

8) Go to Control Panel ==> User Accounts

9) Click on your account and then choose 'Change my picture', then select 'Browse for more pictures'.

10) Browse to the image you just saved and select 'Open' and that's it!

11) You can also use the image as your SoD avatar - to do so you'll have to resize the image to being 64 X 64 pixels and save as either (gif, jpeg, swf, png). If you are uploading it to SoD make sure it's less than 20 KB. Otherwise upload to a web server and enter it's URL in the space provided and press 'Update Avatar'.

A list to help you identify the file you want:

CODE

TFR1C - Spider

TFR3F - Leaf

TFRRB - Jellyfish

TFRRC - Ladybug

N.B. The codes above may change, I'm not sure. I may add more files to the list later on.

Get the serial number you need ! (For Certain Things)

* Go to Google.

* In the search field type: "Product name" 94FBR

* Where, "Product Name" is the name of the item you want to find the serial number for.

* And voila - there you go - the serial number you needed.

HOW DOES THIS WORK?

Quite simple really. 94FBR is part of a Office 2000 Pro cd key that is widely distributed as it bypasses the activation requirements of Office 2K Pro. By searching for the product name and 94fbr, you guarantee two things. 1) The pages that are returned are pages dealing specifically with the product you're wanting a serial for. 2) Because 94FBR is part of a serial number, and only part of a serial number, you guarantee that any page being returned is a serial number list page.

See these example searches:

"Photoshop 7" 94FBR

"Age of Mythology" 94FBR

"Nero Burning Rom 5.5" 94FBR

Ultimate Google Way

Look for Appz in Parent Directory

intext:"parent directory" intext:"[EXE]"

intext:"parent directory" index of:"[EXE]"

intext:"parent directory" index of:"[RAR]"

This will look for any exe or optionaly for zip, rar, ace, iso, bin and etc.

Look for Moviez in Parent Directory

intext:"parent directory" intext:"[VID]"

intext:"parent directory" index of:"[VID]"

This will look for any video filetype in parent directory. You can optionaly add index:"xvid" or intext:"divx" for specific codec movie.

Look for Muzik in Parent Directory

intext:"parent directory" intext:"[MP3]"

intext:"parent directory" index of:"[MP3]"

This will look for any music files.

Look for Gamez in Parent Directory

intext:"parent directory" index of:"[Gamez]"

How to Bypass BIOS Passwords

BIOS passwords can add an extra layer of security for desktop and laptop computers. They are used to either prevent a user from changing the BIOS settings or to prevent the PC from booting without a password. Unfortunately, BIOS passwords can also be a liability if a user forgets their password, or changes the password to intentionally lock out the corporate IT department. Sending the unit back to the manufacturer to have the BIOS reset can be expensive and is usually not covered in the warranty. Never fear, all is not lost. There are a few known backdoors and other tricks of the trade that can be used to bypass or reset the BIOS

DISCLAIMER

This article is intended for IT Professionals and systems administrators with experience servicing computer hardware. It is not intended for home users, hackers, or computer thieves attempting to crack the password on a stolen PC. Please do not attempt any of these procedures if you are unfamiliar with computer hardware, and please use this information responsibly. LabMice.net is not responsible for the use or misuse of this material, including loss of data, damage to hardware, or personal injury.

Before attempting to bypass the BIOS password on a computer, please take a minute to contact the hardware manufacturer support staff directly and ask for their recommended methods of bypassing the BIOS security. In the event the manufacturer cannot (or will not) help you, there are a number of methods that can be used to bypass or reset the BIOS password yourself. They include:

Using a manufacturers backdoor password to access the BIOS

Use password cracking software

Reset the CMOS using the jumpers or solder beads.

Removing the CMOS battery for at least 10 minutes

Overloading the keyboard buffer

Using a professional service

Please remember that most BIOS passwords do not protect the hard drive, so if you need to recover the data, simply remove the hard drive and install it in an identical system, or configure it as a slave drive in an existing system. The exception to this are laptops, especially IBM Thinkpads, which silently lock the hard drive if the supervisor password is enabled. If the supervisor password is reset without resetting the and hard drive as well, you will be unable to access the data on the drive.

--------------------------------------------------------------------------------

Backdoor passwords

Many BIOS manufacturers have provided backdoor passwords that can be used to access the BIOS setup in the event you have lost your password. These passwords are case sensitive, so you may wish to try a variety of combinations. Keep in mind that the key associated to "_" in the US keyboard corresponds to "?" in some European keyboards. Laptops typically have better BIOS security than desktop systems, and we are not aware of any backdoor passwords that will work with name brand laptops.

