Nov 30, 2009

When cofee becomes cofree

Focus of the post : Microsoft Cofee (Computer Online Forensic Evidence Extractor) leaked on the internet.

Microsoft Cofee leaks onto the web - Inquirer - The software is free to police forces around the world and helps access details about crimes such as identity theft, online fraud, child pornography and illegal filesharing before criminals can wipe the information.

It's reportedly illegal for unauthorised people to download and use the software"

"This enables the officer to take advantage of the same common digital forensics tools used by experts to gather important volatile evidence, while doing little more than simply inserting a USB device into the computer," said Microsoft

Any guess's where did i spot the news and file  ?? -  0wned by William Genovese (aka illwill - who was arrested by FBI in a setup for selling the publicly available  part of windows 2000 source code already available on the internet!! to an agent posing as a n00b )

Microsoft gives Interpol free COFEE

There are two versions of the same file floating on the internet . The 15Mb msi package will give the error "The parameter is incorrect". So look for the fixed package on google.

Apr 11, 2009

Buying the best flash disk in the Indian Market and Pen Drive Related Problems


Focus of the post : -
  • This post gives an idea of the performance of value flash disks whose performance specifications arent declared by the manufacturer.
  • Partitioning a pendrive
  • Protecting Data
  • Booting from pendrive
  • Best Portable HDD and Recovering Partitions.
1.Corsair - Corsair Flash Voyager is a water resistance drive enclosed in rubber housing.

1.1 Corsair Flash Voyager 4GB

1.2 Corsair Flash Voyager 8GB

2.PNY - PNY offers some excellent slim drives with good performance.I bought 4GB Micro Attache from Ebay,the drive stopped working the same day.I replaced it with a new drive the next day.The new pendrive was slightly different from the original.The Ebay pendrive was replaced by Fortune Marketing and the new pen drive was detected as 0 but had a serial no. in registry,the Ebay pendrive was detected as USBest USB2Flash Storage.The Ebay pendrive(navkarIT) was slow and the dimensions were misprinted as 30x12x21 mm in place of 30x12x2.1mm .Another difference that was visible on the new drive was different circuitry and the presence of two golden dots near the name PNY at the back side.Generally slim pendrives are very slow but the PNY drives offered better than acceptable performance and comes with a 5 year warranty .There are three slim drives available from PNY:-
  • Micro Attache - 30 x12 x 2.1mm (little bigger than a simcard)
  • Sliding Attache - 35 x 15 x 4mm , 50 x 15 x 4mm(open)
  • Metro Attache -
In contrast ,the Kingston Mini Slim has dimensions of 38.85 x 16.4 x 6.44 mm and comes with a warranty of 2yrs.Write speeds are good though.

2.1 PNY Micro Attache 4GB

2.2 PNY Micro Attache 4GB - USBest USB2Flash Storage(bought from EBAY)

Kingston Flash disk Comparison >> OLD >>

3.1 Kingston DataTraveller 2GB Lime

3.2 Kingston DataTraveller 4GB Purple

3.3 Kingston DataTraveller Generation2 (G2) - 4GB - Yellow.Official :-10MB/sec read, 5MB/sec write (Extremely slow drive)


4.1 Transcend JetFlash 110 8GB

4.2 Transcend Jetflash v33 2GB


5.1 Sandisk Cruzer Micro 1GB (Black,Retractable Model)


6.1 Moserbaer 1GB

7.1 Amkette Spectra Pro 4GB

8.HP - HP slim drives are manufactured by PNY and comes with 2yr warranty.Both PNY and HP are distributed by Fortune Marketing.HP drives are also slower than PNY.

8.1 HP Slim v155w

32mb blocks

8.2 HP v165w

8Mb blocks

32MB Blocks

Official Specs - 2G,4G(4MB-Write,20MB-Read),8G,16G(8MB-Write,25MB-Read)

All tests 8mb blocks unless mentioned

Personal Choice - Corsair Flash Voyager ,PNY Micro Attache,PNY Metro Attache.High speed flash disk arent easily available in the indian market and the ones available are insanely costly.OCZ basic and turbo models has one of the best read and write speeds.Refrain yourself from buying Moserbaer,Amkette,Imation.

Partitioning your pendrive   

1.You can partition the drives easily with lexar flip bit tool.More info available here.Lexar flip bit doesnt support all PD's.It works on Corsair,PNY but not on Kingston.

