Bienvenido! - Willkommen! - Welcome!

Bitácora Técnica de Tux&Cía., Santa Cruz de la Sierra, BO
Bitácora Central: Tux&Cía.
Bitácora de Información Avanzada: Tux&Cía.-Información
May the source be with you!

Thursday, February 26, 2009

Rapidshare search

Rapidshare & Firefox switchproxy

Source
Tired of waiting 1 hour to download the second file of a file that someone has shared online?
Install the Firefox plugin switchproxy  (browser) that has only one job and that is to change your IP Adress by using and changing to different proxys.
You can easily manage your proxy lists and click the one you want to use, and so on, till you download all the files in rapidshare or at any other free file storage/share hosts servers.


RapidShare Hack

Crack and Disable RapidShare download limit
RapidShare also limit free users, based on their IP address, to certain download limit, and after reaching the limit, RapidShare will block your IP address. To overcome RapidShare download limit, since it’s based on IP address, the techniques to change or mask the IP address will come in useful to hack the RapidShare.
There are several ways to change your IP address (or at least showing different IP address to RapidShare). Whatever ways, you need to clear your web browser’s cookies first.

1. Request new IP address from ISP (for dynamic IP address Internet users only)

  1. Click Start -> Run
  2. Type cmd in the Open box, then click OK.
  3. At the command prompt, run the following commands one by one:
    ipconfig /flushdns
    ipconfig /release
    ipconfig /renew
    exit
  4. Try to download from RapidShare again.
  5. Note: It’s possible to put all the commands above into a batch file and simply run the batch file to complete the IP changing process. To create the batch file, use Edit in command prompt or Notepad, copy and paste the above commands into the editor, and save the file with extension of .bat or .cmd (for Notepad, change the File Type to All File too).

2. Use a proxy server, or a different proxy server
You can get a list of available public proxy server easily by searching “proxy server” in search engine such as Google or Yahoo!. Choose a proxy server and note down its IP address and port number.
In Internet Explorer, go to Tools -> Internet Options -> Connections -> LAN Settings. Select (check) the option of Use a proxy server for your LAN. Then key in the proxy server IP address and port in respective box. Click OK to continue.
In Mozilla Firefox, go to Tools -> Options -> Connection Settings. Then select (click) Manual proxy configuration and key in proxy server information. Click OK to continue.
Obviously, once you hit the download limit, you will need to change the proxy server again. There are tools that help you to switch the proxy server automatically. In Internet Explorer, try Steganos Internet Anonym 2006 from Steganos or Hide IP from V7soft. In Firefox, use the SwitchProxy extension. Both software allow you to change the proxy server easily, with just few clicks.

Wednesday, February 25, 2009

Steps removing problem or viral files

Sophos Anti-Virus for Windows
While in most cases it is possible to remove threats centrally with Enterprise Console, or locally with Sophos Anti-Virus or a command line scanner like SAV32CLI, sometimes the problem keeps coming back.
These instructions assume that the affected computer is running Windows 2000, Windows XP or Windows 2003, but many of the steps are similar for Windows 95/98/Me and Windows NT. The methodology would also be similar for other operating systems.
The word Trojan is used here to cover any worm, virus, Trojan or other unwanted application that is proving difficult to remove.
What to do
While cleaning the infected computer, use an uninfected computer for internet searches, downloading utilities, etc. Save any tools to floppy disk or CD, then write-protect the disk or, on a CD, close the session before taking the CD to the affected computer.
1. Survival or reinfection?
First, you need to know whether the computer is being reinfected from outside, or if the Trojan has somehow survived the scan on the computer. Read the virus analysis for possible clues to the problem, and check the following:
  1. Is the computer linked to the internet?
  2. Is the computer linked to the local network (LAN)?
  3. Have you removed or disabled any wireless network cards?
  4. Is a USB card, removable drive, or other peripheral with a memory, plugged into the computer?
  5. Have you checked that there are no CDs or floppy disks in its drives?

Unplug the computer from any networks, including the internet, and remove any cards, drives, disks and peripherals. Then repeat the scan. If the Trojan is removed, ensure that your computer is fully patched, and that all of your security software is up to date. See Returning your computer to normal use.
If the computer is already completely isolated from other computers and external media, and it is still infected when rebooted, or files can't be removed in Safe Mode with Command Prompt, go straight to part 5.
2. USB card or removable drive
It is possible that the source of infection is on media that you may not be scanning, and that access to that medium takes place when the computer starts up. Media to check for include USB cards and removable drives. To be completely safe, also detach mobile phones, digital cameras, printers, and other peripherals with memories.

  • Remove the medium.
  • Run another scan.
  • Check to see if the computer is reinfected when it reboots.
  • If it is not, either reformat the relevant card or drive, or carefully disinfect it on another computer. Where possible, use a computer with a different operating system, like a Mac.

If the problem appears to be another piece of equipment, restart it. Then check any memory cards, etc. that it uses. Backup any data on the card (e.g. photos to CD), then reformat the memory card.
Your phone, camera, etc. cannot be affected by the Trojan; it is acting as an immune 'carrier'. So take your time when backing up your data.
If the Trojan is removed, ensure that your computer is fully patched, and that all of your security software is up to date. See Returning your computer to normal use.
3. Local network
If there are any other computers on your network, check them for Trojans. Ensure that you scan shared folders or directories used by other computers, for example, shared folders on Macs, Samba shares on Linux computers, or NetWare shares.
If the Trojan is removed, ensure that your computer is fully patched, and that all of your security software is up to date. See Returning your computer to normal use.
4. Reinfection from the internet
If infection appears to have come from the internet via a wireless card, or through a cable, you will need to block the source of infection before going back to the internet.

