a bunch of nice computer guide, tips, tricks and ideas - DAILY UPDATED!

How to Enable Processor Based Security

2007-03-02T08:15:00.000+08:00

At last PCs operating under Windows have a security level similar to that used by high performance servers. This technology known under names that vary from manufacturer to manufacturer, such as NX (No eXecute), EVP (Enhanced Virus Protection), XD (eXecute Disable), or DEP (Data Execution Protection) allows the processor itself to detect when a malicious code (such as a virus or a Trojan horse) is attempting to run and automatically disables such code, "drowning" the virus. In this short tutorial we will teach you how to enable this feature.

This technology works creating separate areas for the execution of programs and for data storage in the RAM memory of the computer, If a code in the area set aside for data storage tries to run, the processor understands that as something suspicious and prevents the execution of the code. How to Enable Processor-Based Security Hardware Secrets

Delete Hiberfil.sys in Windows XP before defragmenting

2007-03-02T08:11:00.000+08:00

If you use the Windows XP's Hibernation feature on your laptop, you may want to delete the Hiberfil.sys file from the hard disk before defragmenting. When you put your computer in hibernation, Windows XP writes all memory content to the Hiberfil.sys file before shutting down the system. Then, when you turn your computer back on, the OS uses the Hiberfil.sys file to put everything back into memory, and the computer resumes where it left off. However, Windows XP leaves the Hiberfil.sys file on the hard disk, even though it's no longer needed.

The Hiberfil.sys file, which can be very large, is a special system file that Disk Defragmenter cannot defragment. Therefore, the presence of the Hiberfil.sys file will prevent Disk Defragmenter from performing a thorough defragmenting operation.

Follow these steps to remove the Hiberfil.sys file from the hard disk:

Access the Control Panel and double-click Power Options.
Select the Hibernate tab in the Power Options Properties dialog box.
Clear the Enable Hibernation check box and click OK.

As soon as you clear the check box, Windows XP automatically deletes the Hiberfil.sys file from the hard disk. Once you complete the defrag operation, you can re-enable the Hibernation feature.

Examining a Blue Screen of Death error with the Watchdog Event Log

2007-03-02T08:05:00.000+08:00

Troubleshooting Blue Screen of Death (BSoD) errors, or as Microsoft calls them, Stop messages, can be extremely frustrating due to the fact that, by default, Windows XP automatically restarts the computer as soon as a BSoD error occurs. There's not enough time for you to analyze, let alone read, the error code before the message disappears.
You could disable the Automatically Restart option in the Startup And Recovery dialog box, but doing so might lock your system into an unrecoverable error situation. As such, that's not an advisable solution.
Fortunately, Windows XP keeps a special log of all BSoD errors, called a Watchdog Event Log. Unlike a memory dump, whose creation is the result of a BSoD error, a Watchdog Event Log is a straight text file that is easier to read and understand.

Here's how you access a Watchdog Event Log:

Use Windows Explorer to access the C:\Windows\LogFiles\Watchdog folder.
Locate and right-click the most recently dated .WDL file.
Select the Open command from the context menu.
In the Windows dialog box, choose the Select The Program From A List option and click OK.
When you see the Open With dialog box, select Notepad and click OK.

Launch Windows Explorer with administrative privileges on Windows XP Pro

2007-03-02T08:00:00.000+08:00

When you're working on a user's computer and need to perform an administrative task from within her Windows XP Pro limited user account, you can use the Run As command to launch certain utilities with administrative account privileges.

However, if you try to use Run As to launch Windows Explorer with administrative privileges, nothing happens. This is because Explorer.exe is already running and only one instance of Explorer can run at a time. More specifically, when you launch Explorer.exe, the first thing it does is check to see if it is already running. When the second instance of Explorer.exe sees that the first instance of Explorer.exe is already running, the second instance of Explorer.exe closes without any outward notification. Here's how you can work around it.

Internet Explorer 6
Internet Explorer 6 will work with Run As and will allow you to tap into Windows Explorer. Here's how:
1. Right-click the Internet Explorer icon in the Quick Launch toolbar and choose Run As. (Keep in mind that you cannot access Run As from the Internet Explorer icon that appears on the desktop or on the Start menu.)
2. Fill in the appropriate administrative account credentials in the Run As dialog box.
When Internet Explorer launches, type C:\ in the Address bar.
3. After you follow these steps, Windows Explorer will appear in the same window, and it will be running with administrative privileges.

Internet Explorer 7
If you're using Internet Explorer 7, the steps for Internet Explorer 6 won't work because, as part of the new security features in version 7, Internet Explorer is no longer integrated with Windows Explorer. You must use the standard method for launching Windows Explorer with administrative privileges. Here's how:
1. Log on to the computer with the Administrator account.
2. Access the Control Panel and launch Folder Options.
3. When you see the Folder Options dialog box, select the View tab.
4. Scroll down the Advanced Settings list and select the Launch Folder Windows In A Separate Process check box, click OK, and then log off.

The next time you work on that user's computer and need to perform an administrative task from within her limited user account, you can use Run As to launch Windows Explorer with administrative privileges.
Note: This tip only applies to Windows XP Professional.

Don't be misled by these Windows Vista myths

2007-02-26T20:07:00.001+08:00

1. You’ll have to buy a new, high-end PC to run Vista

Many in the mainstream media are claiming that to run Vista, you’ll almost certainly have to buy a new computer. This myth is undoubtedly being encouraged by hardware vendors, but it’s not true. I was able to install Vista on my existing Dell Dimension mid-priced system with no problems, and the existing video card, an ATI x600, runs Aero Glass.

If your computer is older or a low-end machine, you can still probably install and use Vista but you may not get the Aero Glass interface. Although Glass adds a lot of “wow” factor, it’s not something that’s essential to getting work done. You'll still benefit from Vista’s security enhancements, search functionality, and added features. If you do want the Glass look, you still may not need to buy a new system. Instead, you can add RAM to bring your system up to the 1 GB recommended for Glass and install a new video card that supports it.

Another myth I’ve heard is that only PCI Express (PCIe) video cards support Aero Glass, so if your computer doesn’t have a PCIe slot, you’re out of luck. That’s not true either. Video card vendors have regular PCI cards that will run Glass. I’m running it on a system with a relatively inexpensive GeForce 5200 card with 256 MB of memory in a regular PCI slot.
If you do choose to buy a new PC, you don't need a high-end one that costs thousands of dollars to run Vista. Just a couple of days after the launch, retailers began offering machines preloaded with Vista Home Premium, complete with LCD monitors, for as low as $600.

2. Vista will solve all your security problems

Microsoft is touting Vista’s improved security, but no operating system is perfectly secure (and no OS ever will be). Running Vista doesn’t mean you don’t still need perimeter firewalls, antivirus protection, and other third-party security mechanisms.

Because much of operating system, including its networking technologies, has been redesigned and new code written, Vista is likely to present some vulnerabilities that weren’t in older versions of the OS even as it fixes many that were. This is true of any new software and Vista, despite its focus on security and Microsoft’s best efforts, is no exception.

In fact, Microsoft shipped the first critical security update for Vista over a year ago, when it was still in the beta testing stage. It will be just as important with Vista as with any other operating system to ensure that updates are installed regularly. The danger is that novice users, hearing that Vista is more secure, may let their guard down and fail to take the protective measures necessary to prevent attacks, virus infestations, etc.

3. Vista is no more secure than XP SP2

On the other hand, some of Vista’s detractors have been claiming that the new operating system offers no security advantage at all. I’ve heard computer “experts” on the radio say that Vista is no more secure than Windows XP with Service Pack 2, and an eWeek article last summer went so far as to report that Symantec security researchers were contending that Vista “could harbor a range of vulnerabilities that will make it less secure than previous iterations of Windows.”

It’s true that, properly updated, Windows XP is a pretty secure OS. But Vista includes a number of new security enhancements that XP doesn’t have. For example, User Account Control (UAC) in Vista protects against attacks that rely on elevation of privileges. Internet Explorer 7, when running on Vista, leverages UAC to run in Protected Mode, which keeps Web applications from writing to system folders. IE7 doesn’t run in Protected Mode on XP.

BitLocker drive encryption, available in Vista Enterprise and Ultimate versions, provides a way to keep unauthorized persons from accessing sensitive data on a stolen or lost laptop. The Windows Firewall in Vista allows you to block outgoing traffic as well as incoming. Windows service hardening reduces the potential for damage if one of Windows’ services is compromised. Vista includes the Network Access Protection client, which allows administrators to restrict computers that are properly updated or don’t have antivirus, anti-spyware, or firewalls from connecting to company networks.
Those are just a few of the new security improvements included in Vista.

4. You can’t dual boot Vista with another operating system

One of the strangest and most inaccurate statements I heard was that “With Vista, you can’t run two operating systems on the same computer like you could in the past.” That’s news to me, as I’m currently running two computers that dual boot Vista and XP. As with previous versions, a boot menu is displayed when the computer starts, and you can choose either Vista or Previous version of Windows.

5. Most old applications and peripherals won’t work with Vista

Circulating amongst the FUD (fear, uncertainty, and doubt) being spread about Vista is the idea that upgrading will subject you to all kinds of application incompatibilities. Some programs made for XP, especially those that hook into the kernel, like antivirus programs and some system utilities, won’t work with Vista. However, the majority of applications that run on XP will also run on Vista.
In some cases, you may need to install or run older programs in Compatibility mode (right-click the program file, select Properties, and click the Compatibility tab to select compatibility options) and/or run the program as an administrator for it to work properly.
You don’t have to figure out most compatibility issues for yourself. Vista comes with the Program Compatibility Assistant, which can detect what changes need to be made to run a program and resolve conflicts with UAC that may be preventing a program from running correctly. It runs automatically when it detects an older program that has compatibility issues. You can also use the Program Compatibility Wizard, a tool that you run manually from the Control Panel Programs and Features section (in native view).

There have also been many reports about hardware peripherals, especially printers and scanners, that don’t work with Vista. It’s true that some hardware vendors were slow to provide Vista drivers during the Vista beta testing period. By the time Vista launched to the consumer market, though, many hardware drivers were included on the installation DVD and many more will be made available in the next few months.

My older HP OfficeJet G55 had no problems working with Vista, and if you peruse the list of supported printers (Control Panel Printers Add A Printer Wizard), you’ll see that Vista supports a large number of printers from HP, IBM, Brother, Canon, Citizen, Dell, Epson, Fujitsu, Konica, Kyocera Mita, Lexmark, Minolta, NEC, Oki, Panasonic, Ricoh, Samsung, Sharp, Sony, Xerox, and other major printer vendors.

6. You have to buy a Premium version of Vista if you have a dual core machine

There was initially some confusion over the specification that Vista Home Editions support only a single processor. Some folks took this to mean that that version of Vista wouldn’t run on dual core machines.
Dual core CPUs do contain two processors—but they’re combined on one chip or die. This is called chip-level multiprocessing and it’s different from having two separate physical processors installed on the same machine. Even though a dual core machine will show the activity of two processors in Windows performance monitoring tools, Microsoft’s definition of “processor” refers to the number of physical CPUs, not the number of cores.

7. You won’t be able to play ripped music in Vista

Have you heard about the horrors of Vista’s DRM (Digital Rights Management)? Some people have implied that it will prevent you from playing any music or movie files unless you download and pay for them online. Others are speculating that even the media you do buy may be blocked.

Interestingly, the people who are spreading this one all seem to be folks who have never used Vista (and, according to many of them, never will). The real story: I have no problem playing music files that were ripped from CDs on Windows Media Player 10 or in Vista’s Windows Media Center application. Yes, I legally own the CDs, but Vista has no way of knowing that. All of the media that imported from my XP Windows Media Center computer, including recorded TV programs, played without a problem.

Pharming Attack Slams 65 Financial Targets

2007-02-26T20:04:00.001+08:00

An Internet based attack aimed at about 65 financial targets in the United States, Europe and Australia was shut down after a two and a half day run. Hackers launched the "pharming" attack on Monday, Feb. 19 and authorities shut it down on Wednesday. (...Read more)

Microsoft starts feeding antipiracy tool to users in 21 countries

2007-02-26T20:03:00.001+08:00

Microsoft Corp. has updated its antipiracy software for Windows XP for English speakers, and begun rolling out the optional tools to users in 21 additional countries, including some the company has tagged as centers of counterfeiting. (...Read more)

Firefox 3 To Support Offline Apps

2007-02-21T09:17:00.000+08:00

An interesting tidbit came out of the recent Foo Camp New Zealand (which unfortunately I wasn’t able to attend). Robert O’Callahan from Mozilla, who is based in NZ but drives the rendering engine of Mozilla/FireFox, spoke about how Firefox 3 will deliver support for offline applications. This is significant because you’ll be able to use your web apps - like Gmail, Google Docs&Spreadsheets, Google Calendar, etc - in the browser even when offline. I deliberately mentioned all Google web apps there, because of course this plays right into Google’s hands.

Although Mozilla is an open source organization, some of its top workers are employed by Google.So it’s a very cozy relationship. We’ve discussed before how Firefox 3 as information broker suits Google very nicely, because the Mountain View company has a number of best of breed web apps - and if it’s not building them, it’s acquiring them Firefox 3 To Support Offline Apps

Windows Genuine Advantage (WGA) to be upgraded

2007-02-21T09:12:00.000+08:00

Microsoft's controversial anti piracy application, Windows Genuine Advantage (WGA), is to be upgraded next week. The WGA Notifications tool allows Microsoft to see whether or not your copy of Windows and other Microsoft software programs were purchased and installed legally when your PC is connected to the internet.The WGA programme has caused a storm in some quarters, with many claiming that it is an invasion of privacy

Shockwave Trojan Information and Removal

2007-02-21T09:05:00.000+08:00

What is the Shockwave Trojan Virus?

Remember all those warnings you hear about never opening an .exe attachment! This virus is why those warnings appear. Discovered on November 30, 2000 this virus has the subject "A great Shockwave flash movie" and the attachment is "CREATIVE.EXE." Using Outlook, the trojan sends itself as an attachment to every address listed in the address book of the infected user. This Trojan also changes the filenames of all JPG and ZIP files and then moves the files to the C:\ root directory. Because Shockwave is a standard format for animation, most people will just think its a "cute" file and open it...then the trouble starts.

How to Clean/Delete the Shockwave Trojan?

Delete the Creative.exe file from the Windows Startup folder and restart the computer. Then use the file called C:\ MESSAGEFORU.TXT to manually move and rename the JPG and ZIP files that the virus changed. The filenames of these files are then appended with the text "change atleast now to LINUX". For example, "XXXX.ZIP" becomes "XXXX.ZIPchange atleast now to LINUX". The file C:\MESSAGEFORU.TXT logs the original location of all files so it can be used to restore all moved files.

When viewed, the file C:\ MESSAGEFORU.TXT contains the following text:
Hi, guess you have got the message. I have kept a list of files that I have infected under this. If you are smart enough just reverse back the process. i could have done far better damage, i could have even completely wiped your harddisk. Remember this is a warning & get it sound and clear... - The Penguin

How to Remove BlazeFind (BlazeFind Removal)

2007-02-18T15:17:00.000+08:00

BlazeFind is a spyware implemented as Internet Explorer Browser Helper Object. This program redirects browser search requests to its controlling server and displays popup advertisements on your computer. It may also slow down the performance of Internet Explorer.

Follow these removal steps to remove this spyware from your computer:

1. Reboot the computer to Safe Mode (Press F8 when Windows starts).
2. Open a DOS command prompt window ( Start > Run , type 'cmd' (on Windows NT/2000/XP ) or 'command' (on Windows 95/98/Me)) and enter the following commands,... Remove BlazeFind - Adware & Spyware Removal Instructions

Firefox Flaw Could Let Attackers Change Cookies

2007-02-18T15:15:00.001+08:00

A bug was recently uncovered in Firefox that could allow a malicious Web site to appear authentic. The bug affects the way Firefox handles writing to the "location.hostname" DOM property, according to a posting by security researcher Michal Zalewski on the security mailing list Full Disclosure. The vulnerability could potentially allow a malicious Web site to manipulate the authentication cookies for a third-party Web site.

By bypassing same-origin policy, attackers can possibly tamper with the way these sites are displayed or how they work. For users, this means the bug could allow for the browser to appear as if the user were connecting to a bank, when in fact the user would instead be receiving data from an attacker. Firefox Flaw Could Let Attackers Change Cookies

Windows Genuine Advantage (WGA) to be upgraded

2007-02-18T15:13:00.000+08:00

Microsoft's controversial anti piracy application, Windows Genuine Advantage (WGA), is to be upgraded next week. The WGA Notifications tool allows Microsoft to see whether or not your copy of Windows and other Microsoft software programs were purchased and installed legally when your PC is connected to the internet.

The WGA programme has caused a storm in some quarters, with many claiming that it is an invasion of privacy. Anti-piracy tool to be upgraded - Web User News

Storm Worm DDoS Attack

2007-02-12T08:20:00.000+08:00

number of antispam websites came under a distributed denial of service attack on January 12, 2007. The trojan responsible for the attack was one of several dropped onto systems infected by a seeding of the email virus which later came to be called "Storm Worm", also W32/Small.DAM and Trojan.Peacomm.Researching further back in time, we find that variants of the same malware family were released in similar fashion in November, December and early January. Many AV companies labeled the previous variant "Win32/Nuwar".When Storm Worm runs, it attempts to link up with other infected hosts via peer-to-peer networking. Through this conduit it gets a URL which points to a second-stage executable, which in turn downloads additional stages onto the infected system. Storm Worm DDoS Attack - Research - SecureWorks Linked by shanmuga Saturday, 10th February 2007 9:41AM

10 tips for troubleshooting slowdowns in small business networks

2007-02-10T03:51:00.000+08:00

Network congestion and slowdowns--whether caused by faulty hardware, negligent users, viruses or spyware applications gone wild, or other factors--lead to serious headaches for network administrators and support personnel. By keeping a wary eye tuned for the following 10 items, IT professionals can help prevent the most common causes of network slowdowns.

#1: Bad NICs
Intermittent network errors, particularly those isolated to a specific workstation or server, can often be traced to a failing network interface card. When you believe a network adapter may be failing, visually inspect the card's LED link lights.
A solid green (or amber) LED indicates the NIC has a good active physical connection with another network device, such as a network switch or router (blinking LEDs typically indicate the NIC possesses an active connection and is processing network traffic). If the LED is not lit green, it's likely the network adapter is disabled within Windows or doesn't have an active connection to the network. It's also possible the cable plugged into the NIC is connected to a nonfunctioning wall-jack or faulty network port.
If you can rule out nonfunctioning wall-jacks and faulty network ports (the easiest method of doing so is to connect the same network connection to a laptop known to have a properly functioning network adapter), and if the network adapter is properly enabled and configured in Windows, it's likely the NIC is bad and requires replacement.

#2: Failing switches/routers
Many network slowdowns are foreshadowed by strange occurrences. For example, regular Web traffic may work properly, but e-mail may stop functioning. Or, regular Web traffic may work properly but attempts to connect to any secure (HTTPS) sites may fail. In other cases, Internet access simply ceases across the board.
Often the best remedy for inconsistent network outages and/or slowdowns is to reboot or power cycle the network's routers/switches. If local network connectivity exists (if users can view and access network shares) but they are not receiving e-mail from external users or cannot access the Internet, rebooting or power cycling the WAN modem can often return the network to proper operation.
If you're having to reboot or power cycle a piece of network equipment consistently, make sure that it's connected to a quality uninterruptible power supply. Power fluctuations often result in confused switches and routers. If a network device is connected to a good UPS and still frequently experiences trouble, it may be necessary to replace the failing switch, router, or modem.

#3: Daisy chaining
As organizations grow, particularly small businesses, outside IT contractors often implement simple solutions. Many consultants choose to simply add a five-port router to an existing four-port router/firewall. Small businesses everywhere boast just such a setup.
However, as switches are added to a network, data packets must navigate additional hops to reach their destination. Each hop complicates network routing. Depending upon the amount of traffic a network must support--and even a small dentist's or doctor's office can easily stress 10/100 Mbps systems due to X-ray imagery, patient file information, and other data--the addition of an extra hop or two can spell the difference between a smooth running network and one that frequently slows employee productivity to unacceptable levels.
Resist the urge to daisy chain multiple network switches and routers. Instead, plan for capacity. Or if unforeseen growth has resulted in successive connected switches, eliminate as many devices as possible through consolidation to a more potent and scalable unit.