2.Registry Method :Multiple Partitions on USB Stick Storage

    Protecting Data

    - Creating a windows supported securezone and public partition - Memory Bar will allow you to create upto two partitons : - 1.Password protected Secure Zone 2.Public Area - Upon insertion the public area will only be accessible.You cant access both partitions at the same time.The public area can be made bootable just like a normal flashdisk.It is similar to Kingston old soft.Make sure you Readme.txt before using memory bar .(Google for download link)

    -Using Truecrypt is the best way to protect data

    -PDs with Chipsbank controller can try the FlashDisk Manager tool .Quick Start Guide for Flash Disk (Chipsbank Controller)
      Unable to Format a Pen drive

      Common Issues and Helpful Tips to Avoid Potential Data Loss or Data Corruption on a Corsair USB Flash Drive

      Try Windows Disk Manager Utilty or the HP Format Tool .If you get an error like "CFG Table not found" or if the PD is getting detected as a 8MB drive then read pages here and here.

      Booting from a Pen drive

      • Boot Various Linux Distros (Forget UNetBOOTIN), specific ISO's ,floppy images from a single pendrive :- Ubuntu,Backtrack,KonBoot,Acronis True Image,Super Grub Disk,Gparted,Super Grub Disk,Sea Tools,etc- Ultimate thread.

      Buying the best portable Harddisk

      • Maxtor One Touch 4 is my personal favourite
      • Package Contents:-
      1. HDD with preloaded software
      2. Mini USB Cable
      3. Maxtor Safety Drill recovery (Linux Live CD based on KNOPPIX)
      4. Software CD
      5. Seagate 5400.3 PR SATA HDD
      • Cons
      1. Surface Prone to Scratches
      2. No Pouch for HDD
      The Seagate Freeagent GO is similar to Maxtor One touch IV.The only differenes are:-
      1. Short USB cable supports USB 2.0 only.
      2. The Seagate Freeagent GO does not support complete Locking of partitions.
      3. One Touch Button Backup and Maxtor Safety Drill missing.
      4. Seagate Manager is similar to Maxtor Manager and supports both HDDs.However you cannot lock partitions using Seagate Manager.
      5. The Maxtor casing is a lot easier to open and you wont get into warranty void problems.

      Recovering Partitions

      If you have deleted a partition by mistake or partitions are corrupted coz of cheap chinese casings the first thing you should try is undeleting the partition .Not all data recovery softwares support this mode .
      Try:-Testdisk,Active @Partition Recovery,Acronis Disk Director with Recovery Expert,Diskinternals Partition Recovery.

      Mar 2, 2009

      Remove IRC Bot spreading via Flash Disk


      1. P:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\isei32.exe (Removable Disk)
      2. Other Process names : -werasd.exe,wejhjkkkl.exe(Archive File),isei32.exe,2w.exe,one.jpg
      3. Connects to :-
      4. Folder icon in place of drive icon in My Computer.
      5. Autorun.inf
      action=Open folder to view files
      6.Outbound Traffic :

      PASS sock
      NICK fdqlte
      USER okfrpc "" "wao" :okfrpc

      :Irc.WoLF.Net NOTICE AUTH :*** Looking up your hostname...
      :Irc.WoLF.Net NOTICE AUTH :*** Couldn't resolve your hostname; using your IP address instead
      :Irc.WoLF.Net 001 fdqlte
      :Irc.WoLF.Net 002 fdqlte :               M0dded by uNkn0wn Crew            
      :Irc.WoLF.Net 003 fdqlte
      :Irc.WoLF.Net 004 fdqlte : -         
      :Irc.WoLF.Net 005 fdqlte
      :Irc.WoLF.Net 005 fdqlte
      :Irc.WoLF.Net 005 fdqlte
      :Irc.WoLF.Net 422 fdqlte :MOTD File is missing
      :fdqlte MODE fdqlte :+iR

      JOIN #us# us..

      :fdqlte!okfrpc@myIP JOIN :#us#
      :Irc.WoLF.Net 332 fdqlte #us# :.kktt c:\emwqnmnmwwlj.exe 1
      :Irc.WoLF.Net 333 fdqlte #us# A 1236188567

      00000000  6B C4 E8 1E FF EF 4B A8  D5 D8 6B F2 1D 95 F4 45   k.....K. ..k....E
      00000010  3E 27 EE 4F FE F4 38 1A  84 97 3F 31 5A 18 36 A8   >'.O..8. ..?1Z.6.
      00000020  FB FE CB 6E 48 3B 2F 50  52 49 56 4D 53 47 20 23   ...nH;/P RIVMSG #
      00000030  75 73 23 20 3A 53 75 63  63 65 73 73 2E 0D 0A      us# :Suc cess...