  • Wireless cards and networks
    You will need to perform a complete security check of your network. For a start, change the username and password from the defaults for your router, and ensure that you use a strong password. Check your wireless system documentation, the Microsoft website, and the internet generally for hints on hardening your wireless network. This is a fast moving sector. Useful search terms are 'wireless', 'security' and 'wi-fi'.
  • Internet connections
    If your computer is becoming reinfected from the internet, check the security of your internet connection. As well as anti-virus software, you should also use a firewall, particularly with 'always on' connections like ADSL or other broadband systems. Either use a software personal firewall, or a use router which also acts as a firewall. Do not get a firewall/router with wireless networking unless you need this feature.

If a browser hijacker has infected your computer, you could install an alternative web browser before using the internet again. Do not import settings and saved pages when doing this.
See below for other hints on counteracting the effects of browser hijackers.
5. Problems resident on the local computer
If the problem file lies on the local computer, you need to know if it could not be deleted, or if it is somehow recreating itself.
Before you follow the advice below:

  • Where possible, back up all of your data (documents, spreadsheets, photographs, email address book etc.) to CD or other media.
  • Print out the full description (including the advanced section) of the analysis for the threat that is affecting your computer.

It may prove quicker to back up your data and reinstate your computer to its original state than to fully reverse the effects of a Trojan. See reinstalling Windows.

  1. When you run a scan with SAV32CLI in Safe Mode with Command Prompt, can you detect the Trojan? If you can't, go to part 7.
  2. If the Trojan is detected, can you delete the file? If you can't, go to part 6.
  3. If you have got rid of the files, but problems persist, go to part 8.

For more information on using Safe Mode with Command Prompt, see basic DOS commands.
6. File not deleted

If the file could not be deleted by a scan in Safe Mode with Command Prompt, it is being held open by the operating system, or it is in System Restore.
On Windows XP or Windows Me, you can purge System Restore at the command prompt.
You might be able to remove the file manually by using the Windows recovery console:

Alternatively, in some circumstances you can prevent the file from starting when the computer boots. See registry entries below.
7. File not detected

Threat files are usually executables (programs). However, there are some tricks that can be used to convert another file type into an executable file before running it. If a scan of executable files in Safe Mode with Command Prompt does not detect the threat file, try an 'all files' scan that does not delete anything first time around.
To run a logged 'all files' scan with SAV32CLI type
SAV32CLI -ALL -P=C:\LOGFILE1.TXT

Take care if you remove files with an 'all files' scan. You might remove mailboxes with one infected email in them, or archive files containing only one infected file among many others. Moreover, such files are unlikely to have been the source of infection. To remove and log files with an 'all files' scan, type
SAV32CLI -ALL -REMOVE -P=C:\LOGFILE2.TXT

For extra information on using SAV32CLI, see Scanning options with SAV32CLI.
Once you have got rid of the file, you should still try to find out what was starting it. This will reduce the chance of reinfection. See below.
8. Removing registry entries

Registry entries will probably have been added or changed by the Trojan. These could call something that you can't find.

  • Please read the warning about editing the registry.
  • You can access the registry in Safe Mode with Command Prompt by typing 'regedit', or 'regedt32'.
  • Check the virus analysis and remove any entries that are said to have been created by the Trojan.

If you cannot remove any particular registry entry, change the permissions on that entry, and then remove it.
If you can't open the registry, and the virus analysis says that a particular registry entry might prevent you from doing so, copy and import that entry from an unaffected computer. If you can now get access, remove the other entries.
9. Changing registry entries

Where the Trojan has changed a registry entry

  • check the virus analysis for which registry entries are affected
  • copy the changed entries from another computer
  • import the entries.

Ensure that you import the entry from a computer with exactly the same operating system as the affected computer.
This may work even if you cannot otherwise obtain access to the registry.
10. Other methods of starting
Check any copies of the following files for references either to the Trojan, or to websites it uses:

  • autorun.inf
  • HOSTS
  • autoexec.bat
  • config.sys

If necessary, copy them to a floppy disk, make a backup, edit them in Notepad on another computer, and then replace the originals on the affected computer.
11. Disk Cleanup and System Restore
Use Disk Cleanup to remove the temporary files that something might be hiding in. Type the following at the command prompt, then follow the on-screen instructions:
Cleanmgr

Ensure that the following are selected for removal:

  • Downloaded Program Files
  • Temporary Internet Files
  • Temporary Files
  • Recycle Bin

Trojans can also hide in the System Restore files on Windows XP and Windows Me. To access System Restore in Safe Mode with Command Prompt on Windows XP, type
\system32\restore\rstrui.exe

where is the name of your Windows folder (usually 'Windows' on Windows XP). Then purge and reset System Restore.
12. Returning your computer to Windows
When you restart your computer in Windows for the first time after disinfecting, you can disable the startup applications by holding down the shift key when logging on. Check your startup folder and start menu.
Run another scan with anti-virus software for a final check.
13. Returning your computer to normal use
Before returning your computer to normal use, check the following:

  • ensure that your computer is fully patched (use Windows Update and the Microsoft Baseline Analyzer)
  • check that all of your security software is up to date
  • check your firewall (install a hardware or personal firewall if you haven't already got one)
  • check that your shared folders are only accessible to the people you want to use them
  • check the Windows Security Center settings in Windows XP, including those of the Windows Firewall.

You can only use Windows Update with Internet Explorer version 5 or above. If necessary, use another computer or browser to download the patches and service packs that you need from the Microsoft Download Center. Then save them to CD, and install them from there.
14. Browser hijackers
Some Trojans hijack your web browser (usually Internet Explorer) so that your computer will visit their website and become reinfected.
Try the following

  • Temporarily install a different web browser, and set it as your default browser, until you have sorted out the problem. Do not import any settings or saved pages when installing.
  • Search for the file 'Iereset.inf' and replace it with a copy from another computer with exactly the same operating system. If present, this file will be in one of the Windows folders.
  • You can access many of the Internet Explorer settings from within Safe Mode with Command Prompt. At the command prompt, type:
    Inetcpl.cpl
    Select the Programs tab and click 'Manage Add-ons' to disable unwanted plug-ins.

