Friday, January 21, 2011

Some interesting unknown facts of Microsoft

Some intersting facts about the Microsoft

The first Operating System Microsoft coded was Xenix, which was a version of UNIX under a different name. But it was MS-DOS made for IBM PCs that gave it a foothold in the software market.

The first Windows virus was called Winver 1.4.
and the biggest funny real fact is this
You can’t create a folder named CON, NUL, COM1, COM2, COM3, LPT1, LPT2, LPT3,COM1 to COM9 and LPT1 to LPT9.... in Windows OS.

Wondered?? lol...try yourself..!!
Posted by at No comments:

Top infected Virus of the year 2010 : removal instructions

Worm Zafi.B is the most wide spreaded virus(worm) in the year 2010.
Worm Zafi.B spreads very fast mainly via email attachments, also via filesharing networks.
The message subject and body text differs depending on the domain extension of the receiver's email address. Target email addresses are collected on the local computer and extracted from several files like temporary internet files and email address books.

Once the file has been executed, it will do following:

1. Creates mutex_Hazafibb
2. Prevents execution of the processes containing: regedit, msconfig, task, (eg: regedit, taskman, taskmon, mstask, msconfig)
3. Deletes the following files from Windows folder: fvprotect.exe winlogon.exe services.exe jammer2nd.exe

Removal Instructions:

All antivirus vendors had protection for the Zafi.B worm with their latest updates. Most of all antivirus softwares having the removal tool for Zafi worm.
Because Zafi.B may disable or overwrite existing antivirus products on infected machines, users may need to use one of the removal utilities or scanners mentioned above. If your antivirus has been overwritten, you will need to reinstall it when your system is free of Zafi.B.

The main infection is removed by deleting files in the Windows system folder and removing registry entries. If you're not familiar with the Registry editor, you should probably use one of the removal tools mentioned above. While we highly recommend that you back up your registry before editing, you should be aware that the backup you make contains entries associated with Zafi.B. Since the files are deleted, you may get errors if you restore from the backup at a future date. Once your system has been cleaned, and is operating properly, you may want to delete the backup that has Zafi.B entries in it.

1. Turn off System Restore if you're using Windows ME or XP. When you make changes to your system, Windows does a restoration checkpoint. If it does this while the system is infected, it may come back to re-infect later.
2. Restart the computer in Safe Mode. Since the Zafi.B worm creates running processes, and Windows doesn't allow you to delete files connected with running processes, restarting is necessary. Using Safe mode prevents Windows from loading drivers and auto run entries so your system boots relatively clean. In addition, Zafi.B blocks the use of Regedit which is required below.
3. Run a full system scan with an updated anti virus scanner. If your scanner does not remove everything, follow the next few steps.
4. Your antivirus software should, during detection, produce a list of files associated with the W32/Zafi.B or W32/Erkez virus (depends on scanner). The files will be copies of the worm stored in the Windows system folder and shared folders mentioned above. You should set your anti virus to delete them. If not, delete them manually.
5. Make a backup of the registry before you edit. Delete the Run entries associated with Zafi.B from the registry. These will be:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
and delete the key:
"_Hazafibb"="%system%\.exe"
Also delete the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\_Hazafibb
6. Exit the registry editor.
7. Re-enable System Restore, reboot machine.
8. Re-scan to be sure all files are clean.
Posted by at No comments:

Get the CD key from the Windows XP CD

To get the Windows XP CD key, follow the following steps.

1. Insert your WinXP CD in to the CD/DVD drive.
2. Now, browse your Windows XP CD and find the folder I386.
3. Inside I386 folder, find the file named as unattended.txt.
4. Open unattended.txt by using notepad.
5. keep scrolling of the opened file and you will get Windows XP CD key.
Posted by at No comments:

Encrypt your file from unauthorized access


If you don't wish to show your file to all the users in the computer or in a shared computer...encrypt the file by following the procedure below without using any software!!