#4: NetBIOS conflicts
NetBIOS, still in use on many Windows NT 4.0 networks in particular, contains many built-in processes to catch and manage conflicts. Occasionally, however, those processes don't handle conflicts properly. The result can be inaccessible file shares, increased network congestion, and even outages.
Guard against NetBIOS conflicts by ensuring older Windows systems all receive the most recent service packs. In some cases, Windows NT 4.0 systems having different service packs will generate telltale NetBT (ID 4320) errors.
Strange network behavior can also occur when two systems are given the same computer name or when two systems both believe they serve the master browser role. Sometimes the error will log itself as Event ID 8003 in a server's system log. Disabling WINS/NetBT name resolution (only if it's not required) can eliminate such issues.
If disabling NetBT is not an option, such errors can often be eliminated by identifying the second system that has the same computer name within the same domain and giving it a new name or by restarting the Netlogon Service on the domain controller. Yet another option for eliminating legacy NetBT issues is to search a system's LMHOSTS file for inaccurate or outdated entries. Some IT professionals claim they've solved similar errors by disabling and re-enabling the NIC on the offending system.

#5: IP conflicts
Windows typically prevents two devices with the same IP address from logging on to the same network (when using DHCP). But occasionally, two systems with the same address wind up on the same network. For example, one system could receive an address automatically, while another computer logs on using a static address specified by a user. When such conflicts occur, network slowdowns result (and the systems sharing the same address frequently experience outages).
Troubleshoot IP address conflicts by ensuring you don't have a rogue DHCP server on the network. Confirm, too, that configured DHCP scopes don't contain overlapping or duplicate entries and that any systems (such as servers and routers) that have been assigned static IP addresses have been excluded from the DHCP pools.

#6: Excessive network-based applications
Occasionally, networks are overrun by the applications they power. For example, a physician's office that uses a Web-based patient and practice application will commonly have every workstation logged on to the program during business hours. Retrieving data from the patient database and consistent monitoring of appointment and scheduling information alone can place stress on even a well-architected network.
Add in the fact that each workstation is likely tuned to e-mail (and many offices are turning to VoIP) and it's easy to see how introducing a few streaming audio/video files to the mix (either in the form of online music services, news videos, or instructional medical presentations and Webinars) can unacceptably slow a 10/100 Mbps network's performance.
Implement policies--and if necessary, hardware-based Web filtering tools--to prevent applications from overwhelming available network bandwidth. Make sure employees understand they're not to stream unnecessary audio and video files. Further, when working with VoIP, be sure adequate data pipes are in place to manage both voice and data traffic.

#7: Spyware infestation
Spyware, the scourge of the last few years, finally appears to be meeting its match in business environments. The development of potent anti-spyware tools, combined with effective end user policies, is reducing the impact of spyware in many organizations. Windows Vista includes Defender, a decent anti-spyware application powered by the popular Giant engine.
However, infestations still occur, particularly on older systems that haven't been properly safeguarded. Implement strong user policies and either gateway-based protection or individual client applications to prevent spyware programs from consuming precious network bandwidth.

#8: Virus infestation
Just as spyware is proving containable within business environments, so too are viruses. That said, despite an administrator's best efforts--including firewall deployment, routine and consistent Windows patching, and the use of regularly updated antivirus programs--viruses do get through. The result can bring a network to a standstill.
For example, many viruses place Trojan programs on Windows systems, where they can wreak havoc. In addition to leveraging a system's ability to send e-mail to forward hundreds (if not thousands) of spam messages an hour, viruses can corrupt network configuration.
Defend against virus threats to network performance by ensuring firewalls, Windows updates, and antivirus programs are properly configured and maintained.

#9: Insufficient bandwidth
Sometimes, a network just doesn't have the throughput it requires. As with # 6--excessive network-based applications--some environments demand more bandwidth than others.
When a network does bog down, several options typically exist for increasing capacity. Besides boosting up- and downstream speeds, some offices may require additional dedicated connections. From multiple T1s to DS3s to even optical carrier-grade connectivity, many potential solutions exist.
Further, some organizations may need to upgrade existing 10/100 Mbps networks to gigabit speeds. By upgrading NICs, cabling, and devices to 10/100/1000 Mbps equipment--and replacing any remaining hubs with switches--many firms can realize significant capacity gains. In other cases, it may be necessary to subnet networks to localize particularly intense traffic to specific network segments.

#10: DNS errors
DNS configuration errors can lead to numerous network failures and generalized slow performance. When no DNS server is available on a local LAN, local systems may have trouble finding one another or accessing local resources because they'll have trouble finding service locator records that assist Windows systems in communicating with Active Directory. Worse, systems with no local DNS server or those workstations having DNS servers several hops away may experience delays or flat outages in accessing Web sites and extranets.
Try placing DNS servers as close to network systems as possible. Although adding DNS services to existing servers places greater demand on those boxes, properly configured machines can remain secure and noticeably enhance response times to external resources.
Also, always check to ensure systems are configured to use the proper DNS servers. Network architectures change over time, yet older workstations (particularly those set to use static addressing) occasionally are forgotten and continue operating using outdated DNS settings. As your organization and ISP update DNS systems, be sure workstations and other routing equipment actually receive the updates.

The frustration of bot fighters

2007-02-08T08:44:00.000+08:00

This last week I was among those at the "secretive conference" of security folks, ISPs and law enforcement agents to discuss bots. Much like at last year's VB conference, there was much discussion about the need for more cooperation and information sharing between bot fighters. Not just within the three groups but within each of the individual disciplines. People within all of the three groups were clear that none of us have all the pieces of the puzzle, and that in order for us to truly make a dent in the growth of bots and botnets, we need to share more of our information with each other.There has been much made of turf wars within the bot herder community, but the more notable thing in terms of fighting these bots is actually how much they’re cooperating. We know they’ve been pooling resources to code their bots, but apparently they’re also sharing botnet resources quite widely (for instance, to take down a particularly robust website that they wish to attack). Computer Security Research - McAfee Avert Labs Blog

Storm Worm Hits Computers Around the World

2007-02-08T08:43:00.000+08:00

Computer virus writers started to use raging European storms on Friday to attack thousands of computers in an unusual real time assault, head of research at Finnish data security firm F Secure told Reuters. The virus, which the company named "Storm Worm," is sent to hundreds of thousands of email addresses globally, with the email's subject line saying "230 dead as storm batters Europe."The attached file contains the so-called malware that can infiltrate computer systems. Storm Worm Hits Computers Around the World - News and Analysis by PC Magazine

Myth #6:A wireless IDS is unnecessary if other rogue AP

2007-02-03T02:27:00.000+08:00

While exposing the myth about the prevention of rogue APs could be a blow to wireless IDS vendors, there is another common Wi-Fi myth that has been having the opposite effect. Many networking professionals are under the mistaken impression that a wireless IDS is unnecessary if other rogue AP prevention measures are in place.

It’s easy to understand why the average network administrator might be hesitant to get behind a wireless IDS. They are very expensive and there’s not a whole heck of a lot of folks out there who actually understand everything that a wireless IDS is doing. Even most of the folks who have invested in a wireless IDS only did so because they need to prevent rogue access points.

The reality is that there’s a whole other area of troubleshooting and Wi-Fi optimization features that make wireless IDS products a valuable addition to most networks. Some of today’s wireless IDS offerings do location tracking, remote packet captures, and analysis of RF interference levels.

When you think about it, these other wireless IDS features are much more likely to make a networking person’s job easier than the ability to neutralize rogue APs. Instead of having to send field technicians out to every location that has a problem, a wireless IDS allows the experts that own your network to troubleshoot the wireless medium from a centralized location.

One more thing to think about is the fact that so many Wi-Fi users are new to the technology. New users are often reluctant to report problems or call the support team. A wireless IDS may be the best way to find out if some area of a facility is likely to be unsuitable for time-sensitive applications like VOIP or video conferencing.

This myth about the ways the use a wireless IDS really has more to do with the performance of the network than the security of the network. Let’s look at three more myths that really touch on the performance of Wi-Fi networks.

Myth #5:You need a wireless IDS to prevent rogue access

2007-02-02T02:54:00.000+08:00

The previous Wi-Fi myth was a chance to examine a well-known relationship of safety and security: The more secure something gets, the less accessible it becomes to the folks who need to use it. There is another, more fascinating dichotomy as it pertains to technological advances in safety and security: As any entity becomes safer or more secure, the advance of technology will continue to create new ways to push the limits of this new security.

Take the security of automobiles. With airbags, crumple zones, and enhanced braking technology, cars and trucks are safer than ever. But as these safety enhancements have been introduced, more and more cars are capable of faster and more dangerous speeds due to ever-improving engine, cooling, and suspension technology.

In the world of Wi-Fi, things are no different. As Wi-Fi security has evolved from WEP to WPA and WPA2, people have become more and more comfortable buying Wi-Fi access points and station devices. With this boom in the number of wireless devices, network administrators have been forced to deal with the ever-increasing threat of rogue devices being attached to the network.

While the number of potential rogue access points has surely risen, the potential for intrusion has long been present. Many companies have introduced wireless intrusion detection systems (wireless IDS) as a way to counteract such intrusions. A wireless IDS can identify, locate, and even contain rogue access points. Over the last several years, many wireless IDS vendors have touted their products as essential tools for counteracting the threat of rogues.

There’s little question that a wireless IDS will help prevent rogue access points, but the question has to be asked: Is a wireless IDS the best tool for preventing rogue access points? The answer is a clear, “No.”

A wise man once said, “To thwart thy enemy, one must first know thy enemy.” (Actually, we’re not sure if anyone said that, but it sounds great, though.) Knowing rogue access points means knowing exactly what type of threat they pose to a network. A rogue access point is a threat because it could allow unauthorized users to gain access to network resources through a wireless link. Since a rogue AP is not managed by the network administrator, the authentication and encryption quality being used on a rogue AP cannot be verified. Without the guarantee of strong authentication and encryption, an intruder could use any number of means to gain network access from outside the walls of the organization.

In understanding these the nature of rogue access points, two important principles come to light: They must be identified separately than any authorized APs in the area and they must be blocked from network access.

A wireless IDS does a superb job of identifying 802.11a/b/g rogue APs. If an ACL is configured on the wireless IDS, the network administrator will receive an alarm every time an unauthorized device is nearby.

Unfortunately, a wireless IDS does a much less impressive job of identifying non-802.11a/b/g rogue APs. If someone plugs in a legacy AP that was based on 900 MHz and/or FHSS technology, that device will remain undetected. The same applies for certain newer non-802.11a/b/g APs like those based on Bluetooth and MIMO technology. Some newer wireless IDS vendors now offer products that can identify some of these non-standard APs, but comprehensive AP identification is virtually impossible.

A wireless IDS also does a less-than-superb job of blocking rogue APs from gaining network access. Almost every wireless IDS vendor offers some method of rogue AP suppression. Some vendors send a wireless DoS to the rogue AP and its associated stations. This technique is weak because a Wi-Fi adapter can have its drivers manipulated to ignore de-authentication or disassociation frames that are used to cause a DoS attack. Other vendors shut down the wired port that the rogue AP is plugged in to. Another weakness of this technique is that a rogue AP configured with encryption and authentication (yes, even WEP) will not allow the wireless IDS
to send the message onto the wired side of the network so that the correct port can be identified.

Really, the problem with using a wireless IDS to prevent rogue APs begins and ends with the nature of the system itself. A wireless IDS is designed to be an overlay to a network. Heck, that’s part of its allure. You know: Installing the wireless IDS where Wi-Fi is not allowed. The best way to stop rogue APs is going to be something that is integrated with the network. It has to be something that allows a network manager to block access on every network port.
Wired 802.1X authentication is the perfect solution for blocking access on every network port.

When wired 802.1X is enabled, network access is denied until a device authenticates as an 802.1X supplicant. This is even more effective than using MAC address authentication for a couple of reasons. First of all, if you’re using 802.1X for your wireless users then you can use the same infrastructure that may already be in place. Secondly, 802.1X authentications generally include the negotiation of an encryption key. When encryption is used, MAC address spoofing becomes impossible because the intruder will not have the correct encryption key.

The myth that a wireless IDS is the best way to prevent rogue access points has benefited wireless IDS vendors for quite some time. Numerous students who attend our classes enter class with the idea that they need a wireless IDS to stop rogue APs, but by the end of the week, they usually see that wired 802.1X and wired MAC authentication are both more comprehensive methods.

Myth #4: Disabling the SSID broadcast will hide your

2007-01-31T01:21:00.000+08:00

We’ve made it through a darn good portion of this paper without relying on analogies. As anyone who’s taken our classes knows, though, we love them. They tend to lighten up class a bit, and they let us talk about topics that we really know something about: movies and sports cars.We know you’re not exactly in a class right now, but let’s tackle our fourth myth by starting with an analogy of a really good Western movie.

Imagine your local bank. Imagine that Butch Cassidy and The Sundance Kid live nearby. Your bank clearly needs security, but it also needs to stay open to customers. Let’s now imagine that instead of installing a safe, some locks, and thick steel bars between the tellers and customers, you decide to simply take down the sign advertising the name of your bank. Your bank has now performed the financial equivalent of disabling the SSID broadcast.

Disabling the SSID broadcast has been touted by a number of network security professionals because the SSID will stay hidden from Wi-Fi client software. When users want to connect, they must manually configure the SSID (and accompanying security settings). Since hackers and wardrivers won’t know the SSID, they won’t be able to connect, right? Not exactly.

Forcing users to configure the SSID offers minimal security to a wireless network. As in our Wild West banking analogy, network intruders can see that a Wi-Fi network is there. Just as Butch and Sundance would have been able to identify the bank by watching the clientele that entered, wardrivers can identify the SSID by capturing frames with applications like Wildpackets Omnipeek when authorized users connect.

When stations are connected to the network, they are constantly looking for other APs with the same SSID. They must do that to enable roaming. When APs respond to these probing stations, the SSID is sent in the clear, viewable text whether encryption is being used or not.

Now, it should be pointed out that your SSID will stay hidden as long as the network remains unused. For an AP to respond with the SSID in clear text, a station must probe the AP using the correct SSID. But think about it; how often is your network in use? If your network is like most enterprise Wi-Fi networks, it’s in use darn near all day. That means attackers have the ability to uncover your hidden SSID in a matter of seconds whenever they darn well please.

In the end, what you’ve got is a security method that gives you no real protection against malicious intruders, but causes your novice Wi-Fi users to have a tougher time getting connected. Why put your users (and the support team) through all of that? Once you consider the good and bad of leaving the SSID broadcast enabled, you’ll probably find that it’s summarized best by paraphrasing Butch Cassidy’s thoughts from the first scene in the movie: “It’s a small price to pay for manageability.”

How do I... Secure Windows XP NTFS files and shares?

2007-01-30T02:33:00.000+08:00

How to .....File Share Permissions
Most users begin sharing files with workgroups, or peer-to-peer networks, by following these steps:

1. Right-clicking the folder containing the documents, spreadsheets and files they wish to share.
2. Selecting Sharing And Security from the pop-up menu.
3. Selecting the Share This Folder button from the Sharing tab of the folder's Properties dialog box. (Figure A)

A folder's Properties dialog box is used to configure share-level permissions for users and groups.

1. Entering a Share Name for the folder.
2. Optionally supplying some wording describing the folder's contents within the Comment field.
3. Clicking OK.

However, that method won't always work as you intend, especially on Windows XP systems formatted with NTFS (in which conflicting NTFS permissions can prevent an intended user from accessing those resources -- more on that in a moment). Worse, Windows XP's default share permissions behavior is set to provide Everyone with access to the share's contents.

It's also important to note that Windows XP's Simple File Sharing, enabled by default, must be turned off to specify different permissions for different users. To turn off Simple File Sharing:

1. Open Windows Explorer.
2. Click Tools.
3. Select Folder Options.
4. Click the View tab.
5. Within the Advanced Settings window, scroll to the bottom and uncheck the box for the Use Simple File Sharing (Recommended) option.
6. Click OK.

To remove the Everyone permissions, and specify varying access permissions different users should receive to a file share:

1. Right-click the folder you wish to share.
2. Select Sharing And Security from the pop-up menu.
3. Click the Permissions button. The Permissions ForFolderName dialog box will appear. (Figure B)

Share permissions are configured using the Share Permissions tab (reached by clicking the Permissions button from a shared folder's Properties dialog box.

4. Highlight Everyone from within the Group Or User Names window.
5. Click the Remove button.
6. Click the Add button. The Select Users Or Groups dialog box will appear. (Figure C)

Specify users and groups by entering them in the Enter The Object Names To Select window and clicking OK

7. Within the Enter The Object Names To Select window, specify the users' names for whom you wish to provide access, then click OK.
8. Highlight (within the Group Or User Names window) the names of the users and groups you selected and specify the appropriate permissions (Allow or Deny for Full Control, Change and Read are the options that appear) within the Permission For Username or Group dialog box.
9. Click OK to apply the changes and close the dialog box; click OK to close the FolderName Properties dialog box.

The Full Control permission enables a user or group to read, write, delete and execute files within the folder. Users possessing Full Control permission can also create and delete new folders within the share.

The Change permission enables a user or group to read and change files within the folder and create new files and folders within the shared folder. Users with Change permission can also execute programs within the folder.

The Read permission, meanwhile, enables a user or group to read files within the share and execute programs located within the folder.

Windows XP systems formatted with the NTFS file system provide additional permission settings. The next section reviews configuring NTFS permissions.

NTFS Permissions

Windows NTFS permissions provide a host of additional permissions options. In addition, NTFS permissions can be applied to a single file or folder.

Before configuring NTFS permissions, first ensure the Windows XP system is configured to use the NTFS file system:

1. Click Start.
2. Click Run.
3. Type compmgmt.msc and click OK. The Computer Management console will appear.
4. Highlight Disk Management within the Storage section to learn the file system in use for each of the system's drives.

If a hard disk or partition isn't formatted using NTFS, you can upgrade the disk by typing convert X: /fs:ntfs where X denotes the drive requiring the upgrade. Using the convert command, you can upgrade a drive to NTFS without losing its data. However, it's always best to confirm you have a working backup on hand before executing the command.

To configure NTFS permissions:

1. Right-click the file or folder you wish to share.
2. Select Properties from the pop-up menu.
3. Click the Security tab.
4. Use the Add/Remove buttons to add and remove permissions for users and groups.
5. Highlight the respective user or group within the Group Or User Names window and specify the appropriate permissions from within the Permissions For User/Group window using the provided Allow and Deny checkboxes. (Figure D)
6. Click OK to apply the changes.

NTFS permissions permit applying more granular rights, as compared to folder shares.

Note that, by default, subfolders will inherit permissions from parent folders. To customize permissions inheritance, click the Advanced button found on the share or filename's Properties dialog box.

Several NTFS permissions are available:

Full Control -- enables a user or group to perform essentially all actions, including view files and subfolders, execute application files, list folder contents, read and execute files, change file and folder attributes, create new files, append data to files, delete files and folders, change file and folder permissions and take ownership of files and folders.
Modify -- enables a user or group to view files and subfolders, execute application files, list folder contents, view file and folder attributes, change file and folder attributes, create new files and folders, append file data and delete files.
Read & Execute -- enables a user or group to view files and folders, execute application files, list folder contents, read file data and view file and folder attributes.
List Folder Contents -- enables a user or group to navigate folders, list folder contents and view file and folder attributes.
Read -- enables a user or group to view a folder's contents, read data and view file and folder attributes.
Write -- enables a user or group to change file and folder attributes, create new files, make changes to files and create new folders and append file data.

To determine a user's ultimate resulting permissions, add all the NTFS permissions granted to a user directly and as a result of group membership, then subtract those permissions denied directly and as a result of group membership.

For example, if a user is explicitly granted Full Control but is also a member of a Group in which Full Control is denied, the user will not receive Full Control rights. If a user received Read & Execute and List Folder Contents in one group but was also a member of a group that had List Folder Contents denied, the user's resultant NTFS permissions would be only Read & Execute. For this reason, administrators should carefully apply Deny permissions, as the Deny attribute overrules any equivalent instances of Allow when the two rights are applied to the same user or group.

Windows XP includes an effective permissions tool you can use to help verify the permissions a user or group receives. To access the tool:

1. Open the folder or filename's Properties dialog box.
2. Click the Security tab.
3. Click the Advanced button. The Advanced Security Settings For File/Foldername will open.
4. Click the Effective Permissions tab. (Figure E)
5. Click the Select button.
6. The Select User Or Group dialog box will appear.
7. Type the group or username whose permissions you wish to confirm in the Enter The Object Name To Select window and click OK.
8. The Advanced Security Settings For File/Foldername dialog box will display the resulting NTFS permissions for that user or group.