      00000000  3A 49 72 63 2E 57 6F 4C  46 2E 4E 65 74 20 34 32   :Irc.WoL F.Net 42
      00000010  31 20 66 64 71 6C 74 65  20 6B C4 E8 1E FF EF 4B   1 fdqlte  k.....K
      00000020  A8 D5 D8 6B F2 1D 95 F4  45 3E 27 EE 4F FE F4 38   ...k.... E>'.O..8
      00000030  1A 84 97 3F 31 5A 18 36  A8 FB FE CB 6E 48 3B 2F   ...?1Z.6 ....nH;/
      00000040  50 52 49 56 4D 53 47 20  3A 55 6E 6B 6E 6F 77 6E   PRIVMSG  :Unknown
      00000050  20 63 6F 6D 6D 61 6E 64  0D 0A                      command ..

      Removal Instructions:-

      1.Boot into Safe Mode.
      2.Use  Autoruns to disable the following entries from startup

      Startup Entries:-

      ISPSERVICE mIRC    mIRC Co. Ltd.    c:\windows\system32\werasd.exe   

      -HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components
      n/a Microsoft    Coded yardim60    c:\recycler s-1-5-21-1482476501-1644491937-682003330-1013\isei32.exe               

      3.Delete the following files
      c:\recycler s-1-5-21-1482476501-1644491937-682003330-1013\isei32.exe
      C:\WINDOWS\system32\wqsead (usernames)
      C:\WINDOWS\system32\852.reg  (threerandomnubers.reg)


      Detected as:-
      1.riskware not-a-virus:Client-IRC.Win32.mIRC.603 File: C:\werasd.exe
      3.BackDoor.Ircbot.FTF (AVG)

      Kaspersky doesnt detect isei32.exe while other files are not detected if Settings>>Threats and Exclusions>>PDS is switched off.

      Feb 9, 2009

      Gift for Signing Up on S60 Ambassdors Program

      CBM 512MB Credit Card Sized Flashdisk,the actual flashdisk is smaller than simcard

      Hanes Black XL T-shirt

      2 leeds  notebooks,1 black uniball pen,3 big s60 stickers,3 small s60 stickers for mobile,1 screen cleaner 

      4 port USB 1.1 hub and 1 comic(not in pic)

      I just signed up for S60 Ambassdors Program,i havent submitted any reports yet but i got the gifts (may be coz i am an old member)

      More Info on Gifts

      HD Tach RW

      Jan 10, 2009

      Airtel DSL Review

      Focus of the Post : Express Yourself

      Reduce Broadband Tariffs rather than spending millions on Rehman,Tendulkar,Zaheer,Gambhir,Shahrukh,Kareena,Saif,Madhavan,Vidya...

      Circle: UPE

      City: Lucknow
      Packages Used:
      DSL 999 - 256kbps Unlimited + Rs.50 modem rental + Service Tax@12.5 - Used for three months from October07-December 07
      DSL 499 - 64kbps Unlimited + Zero rental on modem + 100 Free Pulses + Service Tax@12.5 - Jan08-Aug08
      DSL 799 - 256kbps Unlimited + Zero Rental on modem + Serive Tax@12.5 - Aug08-Sep08
      Current Plan - BSNL 500 Decided to stay with Airtel coz i dont have enough time to run when the BB is down.
      DSL 599+100 - 128kbps Unlimited + 100 topup for 256kbps UL
      Home 799 - Few months
      Explorer 1099(Airtel/UE/FL/002) - 384kbps UL  + 1Mbps Night(10-5) UL - Great plan but still costly for me . The plan was extinct within days after launched .
      DSL 599 - 128Kbps UL Exam Time couldnt migrate back to Explorer 1099
      DSL 599 -  256kbps UL - New plan launched in UPE - 30th Dec 09 .Earlier the plan was available in Punjab. The difference between this and 799UL is the removal of free 100pulses.

      Total Installation cost for Airtel Broadband

      Madatory:-Rs 500 installtion charges for wiring and Beetel ADSL modem or Rs 1500 for ADSL Wifi-Router(Beetel 450BX).If airtel is new in your colony and they are expanding their customer base,the installation might be completely free.