   1. Click Start.
   2. In the Search box field type CMD and press Enter.
   3. In the command prompt, type cd… This will show you the C:\ Partition.
   4. Assuming that the picture you want to hide is under C:\  and that its name and extension is image.jpg  type: ren image.jpg image.txt (This is the syntax ren:(your file name and extension)(space)(your file name and the file extension you want to turn it to)
   5. The command above (ren image.jpg image.txt) will turn your image to a txt file. People trying to open such a  file will see unintelligible characters.
   6. Of course to get the picture back, simply type: ren image.txt image.jpg
   7. This trick works for every kind of file

Enjoy!!!!
Posted by at No comments:

Tweaks for Torrentz downloads

1. Choose your ISP wisely
The basic rule is that the maximum Torrent download speed that you can get can’t cross the upper limit of the bandwidth provided by your ISP. Usually ISP’s specify the upload and download maximum for the connections. So it is always better to have an ISP who provides better Download and Upload limits for an affordable price.

2. Choose the right BitTorrent client
Always choose the latest versions among the available BitTorrent clients. Bitcomet, Vuze etc are some of these latest versions available now. The latest versions are equipped with provisions for obtaining the highest download speed and an overall smooth downloading experience.

3. Check the seeds and peers and health
Always consider the torrents health...
A peer is a computer which participates in the P2P sharing either for downloading or uploading. A seed is a computer who has got a complete copy of the file and is sharing that file in the network. A leech is a computer who doesn’t have a complete copy of the file, and is downloading the file at the moment. A leech becomes a seed when it completes the download and shares it over the network. It is always advisable to choose the files with more number of seeds and less no of leeches. That means the file with the highest seed to leech ratio.

4. Altering the firewall configuration
By default the firewalls block all the BitTorrent connections coming through. This can adversely affect the downloading speed. So you must make sure that your firewall is configured in such a way that it allows the BitTorrent connections through it. This can be done by checking the box ‘Add Windows Firewall Exception” in the firewall settings following the path options/preferences/connection. For ease some users may disable the firewall, but it is strongly advised that you shouldn’t disable your firewall that it will open your computer to serious threats.

5. Limiting your upload rate
A peer to peer sharing is all about simultaneous upload and download. So every BitTorrent clients must upload some data at the same they are downloading some other data through torrent. For obtaining a high download speed you should vary your upload speed accordingly. Usually the upload maximum by the ISP is very much less than the download maximum. It is only 50Kbps for a 2Mbps connection. For fast downloading you can set your uploading speed to 80% of your maximum uploading speed.
You must vary the speed as the download progresses for an efficient downloading. Keep the uploading limit maximum in the beginning and then slightly decrease it as the download progresses. In mTorrent the upload limit can be set from the option
Global Upload Rate.

6. Selecting a different port
The default port for the BitTorrent file sharing is one between 6881 and 6999. As BitTorrent sharing involves high bandwidth usage the ISP’s usually throttle traffic on these ports. So you can increase the downloading speed by selecting some port above 10000. Usually mTorrent randomly assign the port as the application starts. So set a specific port with a number above
10000, by disabling the Randomize port checkbox.

7. Increasing the number of Maximum Half Open TCP Connections
Usually the maximum no of half open TCP connections in Windows XP with SP2 is set as 10 for blocking the virus multiplication. But torrent needs more. To facilitate this a patch TCPIP.sys is available. Through this patch you can set the maximum no of open TCP connections. Set it to any number between 50 and 100.

8. Protocol encryption
Some ISP’s constrict the bandwidth for P2P sharing. Protocol encryption can be used to override this restriction. Check the Allow incoming legacy connections box and make the outgoing Encryption as Disabled for getting maximum speed on Torrent downloads. Between non-encryption is not advisable as it may lead to some encrypted client to be left as undiscovered.

9. Connections and bandwidth
The BitTorrent client you are using will allow you to enter values for Global maximum no of connections: It is the maximum no of connections BitTorrent client can make for any P2P sharing. Setting this no to a very high value will take up useless bandwidth, and to a very low value will miss out some peers. For a 256kbps connection you can set this number to 130. Maximum no of connected peers per torrent: Set this no to one which is closer to the no of available peers for the file.