WARNING: Some BIOS configurations will lock you out of the system completely if you type in an incorrect password more than 3 times. Read your manufacturers documentation for the BIOS setting before you begin typing in passwords

Award BIOS backdoor passwords:

ALFAROME ALLy aLLy aLLY ALLY aPAf _award AWARD_SW AWARD?SW AWARD SW AWARD PW AWKWARD awkward BIOSTAR CONCAT CONDO Condo d8on djonet HLT J64 J256 J262 j332 j322 KDD Lkwpeter LKWPETER PINT pint SER SKY_FOX SYXZ syxz shift + syxz TTPTHA ZAAADA ZBAAACA ZJAAADC 01322222

589589 589721 595595 598598

AMI BIOS backdoor passwords:

AMI AAAMMMIII BIOS PASSWORD HEWITT RAND AMI?SW AMI_SW LKWPETER A.M.I. CONDO

PHOENIX BIOS backdoor passwords:

phoenix, PHOENIX, CMOS, BIOS

MISC. COMMON PASSWORDS

ALFAROME BIOSTAR biostar biosstar CMOS cmos LKWPETER lkwpeter setup SETUP Syxz Wodj

OTHER BIOS PASSWORDS BY MANUFACTURER

Manufacturer Password

VOBIS & IBM merlin

Dell Dell

Biostar Biostar

Compaq Compaq

Enox xo11nE

Epox central

Freetech Posterie

IWill iwill

Jetway spooml

Packard Bell bell9

QDI QDI

Siemens SKY_FOX

TMC BIGO

Toshiba Toshiba

TOSHIBA BIOS

Most Toshiba laptops and some desktop systems will bypass the BIOS password if the left shift key is held down during boot

IBM APTIVA BIOS

Press both mouse buttons repeatedly during the boot

--------------------------------------------------------------------------------

Password cracking software

The following software can be used to either crack or reset the BIOS on many chipsets. If your PC is locked with a BIOS administrator password that will not allow access to the floppy drive, these utilities may not work. Also, since these utilities do not come from the manufacturer, use them cautiously and at your own risk.

Cmos password recovery tools 3.1

!BIOS (get the how-to article)

RemPass

KILLCMOS

--------------------------------------------------------------------------------

Using the Motherboard "Clear CMOS" Jumper or Dipswitch settings

Many motherboards feature a set of jumpers or dipswitches that will clear the CMOS and wipe all of the custom settings including BIOS passwords. The locations of these jumpers / dipswitches will vary depending on the motherboard manufacturer and ideally you should always refer to the motherboard or computer manufacturers documentation. If the documentation is unavailable, the jumpers/dipswitches can sometimes be found along the edge of the motherboard, next to the CMOS battery, or near the processor. Some manufacturers may label the jumper / dipswitch CLEAR - CLEAR CMOS - CLR - CLRPWD - PASSWD - PASSWORD - PWD. On laptop computers, the dipswitches are usually found under the keyboard or within a compartment at the bottom of the laptop.

Please remember to unplug your PC and use a grounding strip before reaching into your PC and touching the motherboard. Once you locate and rest the jumper switches, turn the computer on and check if the password has been cleared. If it has, turn the computer off and return the jumpers or dipswitches to its original position.

--------------------------------------------------------------------------------

Removing the CMOS Battery

The CMOS settings on most systems are buffered by a small battery that is attached to the motherboard. (It looks like a small watch battery). If you unplug the PC and remove the battery for 10-15 minutes, the CMOS may reset itself and the password should be blank. (Along with any other machine specific settings, so be sure you are familiar with manually reconfiguring the BIOS settings before you do this.) Some manufacturers backup the power to the CMOS chipset by using a capacitor, so if your first attempt fails, leave the battery out (with the system unplugged) for at least 24 hours. Some batteries are actually soldered onto the motherboard making this task more difficult. Unsoldering the battery incorrectly may damage your motherboard and other components, so please don't attempt this if you are inexperienced. Another option may be to remove the CMOS chip from the motherboard for a period of time.

Note: Removing the battery to reset the CMOS will not work for all PC's, and almost all of the newer laptops store their BIOS passwords in a manner which does not require continuous power, so removing the CMOS battery may not work at all. IBM Thinkpad laptops lock the hard drive as well as the BIOS when the supervisor password is set. If you reset the BIOS password, but cannot reset the hard drive password, you may not be able to access the drive and it will remain locked, even if you place it in a new laptop. IBM Thinkpads have special jumper switches on the motherboard, and these should be used to reset the system.

--------------------------------------------------------------------------------

Overloading the KeyBoard Buffer

On some older computer systems, you can force the CMOS to enter its setup screen on boot by overloading the keyboard buffer. This can be done by booting with the keyboard or mouse unattached to the systems, or on some systems by hitting the ESC key over 100 times in rapid succession.

--------------------------------------------------------------------------------

Jumping the Solder Beads on the CMOS

It is also possible to reset the CMOS by connecting or "jumping" specific solder beads on the chipset. There are too many chipsets to do a breakdown of which points to jump on individual chipsets, and the location of these solder beads can vary by manufacturer, so please check your computer and motherboard documentation for details. This technique is not recommended for the inexperienced and should be only be used as a "last ditch" effort.

--------------------------------------------------------------------------------

Using a professional service

If the manufacturer of the laptop or desktop PC can't or won't reset the BIOS password, you still have the option of using a professional service. Password Crackers, Inc., offers a variety of services for desktop and laptop computers for between $100 and $400. For most of these services, you'll need to provide some type of legitimate proof of ownership. This may be difficult if you've acquired the computer second hand or from an online auction.