15. Useful tools and information
The following Windows tools are useful when troubleshooting:
Msconfig
This configuration tool is available in Windows XP and Windows 98, but not in Windows 2000. To run it in Windows, select Start|Run, and type
Msconfig
Msconfig allows you to do the following
  • You can disable programs that run on startup in the Startup tab.
  • To identify all non-Windows services, click the Services tab and select 'Hide All Microsoft Services'. The remaining services do not belong to Windows (most of them will belong to your legitimate software).
  • If Windows will not restart in Safe Mode, you can set this in the BOOT.INI tab. Select '/SAFEBOOT/' and 'Minimal'.

Msinfo32 and Winmsd
Msinfo32 and Winmsd will generate detailed reports on your system that can be useful in troubleshooting. One or the other works in Windows 2000, XP and 2003. To run them in Safe Mode with Command Prompt, type 'Msinfo32' or 'Winmsd'.
Information sources

The following Microsoft articles and tools can be used to help secure your computer:

Finding files at the command prompt
If you need to find a file in Safe Mode with Command Prompt, type:
C:
CD \
DIR /S
This takes you to the root of the C: drive, then searches for the file the root folder and all its subfolders. To search for the file in all folders even if it has the attribute 'hidden', type:
DIR /S /AH

For more information on using the command prompt, see basic DOS commands.
16. If you need to contact Sophos
If you still can't remove the Trojan, and are contacting Sophos about it, answer as many of the following questions as possible when contacting us. This will enable faster analysis of the problem.
Basics

  1. What does Sophos Anti-Virus detect the problem file(s) as?
  2. What operating systems are the computers running?
  3. How many computers are affected?
  4. Where (which folder) is the problem file detected?

Method of survival

  1. If the Trojan can be removed but comes back, when does it come back?
    • even when the computer is isolated from all networks?
    • at the point when the computer is reconnected to the network?
    • when an application (e.g. Internet Explorer) is launched?
  2. Is the file locked so it can't be removed (either with SAV32CLI or manually)?

Other points

  1. Can you kill (stop) the Trojan process in Task Manager? Does the Trojan then restart?

Logs and other information sources

  • Include any relevant Msinfo32 or Winmsd report.
  • Include your SAV32CLI or other scan logs.

New threats

If you think that you have got a new type of Trojan, or the file that you are having problems with is of the type '-Fam' or '-Gen', send us a sample.


Reinstalling Windows
You might find it easier to reinstall Windows than to cope with the side effects of Trojan infection. Before reinstalling, back up all of your data (e.g. to CD or DVD) - you never know which bits you will need.
You could have three different types of original system disk
  1. a Windows CD from Microsoft
  2. a manufacturer's recovery CD
  3. recovery CDs or DVDs that you made yourself when you first installed the computer.

The last two types will remove all of your existing data when you restore your computer. This will get rid of the Trojan, but it will also remove all work that you have done on that computer, and any programs, drivers, service packs and patches that you installed.
If you 'reinstall' from a Microsoft Windows CD, it may perform a repair, rather than running a reinstallation. This could leave an active Trojan on the hard drive. In these circumstances, reformat your hard drive before installing Windows. This will remove the Trojan along with any programs, drivers, service packs and patches that you installed.
Once you have reinstalled Windows, ensure that your computer is adequately protected before returning it to normal use.
If you need more information or guidance, then please contact technical support.

Tuesday, February 24, 2009

Forgotten Administrator Password

Source
I have often ran across computers that I needed to gain access to for data recovery, but I didnt have the administrator password to access the hard drive. Since in many situations, there is just one administrator account I can't log into another administrator account and change the password so I have to rely on other methods. I could put the hard drive into another computer as a slave and gain access (sometimes) or I could try installing a second copy of the operating system in parallel and gain access but there must be a better way.
That way is to try to reset the administrator password to something you do know and allow you to access to the user profile and the data. In most cases, this is the best solution. However, you have to make sure the data is not encrypted using the Windows XP Encrypting File System (EFS) or other encryption. If the data is encrypted, you probably will not be able to gain access to those encrypted files by changing the administrator password.

Petter Nordahl-Hagen's Offline NT Password & Registry Editor
This is absolutely one of the best free tools to reset the administrator password and gain access that I have ever used. It modifies the encrypted password in the registry's SAM file allowing you access to the account in Windows NT/2000/XP/2003/Vista systems.
There is an image file to create a bootable floppy disk or bootable CD to modify the admin password and access NTFS partitions. You do not need to know the old password to set a new one. It will also offer to unlock disabled or locked user accounts (a very helpful feature). The program was just updated on April 9, 2007 to include Vista support.
Please visit the site by clicking on the link below to download a CD image or floppy image of this great program.
http://home.eunet.no/pnordahl/ntpasswd/
LoginRecovery.com
Another option is to decrypt the password and show you the actual administrator password. A great site for doing this is loginrecovery.com. Basically, you download a small program to extract the password from the computer, then you submit the encrypted password file to their site and they will recover the lost password. Of course, you need a computer with Internet access to upload the file and find the password.
With this option, the administrator password is not changed so you wont lose access to EFS encrypted files. Visit their site by clicking below
http://www.loginrecovery.com
Although there are probably other options to recover an administrator password, I find the two option shown above to be the quickest and easiest ways to either change or discover the password and allow you access to the user profile and data stored on the hard drive.

