Existe una version Beta de Windows 7, Sistema Operativo más reciente de Microsoft, basado en el Kernel de Windows 2008 Server, lista para descargarse desde la página de www.microsoft.com.
Lamentablemente no cumplo con los requerimientos de hardware necesarios para que me funcione el theme Aero (1 GB de memoria), por los tanto opté por habilitarlo desde el registro.
Para esto es necesario editar el registro ( Ejecutar -> regedit)
1.- Navegar hasta la siguiente clave [HKEY_CURRENT_USER\Software\Microsoft\Windows\DWM]
2.- En el panel derecho,crear las siguientes entradas de tipo DWORD.
UseMachineCheck = DWORD -> 0
Blur = DWORD -> 0
Animations = DWORD -> 0
3.- Cerrar el regedit.
--- Opcional ----------------------------------------------
4.- Abrir la Consola (cmd) con privilegios administrativos. Es decir, si esta como un usuario del Grupo de Invitados.
4a.- Reiniciar el servicio uxsms. En la linea de comandos:
net stop uxsms
net start uxsms
-----------------------------------------------------------
5.- Reiniciar el servicio uxsms a través de Herramientas Administrativas.
6.- Habilitar Aero ( Escitorio -> click derecho -> Personalizar -> Colores de Windows)
Este hack solamente funciona en instalaciones diferentes al Wmware Player. Enjoy!.
jueves, 22 de enero de 2009
Windows XP Home a Profesional - Como Cambiarlo?
En horas pasadas me vi en la necesidad de crear un CD de recuperación para Windows XP, lamentablente solo la versión HOME tenía instalada. ¿Como convertir la version Home a Profesional?. Ya que varias de las herramientas solo están en la versión profesional. He aquí el procedimiento.
1. Copiar el directorio raiz y el i386 del CD de Windows XP a una ubicación del disco duro (para ejemplo usaremos c:\winxpcd)
2.- Extraer el sector de arranque del CD cd Windows XP. IsoBuster, entre otros, funciona.
3.- Iniciar el editor de registro (regedit). Ejecutar -: regedit
4.- Seleccionar la clave HKEY_LOCAL_MACHINE
5.- Archivo -> Cargar hive y seleccionar el archivo setupreg.hiv ubicado en el directorio c:\winxpcd\i386. También puede hacerse desde la ubicacion i386 del CD.
6.- Navegar hasta la siguiente clave del registro:
[HKEY_LOCAL_MACHINE\HomeKey\ControlSet001\Services\setupdd]
7.- Editar la clave DEFAULT y cambiar los siguientes valores:
01 -> 00
02 -> 00
8.- Cambiar el valor de HOMEKEY con cualquier otro cosa.
9.- Seleccione HOMEKEY y elija Archivo -> Unload Hive.
10. Salir del regedit. Listo!.
NOta. Todo lo que haga esta bajo su responsabilidad y no se garantiza el procedimiento. Asegúrese de hacer sus respaldos correspondientes o bien probar con una instalación de laboratorio. Una vez conseguido el objetivo puede hacer disco de restauración, recuperación.
1. Copiar el directorio raiz y el i386 del CD de Windows XP a una ubicación del disco duro (para ejemplo usaremos c:\winxpcd)
2.- Extraer el sector de arranque del CD cd Windows XP. IsoBuster, entre otros, funciona.
3.- Iniciar el editor de registro (regedit). Ejecutar -: regedit
4.- Seleccionar la clave HKEY_LOCAL_MACHINE
5.- Archivo -> Cargar hive y seleccionar el archivo setupreg.hiv ubicado en el directorio c:\winxpcd\i386. También puede hacerse desde la ubicacion i386 del CD.
6.- Navegar hasta la siguiente clave del registro:
[HKEY_LOCAL_MACHINE\HomeKey\ControlSet001\Services\setupdd]
7.- Editar la clave DEFAULT y cambiar los siguientes valores:
01 -> 00
02 -> 00
8.- Cambiar el valor de HOMEKEY con cualquier otro cosa.
9.- Seleccione HOMEKEY y elija Archivo -> Unload Hive.
10. Salir del regedit. Listo!.
NOta. Todo lo que haga esta bajo su responsabilidad y no se garantiza el procedimiento. Asegúrese de hacer sus respaldos correspondientes o bien probar con una instalación de laboratorio. Una vez conseguido el objetivo puede hacer disco de restauración, recuperación.
Enable or Disable Autorun
Overview
Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.
I. Description
Microsoft Windows includes an AutoRun feature, which can automatically run code when removable devices are connected to the computer. AutoRun (and the closely related AutoPlay) can unexpectedly cause arbitrary code execution in the following situations:
* A removable device is connected to a computer. This includes, but
is not limited to, inserting a CD or DVD, connecting a USB or
Firewire device, or mapping a network drive. This connection can
result in code execution without any additional user interaction.
* A user clicks the drive icon for a removable device in Windows
Explorer. Rather than exploring the drive's contents, this action
can cause code execution.
* The user selects an option from the AutoPlay dialog that is
displayed when a removable device is connected. Malicious
software, such as W32.Downadup, is using AutoRun to
spread. Disabling AutoRun, as specified in the CERT/CC
Vulnerability Analysis blog, is an effective way of helping to
prevent the spread of malicious code.