The Effective Permissions tab helps simplify determining a user or group's actual permissions.

Combining Share and NTFS Permissions

It sounds straightforward. Configure the permissions you want and a user is good to go. But there's one additional catch to keep in mind. Folder share and NTFS permissions must combine to determine the actual rights a user or group receives. Unfortunately, they often conflict.

To determine the ultimate permissions a user receives, take the user or group's resulting shared permissions and compare it with the user or group's resulting NTFS permissions. Note that the most restrictive of those rights will prevail.

For example, if a user's resulting NTFS rights are Read and Execute and the same user's resulting share permission is Full Control, the user will not receive Full Control. Instead, Windows calculates the most restrictive of the two resulting rights, which in this case is the NTFS permission of Read and Execute.

Remember that, to determine a user or group's ultimate resulting permissions, the most restrictive of the resulting NTFS and share rights applies. This is an important lesson that's easily forgotten but that quickly leads to frustration for users, so be sure to spend time up front properly calculating share and NTFS permissions

Myth #3: Captive Portals are an effective way to prevent

2007-01-30T02:31:00.000+08:00

When WPA or WPA2 can’t be used, many organizations turn to a captive portal to control network access. A captive portal is defined as a network security system that restricts access until a user verifies a credential through a web interface. The theory behind such systems is that web browsers are available on all manner of Wi-Fi devices, so creating a captive portal to authenticate the public would allow the largest number of authorized users to gain access to the Internet.

Hotels, universities, and airports are just some of the places that use captive portals. Those environments must handle such a wide variety of station devices that choosing one type of security is generally thought to be restrictive to the point that some of the target audience may be unable to enjoy wireless Internet access.

Using a captive portal does allow access to a wide variety of stations, but the security design is quite flawed. To understand the flaw in authenticating users via a captive portal, one must first understand what a captive portal is. Captive portals are a layer 2 security method. When users authenticate to a captive portal, their MAC address is placed in a list of authorized users. When the person logs off, their MAC address is removed from the list.

Once it is understood that a captive portal is nothing more than a dynamic MAC address filter, it becomes easy to understand why they are ineffective at restricting unauthorized users from a public Wi-Fi network. A number of free, simple software tools are available that allow people to modify the MAC address of their network interfaces. If an intruder has one of these tools and an 802.11 protocol analyzer, he could easily identify an authorized user’s MAC address and masquerade as that user to gain network access.

A secondary reason why captive portals are no longer considered a good way to restrict unauthorized users from a public network is that Wi-Fi client utilities have become largely standardized. Users of all operating systems now have client utilities available that support WPA and even WPA2 on a number of adapters. With these stronger security protocols now being nearly ubiquitous, it has become reasonable to require public access users to login with a WPA/WPA2 Personal passphrase rather than through a captive portal. A publicly distributed
passphrase may lack the security required for an enterprise network, but it is a far more secure solution for public networks than a captive portal.

Myth #2: Even with 802.11i, you still need a VPN to

2007-01-28T10:14:00.000+08:00

Once a network security professional learns that the physical layer of the network can be extended outside a room, building, or even across town, by an intruder with a high-gain antenna, it’s only natural to get skittish about allowing access points on the LAN. When you consider security options for this type of network that has an openly accessible physical layer, comparisons to the Internet are inevitably made.

IPSec and SSL VPNs have long been a logical way to secure users accessing the network via WAN connections, so it makes sense that people would choose those same options to secure a wireless LAN. To make matters worse, many network security veterans have been bombarded with news items telling them how vulnerable Wi-Fi networks are to intrusion—WEP or no WEP.

When WEP was fixed with the introduction of WPA in 2003, many people noticed. When 802.11i and WPA2 were introduced in 2004, even more people noticed. But few people who knew about WPA and WPA2 really knew the ins and outs of how they make wireless networks secure.

WPA fixed WEP by introducing TKIP (Temporal Key Integrity Protocol) encryption and using 802.1X/EAP or WPA-PSK as secure authentication methods. TKIP is an encryption type based on the same ciph er as WEP. While TKIP fixes the flaws in WEP, perhaps even more important is the fact that it kept the same cipher as WEP so that legacy equipment could be upgraded with improved software, not hardware.

Even when WPA became widely available, security professionals still had good reason to recommend VPNs for some secure Wi-Fi environments. TKIP’s use of the RC4 encryption cipher meant that certain organizations (Department of Defense, financial services, etc.) would be unable to comply with tough regulatory standards for IT security unless IPSec or SSL were employed.

When WPA2 was released, all of that changed. WPA2 uses CCMP (Counter Mode CBC-MAC Protocol) encryption. This is significant because the cipher used in CCMP is AES. The AES cipher is the strongest cipher used with IPSec VPNs, and it has no known flaws. The end result is that using CCMP on an 802.11i network provides encryption that is as strong as the strongest IPSec VPN.

Some network security professionals who acknowledge the encryption strength of 802.11i still prefer VPNs because authentication on IPSec and SSL connections is known to be secure. In fact, there are very real concerns when certain types of authentication are used in concert with CCMP encryption. WPA-PSK and 802.1X/EAP-LEAP authentication are both vulnerable to dictionary attacks.

Even though vulnerable WPA2 authentication methods do exist, several secure authentication methods are available as well. When a Wi-Fi network is designed using the 802.1X framework with EAP-TLS, EAP-TTLS, or PEAP authentication, wireless credentials are kept private using tunneling technology similar to SSL. Devices that use CCMP encryption with any of the aforementioned types of authentication are easily identified with the WPA2 Enterprise certification.

The development of WPA2 Enterprise has been an important step in the security evolution of Wi-Fi networks. For some IT security folks, however, being just as secure as an IPSec or SSL VPN isn’t quite enough. Seasoned security people know VPNs. They may not really know WPA2 Enterprise and, therefore, may be unwilling to adopt it when VPNs are readily available. For that reason, it’s important to understand that WPA2 Enterprise is not just as good as an IPSec VPN –it’s better.

WPA2 Enterprise offers benefits over wireless VPN connections in terms of cost, performance, availability, and support. There are numerous ways to express the advantages of WPA2 Enterprise, but a look at the intrinsic nature of each technology is the most revealing way to understand it. Wi-Fi is a layer 2 technology and WPA2 Enterprise secures the network at layer 2. IPSec is a layer 3 technology, which makes it fundamentally less scalable, secure, and manageable for securing a layer 2 link.

ELEVEN Myths about 802.11 Wi-Fi Networks series 1

2007-01-26T20:23:00.000+08:00

It seems that Wi-Fi networks have been misunderstood by much of the IT community since their inception.
Even the reasons for this misunderstanding are kind of hard to understand. It could be that the rising popularity of Wi-Fi caused demand to surge ahead of the supply of professionals ready to manage networks. Maybe it’s that networking folks and radio frequency folks both had to learn the other side’s technology on a fairly intimate level. Maybe it’s just that engineers cooped up in an RF chamber all day have a hard time explaining themselves. Whatever the reason, the result has been that myths about 802.11 (better known as Wi-Fi) networks have grown almost as fast as the technology itself.

Being wireless networking instructors allows us a unique perspective in sampling the Wi-Fi myths that are believed by a wide variety of IT professionals. In this series we examine 11 such myths and explore ways to use correct information about wireless LANs to make your networks scalable, secure and satisfying to your users.

Myth #1: If you leave your Wi-Fi adapter turned on, someone could easily hijack your notebook and take control of your computer.

The most widely publicized presentation at the 2006 Black Hat hackers convention revolved around a vulnerability in certain wireless device drivers1. Though the chipsets that use these drivers were left unnamed, the end result was that intruders associated to the same Wi-Fi network as your notebook computer could potentially gain access to your machine through a command line interface.

This is a severe vulnerability, and it strongly emphasizes the point that Wi-Fi stations should be kept from associating to unknown networks. Unfortunately, the people responsible for creating the application that performs this intrusion also ended up perpetrating one of the most widely spread myths concerning Wi-Fi security.
As part of the promotion of their presentation, the authors of this attack tool claimed that Wi-Fi stations were vulnerable to attack just by leaving their Wi-Fi adapters enabled. They could be correct to an extent, as there may be heretofore unknown flaws in Wi-Fi device drivers that could allow an attacker to disengage normal login protections that are in place for today’s operating systems.

Where the presenters of this attack went wrong is in suggesting that a full active attack—one where a victim’s entire machine is overrun—is possible against any poor sap that has a Wi-Fi adapter turned on. In certain situations, this line of thinking ends up being accurate but, like many network intrusions, it would take an extremely negligent end user for such a diabolical attack to be successful.

Let’s put one semi-myth to bed right away: Attackers cannot access your computer without first establishing a connection to the same network you are associated to. This is a fundamental truth of networking. Any peer-topeer attack—such as the CLI attack touted at Black Hat 2006—requires that data be transferred from station to station. Since a Wi-Fi association is necessary for a notebook computer to have a data link layer (layer 2) connection, perpetrating this attack on an unassociated machine is simply impossible.

Now let’s look at the more widely propagated myths. Many people believe that unassociated stations are vulnerable because your notebook computer can be easily hijacked on to a nearby network by an attacker. It is also widely held that associated stations could surreptitiously roam to nearby APs set up by attackers (we’ll call these “hijacker APs”). These myths are tricky because there is some truth to both of them. Let’s differentiate, shall we?

Concerning unassociated stations, many of them are indeed vulnerable to hijacking. Specifically, stations that are controlled by Wi-Fi client utilities that use a Preferred Networks list are vulnerable to hijacking. If the attacker creates an AP with a non-encrypted SSID that is in the station’s Preferred Networks list, the station will connect to the hijacker AP.
There are a couple of solutions to the problem of hijacker APs. Users could eliminate this threat by removing all non-encrypted SSIDs from their list of Preferred Networks. This becomes difficult because every time a user connects to a Wi-Fi network, the SSID and encryption settings (or lack of encryption settings) are automatically added to their Preferred Networks list. A more comprehensive solution is to disable the Wi-Fi adapter when it
is not in use. Sure, this is a great solution in theory but, in practice, often times users are forgetful or negligent when it comes to network security.

Solving the hijacker AP problem may be getting easier. Applications like NetOaats can be configured to disable a user’s wireless network adapter upon the connection to a wired network. It can even be configured to work the same way if a notebook establishes a connection to a Broadband wireless network (like the EvDO networks from Sprint and Verizon). By having users simply run the NetOaats application, they become much less susceptible to peer-to-peer attacks.

Another item that could counteract the attack from Black Hat 2006 is the preponderance of security protocols that prevent Wi-Fi stations from accessing each other. Protocols such as Cisco’s Public Secure Packet Forwarding (PSPF) prevent a wireless user from accessing another wireless user’s station when they are connected to the same AP. This is known as wireless client isolation. Virtually every commercial public Wi-Fi Internet service uses some kind of wireless client isolation protocol. The end result is that users remain safe as long as they stay connected to the network of the Wi-Fi Internet access provider.

There are several other mini-myths that are related to this fundamental myth about the ease of hijacking users. One is that users will connect to an ad-hoc (peer-to-peer) Wi-Fi network that is configured with the same SSID as an AP. This is false because Beacon frames from APs always indicate whether the network is a BSS (network with an AP) or an IBSS (ad-hoc network).

Another myth is that users will automatically connect to any access point in the area if their Wi-Fi adapter is left enabled. While some very old client utilities did have this flaw, today’s client utilities usually only allow a Wi-Fi station to associate to SSIDs that are configured with proper security settings in the list of Preferred Networks.

The truth about the flaw that was presented at the Black Hat 2006 conference is that it appears to be a very real device driver flaw dressed up in a Wi-Fi vulnerability to peer-to-peer attacks that has been known and understood for years by well-versed network security professionals. It is true that if the following conditions are met, users are vulnerable to the full attack:

1. The user has an enabled Wi-Fi adapter.
2. The user’s Wi-Fi adapter is not associated to a network that uses encryption.
3. The user has a non-secure SSID configured in their list of Preferred Networks.

If any of these three conditions are not met, the Black Hat 2006 wireless attack becomes just another vulnerability on the periphery of Wi-Fi that perpetrates one of the most common myths about Wi-Fi security.

Help users create complex passwords that are easy to remember

2007-01-22T01:47:00.000+08:00

So how can you make sure users' passwords are complicated enough to deter hackers and easier enough to remember? One of my colleagues offers the following trick for creating complex passwords that meet complexity requirements while still being possible to remember.

Step 1: Come up with a base wordPick the name of a pet or any common thing that's easy to remember. For example, say you once lived in Louisville. You can use that to establish the base of your password and satisfy the required criteria for a strong password.
Remember: You need at least one capital letter and either a number or special character. So, using Louisville as your base word, you can substitute an ! or 1 for i and replace the s with $—e.g., Lou1$ville or L0u!$ville.

Step 2: Add more characters to the base wordPick any four characters to add to the base word.

Step 3: Store your password without worryNow, write down the added four characters, along with a clue for the base word. Using our previous example, you would write down city1xyza, where city1 signifies Louisville with a 1 and $ and xyza represents the four additional characters.

So, even written down, this password reference would serve as a reminder of your complete password while revealing nothing to any roaming eyes. (Keep in mind that this example is a 14-character password. While that may be longer than the actual requirement, it may be easier to remember.)

Take advantage of the Windows XP Start menu's pinned items list

2007-01-19T11:51:00.000+08:00

You're probably familiar with Start's left side menu—but do you know why the program list is divided in two? Here's what you need to know about the pinned items list found in Windows XP, and how you can customize it to easily access your favorite programs.

The left panel of the Start menu consists entirely of a divided list of programs that Windows XP thinks will come in handy for you: the pinned items list above the separator line, and the most frequently used programs list, displayed below the line.

By default, Windows XP places links to your Internet browser and your e-mail application in the pinned items list and will place as many as 30 shortcuts to the programs that you've recently used in the most frequently used programs list. (The most frequently used programs list is, by default, six shortcuts long.)

In order to really take advantage of the Start menu as a launching area for all the programs you use most often, you can configure the entire left panel as a pinned items list. Here's how:

1. Right-click the Start button and select the Properties command to display the Taskbar and Start Menu Properties dialog box.

2. Click the Customize button adjacent to the Start Menu radio button to display the Customize Start Menu dialog box.

3. In the Programs panel, use the Spin button to set the Number Of Programs On The Start Menu setting to 0. Click the Clear List button.

4. In the Show On Start Menu panel, you can clear the Internet check box because the Internet Explorer icon already appears in the Quick Launch menu by default, and maybe even the e-mail check box, depending on how you launch your e-mail application.

5. Click OK twice—once to close the Customize Start Menu dialog box and once to close the Taskbar and Start Menu Properties dialog boxes.

6. Click the Start button and access the All Programs submenu.

7. Locate and right-click on a shortcut to a program you use most often and select the Pin To Start Menu command.

You can pin as many as 30 of your most often used programs to the Start menu, depending on your screen resolution setting. With your actual favorite programs on the pinned items list, you can now really take advantage of the Start menu.

Speed up Windows XP's defrag operations

2007-01-18T00:48:00.000+08:00

Note: This tip applies to both Windows XP Home and Professional editions.
A simple way to speed up a defrag operation in Windows XP is to restart the system before you launch Defrag. This allows the operating system to clear out the swap/paging file and reset it to the default size. This lets Defrag focus strictly on the necessary data on the hard disk without having to stop and manage a huge swap file loaded with unneeded data.
Another approach to speeding up a defrag operation in Windows XP is to configure it to occur immediately upon startup. Fortunately, you can do so easily with this simple registry edit:

1. Launch the Registry Editor (Regedit.exe).
2. Go to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce.
3. Right-click on the RunOnce subkey and select New String Value.
4. Name the value Defrag and press [Enter] twice.
5. Type Defrag.exe c: /f in the Value Data text box and click OK.
6. Close the Registry Editor and restart Windows.
The defrag operation will begin when you type in your password and press [Enter]. (Keep in mind that values added to the RunOnce key are removed immediately after the command has been run.)

How to Back up Mozilla Firefox and Thunderbird

2007-01-16T00:23:00.000+08:00

Backing up Firefox and Thunderbird is easier than you think....

Firefox and Thunderbird Firefox users need to regularly back up to guard against the possibility that their profile gets corrupted or wiped after installing a new extension or a new version of Firefox. If you use Thunderbird then it's even more important that you backup to ensure you don't accidentally lose your email correspondence and account settings.

There are two ways to backup: use a backup utility or do it yourself manually.

Backup Utilities
MozBackup is a free utility written by Pavel Cvrcek that will automatically backup Firefox and Thunderbird as well as Netscape and the full Mozilla suite. It works like a charm - the whole process is driven by a Wizard so easy to use that even raw beginners will be able to set up automatic backups. It also offers encryption of the backup files and a complete push-button restore option.

MozBackup only backs up the essential information rather than all the information in your Mozilla profile but that's fine for most users. You can get MozBackup here: http://mozbackup.jasnapaka.com/index-old.html

Manual Backup
Backing up Firefox and Thunderbird manually is as simple as copying their respective profile folders to another location. If you do that, you’ll have a full backup with all your setting and personal data saved.

The hard part is finding the profile folders. First up, they are not located where you would expect to find them. Secondly, they are located in different places for different versions of Windows. Thirdly, they may be assigned random file names that make them difficult to recognize.
On Windows 2000/XP machines the locations for your Firefox and Thunderbird profiles are respectively:

C:\Documents and Settings\\Application Data\Mozilla\Firefox\Profiles\\
C:\Documents and Settings\\Application Data\Thunderbird\Profiles\\

To back these up I copy the profiles to an external USB drive. It's as simple as that. I do it manually but you could also use Windows Scheduler or a backup manager to do the job automatically. Make sure, though, that Firefox and Thunderbird are not running before you backup.

Fix a registry on a dead system

2007-01-14T08:12:00.000+08:00

Sometimes a registry problem causes a computer not to boot or to prevent logon. If you can't boot the computer, or you don't have any other means to restore the problem registry file, you might be able to open the registry on another computer, fix it, and restore it to the problem PC.

In order to fix the registry this way, you must be able to boot the system through a diskette or dual-boot configuration and gain access to the file system. You also need to be able to copy the registry file to a removable media with sufficient space to accommodate it or be able to copy the file across the network.

Here's how to modify a remote registry locally on your computer if you can't connect to it across the network:

1. Boot the other computer with a boot diskette or dual-boot OS and then copy the problem hive file to a removable media or directly across the network to your system.
2. Log in as administrator on your system and run REGEDIT.EXE.
3. In the Registry Editor, select either the HKEY_LOCAL_MACHINE or HKEY_USERS window, and then choose Registry Load Hive.
4. Locate the file copied to the system in step 1, select the file, and click Open. This loads the hive into the local registry as a subkey of the selected key.
5. Make the necessary changes to the damaged hive and then choose Registry Unload Hive.
6. Copy the hive file back to its original location on the problem computer. Restart to test the system.

Note: Editing the registry is risky, so make sure you have a verified backup before making any changes.

Recovering from a forgotten Administrator password in Windows 2000 Pro

2007-01-14T08:10:00.001+08:00

It's the one of the worst things you can do, and it makes you feel like a complete idiot. You forgot the password for the Administrator account of your Windows 2000 Pro system. If you've just finished the install, check for an innocent mistake before you jump out the window or reinstall—enter the password in uppercase in case the Caps Lock key was on when you created the Administrator account.

Didn't do it? Hopefully you have another account that is a member of the Administrator's group. If so, just log on with that account and change the Administrator password. If that doesn't do the trick and you can afford to lose any other accounts contained on the system (likely with a workstation but unlikely on most servers), delete the SAM hive. On a FAT system, boot the computer with an old DOS or Windows 9x boot disk and delete the %systemroot%\System32\Config\SAM file (or rename it). On an NTFS system, you can use the Recovery Console to access and delete the file, but only if you have configured the Recovery Console for automatic administrative logon through the local security policy or through the inherited domain security policy.

Another option is to back up the system, reinstall Windows 2000, and then restore the system. As when deleting the SAM, you'll lose your accounts, but at least you'll have the system back with all your other settings intact. And if you absolutely don't want to lose your accounts, check out http://www.winternals.com/ for utilities that will enable you to reset the administrator password.