No of upload slots per torrent: It gives the maximum no of peers to which the BitTorrent client uploads at a time. Since a low settings may affect the download set it to a moderate low value.

10. Miscellaneous
Disable the individual files for download along with a particular file, if we don’t want them at the beginning of download. Be familiar with your BitTorrent client settings from the users manual or web.
Posted by at No comments:

BIOS password Reset/Recover !

Almost all motherboards contain a jumper that can clear all CMOS settings along with the BIOS password. The location of this jumper varies depending upon the motherboard brand. Read your motherboard manual to check its location. If you don't have the manual then look for the jumpers near the CMOS battery. Most of the manufacturer label the jumper as CLR, CLEAR, clear CMOS, etc.
There will be 3 pins and the jumper will be joining the center pin to either left or right pin. What you need to do is remove the jumper and join the center pin to the opposite pin. e.g. if the jumper joins center pin to left pin, then remove it and join center pin to right pin. Now wait for a few seconds and then again remove the jumper and join the center pin to left pin.
Posted by at No comments:

Common Windows errors and Solutions

1.Whenever I start my computer, My Documents or My Computer opens automatically at windows startup.

Solution: Open regedit and goto:

 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

In right-side pane, change value of "Userinit" to:

C:\WINDOWS\system32\userinit.exe,

then goto:

 HKEY_CURRENT_USER\Software\Microsoft\Windows\Current Version\Explorer\Advanced

In right-side pane, change value of "PersistBrowsers" to 0

then restart,thats all.

note:to open regedit,go to Run-> type regedit

2.Whenever u start my computer, you may get error message as follows:

    "Windows\System32\config\system" file missing or corrupt.

Solution: Boot using Windows Setup CD and enter into "Recovery Console" by pressing "R". Now Log into windows installation and enter admin password. Now type the following at the command prompt
copy %windir%\Repair\system %windir%\System32\Config

If it doesnt work, then again boot into "Recovery Console" and give following commands:

fixmbr
bootcfg /scan
bootcfg /rebuild
fixboot

3.When u start your PC,you may get an error message as follows:

    NTLDR is missing
    or
    Boot: Couldn't find NTLDR

Solution: Boot using Windows Setup CD and enter into "Recovery Console" by pressing "R". Now Log into windows installation and enter admin password. Now give following commands at prompt:

copy x:\i386\ntldr c:\
copy x:\i386\ntdetect.com c:\

Where "x" is your CD drive.

4.Whenever I double-click on any drive or folder in My Computer, a Search window opens automatically.

Solution: Open regedit and goto following keys one by one:

    HKEY_CLASSES_ROOT\Directory\shell
    HKEY_CLASSES_ROOT\Drive\shell

In right-side pane, delete the "Default" key. If it doesn't work then delete the key "find" under both registry entries.
Posted by at No comments:

List of Windows Error Code and Solutions

STOP 0x0000001E KMODE_EXCEPTION_NOT_HANDLED

Causes
A "STOP 0x0000001E KMODE_EXCEPTION_NOT_HANDLED" error message indicates that an error condition was detected by the kernel and Windows was unable to continue running because of this error condition. The types of problems that can cause a "STOP 0x0000001E KMODE_EXCEPTION_NOT_HANDLED" error message are very similar to the problems that cause a "STOP 0x0000000A" error message, such as bad pointers, invalid addresses and other types of access violations. The STOP 0x0000001E bug check identifies an error that occurred in a section of code where no error handling routines exist.

Solution :
  • Try to replace the driver that is identified in the STOP error message, either with a known good copy from your installation media, or with an updated version from the manufacturer.
  • Disable the driver that is identified in the STOP error message or any newly installed drivers.
  • Verify that any new hardware or software is properly installed. Disconnect the new hardware or replace it to see if this resolves the issue.
  • If you have a video driver that was not supplied with the operating system, try switching to the standard VGA driver or a driver that is compatible with the operating system.
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a RAM check. If this is a new installation of the hardware or software, contact the manufacturer for any requires updates for drivers or firmware.
  • Disable all filter drivers, such as remote control software, antivirus programs, backup programs, and so on.
Stop: 0x0000000A IRQL_NOT_LESS_OR_EQUAL
Causes
This error occurs when a driver uses an incorrect memory address. Other possible causes of this error are an incompatible device driver, a general hardware problem, and incompatible software.