Redirecting mydocs folder for all users in a domain

Source
Log in to the Domain Controller machine.
Go to Start->Administrative tools -> Active directory users and computers
This will open a console. In the left side pane, you can see a node with the domain name. Right click on it and then click on properties. Now it will open a new window on which we need to select the "Group policy" tab. Now select the appropriate group policy object in the list and then click on 'edit'. Now this will open group policy object editor.

Next go to User Configuration->Windows Settings->Folder Redirection
Right click on "My Documents" and click properties. This will open a window like below.
Now you can configure My documents redirection by selecting either the basic or advanced in the setting combo box. Basic allows you to redirect every user's my documents folder to a sub folder under a single root share whereas Advanced allows to specify each user group's target to a different share. After setting this click Apply and OK

Reinitializing the cache

Source

How can I delete all the files from the cache?

or How can I reinitialize the cache?


There are 2 ways to do it.

1)By changing the registry.

Add a new value named 'FormatDatabase' under HKLM\Software\Microsoft\Windows\CurrentVersion\NetCache. From command line, you can do it as below.

cmd> REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\NetCache /v FormatDatabase /t REG_DWORD /d 1 /f

Cache will not be reset with every reboot of the machine as the FormatDatabase value will be deleted from the registry after the first reboot.


2)Go to My computer -> Tools -> Folder Options -> Offline Files

Press CTRL+Shift and click on Delete Files

Note that in both the ways cache will be deleted only after restarting the machine.

The share I made offline has been moved to a new server but offline files is trying to synchronize with the old server. Is there any way to make it sync with the new server? I do not want to delete the files and begin everything from scratch with the new server?

There is a tool called csccmd.exe to do it.

Command:

csccmd.exe /moveshare:\\oldserver\oldshare \\newserver\newshare


Note that this command does not move the data from the old server to the new server. It just updates offline files tables with the new share path. You need to ensure that you have all the data copied to the new server before you run the above command.


My offline files folder is in c:\windows. My c:\ drive has become full, I want to move the csc folder to e:\drive which has lot of free space. I also want to copy the existing files to the new location. How to do it?

You can move the CSC folder to a new location by changing the value of 'DatabaseLocation' under

HKLM\Software\Microsoft\Windows\CurrentVersion\NetCache

From command line, you can do it as below.

cmd> REG ADD HKLM\Software\Microsoft\Windows\CurrentVersion\NetCache /v DatabaseLocation /t REG_SZ /d /f

This just changes the offline files folder location for future. The old files which were copied in the past will still be in the old location and Offline files will not consider those files as offline. To move the already cached files to the new location use the tool cachemov.exe

Cachemov.exe can be downloaded from http://www.computerperformance.co.uk/ScriptsGuy/cachemov.zip

Below is a snapshot taken while cachemov.exe is executing.



32-bit Windows or 64-bit Windows?

Source
The Microsoft® Windows® Malicious Software Removal Tool is different for 32-bit Windows and 64-bit Windows. Here is how to tell which you are on.

Vista

Option A: Control Panel

  1. Click Start, type system in the Start Search box, and then click system in the Programs list.
  2. Either 64-bit Operating System or 32-bit Operating System appears for the System type under System.

Option B: System Information Window

  1. Click Start type system in the Start Search box, and then click System Information in the Programs list.
  2. Select System Summary in the navigation pane; either x64-based PC or x86-based PC appears for the System type under Item.  x86 is the 32-bit system.

Windows XP

Option A: View System Properties in Control Panel

  1. Click Start, and then click Run.
  2. Type sysdm.cpl, and then click OK.
  3. Click the General tab. Under System, if you see Microsoft Windows XP Professional x64 Edition Version you have a 64-bit system.  If you see only Microsoft Windows XP Professional Version it is the 32-bit system.

Option B: View System Information window

  1. Click Start, and then click Run.
  2. Type winmsd.exe, and then click OK.
  3. Select the System Summary in the navigation pane.
  4. Locate Processor under Item in the details pane.
    • If Processor value starts with x86, it is the 32-bit system.
    • If Processor value starts with ia64 or AMD64,it is the 64-bit system.

Windows Server 2003

Option A: View System Properties in Control Panel

  1. Click Start, and then click Run.
  2. Type sysdm.cpl, and then click OK.
  3. Click the General tab. Under System, if you see ;Microsoft Windows Server 2003 Enterprise x64 Edition you have a 64-bit system.  If you see only Microsoft Windows Server 2003 Enterprise Edition it is the 32-bit system.

Option B: View System Information window

  1. Click Start, and then click Run.
  2. Type winmsd.exe, and then click OK.
  3. Select the System Summary in the navigation pane.
  4. Locate Processor under Item in the details pane.
    • If Processor value starts with x86, it is the 32-bit system.
    • If Processor value starts with ia64 or AMD64,it is the 64-bit system.

Removing Downadup / Conficker Virus

Source
I've been able to recover several PCs using a few simple tools. But it make take time for these to run. Do not be fooled if your anti-virus software declares your system 'clean.' We constantly update this page with the latest fixes - please contact us with yours at www.downadup.com!

Latest Fix You can first try the Microsoft Windows Malicious Software Removal Tool (KB890830). If you have this virus, you may find all sites hosting tools that can help you may be blocked. Normal download of the removal tool: Windows x86 Windows x64

Since "microsoft.com" may be blocked, try accessing the tool via Microsoft's content distribution network:
http://mscom-dlcecn.vo.llnwd.net

For Vista x64, Windows XP x64 and Windows 2003 x64 computers, use:

http://mscom-dlcecn.vo.llnwd.net/download/2/C/5/2C563B99-54D9-4D85-A82B-45D3CD2F53CE/windows-kb890830-x64-v2.6.exe

If you aren't sure if you are running 32-bit Windows or 64-bit Windows, check here.

Server and Network Troubleshooting Extreme Security has posted a battle-tested approach to fighting downadup in a networked environment with additional steps and assistance. If you are in a networked environment, review his case study before continuing.