Recovering from a forgotten Administrator password in Windows 2000 Pro

2007-01-14T08:10:00.000+08:00

IT NEWS 2007 Security Threats on the Rise

2007-01-11T23:28:00.001+08:00

With the new calendars freshly hung on the wall, an important question surfaces: What security threats are on the rise for 2007? It appears that the year will bring more narrowly defined threats or "targeted threats," which are different from what we've seen before. They are more focused on individual information as opposed to mass-mailing worms that are sent over the Internet to randomly infect victims.

IT NEWS 2007 Security Threats on the Rise

2007-01-11T23:28:00.000+08:00

SPEED UP Your Internet connection settings: DSL/Cable/56K

2007-01-08T07:59:00.000+08:00

Now Windows XP is installed, it's time to get the internet connection working. Most popular are the DSL or Cable connections, but a connection through your phone line is also possible. Follow the instructions of your service provider.

The most simple connection is through a gateway router. The gateway router (provided by some of the internet providers as the modem) keeps the DSL or Cable internet connection alive, and makes sure that every connected computer is able to enter the internet. If this is the case: you only have to plug in the ethernet cable and the connection will probably be there automatically.

DSL or Cable? Buy a gateway (wireless) router!
There are increasingly more households with more then one computer. By placing these computers in a network, all computers are able to connect to the internet at the same time. Besides using the same internet connection, you are also able to share printers and files as well!

Theoretically, creating a network with a gateway router is not that difficult, in most cases easier then sharing the internet connection within Windows. Practically however, many are having a lot of problems, especially if a secured wireless connection is on the wish list! Most internet providers use a modem with DHCP to get connected. By setting up the router with automatic IP address you are probably quick online (sometimes you have to clone the computers MAC address). Although there are routers which support an USB modem, I advise to buy an ethernet modem. Besides that, I advise to use a modem supported by your internet provider (if you buy a combined modem-router, you will probably get no support if needed).

Optimizing the internet connection

For maximum performance, it's wise to optimize your internet connection. For this purpose you can make use of the utility TCP Optimizer (download: http://www.speedguide.net/downloads.php). This tool can be used for both Windows XP/2000 and 98/ME. Choose your internet connection type, option Optimal settings, and Apply changes to optimize your connection.
For the tab MaxMTU use the value 1500 and reboot your Windows and do the test (if needed change to www.google.com). The optimized MaxMTU will be found.

Internet by a 56K modem

If you are still using an old fashion 56K modem, I can imagine you get irritated with the noise. Switching the noise off, is easy: Control Panel, Network Connections, right click the 56K connection and choose Properties, button Configure (the modem), tab Modem, Speaker volume: Off.
Are you having troubles creating a connection? Use the following initialization string (same place): s11=55 for getting connected faster and s10=60 to prevent to get disconnected.

Internet history cleaning (cookies, temporary files, history, visited websites)

With every visit of a website, all sort of information and files are stored on your computer. There are a few tools to erase this information easily. I like the following utilities most:
Active@ Eraser for Windows (download: http://www.active-eraser.com/)
IEHistoryView from Nirsoft (download: www.nirsoft.net/utils/iehv.html)
Active Eraser actually overwrites the data, so they are no longer recoverable!

How to remove the SpywareKnight (Removal Instructions)

2007-01-04T08:09:00.001+08:00

SpywareKnight is a rogue anti-spyware application that uses aggressive advertising, popups, and Internet Explorer start page hijacking. Popups will display alerts stating that you are infected with various malware including one called Win32.Trojan.Dropper.

If you start Internet Explorer your homepage will be about:blank and contain text stating that you are infected with Trojan.DLoader/LX and that you should install either Spyware Knight or SpySoldier to remove it. These popups and warnings are fake and are only being displayed to scare you into purchasing the commercial versions of SpywareKnight and SpySoldier. Needless to say, you should not purchase these programs.

Tools Needed for this fix:
SmitFraudFix.zip Symptoms in a HijackThis Log:O4 - Startup: spywareknight.lnk = C:\Program Files\SpywareKnight\spywareknight.exe

Next, please reboot your computer into Safe Mode by doing the following:
a. Restart your computer
b. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
c. Instead of Windows loading as normal, a menu should appear
d. Select the first option, to run Windows in Safe Mode.
e. When you are at the logon prompt, log in as the same user which you had done the previous steps.
f. When your computer has started in safe mode and you see the desktop.
g. Click on the Start button and then select the Control Panel menu option.
h. When the Control Panel opens double-click on the Add or Remove Programs icon.
i. When the Add or Remove Programs window opens look for the SpywareKnight 1.2 entry and double-click on it. This will launch the uninstall program for SpywareKnight.
j. When the uninstall programs has started click on the Yes button when it asks if you would like to uninstall the program. Then click on the OK button when it tells you the program has been successfully uninstalled to finish the uninstall..
k. Close all open Windows.
Now, double-click on the SmitFraudfix icon that should be residing on your desktop.The icon will look like the one below:

2. When the tool first starts you will see a credits screen. Simply press any key on your keyboard to get to the next screen.

3. You will now see a menu as shown in the image below. Press the number 2 on your keyboard and the press the enter key to choose the option Clean (safe mode recommended).

4. The program will start cleaning your computer and go through a series of cleanup processes. When it is done, it will automatically start the Disk Cleanup program as shown by the image below.

5. This program will remove all Temp, Temporary Internet Files, and other files that may be leftover files from this infection. This process can take up to a few hours depending on your computer, so please be patient.

6. When it is complete, it will close automatically and you will should continue with step 11.
When Disk Cleanup is finished, you will be presented with an option asking Do you want to clean the registry ? (y/n). At this screen you should press the Y button on your keyboard and then press the enter key.

7. When this last routine is finished, you will be presented with a red screen stating Computer will reboot now. Close all applications. You should now press the spacebar on your computer. A counter will appear stating that the computer will reboot in 15 seconds. Do not cancel this countdown and allow your computer to reboot.

8. Once the computer has rebooted, you will be presented with a Notepad screen containing a log of all the files removed from your computer. Examine this log, and when you are done, close the Notepad screen.Your computer should now be free of the SpywareKnight infection.

How to remove the SpywareKnight (Removal Instructions)

2007-01-04T08:09:00.000+08:00

Next, please reboot your computer into Safe Mode by doing the following:
a. Restart your computer
b. After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
c. Instead of Windows loading as normal, a menu should appear
d. Select the first option, to run Windows in Safe Mode.
e. When you are at the logon prompt, log in as the same user which you had done the previous steps.
f. When your computer has started in safe mode and you see the desktop.
g. Click on the Start button and then select the Control Panel menu option.
h. When the Control Panel opens double-click on the Add or Remove Programs icon.
i. When the Add or Remove Programs window opens look for the SpywareKnight 1.2 entry and double-click on it. This will launch the uninstall program for SpywareKnight.
j. When the uninstall programs has started click on the Yes button when it asks if you would like to uninstall the program. Then click on the OK button when it tells you the program has been successfully uninstalled to finish the uninstall..
k. Close all open Windows.
Now, double-click on the SmitFraudfix icon that should be residing on your desktop.The icon will look like the one below:

4. The program will start cleaning your computer and go through a series of cleanup processes. When it is done, it will automatically start the Disk Cleanup program as shown by the image below.

Removing unused device drivers from Windows XP machines

2006-12-29T07:19:00.000+08:00

Did you know that unless you uninstall a device driver on a Windows XP machine that it still may be sucking up valuable system resources? Here are step-by-step instructions on how you can view and remove these unnecessary devices.

When you install a device driver on a Windows XP machine, the operating system loads that driver each time the computer boots regardless of whether the device is present—unless you specifically uninstall the driver. This means that drivers from devices that you have long since removed from your system may be wasting valuable system resources.

Follow these steps to view and remove these unnecessary device drivers:

Press [Windows]+[Break] to bring up the System Properties dialog box.
Select the Advanced tab and click the Environment Variables button.
Click the New button below the System Variables panel.
In the New System Variable dialog box, type devmgr_show_nonpresent_devices in the Variable Name text box and 1 in the Variable Value text box.
Click OK to return to the System Properties dialog box and then click OK again.
Select the Hardware tab and click the Device Manager button.
In Device Manager, go to View Show Hidden Devices.
Expand the various branches in the device tree and look for the washed out icons, which indicate unused device drivers.
To remove an unused device driver, right-click the icon and select Uninstall.

How to Fix "Click to Run an ActiveX Control on this webpage" Prompt

2006-12-28T07:40:00.000+08:00

Are you receiving a windows prompt asking you to "click to run an ActiveX control on this webpage"? If so, here why you are receiving it and how to fix it.
The change was included in a recent Windows update because of a patent infringement lawsuit between Eolas Technologies and the Regents of the University of California v. Microsoft. Because of this lawsuit, Microsoft is changing the way Internet Explorer handles ActiveX controls. These changes will be in Internet Explorer 7. However, to allow developers a chance to change their code. The change was included in the April Security update (KB912812).
This is why you are receiving the following prompt when visiting some ActiveX web pages.

How to Correct this Problem
1) Download the following Compatibility Patch to revert the IE Active X Control Behavior
http://www.microsoft.com/downloads/details.aspx?familyid=B7D9801B-4FB5-492E-903E-3400ABF1D731&displaylang=en

2) Install it and reboot your computer

3) Try the webpage you were receiving the prompt on
This should fix the issue for the time being, however when IE 7 is released this prompt will appear on web pages that have not changed the way they handle ActiveX components.

Merry Christmas & Happy New Year

2006-12-25T00:17:00.000+08:00

Wish you all Merry Christmas and Happy New Year.....and Happy Birthday for me too

sorry for not to update this blogs, coz recently I'd just lost my laptop.....and still in the process of looking for the new one.

Best Regards

NEWS Update - Opera 9.1 released, adds real-time phishing protection

2006-12-20T07:09:00.000+08:00

Opera has just released the latest upgrade to their critically-acclaimed web browser, version 9.1. While a .1 upgrade is not normally an event worthy of a news post, the new version adds an interesting and important feature: real-time phishing protection for web sites.

Phishing is rapidly becoming the malware of choice for the Internet's motley gang of spamming scammers. As it relies on social engineering rather than any technical vulnerability to do its dirty work , no amount of downloading security updates or switching operating systems can protect against it.

The automatic site checking tool makes loading new sites slightly slower, as it runs the site through the database, and for this reason it is turned off by default. However, even with the feature turned off, a black question mark icon appears on the right hand side of the address bar for every site. When clicked, this question mark allows the user to check the site manually, as well as turn on automatic checking for all future sites. When a site is verified as being safe, the black question mark turns into a black lower-case "i" to indicate that the site has been identified.

Even if the user turns off the automatic fraud protection, sites that have been previously verified as being safe will still display as such. Sites flagged as unsafe get a red warning label and a popup dialog box to inform the user.

The fraud protection has also been redesigned to prevent reverse cross-site request scams, such as the ones that recently affected MySpace and caused problems for both Firefox 2 and Internet Explorer 7.

Opera 9.1 also contains some non-phishing updates, such as fixes to the Windows Media plugin player, as well as several memory leak and crash fixes. It remains the fastest web browser in many speed comparisons and has many handy features such as the ability to put browser tabs on any side of the screen.

The Windows XP Page File

2006-12-19T02:31:00.000+08:00

Performance is always an issue when dealing with computers. We tend to think of major items such as processor speed, amount of installed RAM and the graphics card when talking about how fast a computer performs. It's true those components do play a large role in performance, but one item that can substantially impact overall performance that doesn't get nearly the amount of attention as the more well known components is the paging file. The paging file is very closely related to the physical RAM installed in the computer. Its purpose is to extend the amount of physical RAM and make it available to the system. Both services and installed applications can benefit from this 'extra' RAM, even though it is substantially different from the sticks that plug into the motherboard.

Not all that long ago 32 to 64 megabytes (MB) of RAM was considered a huge amount for a personal computer. Today, amounts of 128MB to 256MB are common with many machines sporting 512MB or even 1GB of RAM. It might seem that with such a huge jump in installed RAM that the paging file would be unnecessary. There must be some sort of law or correlation that I don't know about, but operating systems and applications keep finding ways to suck up all that memory so the page file remains with us. There have been a number of schemes for extending the installed amounts of RAM but basically they are all paging files. When the load imposed by applications and services running on the computer nears the amount of installed RAM it calls out for more. Since there isn't any additional RAM to be found, it looks for a substitute; in this case virtual memory which is also known as the page file.

We now have two types of memory; random access memory (RAM) and virtual memory, or the page file. The page file is created during the Windows XP installation and resides on the hard drive. Page files are measured in megabytes. The size of the page file is based on how much RAM is installed in the computer. By default, XP creates a page file which is 1.5 times the amount of installed RAM and places it on the hard drive where XP is installed. Other than plugging the RAM into the motherboard, there is little than can be done to alter its performance characteristics. The page file is a different story. Because it's located on a hard drive, it's subject to a number of factors that can hinder its performance.

How to Remove Windows Messenger on Windows XP

2006-12-17T14:09:00.000+08:00

What is Windows Messenger?

Windows XP and Windows 2000 both have a software program called Windows Messenger installed and loaded by default. This software allows you to send and receive messages directly from one computer to another. Advertisers have now discovered how to abuse this option to send advertisements direct to a users screen.

How do I disable Windows Messenger?
In Windows XP:
(1) Select "Start"
(2) Choose "Control Panel"
(3) Choose "Administrative Tools"** note in Windows XP Home edition, Admistrative Tools is in Performance and Maintence
(4) Choose "Services"
(5) Right-click on "Messenger"
(6) Select "Stop"To permanently disable Messenger:
(7) Right click "Messenger"
(8) Select "Properties"
(9) Change "Startup Type" to "Disabled" and click "OK"

In Windows 2000:
(1) Select "Start"
(2) Choose "Settings"
(3) Choose "Control Panel"
(4) Choose "Administrative Tools"
(5) Choose "Services"
(6) Right-click "Messenger"
(7) Select "Properties"
(8) Click "Stop" To permanently disable Messenger:
(9) Change "Startup Type" to "Disabled" and click "OK"

In Windows NT:
(1) Select "Start"
(2) Choose "Control Panel"
(3) Choose "Services"
(4) Right-click "Messenger"
(5) Select "Properties"
(6) Click "Stop" To permanently disable Messenger:
(7) Click "Startup"
(8) Change "Startup Type" to "Disabled" and click "OK"

What about Windows 95 or Windows 98 IP Messaging?
Although the technology for this type of IP Messaging is available in Win95/98, it was in the form of a program called WinPopUp. It can be installed or uninstalled from Add/Remove Programs. In Windows 95, it is found in the Accessories section, while in Windows 98 it is installed through System Tools.

Although the version in Win95/98 and the version in Win2K/XP are not compatible with each other, they do offer an interesting way to communicate between computers (as long as its not abused). For more information on how to use WinPopUp or Windows Messenger to send and receive emails, you may want to visit the World of Windows Networking article on PopUp Messages.

How to Delete Undeleteable File

2006-12-16T23:13:00.000+08:00

Many times when trying to remove an unwanted program, especially a piece of adware or spyware, you may run across a file that is undeletable by any normal method. When you try to remove it you'll receive the error message shown below telling you "access denied" and explaining the file may be in use. You may also receive one of the following messages.

Cannot delete file: Access is deniedThere has been a sharing violation.The source or destination file may be in use.The file is in use by another program or user.Make sure the disk is not full or write-protected and that the file is not currently in use.

So if the file is in use, how do you delete it?I'll show you several ways of removing these types of files and even some freeware programs that help you remove these pesky undeletable files.

Windows XP
In Windows XP, there are a couple ways to remove an undeleteable file, a manual way, and a couple automated ways using some freeware programs.

1. Click on Start, Search, All Files and Folders
2. Type the name of the undeletable file in the box shown
3. Make sure the Look In box shows the correct drive letter
4. Click Search and let the computer find the file
5. Once the file is located, right-click on it and choose properties, make a note of the file location. Usually this is something similar to

c:\windows\system32\undeleteablefilesname.exe

6. Close the search box
7. Click on Start, Run, and type CMD and Press Enter to open a Command Prompt window
8. Leave the Command Prompt window open, but proceed to close all other open programs
9. Click on Start, Run and type TASKMGR.EXE and press Enter to start Task Manager
10. Click on the Processes tab, click on the process named Explorer.exe and click on End Process.
11. Minimize Task Manager but leave it open
12. Go back to the Command Prompt window and change to the directory where the file is located. To do this, use the CD command. You can follow the example below.

Example: to change to the Windows\System32 directory you would enter the following command and Press Enter

cd \windows\system32

13. Now use the DEL command to delete the offending file. Type DEL where is the file you wish to delete. Example: del undeletable.exe
14. Use ALT-TAB to go back to Task Manager
15. In Task Manager, click File, New Task and enter EXPLORER.EXE to restart the Windows shell.
16. Close Task Manager

Listed below are the Programs to automatically delete a file that you may can use.

Remove on Reboot Shell Extension
This is a nice extension that loads into the right click menu. All you have to do is right-click on a file and choose "Remove on Next Reboot" and the file will be deleted the next time the computer restarts. Although it probably should only be used by more advanced computer users since it may be TOO easy to delete files using this program.

Pocket Killbox
A simple .exe file that you can use to delete undeleteable files, although the program will also delete temporary files, edit the HOSTS file, and more. A definite must have program when you are fighting an annoying spyware or adware program that won't remove.

Unlocker
Unlocker is another program that runs from the right click menu. Its simple and very effective. The website even has a side by side comparision of other programs that accomplish this task.
Using one of the three tools shown above, you should be able to remove those annoying undeleteable files once and for all.

Windows Update Problem?

2006-12-15T07:36:00.000+08:00

Many users of Windows XP, Windows 2000 and Windows Server 2003 have had problems when trying to access the Windows Update site.
BTW, this error is not the only error message one might receive while trying to scan, download or install Hotfixes from the Windows Update site. Here is my current list of other Windows Update error codes and their respective solutions:

0x8007007E Error - Possible solutions
When you try to use Microsoft Internet Explorer to update Windows from the Microsoft Windows Update Web site you may receive the following error message:
Error 0x8007007e
To resolve this problem, follow these steps:

1. Click Start, click Run, type :
regsvr32 Inseng.dll

in the Open box, and then click OK. When you receive the RegSvr32 confirmation that the DllRegisterServer function succeeded, click OK.

2. Do the same with the following files:
regsvr32 Oleaut32.dll
regsvr32 Ole32.dll
regsvr32 Urlmon.dll
regsvr32 Mssip32.dll

3. Start Internet Explorer, and then update Windows from the Windows Update Web site (http://windowsupdate.microsoft.com).

If you still experience the problem, remove the Windows Update Setup Files folder.
1. To do so, locate the following folder:
2. Drive:\Windows Update Setup Files
3. Right-click the Windows Update Setup Files folder, click Delete, and then click Yes.
4. Install the latest version of Internet Explorer.

Windows Update Problems - Error 0x800A138F

Windows Update has encountered an error and cannot display the requested page.0x800A138F

The 0x800A138F error is actually a general error message, and many people get it when they visit Windows Update. But after the the MSBlast virus was unleashed a few months ago, Microsoft changed a few things at the main update website. This worm was expected to attack windowsupdate.com on the 16th of August 2003 by using a distributed denial of service attack (DDOS). To prevent this attack Microsoft made a few changes on the WU site. One of them was to use Akamai for additional bandwidth and this connectivity is exclusively using HTTPS (SSL) for the downloading of the update catalogue. It is since then that an escalation in the number of 0x800A138F error messages was reported.

As stated in the previous paragraph, the 0x800A138F error is in fact a general error message. To get a clearer picture of the real error message you'd need to go to the "Windows Update Log" and look for any "Errors". This gives a clearer indication as to the exact nature of the problem.

The windows update log is in the following places:
C:\Windows\Windows Update.log (XP/2003/Win98/Me)
or
C:\WINNT\Windows Update.log (Windows 2000)

Besides the changes in the WU site, many users of Windows 2000 reported similar problems in accessing the WU site. After installing to SP3, when trying to use Windows Update. Windows Update works fine scanning for updates, but when you choose to download and install them the page displays the 0x800A138F error message.

I've searched all over the Internet for solutions to these problems and came up with the following list of possible solutions. These solutions are not arranged by any specific order, although I do recommend trying each one from top to bottom till you reach the one that helped the most.