The Autorun and NoDriveTypeAutorun registry values are both
ineffective for fully disabling AutoRun capabilities on Microsoft
Windows systems. Setting the Autorun registry value to 0 will not
prevent newly connected devices from automatically running code
specified in the Autorun.inf file. It will, however, disable Media
Change Notification (MCN) messages, which may prevent Windows from
detecting when a CD or DVD is changed. According to Microsoft,
setting the NoDriveTypeAutorun registry value to 0xFF "disables
Autoplay on all types of drives." Even with this value set, Windows
may execute arbitrary code when the user clicks the icon for the
device in Windows Explorer.
II. Impact
By placing an Autorun.inf file on a device, an attacker may be able
to automatically execute arbitrary code when the device is
connected to a Windows system. Code execution may also take place
when the user attempts to browse to the software location with
Windows Explorer.
III. Solution
Disable AutoRun in Microsoft Windows
To effectively disable AutoRun in Microsoft Windows, import the
following registry value:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
To import this value, perform the following steps:
* Copy the text
* Paste the text into Windows Notepad
* Save the file as autorun.reg
* Navigate to the file location
* Double-click the file to import it into the Windows registry
Microsoft Windows can also cache the AutoRun information from
mounted devices in the MountPoints2 registry key. We recommend
restarting Windows after making the registry change so that any
cached mount points are reinitialized in a way that ignores the
Autorun.inf file. Alternatively, the following registry key may be
deleted:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
Once these changes have been made, all of the AutoRun code
execution scenarios described above will be mitigated because
Windows will no longer parse Autorun.inf files to determine which
actions to take. Further details are available in the
CERT/CC Vulnerability Analysis blog. Thanks to Nick Brown and Emin
Atac for providing the workaround.
Disabling AutoRun on Microsoft Windows systems can help prevent the spread of malicious code. However, Microsoft's guidelines for disabling AutoRun are not fully effective, which could be considered a vulnerability.
I. Description
Microsoft Windows includes an AutoRun feature, which can automatically run code when removable devices are connected to the computer. AutoRun (and the closely related AutoPlay) can unexpectedly cause arbitrary code execution in the following situations:
* A removable device is connected to a computer. This includes, but
is not limited to, inserting a CD or DVD, connecting a USB or
Firewire device, or mapping a network drive. This connection can
result in code execution without any additional user interaction.
* A user clicks the drive icon for a removable device in Windows
Explorer. Rather than exploring the drive's contents, this action
can cause code execution.
* The user selects an option from the AutoPlay dialog that is
displayed when a removable device is connected. Malicious
software, such as W32.Downadup, is using AutoRun to
spread. Disabling AutoRun, as specified in the CERT/CC
Vulnerability Analysis blog, is an effective way of helping to
prevent the spread of malicious code.
The Autorun and NoDriveTypeAutorun registry values are both
ineffective for fully disabling AutoRun capabilities on Microsoft
Windows systems. Setting the Autorun registry value to 0 will not
prevent newly connected devices from automatically running code
specified in the Autorun.inf file. It will, however, disable Media
Change Notification (MCN) messages, which may prevent Windows from
detecting when a CD or DVD is changed. According to Microsoft,
setting the NoDriveTypeAutorun registry value to 0xFF "disables
Autoplay on all types of drives." Even with this value set, Windows
may execute arbitrary code when the user clicks the icon for the
device in Windows Explorer.
II. Impact
By placing an Autorun.inf file on a device, an attacker may be able
to automatically execute arbitrary code when the device is
connected to a Windows system. Code execution may also take place
when the user attempts to browse to the software location with
Windows Explorer.
III. Solution
Disable AutoRun in Microsoft Windows
To effectively disable AutoRun in Microsoft Windows, import the
following registry value:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\Autorun.inf]
@="@SYS:DoesNotExist"
To import this value, perform the following steps:
* Copy the text
* Paste the text into Windows Notepad
* Save the file as autorun.reg
* Navigate to the file location
* Double-click the file to import it into the Windows registry
Microsoft Windows can also cache the AutoRun information from
mounted devices in the MountPoints2 registry key. We recommend
restarting Windows after making the registry change so that any
cached mount points are reinitialized in a way that ignores the
Autorun.inf file. Alternatively, the following registry key may be
deleted:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2
Once these changes have been made, all of the AutoRun code
execution scenarios described above will be mitigated because
Windows will no longer parse Autorun.inf files to determine which
actions to take. Further details are available in the
CERT/CC Vulnerability Analysis blog. Thanks to Nick Brown and Emin
Atac for providing the workaround.
viernes, 9 de enero de 2009
Windows-XP-Vista-Hacks-Tricks
Hi everyone. This blog primarily post Windows Vista/2008/XP/2000 tricks, hacks, and notes.
For example, we explain the boot sequence process, how to custom an installation, how to protect again virus, malware, Trojan, spyware, rootkits.
For example, we explain the boot sequence process, how to custom an installation, how to protect again virus, malware, Trojan, spyware, rootkits.
Suscribirse a:
Entradas (Atom)