Solution
  • Look for other hardware issues. Remove any newly installed Hardware. Remove all adapters and disconnect all hardware devices that are not required to start the computer.
  • Perform a Driver Rollback if incase a driver has been updated for a particular component.
  • Examine third-party software or drivers.
  • Use the Last Known Good configuration.
  • Use the Windows XP System Restore feature is system boots into SAFE MODE.
  • Repair the Windows XP installation.
Stop 0x00000218 UNKNOWN_HARD_ERROR

Cause
A Stop 0xc0000218 error message means that a necessary registry hive file could not be loaded. This error message can occur if the file is corrupt or missing.

Solution
  • Start your computer by running the Recovery Console, run the chkdsk /p command on the drive, and then restart your computer. Test to determine whether the issue is resolved.
  • Use the Last Known Good configuration.
  • Reinstall Windows in a separate folder. 
Stop 0x0000021A or STATUS_SYSTEM_PROCESS_TERMINATED

Cause
The Stop 0xC000021A message occurs when Windows XP switches into kernel mode and a user-mode subsystem, such as Winlogon or the Client Server Runtime Subsystem (CSRSS), is compromised and security can no longer be guaranteed. Because Windows XP cannot run without Winlogon or CSRSS, this is one of the few situations where the failure of a user-mode service can cause the system to stop responding

Solution
  • Perform a Driver Rollback in case the customer has updated the driver for a specific component.
  • Perform a System Restore from Safe Mode with command prompt
  • Reinstall the Operating System.

Stop 0x00000221 or STATUS_IMAGE_CHECKSUM_MISMATCH

Cause
This Stop message indicates driver, system file, or disk corruption problems (such as a damaged paging file).
This message usually means that a driver or a .dll file has become corrupt

Solution
  • Perform a Driver Rollback if incase a driver has been updated for a particular component.
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a RAM check.
  • Perform a System Restore from Safe Mode with command prompt.
  • If all Hardware fully functional reinstall Operating System.
Stop 0x00000024 or NTFS_FILE_SYSTEM

Cause
A problem occurred within NTFS.SYS, the driver file that allows the system to read and write to NTFS file system drives. There may be a physical problem with the disk, or an Interrupt Request Packet (IRP) may be corrupted.

Solution
  • Run chkdsk /r or chkdsk /f to detect and resolve any file system structural damage.
  • After you use the Chkdsk tool to repair the corrupted NTFS volume, rename %SystemRoot%\System32\Drivers\Ntfs.old to Ntfs.sys, and then shut down and restart the computer.
  • Try disabling any virus scanning programs, backup programs, or disk defragmenter tools that constantly monitor your computer.
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a HDD check. 
Stop 0x0000002E or DATA_BUS_ERROR

Cause
This indicates a system memory parity error, typically caused by failed or defective RAM (including motherboard, Level 2 cache, or video memory), incompatible or mismatched memory hardware, or when a device driver attempts to access an address in the 0x8xxxxxxx range that does not exist (does not map to a physical address). It also can indicate hard disk damage caused by viruses or other problems.

Solution
  • Look for other hardware issues. Remove any newly installed Hardware.
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a RAM and HDD check.
  • Perform a Driver Rollback if incase a driver has been updated for a particular component. 
Stop 0x00000050 or PAGE_FAULT_IN_NONPAGED_AREA

Cause
The Stop 0x50 message indicates that requested data was not in memory. The system generates an exception error when using a reference to an invalid system memory address. Defective memory (including main memory, L2 RAM cache, video RAM) or incompatible software (including remote control and antivirus software) might cause Stop 0x50 messages.

Solution
  • Look for other hardware issues. Remove any newly installed Hardware.
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a RAM check.
  • Perform a Driver Rollback if incase a driver has been updated for a particular component. 
Stop 0x00000077 or KERNEL_STACK_INPAGE_ERROR

Cause
A page of kernel data requested from the pagefile could not be found or read into memory. This message also can indicate disk hardware failure, disk data corruption, or possible virus infection.