0x800A138F Error - Solution #1:
The number one reason for this error is related to your computer's date and/or time settings. If the date on your computer isn't correct, it may prevent you from connecting to secure sites. To fix the problem make sure your computer time and date are correct, and go to Windows Update and try again.
If you're on a network that has Active Directory configured you should try the following command:

w32tm /config /update /syncfromflags:DOMHIER

If will force your computer to update the time from the PDC Emulator in the domain.

Solution #2:
If that didn't work, the next solution might:
1. Delete c:\program files\windowsupdate
2. Delete the %systemroot%\system32\windowsupdate (this is a hidden directory)
3. Try windows update again.

Solution #3:
If the previous solutions didn't work for you, you might need to clear the problematic WU files from your computer. Some of these files are hidden files, please enable "Show Hidden Files and Folders" from your Folder options.

To delete Windows Update files:

1. Double click on My Computer, double click on C:\
2. Open the "WUTEMP" folder and delete the contents of the folder (If any files exist).
3. Double click the Program Files folder, then the 'Windows Update' folder. We will then need to delete all files & folders within this directory except the "V4" folder.
4. To do so, highlight the "V4" folder, then click Edit from the menu bar at top of the window and choose Invert Selection. If you cannot locate the "V4" folder, please skip this step, and then continue to delete the rest of the files by choosing Select All instead of Invert Selection.
5. Once all of the other files are highlighted, simply hit the Delete key on your keyboard to delete these files.
6. Next we need to delete all the files & folders within the V4 directory except the "iuhist.xml" file. To do so, perform the same steps as above by highlighting the "iuhist.xml" file, then clicking Edit from the menu bar at top of the window and choose Invert Selection.
7. Once these other files are highlighted, again hit the Delete key on your keyboard to delete the files.

Next delete all the contents of the WUTemp folder (if it exists, if not skip this step).

Next Unregister old control:

Go to Start > run
1.Type: regsvr32 /u C:\WINNT\System32\IUCTL.dll
2. You should get a unregistered successfully message.

Find your old site controls:
1. Go to Start > Search
2. Type "IUCTL.DLL" (Without Quotes)
3. Click on the Search button.
4. When the search result is displayed, delete delete any trace of the file IUCTL.DLL.
5. Next Search for the "IUEngine.dll" file.
6. Delete any trace of the file IUENGINE.DLL.
7. Reboot and try to access Windows Update again.

How To Launching remote desktop from the command line in Windows XP Pro

2006-12-14T19:38:00.000+08:00

Remote desktop allows you to configure and connect to another computer running Windows XP Pro. Here's what you need to know about the remote desktop connection dialog box, including a few parameters you're most likely to encounter.

The Windows XP remote desktop connection dialog box provides you with everything that you need to configure and connect to another computer running Windows XP Pro. You can use the Save As button on the Connection Settings panel to save all your connection settings as an RDP file. Then, you can launch and connect to a remote computer simply by double-clicking the RDP file.

You can also script a remote desktop connection, as Windows XP's remote desktop connection has an executable file that can accept command line parameters and be run from a batch file. The remote desktop connection executable file is MSTSC.EXE, and the following are some of the most common parameters

/v:--specifies the name of the computer to connect to.
/f--starts the connection in a full screen.
/w:<width>--specifies the width of the remote desktop screen.
/h:<height>--specifies the height of the remote desktop screen.

For example, to remotely connect to a computer named Gampang in a 640 x 480 remote desktop screen, you would use the following command:

mstsc /v: Gampang /w:640 /h:480

You can type this command line in the Run dialog box, as well as use it in a batch file.

Note: This tip applies only to Windows XP Professional.

10 hings you must know before you buy an 802.11n wireless device

2006-12-13T23:10:00.000+08:00

If you've spent any time in your local tech shop, you are sure to have seen a rash of Pre-N and Draft-N wireless products. Before you get caught up in a rush of new product frenzy and plunk your money down, take a few minutes and look at exactly what you are buying.

1 - MIMO
One of the big advantages of 802.11n is MIMO. MIMO is short for Multiple Input / Multiple Output. MIMO breaks the data transmission down to multiple parts that are sent separately to the client, where they are reassembled. One of the requirements for this then is multiple antennas to send and receive the data. This system has the advantage of extending the range of wireless, along with increasing the capacity that can be carried by the signal. MIMO is implemented in almost all Draft N and Pre N specs. The use of MIMO in these devices has, for the most part, greatly extended the range of these devices. Unfortunately, there are still debates ongoing about the finalization of MIMO itself, as the 802.11n spec is not ratified yet.

2 - Standard not fully ratified
IEEE has not fully ratified the standards for 802.11n. This means that the technical details of 802.11n have not been decided upon. The original draft for 802.11n was voted on earlier this year and soundly rejected, receiving only 46 percent of the needed 75 percent of votes to be accepted. Draft 2.0 of the spec is scheduled be debated and approved in March of 2007. Items adhering to this spec can be labeled as Phase 1 Draft N. These items will be compatible with each other (unlike many current pre-n and draft n components). The final ratified standard will probably be ratified in early 2008. Of course, if no Draft 2.0 can be agreed upon in March 2007, this will push the schedule for all of this back.

3 - Equipment cannot guarantee N compatibility
As the final spec of 802.11n is not fully ratified, it is impossible to guarantee that any equipment sold as Pre-N or Draft-N will be compatible with the final spec. Many manufactures on banking on the assumption that compatibility can be achieved by firmware updates to their equipment. Currently the only vendor offering a full replacement warranty should there equipment not be compatible with the final spec is Asus. You can view information on their WL-500W router here, and you can view the details of their guarantee here.

4 - Huge speed increases over 802.11g
The final 802.11n will undoubtedly boast a great speed increase over 802.11g. This boost will almost assuredly make wireless faster than 100mb Ethernet. Currently most Pre-N and Draft-N equipment are already showing great speed increases. The speed they operate though varies based on manufacturer and equipment. The advertised speeds vary from 100mb to 200mb. If you truly need greater speed, be very careful in your shopping to make sure you are getting the fastest speed possible.

5 - Backward compatibility with previous wireless standards
While IEEE has announced that any final spec for 802.11n will include backward compatibility for 802.11b and 802.11g this specification is not finalized. With this being the case, there can be no guarantee of backward compatibility for current Pre-N and Draft-N gear. While most of the products currently on the market offer backward compatibility, how they implement it varies from vendor to vendor. Due to this, there can be (and have been reported) many instances where gear labeled as backward compatible, have not been fully backwardly compatible with equipment from other vendors.

6 - Draft-N and Pre-N gear may not be compatible with Draft-N and Pre-N gear from other vendors
Currently in the Draft 1.0 of the 802.11n spec, there is nothing to guarantee compatibility among equipment. If you choose to use Pre-N or Draft-N gear you will need to buy all of your equipment from a single vendor. While interoperability may be promised, there is no way to guarantee this. The Draft 2.0 spec of 802.11n will include interoperability standards for the release of Phase 1 Draft-N gear.

7 - Testing has shown MIMO systems not based on Draft-N standards can be significantly faster than systems based on Draft-N
Real world testing has shown that highest possible speeds using MIMO can be achieved by not sticking to the Draft-N specifications. What this means is that if you are truly searching for the fastest possible wireless connection, do not force your search to just N class products, but products that use MIMO.

8 - Draft-N gear is driven by marketing
It has been several years since any new development was made in consumer grade Wi-Fi. This has lead to a certain degree of stagnation within the market. The advent of Pre-N gear has given companies something to latch onto in an attempt to offer their customers something new. While there are undoubtedly benefits (in speed and range) to using this new gear, you are also putting yourself in line for potential problems. You really need to weigh your actual needs before jumping on the bandwagon of a "not ready for prime-time" technology.

9 - Potential to interfere with existing Wi-Fi
One of the issues with MIMO is that it uses a wide spectrum (40MHz) to send its data. Currently only three (1, 6, and 11) of the available channels in the current 2.4 GHz band are considered to be non-overlapping at this spectrum. However, under a powerful signal they can overlap. What this means to you is that if you have multiple wireless networks running, your Pre-N gear will need to be on one of these 3 channels, possibly necessitating a change in your current wireless networks. Also, you will want to plan for the overlap if possible, by moving your current networks to channels not sequential to 1, 6, and 11.

10 - Issues with media streaming devices
One issue that has been reported with Draft-N and Pre-N gear is that it appears it have some issues with various media streaming devices. This is an extremely perplexing issue, as of the goals of 802.11n was the ability to stream high definition media wirelessly. Whether this is due to issues in the Draft 1.0 specs, or if it's an issue with the current generation of media streaming devices remains to be seen, but at the moment a wired connection remains your best bet for streaming.

PHISHING EMAIL MESSAGE - Sample Picture!!!

2006-12-11T07:15:00.000+08:00

How did my homepage get set to About:Blank?

2006-12-10T01:45:00.000+08:00

The About:Blank homepage hijacker is a variation of a more advanced Cool Web Search hijacker. There are several variants of the About:Blank hijacker and all of them are difficult to remove manually. This hijacker is also referred to as the HomeOldSP hijacker because of the changes to the registry that can be seen using HijackThis such as

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

This is very similar in characteristics to the random dll hijacker also known as HomeSearch Hijacker that came out around the same time. The key to the hijack is a hidden dll file that is connected to a BHO (Browser Hijack Object). This hidden dll file shows up in the following registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs

Unfortunately removing this About:Blank hijacker can be difficult. Its a very persistent problem that can return quickly if it is not removed carefully.

Look for the Key named AppInit_DLLs, the value in this key is the hidden dll file that is causing your problems. Write down the name of this file and think of it as the hidden.dll file

Secondly, use the Windows Recovery Console in Windows XP to rename the file.

Restart the computer in Recovery Console mode using the Windows XP or Windows 2000 CD or by the option show below
Type cd \windows\system32 and press Enter
Type the following line to remove the read-only characteristic, replacing hidden.dll with the name of the dll file found with RegLite

ATTRIB -R hidden.dll

Rename the hidden.dll file by typing the following command (replacing the word hidden.dll with the actual filename)

RENAME hidden.dll badfile.dll

Type Exit and press Enter to Reboot Windows

What is Web 2.0

2006-12-08T17:33:00.000+08:00

Just recently we've bombarded with the presence of web 2.0. And till this now, yet I still figured otu what it's all about, and this is what I can summarize based on my reading.

The bursting of the dot-com bubble in the fall of 2001 marked a turning point for the web. Many people concluded that the web was overhyped, when in fact bubbles and resulting shakeouts appear to be a common feature of all technological revolutions. Shakeouts typically mark the point at which an ascendant technology is ready to take its place at center stage. The pretenders are given the bum's rush, the real success stories show their strength, and there begins to be an understanding of what separates one from the other.

This article is an attempt to clarify just what we mean by Web 2.0.
In our initial brainstorming, we formulated our sense of Web 2.0 by example:

Web 1.0 -->>> Web 2.0
DoubleClick --> Google AdSense
Ofoto --> Flickr
Akamai --> BitTorrent
mp3.com --> Napster
Britannica Online --> Wikipedia
personal websites --> blogging
evite --> upcoming.org and EVDB
domain name speculation --> search engine optimization
page views --> cost per click
screen scraping --> web services
publishing --> participation
content management systems --> wikis
directories (taxonomy) --> tagging ("folksonomy")
stickiness --> syndication

The list went on and on. But what was it that made us identify one application or approach as "Web 1.0" and another as "Web 2.0"? (The question is particularly urgent because the Web 2.0 meme has become so widespread that companies are now pasting it on as a marketing buzzword, with no real understanding of just what it means.

The question is particularly difficult because many of those buzzword-addicted startups are definitely not Web 2.0, while some of the applications most of us can identified as Web 2.0, like Napster and BitTorrent, are not even properly web applications!).

Speed Up Your PC using MSConfig technique...partTHREE

2006-12-07T07:33:00.000+08:00

Back to the previous discussin on the Speed Up your PC using MSCONFIG. If you still can remember, in a previous discussion, you asked to check the Hide All Microsoft Service. It's is to ensure that you can avoid any mistake to turn off some of the important service needed by OS. As Windows XP starts a lot of different services, as engine of the whole Windows system. However, some of them won't be of any use for you! By quitting those unused services, you can realize higher system performances. At the page MSCONFIG, I already mentioned the possibilities to turn off services on the tab Services, as shown below.

This is not the proper way to turn off services, especially not the Microsoft services: please use the Services Management Tool for this purpose. The Services Management Tool (Control Panel, Administrative Tools, Services or SERVICES.MSC if you would like to make a shortcut) shows all the available active and inactive services, including a information about what they are meant for:

As you can see, for each services there is a lot of information (this information is not always clear, but gives you an idea whether you probably need it or not...). Here you can change the services start-up type to automatic, manual or disabled. Some services depend on other services to work properly (that's the reason not to turn off services in MSConfig) and others are normally disabled. Right click on a service and pick Properties to make changes to the startup type (first check the tab Dependencies!). Switching a service from automatic to manual makes the service available when needed but disables it on startup by default. To monitor the effect of a service, stop the running service by right clicking on it and choose Stop.

Services which can be disabled safely

There are many Windows services. Most of them you will need for a good functioning Windows system, but some can be turned off safely. Here are services mentioned, which can be switched (almost) safely to manual or even disabled. Read the information carefully and make sure you understand what the service does and/or does not! Keep in mind that possible problems in the future start here (so you will have to fix them here as well). If you are not sure about a service, then don't make any change to the startup type! Don't change them all at a time, if you are not sure what they are for. Don't turn off services which are depended on by other services!

Alerter: Most times this service is not used. It takes care of administrative alerts over a network for administrative purposes.

Automatic Updates: Downloading and installing Windows updates. If you think you don't need this service, you can disable it. Remember that the Windows update website doesn't work anymore without this service, since the introduction of Windows XP SP2. I advise to keep it unchanged. To work properly, the Automatic Updates service also needs Background Intelligent Transfer Service, Event Log and the Cryptographics Services.

Background Intelligent Transfer Service (BITS): This service enables the possibility to continue downloads after a restart of Windows. Although this function seems not useful all the time, it's necessary for the Automatic Updates service, to update your Windows in the background

Computer Browser: This services lists all computers in a network and gives this information to other computers in the netwerk, when asked for. This makes browsing on the network faster. There is no need for this service, and especially not if you don't have a network situation. With this function disabled, you are still able to browse your network!

Distributed Link Tracking Client: This service is only applicable when you make use of the NTFS file system. If you don't use this file system, you can switch off this service. This services makes sure that linked files on different volumes (possibly somewhere on the network) stay connected. If a file has been moved to another location, the link will be updated by this service. There is probably no need at all to for this services on your computer, so disable it.

Error Reporting Service: Enables the option to report system errors to Microsoft. There is no need to do this, enough reason to disable this service.

Event Log: This services logs issues in the log files, which can be viewed with the Event Viewer (Control Panel, Administrative Tools, Event Viewer). Although you might think it's not useful, do not disable this service but keep it automatic.

Fast User Switching Compatibility: If you don't need the fast switching between user accounts, disable this function. Fast switching of user accounts makes it possible to leave your application open without saving your data. If not needed, don't use this function, it doesn't always work properly.

Help and Support: Without this service, the Windows Help and Support center will not be available. If you don't need this help, switch this service to manual

IMAPI CD-Burning COM Service: This function is used to able to burn CD-ROM's with the Windows Explorer (copy-paste files to your CD burner). If you don't have a CD-burner, you can disable this service (or switch to manual). It is possible that this service causes troubles in combination with other burning software

Indexing Service: With this indexing service, you are able to search faster on your computer. The faster searching comes at a cost: the indexing of the content, which slows down your computer. This services is not needed, I advise to disable it for better overall performance.

IPSEC-services: Manages IP security policy, possibly not needed for your system.

Messenger: The Messenger service makes it possible sending messages over the network (it has nothing to do with Live Messenger). This function works by the following command: NET SEND 127.0.0.1 Hello (Start, Run,..), a new message Window should appear if this service is enabled. This service is also available from the internet, which makes it possible to receive strange messages: reason enough to disable this service.

NetMeeting Remote Desktop Sharing: This service provides the possibility to invite others to access your computer as a remote desktop. There is no need for this service. For security issues, you better disable this option.

Performance Logs and Alerts: The making off performance logs will probably lower your systems performance: reason enough to disable it, especially if you never read the log files

Portable Media Serial Number Service: Needed to reed the serial number of any portable media player. If this function is disabled, there is a chance not to open (downloaded) protected content. You probably can disable this service without any noticeable consequences.

Print Spooler: Necessary for printing. If you don't want to have the option to print, you can disable it.

Protected Storage: This service provides the possibility to safe passwords (email, websites, dial up,..). Remember that passwords can be easily retrieved with freeware software (see the item Forgotten passwords). Although this issue, I prefer to keep this option on automatic.

QoS RSVP: QoS is probably not needed for your network traffic, so you can disable this service

Remote Access Auto Connection Manager: If you are getting troubles with your internet connection, leave this service on automatic. If you are using a router: disable this service.

Remote Desktop Help Session Manager: If you don't need remote assistance (the other person controls your computer by your invitation), disable this function.

Routing and Remote Access: If there is no need to dial in by others into your computer, disable this service

Security Center (SP2): Service Pack 2 provided Windows with the Security Center. The Security Center monitors the proper functioning of your system security (Windows updates, firewall and virus scan). If something is not working properly, you will be informed continuously. I can't imagine why you can't do it yourself, reason enough to disable it.

Server: For sharing local files and printers with other computers on your network. If there is no need to share, disable this service.

Shell Hardware Detection: Essential for automatic playing of connected devices (memory cards, CD/DVD).

Smart Card: No reason to run this service when you don't have a smart card.

System Event Notification: Almost never used. Leave the service on automatic if you have a network or a portable PC, else disable it

Task Scheduler: This service enables automatic scheduled tasks (like regularly downloading of virus definitions). Many applications need this service. If you prefer to do everything yourself, you can disable this service. I prefer automatic

Windows Firewall (ICF) / Internet Connection Sharing (ICS): This services provides your computer with a software firewall for your internet connection. You can disable the firewall service if you use a third party firewall (do NOT go online without a firewall!). Besides the firewall function, the service provides you with the possibility to share the internet connection with other computers, which is not needed when your network is provided with a router.

Windows Image Acquisition (WIA): This service is used for transferring images from your camera/web cam or scanner. Leave this service on manual if you have one of those devices, else disable the service.

WMI Performance Adapter: No need for performance information, only the performances? Disable this service.

Wireless Zero Configuration-service: Needed for automatic configuration of your wireless network connection. If you don't have any wireless network adapter, disable this service.

Tips to settled down Slow Startup / Shutdown Problem!

Possible other cause of a slow shutting down process of Windows is cleaning the pagefile (if turned on, by default this option is disabled). Disabling cleaning the pagefile is done in the registry: change the DWORD value ClearPageFileAtShutdown to 0.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\ Control\Session Manager\Memory Management

how to backup outlook express

2006-12-05T21:03:00.000+08:00

Lately people always asking me on how they can easily backup their personal data/mail account in Outlook Express. While this time, this article describes how to back up and restore your messages, Address Book, mail accounts, and news accounts in Outlook Express 5 and later.

If multiple Identities are in use for Outlook Express, these steps should be repeated for each
Identity and the backup data segregated accordingly. This will facilitate restoration of each Identity.

To backup Outlook Express data:
• Copy mail files to a backup folder
• Export the Address Book to a file
• Export the mail account to a file
• Export the news account to a file

To restore or import Outlook Express data:
• Import messages from the backup folder
• Import the Address Book file
• Import the mail account file
• Import the news account file

Copy Mail Files to a Backup Folder
To make a backup copy of your Outlook Express e-mail message files:

1. On the Tools menu, click Options.
2. On the Maintenance tab, click Store Folder.
3. Select the folder location, and then press CTRL+C to copy the location.
4. Click Cancel, and then click Cancel again to close the dialog box.
5. Click Start, and then click Run.
6. In the Open box, press CTRL+V, and then click OK.
7. On the Edit menu, click Select All.
8. On the Edit menu, click Copy, and then close the window.
9. Right-click any empty space on your desktop, click New, and then click Folder.
10. Type mail backup for the folder name, and then press ENTER.
11. Double-click the Mail Backup folder to open it.
12. On the Edit menu, click Paste.
13. Close the Mail Backup window.

Export the Address Book to a File

NOTE: This step is very important when multiple Identities are in use. A .WAB (Windows Address Book) file is used by Outlook Express 5.x and 6.0 versions, even if multiple Identities are used. The individual data for each Identity is stored in a folder, by user name, within the .WAB file in use.