Use OpenDNS To Stop Badware From Calling Home
OpenDNS is a free service that now fights Downadup / Conficker. We've used OpenDNS for years to block malware, porn, and other sites at our home computers. OpenDNS provides free security and infrastructure services for integrated Web content filtering, anti-phishing and DNS.
Its relatively simple to switch your home or business network to OpenDNS.
Scan for Remaining Infected Files and Drives
At this point, you should be able to update your antivirus software. If it is still not functioning, try the free ClamWin program for Microsoft Windows 98/Me/2000/XP/2003 and Vista. ClamWin Free Antivirus comes with an easy installer and open source code. You may download and use it absolutely free of charge. It features:

  • High detection rates for viruses and spyware.
  • Scanning Scheduler
  • Automatic downloads of regularly updated Virus Database
  • Standalone virus scanner and right-click menu integration to Microsoft Windows Explorer
  • Addin to Microsoft Outlook to remove virus-infected attachments automatically

Your Windows Registry is still messed up at this point - your computer is not fixed! Make sure to continue on. Restart Windows in normal mode.

Fix Windows Registry Issues This and many other viruses modify your Windows Registry. Most users already have Registry problems. The Windows registry is a directory which stores settings and options for your operating system, hardware, software, and user settings. First, try using the free scan from RegDefense to check your registry.
... more

Product key [$winnt$.inf]

Manual Retrieve Product Key for Windows XP and Windows 2000 from $WINNT$.INF file

$WINNT$.INF located in \Windows\System32 folder is the file that used by Windows installer to perform unattended or automated installs of Windows NT, 2000 or XP. If the file exists, and you have the administrative rights to access the file, the Windows product key can be found and viewed under the section [User Data] (usually at the top), under the name of ProductKey or ProductID.

Process Unlocker

Source


    It has many other flavors:

    Cannot delete file: Access is denied
    There has been a sharing violation.
    The source or destination file may be in use.
    The file is in use by another program or user.
    Make sure the disk is not full or write-protected and that the file is not currently in use.

Unlocker is the solution!

STPI

SCSI Pass Through Interface
INFO: SCSI Pass Through Functionality and Limitations
On Windows NT and Windows 2000, the interface used in an application to send SCSI commands to a SCSI device is called SCSI Pass Through (SPT). A Win32 program uses DeviceIoControl with the IoControlCode of IOCTL_SCSI_PASS_THROUGH or IOCTL_SCSI_PASS_THROUGH_DIRECT.
Source
You need administrative privileges to use SPTI
SPTI is available to Administrators only. Microsoft designed it like this, don't blame me!
Here is a quick workaround for those people wanting to stick with SPTI
  • Log in as an Administrator
  • Click 'Start' -> 'Run'
  • Type 'secpol.msc' and hit OK
  • Expand 'Local Policies'
  • Click 'Security Options'
  • Change 'Devices: Restrict CD-ROM access to locally logged-on user only' from 'Disabled' to 'Enabled'
  • Close the 'Local Security Settings' window
  • Log on as your restricted user and try again.
Note: Only tested on XP and Server 2003. Wording may differ on other operating systems.
If you're not bothered about sticking with SPTI, Install ASPI or an application that installs ElbyCDIO on your machine - i.e. CloneDVD*. Then go into the settings and on the I/O tab, select the appropriate 'Interface'.
*CloneDVD can be downloaded from www.elby.ch

DVD Burner and SPTI issues in XP Home Edition SP3

RapidShare search engines

Source
RapidShare is a popular choice to host files online for free. RapidShare has generous limits (200MB file upload limit) even in a free account. To download a file, simply use the link for the file. If you want to share files with friends, upload the file to RapidShare and send the links to download.

Rapidshare Search engines

RapidShare can be really useful if you know how to get the right files. On RapidShare, you can get every type of content you could possibly dream of - warez, songs, pirated content, pr0n etc. One feature they miss (and I wonder why) is searching for files. You could use complicated Google search operators, but to make your job easier, here are the best search engines to search for content you need, on RapidShare. Simply type your search terms and hit enter - just like Google.

Among the above, SearchShared can be used to search on many other sites (simply tick the ones you want). RapidShareLink has the best design. ShareMiner has a Firefox plugin, so if you use Firefox, you can search for Rapidshare files from within Firefox.

Saturday, February 21, 2009

Bbest websites to download free ebooks

Source
  1. Download Free ebooks
  2. Free ebooks
  3. Download ebooks
  4. Search free ebooks
  5. Websites to download free ebooks
  1. Free Ebook Links

  2. Book Gold Mine
  3. Free Ebook Down
  4. Online Computer books
  5. Free Computer Books
  6. 4ebooks (computer programming ebooks)
  7. Get Free Ebooks
  8. Bookyards
  9. PDFoo (PDF search engine)
  10. Ebook 3000
  11. Ebook Lobby
  12. Filebook
  13. Ebook Space
  14. Ebooks Download Free
  15. WitGuides
  16. Tech Books For Free

Download Ebooks for your iPod, Smartphones

  1. Manybooks
  2. Feed Books
  3. Booksinmyphone
  4. TextOnPhone [iPhone-only]
  5. Memoware

Ares Galaxy

Website
Software original -sin "extras"