Solution
  • Run any system diagnostics that are supplied by your computer manufacturer.
  • Run chkdsk /r or chkdsk /f to detect and resolve any file system structural damage.
  • Use the Windows XP System Restore feature is system boots into SAFE MODE.
  • Run a current virus-checking program.
  • If all Hardware fully functional reinstall Operating System. 
Stop 0x0000007A or KERNEL_DATA_INPAGE_ERROR

Cause
A page of kernel data was not found in the pagefile and could not be read into memory. This might be due to incompatible disk or controller drivers, firmware, or hardware.

Solution
  • Stop 0x7A can be caused by bad sectors in the virtual memory paging file, disk controller error, virus infection, or memory hardware problems.
  • Run chkdsk /r or chkdsk /f to detect and resolve any file system structural damage.
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a HDD check.
  • If all Hardware fully functional reinstall Operating System. 
Stop 0x0000007B or INACCESSIBLE_BOOT_DEVICE

Cause
The Stop 0x7B message indicates that Windows XP Professional has lost access to the system partition or boot volume during the startup process.

Solution
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a HDD check.
  • Rebuild the Boot.ini file.
  • Run chkdsk /r or chkdsk /f to detect and resolve any file system structural damage.
  • If all Hardware fully functional reinstall Operating System. 
Stop 0x0000007F or UNEXPECTED_KERNEL_MODE_TRAP

Cause
One of three types of problems occurred in kernel-mode: (1) Hardware failures. (2) Software problems. (3) A bound trap (i.e., a condition that the kernel is not allowed to have or intercept). Hardware failures are the most common cause.

Solution
  • Run any system diagnostics that are supplied by your computer manufacturer, especially a RAM check.
  • Running the CPU beyond the rated specification, known as "overclocking," can cause Stop 0x7F or other error messages due to heat buildup. When diagnosing problems on overclocked systems, first restore all clock and bus speed settings to the manufacturer recommended values to determine if this resolves the issues.
  • Use the Windows XP System Restore feature is system boots into SAFE MODE.
  • If all Hardware fully functional reinstall Operating System. 
Stop 0x000000C2 or BAD_POOL_CALLER

Cause
The Stop 0xC2 message indicates that a kernel-mode process or driver incorrectly attempted to perform memory operations.
• Faulty Driver or Software.
• Failing or Defective hardware.

Solution
• Perform a Driver Rollback in case the customer has updated the driver for a specific component.
• Perform a System Restore from Safe Mode with command prompt.
• Remove the modem and Repair the OS.
Stop 0x000000ED or UNMOUNTABLE_BOOT_VOLUME
 Cause
The kernel mode I/O subsystem attempted to mount the boot volume and it failed.
File system structural corruption.
Upgrade to Windows XP Professional on systems that use higher throughput ATA disks or controllers with incorrect cabling. Higher transfer rates when using the incorrect cable type.

Solution
• Run any system diagnostics that are supplied by your computer manufacturer, especially a HDD check.
• Run the CHKDSK /r to repair the File System.
• If the Hardware is fully functional reinstall the Operating System.
Stop 0x000000F4 KERNEL_DATA_INPAGE_ERROR
 Cause
This problem occurs on a computer in which Windows XP or a later operating system is installed on a hard disk that is configured as a subordinate and no other device is connected to the same IDE controller channel (primary or secondary).

Solution
  • To resolve this behavior, use one of the following methods:
  • For Parallel Advanced Technology Attachment (PATA) hard disks, configure your disk drive as master only. For Serial Advanced Technology Attachment (SATA) hard disks, connect the hard disk cable to a master channel SATA connector on the motherboard.
  • Connect another device as a master, such as another disk drive or a CD drive or DVD drive.
  • Change your PATA and SATA IDE cable even if the cable does not appear worn.
  • Install Windows on a new hard disk because it is possible that your hard disk or your Windows installation may be corrupted.
 
Posted by at No comments:
Subscribe to: Posts (Atom)