Exporting this data, while logged in to a specific Identity, is the only means of segregating the Address Book data. If the .WAB file becomes dissociated from the user Identities, the data can only be exported in total - not folder by folder.Another reason to export the .WAB file to a .csv file is that if the .WAB file is shared with Microsoft Outlook, the addresses are stored in the *.pst file in Outlook.

When you export the file from the Outlook Express File menu to a *.csv file it exports the correct contacts. If the Address Book is shared with Microsoft Outlook, you are not able to export from within the Address Book on the File menu. This option is dimmed or not available.To export your Outlook Express address book:

1. On the File menu, click Export, and then click Address Book.
2. Click Text File (Comma Separated Values), and then click Export.
3. Click Browse.
4. Locate the Mail Backup folder that you created.
5. In the File Name box, type address book backup, and then click Save.
6. Click Next.
7. Click to select the check boxes for the fields that you want to export, and then click Finish.
8. Click OK and then click Close.

Export the Mail Account to a File
To make a backup copy of your Outlook Express mail account:

1. On the Tools menu, click Accounts.
2. On the Mail tab, click the mail account that you want to export, and then click Export.
3. In the Save In box, locate the Mail Backup folder on your desktop, and then click Save.
4. Repeat these steps for each mail account that you want to export.
5. Click Close

Export the Newsgroup Account to a File
To make a backup copy of your Outlook Express news accounts:

1. On the Tools menu, click Accounts.
2. On the News tab, click the news account that you want to export, and then click Export.
3. In the Save In box, use locate the Mail Backup folder on your desktop, and then click Save.
4. Repeat these steps for each news account that you want to export.
5. Click Close.

Importing Outlook Express data

To restore data, you may need to re-create the Identities for each user, prior to using the following steps. Repeat each step, as needed, for each Identity.

Import Messages from the Backup Folder
To import your Outlook Express e-mail messages from the Backup folder:

1. On the File menu, point to Import, and then click Messages.
2. In the Select an e-mail program to import from box, click Microsoft Outlook Express 5 or Microsoft Outlook Express 6, and then click Next.
3. Click Import mail from an OE5 store directory or Import mail from an OE6 store directory, and then click OK.
4. Click Browse, and then click on the Mail Backup folder on your desktop.
5. Click OK, and then click Next.
6. Click All folders, click Next, and then click Finish.

Import the Address Book File
To import your Outlook Express address book:

1. On the File menu, click Import, and then click Other Address Book.
2. Click Text File (Comma Separated Values), and then click Import.
3. Click Browse.
4. Locate the Mail Backup folder on your desktop, click the address book Backup.csv file, and then click Open.
5. Click Next, and then click Finish.
6. Click OK, and then click Close.

Import the Mail Account File
To import your Outlook Express mail account file:

1. On the Tools menu, click Accounts.
2. On the Mail tab, click Import.
3. In the Look In box, locate the Mail Backup folder on your desktop.
4. Click the mail account that you want to import, and then click Open.
5. Repeat these steps for each mail account that you want to import.
6. Click Close.

Import the Newsgroup Account File
To import your Outlook Express news account file:

1. On the Tools menu, click Accounts.
2. On the News tab, click Import.
3. In the Look In box, locate the Mail Backup folder on your desktop.
4. Click the news account that you want to import, and then click Open.
5. Repeat these steps for each news account that you want to import.
6. Click Close.

What are the Safe Mode options? When should I use them?

2006-12-04T09:45:00.000+08:00

If you are unable to start your system by using Last Known Good Configuration, Windows XP Professional, Windows 2000 and Windows Server 2003 provides safe mode, a startup option that disables startup programs and nonessential services to create an environment useful for troubleshooting and diagnosing problems. In safe mode, Windows XP/2000/2003 starts a minimal set of drivers that the operating system needs to function. Support for devices such as audio devices, most USB devices, and IEEE 1394 devices is disabled to reduce the variables that you need to account for when diagnosing the cause of startup problems, Stop messages, or system instability.

Logging on to the computer in safe mode does not update Last Known Good Configuration information. Therefore, if you log on to your computer in safe mode and then decide you want to try Last Known Good Configuration, the option to do so is still available.

Essential drivers and system services enabled in safe mode include the following:

Drivers for serial or PS/2 mouse devices, standard keyboards, hard disks, CD-ROM drives, and standard VGA devices. Your system firmware must support universal serial bus (USB) mouse and USB keyboard devices in order for you to use these input devices in safe mode.

System services for the Event Log, Plug and Play, remote procedure calls (RPCs), and Logical Disk Manager.

Enabling only components needed for basic functionality allows the operating system to start in the following situations:

The computer consistently stops responding: You can restart the operating system in safe mode and use the tools described in this appendix to diagnose and resolve problems.

The computer starts with a blank or distorted video display: You can start your computer in safe mode and then use Control Panel to select video adapter settings that are compatible with your monitor. New settings take effect when you restart the computer.

The computer does not start normally after you install new hardware or software: If recently installed hardware or software prevents you from starting Windows XP Professional in normal mode, you can use safe mode to uninstall software, or to remove or roll back device drivers.

Safe mode helps you diagnose problems. If a symptom does not reappear when you start in safe mode, you can eliminate the default settings and minimum device drivers as possible causes. If a newly added device or a changed driver is causing problems, you can use safe mode to remove the device or reverse the change.

There are circumstances where safe mode will not be able to help you, such as when Windows system files that are required to start the system are corrupted or damaged. In this case, the Recovery Console may help you.

Safe Mode also bypasses startup programs. Bypassing startup programs reduces system complexity and enables you to see whether a startup program is the source of the problem.

In safe mode, the operating system does not run network-based startup programs. To enable network logon scripts in safe mode, select Safe Mode with Networking on the Windows Advanced Options Menu.

To start your computer in safe mode:

Remove all floppy disks and CDs from your computer, and then restart your computer.

When prompted, press F8. If Windows XP Professional starts without displaying the Please select the operating system to start menu, restart your computer. Press F8 after the firmware POST process completes, but before Windows displays graphical output.

From the Windows Advanced Options Menu, select a safe mode option listed in the following list:

Safe Mode: Loads the minimum set of device drivers and system services required to start Windows XP/2000/2003. User specific startup programs do not run.

Safe Mode with Networking: Includes the services and drivers needed for network connectivity. Safe mode with networking enables logging on to the network, logon scripts, security, and Group Policy settings. Nonessential services and startup programs not related to networking do not run.

Safe Mode with Command Prompt: Starts the computer in safe mode, but displays the command prompt rather than the Windows GUI interface.

Enable Boot Logging: Creates a log file (Ntbtlog.txt) in the systemroot folder, which contains the file names and status of all drivers loaded into memory. Systemroot is an environment variable that can vary from one system running Windows XP/2000/2003 to another.

Enable VGA Mode: Starts the computer in standard VGA mode by using the current video driver. This option helps you recover from distorted video displays caused by using incorrect settings for the display adapter or monitor.

Last Known Good Configuration: Restores the registry and driver configuration in use the last time the computer started successfully.

Debugging Mode: Starts Windows XP/2000/2003 in kernel debugging mode, which allows you to use a kernel debugger for troubleshooting and system analysis.

Start Windows Normally: Starts Windows XP/2000/2003 in normal mode.

Reboot: Restart the computer.

Updating Windows: critical/optional updates

2006-12-03T12:51:00.000+08:00

After you have installed Windows, the device drivers, a firewall and setup the internet connection, the first thing to do is updating the Windows software. Updating Windows is actually very easy, first you visit the Windows Update website: Start, All Programs, Windows Update (or visit the Windows Update website with the following link: windowsupdate.microsoft.com). By visiting the Windows Update website, you will have two options:

Install critical updates only (Express Install, High Priority updates)
Install both the critical and optional software updates (Custom Install, High Priority and Optional Updates).

High priority Windows updates

It is very important to install all the critical updates. Without these critical updates, you have some important security issues, which need to be fixed as soon as possible. Install the critical updates before you visit other websites! On the Windows Update website, use one of the above options and install all the High priority updates. After you installed the high priority critical updates, restart Windows and visit the Windows Update website again.

These updates can be massive, especially if service pack 2 is not installed yet. If you have SP2 on CD-ROM, you can install it without installing SP1 first. SP2 is provided with and auto update function for critical updates (the yellow shield in the system tray) and the Security Center (the red shield in the system tray) which is actually not needed at all. On the page how to optimize the Windows services, you can read how to disable the Security Center.

Optional software updates

If all critical updates are installed, check the optional updates to enhance your Windows system. You will find updates for the Media Player, Outlook Express, DirectX .NET Framework and more. After you installed the optional Windows updates, reboot and check the Windows Update website again until all needed optional and all critical Windows Updates are installed!
Optional hardware updates

You are also able to download updated drivers for the hardware. Although Windows has many build-in device drivers, I prefer to install or update the device drivers with the most recent drivers from the manufacturer.
I have frequently seen, things going wrong (blue screen) after updating device drivers from the Windows update website. That's why you better install one device driver update at a time. If the new driver is giving a BSOD (Bleu Screen Of Death), boot in safe mode (press F8 at reboot), Control Panel, System, tab Hardware, button Device Manager, right click the updated hardware, choose Properties, tab Driver, button Roll Back Driver.

Microsoft-Updates (like MS-Office)
Besides installing the Windows updates, you can choose to update all Microsoft products like MS-Office. Therefore, you go to the Windows Update page and choose for Microsoft-Updates in the menubar. The update procedure is similar to Windows Update.

Service Pack's
If you have just reinstalled Windows XP, it's wise to update directly with the latest available Service Pack. You can download (and install) the Service Pack files directly from the Windows Update site or download the Service Pack file first from the Microsoft downloadcentre (www.microsoft.com/windowsxp/sp2/default.mspx). You can directly install the latest service pack, there is no need to install the previous service pack's!

TIP: After the installation of SP2 there are still many updates to download and install. These updates are also available in one file from the site http://www.autopatcher.com/. AutoPatcher contains all essential and optional updates, which is handy if you have to update multiple Windows installations.

Deleting update files
If all updates are installed (or if you have troubles with the Windows Update website), you can safely delete the files in the following folders:C:\Windows\System32\Catroot2C:\WINDOWS\SoftwareDistribution\Download

I can't imagine you would like to roll back the installed high priority Windows updates. To delete the undo files, remove all the hidden folders starting with a "$" in the folder C:\WINDOWS (this can free a lot of hard disk space!) If you are still having Windows update problems, try to turn off and on the Windows update function (Control Panel, Automatic Updates).

NOTE: These files are hidden in the Windows Explorer! To unhide: Tools, Folder Options, tab View, enable Display the content of system folders, enable Show hidden files and folders, disable Hide extensions for known file types and disable Hide protected operating system files.
Saving update files (optional for a slow internet connection)

With the new Windows Update software, all updates are stored in the folder C:\WINDOWS\SoftwareDistribution\Download. By copying these files to a safe location, you have a backup for a new Windows installation. This can save a lot of download time, especially if you have a slow internet connection.

NOTE: The files don't have an extension and the name doesn't make you happy as well. Add the extension .exe or .msi to get them working (you can rename to recognize them if you wish). The folder C:\WINDOWS\Downloaded Installations also contains downloaded software updates!

What is the Sasser worm? and How To Fix it?

2006-12-02T18:34:00.000+08:00

The Sasser worm infects machines via network connections. It can attack entire networks of computers or one single computer connected to the Internet. The worm exploits a known windows vulnerability that is easily patched, however few systems seem to have this patch installed. It attacks Windows 2000 and Windows XP machines along with Windows NT and Windows Server 2003.

The patch from Microsoft known as the MS04-011 Security Update fixes the following vulnerabilities:
LSASS Vulnerability
LDAP Vulnerability
PCT Vulnerability
Winlogon Vulnerability
Metafile Vulnerability
Help and Support Center Vulnerability
Utility Manager Vulnerability
Windows Management Vulnerability
Local Descriptor Table Vulnerability
H.323 Vulnerability
Virtual DOS Machine Vulnerability
Negotiate SSP Vulnerability
SSL Vulnerability
ASN.1 “Double-Free” Vulnerability

What are the Symptoms of the Sasser worm?
You'll see a screen similar to the one below when you are infected, this will countdown to zero and literally shut down the system completely. The warning will state "This shutdown was initiated by NT AUTHORITY\SYSTEM". The message will state that the system process lsass.exe terminated unexpectedly.

The message may be prefaced by another message:

You can disable this shutdown by following the steps below during the countdown

1. Click on Start, Run
2. Type in CMD and press ENTER
3. Type in the following command and press EnterSHUTDOWN -A
This will terminate the shutdown, however in most cases the system may be to unstable to try to recover and may need to be rebooted anyway.

How Does Sasser Infect My Computer?
When W32.Sasser.Worm runs, it does the following:

1) Attempts to create a mutex named Jobaka3l and exits if the attempt fails. This ensures that no more than one instance of the worm can run on the computer at any time.

2) Copies itself as to the %Windir% directory. This is usually the C:\WINDOWS or C:\WINNT directory.

3) Adds the value:"avserve.exe"="%Windir%\avserve.exe""avserve2.exe"="%Windir%\avserve2.exe""skynetave.exe"= "%Windows%\skynetave.exe"to the following registry key, so that the worm runs on Windows startup.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

4) Uses the AbortSystemShutdown API to hinder attempts to shut down or restart the computer.

5) Starts an FTP server on TCP port 5554. This server is used to spread the worm to other hosts.

6) Iterates through all the host IP addresses, looking for addresses without any of the following:
127.0.0.1
10.x.x.x
172.16.x.x - 172.31.x.x (inclusive)
192.168.x.x
169.254.x.x

7) Using one of these IP addresses, the worm then generates a random IP address. 52% of the time, the IP address is completely random. 23% of the time, the last three octets are changed to random numbers. 25% of the time, the last two octets are changed to random numbers.
Because the worm can create completely random addresses, any IP range can be infected. This process is made up of 128 threads, which demands a lot of CPU time. As a result, an infected computer may become so slow and barely usable.

8) Connects to the randomly generated IP address on TCP port 445 to determine if a remote computer is online.

9) If a connection is made to a remote computer, the worm will send shell code to it, which may cause it to open a remote shell on TCP port 9996.

10) Uses the shell on the remote computer to connect back to the infected computer's FTP server, running on TCP port 5554, and retrieve a copy of the worm. This copy will have a name consisting of four or five digits, followed by _up.exe. For example, 74354_up.exe.

11) The Lsass.exe process will crash after the worm exploits the Windows LSASS vulnerability. Windows will display the alert and shut down the system in 1 minute.

12) Creates a file at C:\win.log that contains the IP address of the computer that the worm most recently attempted to infect, as well as the number of infected computers.
How Can I Remove the Sasser worm?

Follow these steps in removing the Sasser worm.
1) Disconnect your computer from the local area network or Internet
2) Terminate the running program
Open the Windows Task Manager by either pressing CTRL+ALT+DEL, selecting the Processes tab or selecting Task Manager and then the process tab on WinNT/2000/XP machines.
Locate one of the following programs (depending on variation), click on it and End Task or End Process
avserve.exeavserve2.exeskynetave.exeany process running with the "_up.exe" suffix
Close Task Manager
3) Activate the Windows XP Firewall (if running Windows XP) or another firewall to prevent the worm from shutting your system down while downloading the patches.

To activate the Windows XP firewall, follow these steps.
1. Click on Start, Control Panel
2. Double-click on Networking and Internet Connections, then click on Network Connnections
3. Right-click on the connection you use to access the Internet and choose Properties
Click on the Advanced Tab and check the box"Protect my computer and network by limiting or preventing access to this computer from the Internet"
4. Click OK and close out of the Network and Control Panel

Remove the Registry entries

1. Click on Start, Run, Regedit
2. In the left panel go to
HKEY_LOCAL_MACHINE>Software>Microsoft>Windows>Current Version>Run
3. In the right panel, right-click and delete the following entry
"avserve.exe"="%Windir%\avserve.exe""avserve2.exe"="%Windir%\avserve2.exe""skynetave.exe"= "%Windows%\skynetave.exe"
Close the Registry Editor

4) Delete the infected files (for Windows ME and XP remember to turn off System Restore before searching for and deleting these files to remove infected backed up files as well)
5) Click Start, point to Find or Search, and then click Files or Folders.
Make sure that "Look in" is set to (C:\WINDOWS).
In the "Named" or "Search for..." box, type, or copy and paste, the file names:avserve.exeavserve2.exeskynetave.exeC:\win2.log
6) Click Find Now or Search Now.
7) Delete the displayed files & Empty the Recycle bin

Repair or Reinstall Internet Explorer6 and Outlook Express 6

2006-12-01T22:16:00.000+08:00

According to Microsoft, if you are having trouble with either Internet Explorer 6 or Outlook Express 6 because of damaged files or missing registration information (XP registration trouble, not your name and address) you will need to either reinstall or repair the affected installation. I'm going to go over two ways that Microsoft suggests for dealing with IE6 and OE6 problems. Read over the entire article before making a decision about which method to use. At the end of Method II I've mentioned what I'd consider the best solution to this problem.

Method I
One likely cause of IE6 and OE6 not functioning properly is a corrupted file. Microsoft says this is the "most" likely cause, but I think that's wishful thinking. To run a check on the files and see if one or more is corrupted use the System File Checker that is included with Windows XP.

Click [Start] [Run] and type sfc /scannow in the [Open] box.(Note that there is a space between sfc and /scannow)

In all likelihood you will be prompted to insert the Windows XP CD ROM. If you don't have it available there is no point in continuing unless you have the files available on your hard drive and have changed the location of the XP installation files in the registry. If you do have the files copied to the hard drive, the default install location may be modified using the registry edit shown below.

[Start] [Run] [Regedit]

Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SetupModify/Create the Value Data Type(s) and Value Name(s) as detailed below.

Data Type: REG_SZ (String Value) // Value Name: SourcePath

Setting for Value Data: [Set using the path to the installation files, i.e. G:\WXPCCP_EN]Exit Registry and Reboot

Running System File Checker is not a fast process. The machine I use for the majority of my everyday work is only a P-III 866 with 784MB RAM and a 20GB/5400 RPM C drive and it took between 7-8 minutes running off the hard drive. Expect much longer times if you run from the CD. Once the System File Checker has finished, reboot and test to see if the problem has been resolved. If the problem still exists you have three choices.

- In-place upgrade of Windows XP
- Repair Windows XP
- Reinstall Windows XP

Since I'm 100% against upgrade installations of XP I won't recommend that option. A repair of Windows XP may solve the problem, but the fact the problem arose in the first place makes me suspect of the current installations overall integrity. I suggest a complete reinstall of XP after backing up all data files. However, before you select any of the above choices, look at Method II below.

Method II

The second method to try and correct the problem involves editing the registry and reinstalling Internet Explorer 6. The standard cautions apply whenever you are editing the registry

If you are having problems only with Internet Explorer 6, proceed as follows:

[Start] [Run] [Regedit]

Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}

Modify/Create the Value Data Type(s) and Value Name(s) as detailed below.

Data Type: DWORD // Value Name: IsInstalled

Setting for Value Data: [Change the Value from 1 to 0]

Exit Registry

If you are having problems only with Outlook Express 6, proceed as follows:

[Start] [Run] [Regedit]

Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}Modify/

Create the Value Data Type(s) and Value Name(s) as detailed below.

Data Type: DWORD // Value Name: IsInstalled

Setting for Value Data: [Change the Value from 1 to 0]

Exit Registry

If you are having problems with both Internet Explorer 6 and Outlook Express 6, proceed as follows:

Change the values in both of the registry keys as outlined above.

Exit Registry

Once you have made the appropriate registry changes use the link below to download and install Internet Explorer 6. The Internet Explorer 6 download includes Outlook Express 6. Reboot and test for proper operation

How To Create a Bootable USB Flash Drive

2006-12-01T21:46:00.000+08:00

Create Bootable USB Flash Drive
Requirements:

- A computer with a BIOS that allows for booting from a USB port.

- A Bootable floppy disk or CD.
I used a Windows 98 bootable CD. For those who have Dell systems, you can also use the bootable Windows XP CD that is used to reinstall your system with Windows XP.
- Utilities with the ability to create a master boot record, create partitions, set active partitions, and format and transfer boot files to the active partition
- Of course, the USB drive that you want to make bootable
I used a 256MB SanDisk Cruzer Mini USB Flash Drive.