P2P SOFTWARE USER ADVISORIES
Copyright Infringement Liability - P2P technology makes it possible to share all kinds of information. Some information is protected by copyright, which means that you generally need the copyright owner's permission before you make it available to other P2P users. Popular music, movies, games, and software are often protected by copyright.
Copyright infringement can result in significant monetary damages, fines and even criminal penalties. Some copyright owners have filed civil lawsuits against individuals that they believe unlawfully distributed large numbers of copyrighted songs. You can learn more about copyright laws at www.p2punited.org/copyright.php.
Click here for information about how this P2P software application can help you avoid committing copyright infringement.
Data Security - P2P software programs let users share information with other users around the globe. They allow users to view the contents of each others' "shared folders." If you have personal information in your shared folder, anyone else using the same P2P software has access to it. Another user could use that information to commit identity theft, or to embarrass you. Please pay attention to the files that you place in, or download to, your shared folder. Don't put information in your shared folder that you aren't comfortable sharing with strangers.
In particular, do not put tax, medical, banking, correspondence or any other sensitive personal files in the same folder as files that are shared via your P2P software program.
Click here for information about how to use this P2P software application to minimize or avoid these data security problems. To report identity theft, or for more information about identity theft, please consult the Federal Trade Commission's Identity Theft Clearinghouse at www.consumer.gov/idtheft/.
Unwanted Exposure to Pornography - P2P software may give users, including children, access to pornography. Some files containing pornography may be deliberately mislabeled to attract young or otherwise unsuspecting viewers. Distributing illegal pornography is a serious crime. Users whose shared folders contain illegal pornographic material, particularly child pornography, could be subject to criminal prosecution.
Click here for information about how to use this P2P software application to minimize or avoid inadvertent exposure to pornography or the illegal redistribution of such materials.
AresGalaxy.org believes strongly that we all must stamp out child pornography.Click here to report suspected child pornography or pornographers to US law enforcement.

Spyware - Files downloaded from the Internet using applications such as Ares P2P may contain spyware that can track your online activity or control your computer. These files will typically be disguised and be undetected by average computer users. Ares P2P is a free opensource project and doesn't include any bundled spyware or adware. Click here for information about the difference between adware and spyware and how this P2P software application can help you avoid spyware.
Viruses - Files downloaded from the Internet using applications such as Ares P2P may carry computer trojans, worms, or viruses that can potentially damage your computer or cause other harms. These files will typically be mislabeled to disguise their true purpose. Click here for information about how this P2P software application can help you avoid computer viruses.
For more information, AresGalaxy.org strongly recommends that the public consult the Federal Trade Commission's website at www.ftc.gov/infosecurity and the Commission's Consumer Alert at www.ftc.gov/bcp/conline/pubs/alerts/idsalrt.htm.


Friday, February 20, 2009

Kaspersky Rescue Disk

Source

How to create a Rescue Disk in Kaspersky Anti-Virus version 2009

Kaspersky Rescue Disk 20082612

No actualiza sus bibliotecas de virus, por lo que hay que descargar las actualizaciones o crear discos de emergencia con el antivirus Kaspersky instalado

Thursday, February 19, 2009

POSIX time (Unix epoch time)

Unix time, or POSIX time, is a system for describing points in time, defined as the number of seconds elapsed since midnight Coordinated Universal Time (UTC) of January 1, 1970, not counting leap seconds. It is widely used not only on Unix-like operating systems but also in many other computing systems. It is neither a linear representation of time nor a true representation of UTC (though it is frequently mistaken for both) as the times it represents are UTC but it has no way of representing UTC leap seconds (e.g. 1998-12-31 23:59:60).
...
...
The Unix epoch is the time 00:00:00 UTC on January 1, 1970
There is a problem with this definition, in that UTC did not exist in its current form until 1972; this issue is discussed below. For brevity, the remainder of this section uses
ISO 8601 date format, in which the Unix epoch is 1970-01-01T00:00:00Z.


Ext2 Installable File System For Windows

Friday, February 13, 2009

Storage Capacity Measurement Standards

Discrepancy Between Reported Capacity and Actual Capacity

Many customers are confused when their operating system reports, for example, that their new ST3500620AS 500-GB hard drive is reporting only 465.76 GB in usable capacity. Several factors can come into play when you see the reported capacity of a hard drive. Unfortunately there are two different number systems used to express units of storage capacity:

The storage industry standard is to display capacity in decimal. Even though in binary you have more bytes, the decimal representation of a gigabyte shows greater capacity. In order to accurately understand the true capacity of your hard drive, you have to know which base unit of
measure (binary or decimal) is being used to represent capacity.

Another factor that can cause misrepresentation of the size of a hard drive is BIOS limitations. Many older BIOS are limited in the number of cylinders they can support.

Motivation for Proposed Prefixes for Binary Multiples
Once upon a time, computer professionals noticed that 1024 or 210 (binary) was very nearly equal to 1000 or 103 (decimal) and started using the prefix "kilo" to mean 1024. That worked
well enough for a decade or two because everybody who talked kilobytes knew that the term implied 1024 bytes. But almost overnight a much more numerous "everybody" bought computers, and the trade computer professionals needed to talk to physicists and engineers and even to ordinary people, most of whom know that a kilometre is 1000 metres and a kilogram is 1000 grams.

Two Different Measurements Systems
Name Ab-
bre-
via-
tion
Bi-
na-
ry
Po-
wer
Binary Value
(represented
in Decimal)
Deci-
mal
Power
kilo-
byte
KB 210 1,024 103
mega
byte
MB 220 1,048,576 106
giga-
byte
GB 230 1,073,741,824 109
tera-
byte
TB

240

1,099,511,
627,776
1012

Often,
when two or more people begin discussing storage capacity, some will refer to binary values and others will refer to decimal values without making a distinction between the two. This has caused much confusion in the past. In an effort to end this confusion, all major hard drive manufactures use decimal values when discussing storage capacity.


Windows Vista
Open
the Start menu on the bottom left of the screen (it may simply be a Windows logo). Open Computer, right-click on the drive in question, choose Properties.

Windows XP / 2000 / NT
From Windows Explorer, right click on a drive letter, then click on Properties. This shows capacities in bytes, MB, and GB.