      Optional Landline:-Rs 350 for Airtel Trend Landline Phone with SIM reader.Its optional to buy a LL unit from Airtel but the sales agent will insist that you buy them.This is an excellent phone the only problem is its display.After few months of usage the first few digits on the callerID will vanish.Another option is to go for a cordless phone CB53000 for Rs500.This  is also a good phone for indian conditions with 2 AAA rechargable Ni-MH batteries on the cordless handset and a backup battery for the receiver unit !!! that is built in the charger.The units will be repaired free of cost as long as you keep the connection.BSNL offers a free CLID instrument with their connection.

      -Extremely fast broadband installtion.Normally 1-3 days.They have separate departments for landline and braodband.Landline is installed first and broadband is installed the next day.Extermel

      Positive Points :
      -DL speeds were good,zero downntime.
      -Speed of 27-30KBps during day for 256kbps connection.After 10.30pm the speed increases upto 60kBps(45-60).The night double speed is an unofficial Airtel offering and has been stopped from Aug 2008 in my city.
      -Good quality landline phone given for under Rs.500.
      -Zero rental for modem on most plans.
      -Extremely responsive helpline.
      -100 pulses free for DSL499 plan.
      -Extremely professional and top-notch broadband installation and you dont have to feed the pockets of lineman.
      -After using Airtel for a more than a year its only two times when i got less than advertised speeds.(underground sea cable problem).
      -Plan change within 1-2 days.During holidays you can upgrade to higher speed plans and downgrade to the cheapest plan when you are not using the internet at all.Fair calcution of tariff when changing plans

      Negative Points:

      -Self imposed hello tune charges of Rs30.Hello Tune another first from Airtel is an old weaponry used to overcharge and harass its customers.
      -Billing problems initially but all resolved under few hours.
      -Very few payment centres in Lucknow.
      -There is high probability that you wont recieve your first bill coz if you quit the connection in the first month then commission is deducted from sales agent salary.
      -Cheque Bounce charge of Rs 200.
      -LIES - When downgrading to a cheaper plan you may be told that the plan is "not available in your area"(by area they mean colony).Simply tell them to disconnect the broadband or downgrade the plan.
      -LIES - Ownership of the modem is not made clear.BSNL charges monthly rent for modem or you can purchase the modem by paying an amount of Rs.1200 depending on the type of modem.In case of airtel you have to pay an installation charge of Rs500(or Rs1500 for Wi-Fi) but all plans are rent free.According to the call centre guys you have to submit the modem when disconnecting the connection.Smart tactics.
      -Secret plans 

      Speed on Demand -

      Landline Features:- Caller Tunes,Call Forwarding

      General View

      Airtel has extremely HIGH standards on in-house wiring,overhead wiring and everything related to your broadband.Few of my friends  have switched from Reliance Broadnet to Airtel just because of wiring issues.. If you are going for Airtel then opt for an unlimited plan because i dont think airtel has a proper usage checking system set up.Go for the least speed BB plan available and then upgrade.

      Security Issues:-
      -Airtel uses your complete landline number with STD code as username and account number as PPPoE password.If you forgot to change your default modem password then anyone can log into your modem and know your phone number.The username and password can then be used by the hacker to overbill the victim.Most people opt for unlimited plans but speed on demand works as advertised.

      -To change your speed you just need some other persons username and password.

      -In most circles the PPPoE password can be changed by logging into the local airtel portal.Its twelve months Jan-Dec08 but i have not been able to change my password in UPE.The local airtel portal is down and if anyone knows your account number(printed on the bill) then he can use your account.Port binding was implemented in Lucknow on August 18,2008.There are many cities where port binding has not yet been implemented.

      I would rate Airtel as the best ISP.I suggest you to keep Airtel if 50-100 bucks doesnt matter to you..If you are a web addict then another great option would be to take two connections, one from BSNL(Rs 500 upto 2mbps) and one from Airtel(UL plan)

      Airtel Broadband Settings
      Username: (eg:-
      Password : Eight Digit Account Number printed on the bill

      Deafult password modem : password

      ATM PVC Configuration
      VPI: [0-255] - 1
      VCI: [1-65535] - 32

      Xbox 360: How to connect to Bharti Airtel (India)

      Beetel Bx1 ADSL modem USB(Un Suitable for Broadband) drivers

      Why i am thinking of  switching to BSNL:-

      -I stopped receiving Bonus Speeds at Night in 256kbps UL
      -256kbps UL is cheaper by Rs.50
      -IPTV available on BSNL
      -20% discount for central-state government employees.

      Contd. with Airtel

      Update -28/7/09