Directions

1. Make the USB drive the first in the drive sequence.

Why?? fdisk does not allow for a partition to be set as ACTIVE (bootable) unless it is the first drive. It is most likely that your hard drive(s) is set as the first drive. This needs to be changed.

How?? Setting your USB drive to be the first in the drive sequence can be done by following ONE of the methods below. No matter which method you follow, the computer MUST be booted with the USB drive plugged in into the computer. Take a note of how the options that you are about to change were set before, as they will need to be changed back later.

Method # 1. BIOS drive sequence option.
Depending on your BIOS, there may be an option to change the drive sequence. On mine, there was an option labeled "Hard-Disk Drive Sequence". If your BIOS has this or a similar option, make sure you change the sequence so that the USB Drive is listed first.

Method # 2. Disabling other hard drives.
Again, this is done from the BIOS. Different BIOS's may have different options to disable the hard drive. On mine, the system had just one hard drive. I changed the option labeled "Primary Drive 0" to "OFF".

Method # 3. Unplugging the hard drives.
If your BIOS doesn't have an option to change the drive sequence or to turn off the hard drive, you can turn off your computer and unplug your hard drive(s). Make sure you know what you are doing here. Opening your computer case may result in voiding your computer warranty if you have one.

2. Boot the computer from the boot floppy/CD into the command prompt with the USB Drive plugged in.

3. Run fdisk

4. Use fdisk's "Set Active Partition" (option 2) to set the primary partition on the USB Drive to ACTIVE.
This step assumes that a primary partition already exists on the USB Drive. If this is not the case, use fdisk to create one. As noted in step # 1, fdisk will not allow for setting the the partition to ACTIVE unless the drive the partition is on is the FIRST in the drive sequence.

5. Exit fdisk.

6. Reboot the computer from boot floppy/CD into the command prompt with the USB Drive plugged in.

7. At the command prompt enter the following command: dir c:
This step is just to verify that the C: drive is actually the primary partition on the USB Drive. Regardless of the result that the command generates whether it be a listing of files or an error message, what is important here is to make sure that the size of the primary partition on the USB Drive is roughly equal to the sum of the empty space and the used space.

8. Format and copy the boot files to the primary partition.
At the command prompt, from the directory where FORMAT.COM is located, enter: format /s c:
9. Run fdisk /mbr
"fdisk /mbr" writes the master boot record, in this case to the USB drive, without altering the partition table information.

10. Restart the computer and choose booting from the USB Drive. If all goes well, you should see a C:> command prompt.

11. Change the computer settings back to what they were before step # 1.

I had a few people e-mail me with an error message "No fixed disks present..." which they encountered when they ran fdisk.. Personally, I did not run into this issue or know what is causing it on other people's machines.

Error Message When You Run ScanDisk or Fdisk: No Fixed Disks Present

SYMPTOMS

When you attempt to run the MS-DOS command-line utility fdisk.exe, or when you run ScanDisk from within Windows, you may receive an error message similar to the following:

No fixed disks present. NOTE: This error message may occur intermittently, and you may receive this error message even though your computer's hard disk is detected in the computer Power On Self Test (POST).

CAUSE: This behavior can occur because of any of the following hardware issues:

• The hard disk is defective or too hot.
• The jumper settings on the hard disk are incorrectly configured.
• The hard disk data cable is defective or too long.
• The hard disk controller is defective or incorrectly configured in the computer BIOS.

How to Easily Copy an Excel formula without changing its cell references

2006-11-30T22:36:00.000+08:00

If you copy a formula from one place to another, Excel will want to readjust the references to reflect the change. However, if you want the formulas to stay the same, Mary Ann Richardson can help end the confusion.

When working with a spreadsheet, when you copy a formula to another location, Excel automatically adjusts the cell references in that formula to the new location. If you do not want to have Excel adjust the cell references, you would have to make them absolute before copying them. Or, you could copy the formula to the clipboard as text before pasting it to its new location.

Follow these steps:
1. Click on the cell containing the formula you want to copy.
2. Press [F2].
3 Click and drag to select the entire formula.
4. Click the Copy button in the Standard toolbar.
5. Press [Enter].
6. Select the cell into which you want to paste the formula.
7. Click the Paste button in the Standard toolbar.

When you copy an Excel formula in this manner, the formula copies as text and will not adjust its cell reference. You can also copy part of a formula this way. For example, you may want to include the formula as part of an If statement in another part of the worksheet.

SImple Method to Protect Yourself Against Viruses

2006-11-30T17:09:00.000+08:00

Follow these simple steps to keep yourself and your computer virus free.

Purchase and/or Download an Anti-Virus program to spot virusesAnti-virus software is a must for any computer connected to the Internet or otherwise. Viruses travel by many means and the first thing you should do is install software to catch the viruses.
or download free antivirus program
Update your current Anti-Virus softwareProtection against viruses is only as good as your last update.

Scan for Viruses regularlyIts a good idea to scan your system on a regular basis to avoid infection. Most anti-virus software scans files as you open them, but its a good idea to run a full scan of your system on a weekly basis.

If you do not have an antivirus software product installed on your computer, try using one of the various online virus scanners to scan your system and remove any problems.
Watch out for Email AttachmentsViruses attached to email are currently the most common and widespread computer viruses. Although some viruses can attack just by opening email, most won't activate until you open the attachment.

Disable System Restore features in Windows ME or Windows XP, so that the viruses can be removed properly in.

Use a Firewall to Protect Your Computer from Intruders
The best defense against someone invading your computer is a personal firewall.

How to login as Administrator in Windows XP?

2006-11-29T23:03:00.000+08:00

How many of us ever realized that the Administrator account is one of the best way to get back your computer in shape.This built-in Administrator account is hidden from Welcome Screen when a user account with Administrator privileges exists and enabled.
This Administrator account is mainly for the purpose to have a look on what is inside the computer. Normally, in a troubleshoting process it is very useful, for example in a case where you can't launch any kind of application if you are login with your account.

In Windows XP Home Edition, you can login as built-in Administrator in Safe Mode only. For XP Professional, press CTRL + ALT + DEL twice at the Welcome Screen and input your Administrator password in the classic logon window that appears.

Secret Recipe you can use to recover from Spyware ATTACK!!! - PartONE - Browser Hijack

2006-11-28T22:48:00.000+08:00

At this moment I would like to highlight on topic of spyware, since the damaged that has been created by this kind of evil things has become more serious among us. Listed below are some of the devices that I've found it succesfully working proven;-

These are:
1. Trend Micro CWShredder ;- this tool is most likely focus on removing the CoolWebSearch symptom, or we called it as CWS. CWS will normally attack your browser and can causing you to redirect to any other malicious website. The many variants of "CoolWebSearch installs dozens of bookmarks mostly to porn Web sites on your desktop, changes your home page without asking, and continually changes it back if you attempt to correct it. Furthermore, it significantly slows down the performance of your PC, and introduces modifications which cause Microsoft Windows to freeze, crash or randomly reboot". They also normally escape most Anti-Spyware products. However, most known variants of CoolWebsearch can be detected and cleaned by CWShredder.

2. HijackThis is a tool, that lists all installed browser add-on, buttons, startup items and allows you to inspect, and optionally remove selected items. The program can create a backup of your original settings and also ignore selected items. Additional features include a simple list of all startup items, default start page, online updates and more. This prpogram however Intended for advanced users.

3. Spybot Search and Destroy can detect and remove spyware of different kinds from your computer. Spybot search and destroy can also clean usage tracks, an interesting function if you share your computer with other users and don't want them to see what you worked on. And for professional users, it allows to fix some registry inconsistencies and extended reports. This wonderful program has many features, and is great at keeping spyware out of the systems.

4. Ad-Aware SE is a multi-trackware detection and removal utility that will comprehensively scan your system's memory, registry, hard, removable and optical drives for known Malware. The most important, no matter what version of Windows you are using, it still can works!

Nice Tips for Microsoft Word 2003 Office - Part 2

2006-11-27T07:09:00.000+08:00

Working with text and paragraphs cont.

Ctrl+Equal Sign Subscript the selected text
Ctrl+Shift+Plus Sign Superscript the selected text
Ctrl+Shift+Q Apply Symbol font to the selected text
Ctrl+Shift+F Change the selected text's font
Ctrl+Shift+P Change the selected text's font size
Ctrl+Shift+> Increase the selected text's font size by one point
Ctrl+Shift+< Decrease the selected text's font size by one point
Ctrl+] Increase the selected text's font size by one point
Ctrl+[ Decrease the selected text's font size by one point
Shift+Enter Insert a line break
Ctrl+Enter Insert a page break
Ctrl+Shift+Enter Insert a section break
Alt+Ctrl+Minus Sign Insert an em dash
Ctrl+Minus Sign Insert an en dash
Ctrl+Hyphen Insert an optional hyphen
Ctrl+Shift+Hyphen Insert a nonbreaking hyphen
Ctrl+Shift+spacebar Insert a nonbreaking space
Alt+Ctrl+C Insert the copyright symbol
Alt+Ctrl+R Insert the registered trademark symbol
Alt+Ctrl+Period Insert and ellipsis

What have to do if WinXP won’t boot?

2006-11-27T00:44:00.000+08:00

When your computer hardware appears to power up okay, but the Windows XP operating system won't boot properly, you have to begin a troubleshooting expedition that includes getting into the operating system, determining the problem, and then fixing it. To help you get started on this expedition, here are few things you can do when Windows XP won't boot.

1. Bypassing Windows with the Recovery Console
When a Windows XP boot problem is severe, you'll need to use a more drastic approach. The Windows XP CD is bootable and will provide you with access to a tool called Recovery Console.
Solving Startup Problems with the Recovery Console

- Use a recovery console
- fix a corrupt boot.ini
- fix a corrupt master boot record
- disable auto restart
- restore from a backup

NOTE The Recovery Console can be a powerful tool for finding and fixing certain types of startup problems, but if you don’t know exactly what you’re doing, it can also allow you to create new problems that will complicate the ones that are already on your computer or even completely trash Windows’ ability to start. Therefore, it’s best to use the Recovery Console only when you have detailed instructions for performing a specific task from a reliable source such as the Microsoft Knowledge. The best way to load and use the Recovery Console is to run it directly from the Windows XP CD. To do so, follow these steps:

1. Place the Windows XP CD into the drive.
2. Restart the computer from the CD.
3. At the Welcome to Setup screen, press the R key. The Recovery Console starts and shows a list of Windows installations on your computer. In most cases, there will be just one item in the list.
4. Enter the number of the version you want to use, and press the ENTER key. The Recovery Console will ask for the administrator password.
5. Type the same password you would normally use to log into Windows as an administrator, and press ENTER. If there is no administrator password, just press the ENTER key. When the Recovery Console accepts the password, it will display a C:\WINDOWS> prompt. To close the Recovery Console, type Exit at the C:\ prompt.

2. Perform in Place Upgrade
If you can't repair a Windows XP system that won't boot and you don't have a recent backup, you can perform an in-place upgrade. Doing so reinstalls the operating system into the same folder, just as if you were upgrading from one version of Windows to another. An in-place upgrade will usually solve most, if not all, Windows boot problems.

Windows Registry Editor: REGEDIT

2006-11-26T10:47:00.000+08:00

The registry contains many many Windows settings (and changes continuously), which can be viewed with the Registry Editor. Because many pages on this site (and other websites) contain registry tweaks, you need the Registry Editor to apply those registry tweaks. The Registry Editor is started with the command REGEDIT (Start, Run..., create a shortcut if you use Registry Editor frequently). Welcome in the world of the registry entries!
Most important to remember using the Registry Editor: there is NO WAY back. If you change something, it is permanent unless you have made a (partly) registry backup (File, Export). Worst case scenario: your Windows doesn't boot anymore! However, this is not a reason to leave the Registry Editor for what it is, frightened to do something wrong. If you carefully follow the instructions and ensure yourself you are making the right changes, nothing will go wrong. Before you make permanent major changes, it's wise first to make a system backup, to repair any damage.

Making changes to the registry
As shown below, the registry (Start, Run, REGEDIT) contains 5 basic keys: HKEY_CLASSES_ROOT, HKEY_CURRENT_USER, HKEY_LOCAL_MACHINE, HKEY_USERS and HKEY_CURRENT_CONFIG. Most suggested registry tweaks will be suggested for the HKEY_CURRENT_USER and HKEY_LOCAL_MACHINE keys. The first key contains settings for the current user account while the second key contains settings for the Windows system.

Tweaks for the HKEY_CURRENT_USER keys can be safely tested by creating an extra user account (Control Panel, User accounts). Within the new test user account you can test those tweaks and remove the user account afterwards. Before you make essential changes to the registry, you can export the keys first to a *.REG file by File, Export within the Registry Editor. Later you can import those registry files by File, Import or by double clicking on them in the Windows Explorer. This way it's easy to export registry settings from one computer to the other.

Installing hardware drivers - tips for newbies

2006-11-24T07:47:00.000+08:00

The Device Manager (Control Panel, System, tab Hardware, button Device Manager) shows you all the detected and installed hardware and hardware drivers. The unrecognized hardware is shown as a yellow question mark, which indicates you still have to install some drivers to get it to work. Probably you received a special CD-ROM or floppy disk from the manufacturer, which you have to use to install the drivers for the unrecognized hardware. If you don't have the CD-ROM (anymore), you can almost always download the hardware drivers from the manufacturers website.

Below you see all installed hardware within the Device Manager, as you can see there are no yellow question marks anymore:
Nowadays, most hardware is recognized by Windows. If this is not the case, the installation files from CD-ROM (or downloaded from the manufacturers website) give a problem free installation. Most times, if you follow the installation instructions on a clean Windows setup, there won't be any problem.

If the installation did give an error, the best you can do is to delete the new hardware drivers from the Device Manager. Just delete the hardware entry (DEL-key). After a reboot of your computer, the hardware will be detected again, which enables you to reinstall the hardware drivers.

Make your Firefox Faster!

2006-11-24T07:39:00.000+08:00

How to Make Firefox Load Faster
Firefox may run quickly but it loads slowly; here's how to fix it
Note: This tip is not suitable for inexperienced computer users.
You can slash Firefox's slow load time by compressing the DLLs and executables.
There are many choices for compression but I suggest you use UPX which is free, efficient and time proven.

1. Download UPX from http://upx.sourceforge.net/#download
2. Unzip upx.exe into your Firefox installation folder which is normally C:\Program Files\Mozilla Firefox.
3. Make sure Firefox is not running then shell to a command prompt in the Firefox installation directory.
4. Type in the following command in a single line and hit return: for %v in (*.exe *.dll components\*.dll plugins\*.dll) do upx "C:\Program Files\Mozilla Firefox\%v"
5. If on some later occasion you want to unpack the files, just type in the command above but add the decompression switch "-d" after "do upx."

Speed Up Your PC using MSConfig technique...partTWO

2006-11-24T07:17:00.000+08:00

The tab Services also shows some essential services started with Windows. Most of the shown services are from Microsoft Windows, which are discussed on the page Windows XP services. It's wise, not to disable one of those, to make sure you keep out of startup troubles. However, by choosing the option to Hide All Microsoft Services. This will give you an insight in non-Windows services. Most of the time it is completely filled with the services from security software like firewalls and virus scanners. This answers the question why your quick computers rapidly turns into a slow snail.

Please make sure that the box of Hide All Microsoft Services is checked....(this is to ensure that you can avoid to disable some important system files service.

The tabs SYSTEM.INI and WIN.INI aren't that important, the tab BOOT.INI gives you some extra boot options you can turn on or off. By clicking Check All Boot Paths, you can possibly fix some boot problems. By enabling the option /NOGUIBOOT there won't be any Windows logo at startup, just a black screen (actually there is no important reason to do so......;-).

If you can see the Timeout: Box...the number currently is 30 sec. - this is the actual time which your system used to boot the Windows...it's suggest hat you can make a change for it, to at least 20 sec. which will result in faster boot.

Try and error

2006-11-23T21:52:00.000+08:00

Technorati Profile

Speed Up Your PC using MSConfig technique...partONE

2006-11-23T21:29:00.000+08:00

MSConfig System Configuration Utility

If you ever realized that your PC now is becoming sluggish....very slow during startup or too much running program in background, it;s because of too many application has been forced to start during windows is boot up. Those program is truly unnecessary unless you really need it.This time I'll show you the hidden secret of Windows..yeah the real one...MSConfig.

With the utility MSConfig it is possible to analyze all the applications starting when you turn on your computer and, if you feel the need to do so, disable undesirable items. Turning off undesirable items will save system resources which will eventually result in a faster Windows. You can start the MSConfig utility by click Start, go to Run and type the command MSCONFIG and press ENTER. If you have just done a fresh Windows setup, there won't be much shocking to disable. When you have installed all your favorite software, it is time to have a look at MSConfig, whether performance enhancements are possible.

On the right side is the picture of MSConfig Utility. This time, I need you to put your focus on Startup section first.

The most important tab, is the last one: Startup. Here you can disable (and enable again....) startup items. If you are not sure, you better leave the item untouched, but you are free to experiment (you can always turn them on again).

If you have been infected by a virus, most times you can find the virus
here. To disable a virus you better run MSCONFIG in Windows safe mode (press F8 while restarting Windows), else the still active virus will reactivate your
action.

Above is shown how the automatic startup of the Windows Messenger has been disabled. The Command column shows the location of the application (which can give you information about what's the application for). The Location column tells you where you can find the place to delete the item permanently, most of the times it will be in the Windows Registry. It is important to realize what every item does, and to ask yourself the question whether you need that item. Many applications you will install place a link here (most of the times unasked), to make them fast accessible in the system tray.

Disk Cleanup: deleting unnecessary files

2006-11-23T21:22:00.000+08:00

To free some space on your hard disk for better purposes, you have to do a disk cleanup. With the Disk Cleanup utility (Start Menu, All Programs, Accessories, System tools) you have a build in tool to remove many unnecessary files from your hard disk. Select the C: drive and on the first tab check all items to delete.

However, the cleaning is not thorough, especially the 'temporary (internet) files' folders (used files from the last few days will not be cleaned)! It is better to clean them yourself as well, as shown below. Most files are system files and/or hidden, so make sure you can see those type of files in the Windows Explorer (Tools, Folder Options, tab View, enable Display the content of system folders, enable Show hidden files and folders, disable Hide extensions for known file types and disable Hide protected operating system files).

Nice Tips for MS Word 2003 Office - Part 1

2006-11-23T20:51:00.000+08:00

Listed here is some very useful tips for daily using of MS Word 2003. This is the part 1 which is really useful for workign with texts and paragraphs.

p/s: for those newbies to the PC....how to use these tips..press Ctrl button first, hold on and press also the another key i.e for shortcut purpose

Shortcut : Functions
Ctrl+A : Select all text in a document
Ctrl+Shift+A : Format selected text as all caps
Ctrl+B : Bold the selected text
Ctrl+C : Copy the selected text or object
Ctrl+Shift+C : Copy the format of the selected text
Ctrl+D :Display the Format Font dialog box
Ctrl+E : Center the selected paragraph
Ctrl+Shift+H : Apply hidden text formatting to the selected text
Ctrl+I : Italicize the selected text
Ctrl+J : Justify the selected paragraph
Ctrl+K : Insert a hyperlink within the selected text
Ctrl+Shift+K : Format select text as small caps
Ctrl+L : Left align the selected paragraph
Ctrl+M : Indent the selected paragraph from the left
Ctrl+Q : Remove paragraph formatting from selected paragraph
Ctrl+R : Right align the selected paragraph
Ctrl+T : Apply a hanging indent to the selected paragraph
Ctrl+U : Underline the selected text
Ctrl+Shift+D : Double-underline the selected text
Ctrl+Shift+W : Underline the selected words but not spaces
Ctrl+V : Paste cut/copied text or object
Ctrl+Shift+V : Paste copied format
Ctrl+0 : Add/Remove one line space before the selected paragraph
Ctrl+1 : Apply single-space lines to the selected text
Ctrl+2 : Apply double-space lines to the selected text
Ctrl+5 : Apply 1.5-space lines to the selected text
Ctrl+Spacebar : Remove selected text's manual character formatting

Sign of Spyware....

2006-11-22T21:24:00.000+08:00

If your computer starts to behave strangely or displays any of the symptoms listed below, you may have spyware or other unwanted software installed on your computer

- You can see pop-up advertisements all the time.
Some unwanted software will bombard you with pop-up ads that aren't related to a particular
Web site you're visiting. These ads are often for adult or other Web sites you may find objectionable. If you see pop-up ads as soon as you turn on your computer or when you're not even browsing the Web, you may have spyware or other unwanted software on your computer.