Windows 98 / Me
From Windows Explorer, right click on a drive letter, then click on Properties. This shows bytes, MB, and GB.
DOS Prompt ? CHKDSK shows bytes
DOS Prompt ? FDISK shows MB

Mac OSX
From the Desktop, click Go on the top menu bar, choose Utilities, choose Disk Utility. Then hold down the Control key and click on the hard drive in question on the left, then choose Information (see the 1st image). The total capacity is listed as bytes and in GB, calculated as binary (see the 2nd image, and note the capacity circled in red).

Image 1
1

Image 2
1

Please also see the Seagate Knowledge Base article dealing with this issue.

Much of this information is available from the National Institute of Standards and Technology at http://physics.nist.gov/cuu/Units/binary.html

Bad Sectors

Source

A bad sector is a small area on the disk drive that is reporting errors and cannot be accessed properly. New bad sectors, sometimes called grown defects, are often caused by some kind of physical damage. If a file or folder uses this sector, then the file is incomplete or corrupt because the bytes are not readable.
Bad sectors can also be reported if the signal between your drive and host adapter is being misinterpreted.
Bad cables can cause this. Consider replacing your Serial ATA cable, which is an easy first troubleshooting step.

Correcting Bad Sectors
SeaTools is available from Seagate for the reparation of bad sectors. It is available in two programs.

  • Seatools for Windows. (Please see here for a tutorial on its usage.)
  • Seatools for DOS. (Please see here for a tutorial on its usage.)

Seatools
for DOS can scan all sectors for physical errors (but not logical errors), and if it finds a bad sector, it will prompt you to click to repair it manually. Seatools for Windows will notify you that the bad sector exists and will point to a third-party tool to repair it.
(Please note that Seatools is for PC only. Click here for information on MacOS.)

If you have bad sectors that contain data there are several options available from other vendors.

Windows Vista/XP/2000 contains an error-checking utility for hard drives.
To open the error-checking utility in Windows Vista, follow these steps:

  1. Click on the Windows icon in the bottom-left of your screen.

  2. Click on Computer to open it.

  3. Right-click on the hard drive that needs repair (ie, Disk C: or E:).

  4. Choose Properties.

  5. On the Tools tab, click Check Now in the Error-Checking Status area.

  6. In the Check Disk dialog box, select the Automatically Fix File System Errors check box, select the Scan For And Attempt Recovery Of Bad Sectors check box, and then click Start.

To open the error-checking utility in Windows XP/2000, follow these steps:

  1. Double-click My Computer, and right-click on the hard drive that needs repair (ie, Disk C: or E:).

  2. On the shortcut menu, click Properties.

  3. On the Tools tab in the Properties dialog box, click Check Now in the Error-Checking Status area.

  4. In the Check Disk dialog box, select the Automatically Fix File System Errors check box, select the Scan For And Attempt Recovery Of Bad Sectors check box, and then click Start.

See image below:

1

(View Windows help on detecting and repairing disk errors for more information.)
MacOS 10.x's Disk Utility includes a tool called Disk First Aid. To access it:

Steps to prevent further bad sectors.
Improper handling of the drive is the most common cause for bad sectors. See our handle with care videos for more information on how to properly handle a drive.

Thursday, February 12, 2009

SATA Troubleshooter - Windows 2000/XP Installation Basics

Source

Windows XP/2000 Installation Basics
Below you will find an outline of the steps for installing a new Serial ATA hard drive with Windows XP/2000. If there is already a booting hard drive and this drive will be installed as a non-booting storage drive, please see the lower section of this page.
Install Windows XP/2000 on a Blank SATA Hard Drive
Insert the Windows XP/2000 CD/DVD into the CD/DVD drive.

  1. Power down the computer.

  2. Mount and connect the Serial ATA hard drive. See here for an interactive flash tutorial illustrating this.

  3. Power up the computer.

  4. For some add-in SATA controller cards, you will need to press the F6 key to install drivers as the Windows setup screen launches.
    You may never have noticed the "F6" option before, since it happens at the bottom of the screen and is visible for only a few seconds during a standard install. What you most likely encountered during the setup process was a screen which came up informing you Setup could not find any drives installed on your computer, and it could not continue, much like the screen sample below:
    (Click to expand)
    1


  5. To be able to hit the F6 button, you must restart the Setup process, and watch the bottom of the screen after pressing Enter on the "Welcome to Setup" screen. There will be some moments of files being loaded, and then you should see a message appear which says "Press F6 if you need to install a 3rd party SCSI or RAID driver". This message will only stay on the screen for a couple of seconds, so press F6 as soon as you see it appear.
    (Click to expand)
    1


  6. After this is done, you will see other messages appear, and it will act as though nothing is happening, but eventually a screen will appear which will allow you to install the drivers for the add-in SATA controller.
    The screen will look like the sample below:
    (Click to expand)
    1


  7. After you press S, the driver install process will continue and the floppy diskettes will be needed. Further instructions will be furnished after the driver install process has ended.
    (Click to expand)
    1


  8. Insert the floppy diskette containing the drivers for the add-in Serial ATA controller.

  9. Once the drivers are loaded, proceed with the normal Windows XP/2000 installation.
A few further notes on this:
Driver Installation Diskette
For the hard drive to be detected in a new installation, the drivers for the add-in SATA controller/motherboard must be loaded at the beginning of installation.
The drivers for the controller/motherboard can probably be found either on the CD that came with it or on the manufacturer’s website. Simply load the required drivers on the diskette and have it ready.
Further Information
Motherboards which incorporate Serial ATA connectors do not provide options for adjustment in the BIOS, and some do provide on/off activation, so you should not have to make changes in the BIOS if you are adding a drive.
If you are replacing your boot drive, you may have to change the "boot order" in the BIOS to boot from the Serial ATA controller (sometimes represented in the boot order as the drive model number and sometimes as SCSI). If your motherboard has onboard serial ATA connectors, you may be prompted to install the drivers for them when you installed the motherboard. If you didn't install them at the time of the motherboard installation, then you should be prompted during a "Plug and Play" process by your OS to provide drivers. We recommend going to the serial ATA controller manufacturer's website for the latest drivers. See a short list below