- My settings have changed and I can't change them back to the way they were.
Some unwanted software has the ability to change your home page or search page settings. This means that the page that opens first when you start your Internet browser or the page that appears when you select "search" may be pages that you do not recognize.
Even if you know how to adjust these settings, you may find that they revert back every time you restart your computer.

- My Web browser contains additional components that I don't remember downloading.
Spyware and other unwanted software can add additional toolbars to your Web browser that you don't want or need. Even if you know how to remove these toolbars, they may return each time you restart your computer.

- My computer seems sluggish.
Syware and other unwanted software are not necessarily designed to be efficient. The resources these programs use to track your activities and deliver advertisements can slow down your computer and errors in the software can make your computer crash. If you notice a sudden increase in the number of times a certain program crashes, or if your computer is slower than normal at performing routine tasks, you may have spyware or other unwanted software on your machine.
So, are you the victim?

Syware News!....Belive it or Not..

2006-11-22T21:09:00.000+08:00

This is the report based on the most of the analysis on the Net....Nine out of ten PCs are infected with spyware, new research has found.
After a fall in 2005, spyware infection rates have risen again to their highest level since 2004, thought to be spyware's heyday, according to a recent report by anti-spyware company.

According to the Webroot Company, during the second quarter of 2006, Webroot researchers found that 89 per cent of consumer PCs were infected with an average of 30 pieces of spyware, a slight increase from the first quarter of 2006.

New online channels, more sophisticated spyware technology and consumer reliance on free anti-spyware applications are all contributing factors.
Spyware has found fertile ground to propagate among new victims in social networking sites such as MySpace, according to the report.

Meanwhile spammers recognise the extra profitability of adding spyware to their email scams, and criminals are flooding the internet with an increased number of spyware websites to ensnare new victims.

With many PC users still relying on free anti-spyware, new generations of malware are able to avoid detection using more advanced technology, such as rootkits, Trojan downloaders, key-loggers and driver-level installers.

I bet, that consumers are not alone in suffering from an increase in spyware infections. More than 40 spyware-related security breaches were reported by companies during the past quarter.

Despite analyst estimates that 70 per cent of corporations use anti-spyware applications, infection rates among organisations suggest that these solutions may be inadequate.

The reports has shown that the number of this Spyware cases are quite scary...the UK has the worst infection rate in Europe with an average of 30.5 instances of spyware per PC. The global average is 24.5.

Latest Virus Threats!!!

2006-11-22T20:29:00.000+08:00

Sorry for the late update....Listed below are the latest threats....

Just found it some days ago...these are the "top of the line" virus that really threatening during last weeks....

Win32: Warezov family
Win32: Banker family
Win32: Tenga
Win32: Zlon-JN
Win32: Kapucen
Win32: Zlob-JO
Win32: Poli
Win32/ELF:BI
Win32:Neget
JS:Feebs family

Till this moment, I'd tested it with Avast Virus Cleaner...and it's very useful to fight with these kind of virus..I'll be back soon with more update on Avast Virus Cleaner..and also on How To Configure Your Antivirus....

Email Tips Part 2

2006-11-21T14:39:00.000+08:00

31.Don't send email attachments to mobile devices. If you know that a colleague will be using their mobile device to check email for an extended period of time, avoid sending him or her attachments. Send a snippet of text instead, if possible, or a URL where they can download when they have access to a laptop or desktop.

32. Use mobile email sparingly. Cellular wireless data plans often have a monthly bandwidth cap. Sending attachments (or receiving them) can be hazardous to your wallet. Some mobile email services function by letting you see that you have attachments, but others will automatically download. So for the sake of you and your colleagues wallets save the attachments for later. Productivity, Folders, and FilteringEmail is only a useful technology if it remains an efficient means of communicating. The dual threats of spam and disorganization make email less efficient, so overcoming those deficiencies is the theme of this section.

33. Respond promptly. Don't leave email unread for more than two days. Look at it immediately and either respond to it immediately, or -- after reading it -- move it to a "must respond" folder.
34.Repond promptly, part 2. Acceptable email response time for personal emails is 24 hours. Acceptable professional response time varies by industry. Know your expected response time and check your email accordingly.

35. Respond promptly, part 3. If someone sends you an excessively long email and you do not have time to respond to the entire email, respond with a brief email acknowledging its receipt and your intent to reply in more detail.

36. I go to pieces. If you receive an email which must be responded to in its entirety but requires a substantial investment in time to respond to, respond to it in parts. Quote each original point that you are responding to, so it is clear what you are referring to. Make it clear that you are responding in parts, or else the recipient may wonder if you missed the latter part of their message.

37. Exercise discipline. Check your email at regular intervals. Whether its every 5 minutes or
every 5 days, people need to be able to rely upon your response time, so come up with a schedule that works for you and stick with it.

38. Organize by Urgency. Email clients and web-mail applications like Hotmail and Gmail will allow you to sort your emails in the order with which you need to respond to them. Consider making 'Urgent', 'Must Respond', 'Personal', 'Information' and 'Misc' folders. Then move inbox messages accordingly. You can make this sorting process more automatic by applying filters to email addresses, so that your email client will do the sorting for you.

39. Be selective. Not every email you receive requires a response. 'FYI' and group emails, for instance, should be read and filed. Non-work-related email from strangers should be forwarded to your home email address for later consideration.

40. Be quick. Email you send at work should consist of questions if you need information, or declarative sentences if you are supplying it. At work, email is best used for the transfer of knowledge - chatty banter and essays are best saved for other venues.

41. Know your limits. Don't subscribe to dozens of free "tips" sites if you don't have time to read the items. If you feel must do this, for whatever reason, use a freebie email address for this or consider an RSS feed instead.

42. Cut to the chase. Sometimes a text chat is the best way to resolve a communication quickly, instead of sending a dozen emails back and forth. By keeping the bank and forth emails to a minimum, you keep your inbox under control and prevent the need to declare email bankruptcy and starting all over.

43. Do what the Gurus do. There are a number of great writers who focus almost exclusively on tips to keep you technologically organized. Some Gurus of note: Merlin Mann of 43-Folders, mentioned elsewhere in this article, and David Allen, author of Getting Things Done are good examples.

44. GTD - get things done. Don't move anything from your main inbox into a folder if you haven't read it yet. It's likely to stay that way. Read it, respond, and file it. That way, your main inbox holds only unread messages. Or at worst, those you haven't responded to yet. This makes it easier to "get things done" more efficiently, in terms of email-triggered tasks.

45. Be specific with email titles. An email's subject line is what enables its recipient(s) to appropriately handle it. The famed 'Re:' standing alone on a subject field is either spam, or a response to one of your less-informative titles. Specificity not only facilitates easy filing, but makes locating a given email in your sent box months after the fact (when you need to prove something, or again find that bon mot) a heckuva lot less time-consuming.

46. Use freebie accounts. Always use freebie accounts for all those "free" subscriptions you sign up for. No matter what they tell you, you will get unsolicited mail as a result, at some point in the future. And it'll clutter your inbox, making you less productive.

47. Blacklist Spam emails. Don't just delete the spam you get sent, blacklist it. By blocking the sender of spam emails you can drastically cut down on the total amount of spam you get. Surprisingly, a good amount of spam is from repeat senders, so a few months of diligent blacklisting can keep spammers at bay.

48. Enable spam filters. Most email clients, including freebie webmail types, have spam filtering that can be turned on or off. They are not 100% accurate, so you should make a habit of visually scanning your spam folder to ensure you haven't missed anything important. But that inconvenience is still worth leaving the filter on.

49. Ditch your spammed out email account. If you have a freebie account that is loaded with incoming spam, save all your important contact info, backup desired emails, then ditch the email address. Get another one and then notify all your contacts. Don't forget to update any websites where your address is published.

50. Prevent email overload. Kaitlin Duck Sherwood has a handy, quick guide to preventing email overload. One that is simple but effective is to say "no need to respond", or some such, if a response is not necessary.Email AttachmentsThe ability to attach documents has revolutionized the way in which we do business. Despite its benefits, however, attachments are one of the least standardized parts of emailing.

Hacking Email: A lot of Tips to make you more secure and productive - Parts 1

2006-11-21T14:32:00.000+08:00

When people read out a phone number, they use "phone rhythm." No one has to explain "phone rhythm," we all just seem to do it automatically, "…713...555...12…34". Similarly, when we answer a phone call we all say, "Hello." No one taught us to do that, but somehow we all seemed to pick it up.

So why is it that when it comes to emails, there are no accepted standards? Even though 6 billion emails are sent every day, almost no one agrees about simple things like email etiquette, how to organize a note, or whether emails are considered private or not.
The 99 tips in this article make up the best in email practices. From how to ethically use the ‘BCC:' to what attachments will make your mobile emailing compatible with everyone else's, this list covers everything you need to know about emailing.EtiquetteWe're all guilty of bad manners once in a while, but when it comes to emailing, some people are downright clueless.

1. Don't send private messages with the company account. If you want to send personal messages from work (and you should probably try to minimize this), use a freebie account like Hotmail, Gmail, Yahoo!, or Excite, if your office permits it. The content of your emails is less visible to employers through these accounts, so the private messages you send will stay private.

2. Use BCC if necessary. If you must send a group email to people who do not know each other, don't add their addresses to the form's CC field; this is one method spammers use to harvest email addresses. Instead, use BCC (Blind Carbon Copy) for their addresses, and put your own email in the form's "to" field.

3. Don't send form letters. Its impolite to send form letters, especially to your friends and colleagues unless they are all part of a group that is expecting them.

4. Don't forward chain letters. Just don't do it. Enough said. That includes the email that says that if you don't forward it to 10 people you'll die. I don't care how superstitious you are, don't send them.

5. Be professional. Ensure your work emails don't contain 'u', 'afk', 'ty', 'jk' and/or several million other texting @ chatroom acronyms. These developed because cell phones' keypads aren't well-suited to writing fully-formed words, sentences and paragraphs. In business communications, however, they may give the impression of childishness and illiteracy.

6. Be professional, part 2: Check tone. Be aware of the professional (or not) relationship between yourself and the recipient before starting an email. Use that to gauge what topics are appropriate to write or not, as well as the tone of your writing. This may be common sense to most, but you’d be surprised at how often the rule is ignored.

7. Be careful. Email is not private; it can be intercepted anywhere en route to its recipient. In addition, it can live on for years in recipient email boxes, later to return to its sender in choice quotations. Think before sending email you will later regret.

8. Cut down on sigs. Signature files, especially in business, should contain as few lines as possible. Four lines is a figure generally agreed-upon. Email that consists of a two-line statement and a ten-line signature will have its recipients rolling their eyes.

9. May I quote you? When you respond to an email, the original email is quoted. Cut the most relevant sentence from the message to which you are responding, preface it with a '>' (if it's not already there) and paste the quote above your response. Delete the rest of the original email from your response, unless you are responding to other points in the original.

11. Get clarification. If someone sends you an email that upsets you, make sure you haven't misunderstood. As mentioned previously, emotion and tone do not always carry over well in email. Instead of responding angrily, in your response, quote the portion of text that you are unsure of and ask the sender to clarify. Indicate what you think it means, if you like, then ask if you've misunderstood.

12. Don't spam friends. Occasionally, company mail servers go on the fritz and send forty-five copies of the same email to the recipient (personal experience). Even if it's not your fault, it is polite to apologize profusely to your friend, family, or roommate.

13. Consider the quirks of other email systems. For example, say that you have a friend with a Hotmail account and want to send a list of hyperlinks. Hotmail doesn't handle hyperlinks inside of an email very well. For example, you cannot easily copy the actual URL, without a bit of effort. So anyone used to tabbed browsing, such as with all recent web browsers (including, finally, IE7.x), may find it frustrating trying to open a link in a new tab or window. It's hard to know about all types of email systems, but some awareness reduces frustrating situations for recipients.

14. Respond to group email appropriately. If someone has sent a group email that requires a response, but only to the sender or a couple of parties, don't copy everyone on your reply.

15. Don't respond to every group email. More specifically, it is alright to sit out a thread of group conversation if you are not being addressed directly. However, read the emails carefully to make sure that you are not being expected to respond.

16. Respect email laws and regulations. Some countries have very specific rules about bulk emailing. If you use email to promote your business, you need to know the laws for not only your country but probably wherever you are emailing to. It's a tall order, given the global village of the Internet, but its importance cannot be overstated.
Communicating & EffectivenessNow that we've covered the basics of emailing with manners, it's important to make sure your intended message is actually getting across.

17. Use meaningful subject lines. Write something "meaningful" in the subject line, to give recipients a clue as to what your email is about. This is increasingly necessary to distinguish legit emails from spam. The latter's subject lines are are often deceptive.

18. Be brief. Do not send excessively long emails if at all possible. Try to summarize your information so that your recipients are more likely to read the email and actually respond. When possible, break long emails into numbered point form so that recipients can respond by reference number.

19.
Summarize. Precede a long email with a short summary.

20. Cheat with templates. In his Five Fast Email Productivity Tips, author Merlin Mann recommends 'cheating' -- using templates and form letters - when you find yourself answering (or asking) the same questions repeatedly. A good percentage of first-year college students learn to do this when writing email to family, friends, and significant friends back home.

21. Use 'Reply All' when necessary. Usually, the common advice is to not use "reply all" if other recipients of a group email do not need your response. But forgetting to use "reply all" when appropriate is simply inefficient. If the vast majority of a group needs to hear a message, writing in individual emails addresses will waste your time and increase the chances that you’re going to leave someone important out of the email.

22. Remember the telephone. Unless you need a written record of a given communication (or if the person you're communicating with is long distance), consider calling (or sending a letter to) your intended recipient instead of an email. People often default to writing an email because it is quick and easy; but sometimes a handwritten letter or phone call can provide the personal touch your communication really needs.

23. If it's urgent, say so. Writing 'URGENT' in front of your email's subject will make it stand out from the crowd, and most likely get timely attention from the recipient. Make certain it is urgent, however; remember how much attention was paid to the boy who cried wolf when his cries really mattered.

24. On vacation? If you will be out of your office for a lengthy period of time, set up an autoresponder to inform whomever emails you of your absence and your expected return. This is polite (the message is only sent to a given email once), and it prevents a lot of "I'm waiting for your response" emails. A quick warning, however, to not use an autoresponder for your home email; you shouldn't advertise an empty house.

25. Use smileys. If you think that something you've written might be misunderstood in tone or emotion, use the appropriate smiley. It should be obvious, but this tip does not apply to work or other professional emails, or if the person doesn't know you already.

26. Proofread. There is a difference between typos and poor writing. Poor writing improves with practice. Typos stay typos unless you take the time to eliminate them. If you are applying for a job or freelance gig, it's especially important to prufreed before you send that email. And as if you needed another reason to be concise, remember that the chance of typos is directly proportional to the length of your email.
Mobile Email

27. Know your limitations. Mobile email is best for very dexterous people. It isn't always the most productive way to communicate for everyone. Reading emails via mobile is fine, but if you don't have the thumb dexterity to use the keypad to respond, save your thumb the pain and just handle your emails on a computer.

28. Use voice-to-text. There are mobile applications out there that will convert your spoken word to text, which you can then use for mobile email responses. Because this technology is just starting to go mainstream, if you want it you are going to have to shop for phones specifically with voice-to-text capability.

29. Duplication of email, or lack thereof. If you plan to access email from both a mobile device and a computer, keep in mind that some email servers and client software download each email to the device you are using, and delete it from the server. This could be hazardous to your career, if you access with a mobile device, read it, and then delete it with the intent of responding from a computer later. So make sure that you know how your client handles the mobile/computer divide.

30. Be exclusive. It's best to set up a separate email account for your mobile devices. If you plan to be away from a laptop or desktop for an extended period, you can redirect your regular email, with full filters on. Use this email account only for your mobile device. By having to separate accounts you can make sure to send all your subscriptions and other large regular emails to your main account. You can also sign up for new products with the computer account to make sure you won't get spammed, before you have those emails come to your mobile account.

What is Browser Hijackers

2006-11-20T08:02:00.001+08:00

Browser Hijacking is caused by malicious code which can alter your browser settings without your knowledge. Browser Hijackers are extremely common.Here's a list of the typical effects a Browser Hijacker can have on your system.
* Altering the Homepage, Search Page of your browser.* Changing various options in your Internet settings.* Blocking access to certain functions (parts or all of the internet options screen, registry editor etc)* Changing to reset (iereset.inf) file to prevent user being able to reset web settings within the internet explorer options screen.* Automatically add sites to your trusted zone* Hijack of URL prefixes, therefore if you enter a site in your browser without a prefix (ie google.com), internet explorer automatically appends http:// to the address.* This function can be abused to redirect you to any site if you omit the prefix* Altering your winsock list of providers used to resolve domain names.* Adding a proxy server so all your traffic could be intercepted.* Altering your user stylesheet (normally used for visually impaired users), thereby changing the way websites appear.

What is Viruses

2006-11-20T08:01:00.001+08:00

A piece of programming code usually disguised as something else that causes some unexpected and, for the victim, usually undesirable event and which is often designed so that it is automatically spread to other computer users. Viruses can be transmitted by sending them as attachments to an e-mail note, by downloading infected programming from other sites, or be present on a diskette or CD. The best protection against a virus is to know the origin of each program or file you load into your computer or open from your e-mail program.

What is Trojans

2006-11-20T08:00:00.000+08:00

A program that comes in secretly and quietly, but it carries a destructive payload. Once you become infected by the worm or virus that that Trojan carries into your computer, it can be very difficult to repair the damage. Trojans often carry programs that allow someone else to have total and complete access to your computer. Trojans usually come attached to another file, such as an .avi, or .exe, or even a .jpg. Many people do not see full file extensions, so what may appear as games.zip in reality could be games.zip.exe. Once the person opens up this file, the Trojan goes to work, many times destroying the computer's functionability. Scary, eh? You can read more about this here, on our Trojans, Viruses, and Worms reference page. Your best line of defense is to NEVER accept files from someone you don't know, and if you have any doubts, then do NOT open the file. Get and use a virus detection program, such as Inoculate and keep it updated regularly.

What is Adware

2006-11-20T07:59:00.000+08:00

Adware is usually a freeware displaying advertising banners within the program interface. The developer creates revenue by selling advertising space in the software product, instead of you having to pay for it. Occasionally, some Adware will also act as spyware which includes information gathering code to send non-sensitive information back to third parties. Some people think that Adware are same as spyware, but Adware isn't necessarily spyware. While legitimate adware companies will disclose the nature of data that is collected and transmitted in their privacy statement, there is almost no way for the user to actually control what data is being sent. In addition to privacy concerns, frequent downloading of advertisement banners and other ads while the user is browsing can slow down the system immensely and for users paying for dialup services by time used, ad-loading and hidden communications with servers can be very costly.Most of the time, if you prefer a "non advertised" product, you have the option to purchase a version that does not display any banners.

What about Spyware

2006-11-20T07:58:00.000+08:00

Spyware is defined loosely as any program that secretly gathers information about you and or your computer use through your Internet connection. Typically, a Spyware program gathers information about you by monitoring your computing activities and then transmits it across the Internet to a central server for onward distribution to interested parties for advertising purposes. These programs can also download files, run other programs in the background, and change your system settings.In addition to violating your privacy and potentially damaging your system, Spyware can slow your computer down by stealing processing time from the CPU. Even though the name may indicate so, Spyware is not an illegal type of software in any way as yet. However there are certain issues that a privacy oriented user may object to and therefore prefer not to use the product.Another potential problem is that many are poorly written, may contain programming bugs and errors and can cause problems with the normal operation of your computer. One of the causes of your web browser hanging and crashing frequently with those "General Protection Faults" may be due to one of those badly written Spyware programs interfering with its normal operation.

What is Malware

2006-11-20T07:55:00.000+08:00

What is Malware, Malware -short for MALicious softWARE- is a term used to broadly classify a form of software which is installed in a computer system mostly without the owners permission with malicious intentions. It includes Trojans, viruses, key loggers, malicious active content, rogue programs and dialers among others.There is another form of software which may be termed as "Trackware", -because they track, store and analyze your browsing patterns thereby compromising your privacy on the World Wide Web. They are probably less malicious, but unwanted at the same time. It includes Spyware, Web bugs, tracking cookies, and "forced" adware.