  1. Mount and connect the Serial ATA hard drive. See here for an interactive flash tutorial illustrating this.

  2. Power up the computer and boot into Windows XP/2000.

  3. Open Computer Management and select Disk Management.

  4. Initialize the drive.

  5. Partition the drive.

  6. Format the drive (Windows includes this in the partitioning process).

  7. Assign the drive letter (included in the formatting and partitioning process).

  8. Initiate changes and finish.
Opening Disk Management in XP


  1. Right-click on My Computer.

  2. Choose Manage (this will open the Computer Management window).

  3. Choose Disk Management under the Storage category (Refer to Figure 1).
Figure 1 (Click to expand image.)
1
When the blank drive is first seen by Disk Management it will not be seen in Windows Explorer as a drive letter. To get it seen in Windows Explorer as a drive letter, the drive will need to be configured through Disk Management. Windows XP/2000 will normally see the unpartitioned drive when you open Disk Management and start the wizard for you.
Note the Unallocated Drive in Figure 2 below.
At this point Windows will normally launch a wizard to walk you through setting up the drive, but it may be necessary to set it up manually.
Figure 2 (Click to expand image.)
1
Manually Initialize/Write a Drive Signature
Right-click the new drive to initialize it (refer to Figure 3). This prepares the drive to be used with Windows.

  1. Note: Windows XP usually uses the term "Initialize", while Windows 2000 usually uses the term "Write a Drive Signature". The procedure is the same for both.

  2. Once you choose Initialize, another window will come up asking you to confirm which drive to initialize.
    Warning: Once a drive is initialized the data on the drive will be erased.
    Figure 3 (Click to expand image.)
    1


  3. Choose the correct drive. Windows will usually only display uninitialized drives, but if you have a dual boot system, drives from other operating systems will show up in this list.

  4. Once you choose OK the drive will be initialized for use with Windows XP/2000 (though it still will not be seen by Windows Explorer).
Figure 4 (Click to expand image.)
1
The Partition/Conversion Wizard Method
Select the drive to partition. The new drive will probably be Disk 1 or Disk 2 or something similar.
1
Partition
Once a drive is initialized for use with XP, a partition option becomes available (Refer to Figure 6). This option is not available for drives that do not have free space or for drives that have not been initialized.
Windows XP supports FAT 16 partitions limited to 4 GB (Limited to 2 GB in DOS based operating systems like Windows 9X/Me), FAT 32 partitions which can be created up to 32 GB (They can be larger if they were made with Windows 98/Me), and NTFS partitions.
Figure 6 (Click to expand image.)
1
Partition Wizard

  1. Summary Screen

  2. Partition type:
    Primary – This is the normal selection for drives with less than 4 partitions.
    Extended – This is used if the drive is split in to 4 or more partitions.

  3. Specify partition size in Megabytes -
    Set the size of the partition (the full drive capacity is the default).
    If the full partition size is not used, right click on the remaining free space once the wizard has completed to partition that space. Repeat the partition wizard until the drive is how you want it.

  4. Assign the drive letter
    - This allows you to select the drive letter for this partition. If the partition is NTFS, you can mount the drive as a subfolder of an existing NTFS partition. If you want the drive to be D: and it is taken by a CD/DVD drive, you must first change the CD/DVD drive letter and then restart the partition wizard.

  5. Format Partition
    - If you choose not to format then you can format later by right clicking on the drive and choosing format. You can choose to format with a file type and allocation unit size. NTFS is the default format type in Windows XP, but FAT32 is popular for users that dual boot between XP/2000 and 9X. XP/2000 is limited in that it cannot create a FAT32 partition larger than 32 GB. However you can use DiscWizard or Windows 98/Me to create a larger partition and use it under Windows XP/2000.
    Some related notes:
    Allocation units are usually left at the default unless you know specifically what you want to do with the system. If you are doing video and audio, they tend to use large allocation units, because it improves performance with large files, but if you have a lot of small files then those files take up more space on the hard drive. For example, if you set the allocation unit size to 64k, any file, even a 1k file, will use 64k of drive space. Quick format will quickly format the drive, but it skips several verification processes.

  6. Summary – Allows you one more chance before committing to the changes (Refer to figures 7 and 8).
Figure 7 (Click to expand image.)
1
Figure 8 (Click to expand image.)
1
Finished
Once the drive has been initialized, partitioned, and formatted it will display as a healthy drive with the size and type of partition below the volume name and drive letter.
It will also appear in My Computer/Windows Explorer as a drive letter (E:, F:, etc), ready to use.
Please see more information on this final process on
this Microsoft Support article.
A Note on Jumpers and Cabling
Serial ATA interface disk drives are designed for easy installation. It is not necessary to set any jumpers, terminators, or other settings on this drive for proper operation. The jumper block adjacent to the SATA interface connector on SATA 150MB/s drives is for factory use only. The jumper block adjacent to the SATA interface connector on SATA 300MB/s drives can be used to force the drive into SATA 150MB/s mode for use with older SATA controllers that only work with SATA 150MB/s drives.
With a Serial ATA interface, each disk drive has its own cable that connects directly to a Serial ATA host adapter or a Serial ATA port on your motherboard. Unlike Parallel ATA, there is no master-slave relationship between drives that use a Serial ATA interface.
You can use a Serial ATA drive in the same system with Parallel ATA drives as long as both interfaces are supported on the motherboard or with an add-in host adapter. This makes it easy to add Serial ATA compatibility to your existing system without removing existing Parallel ATA disk drives.
Driver Installation Diskette
For the hard drive to be detected in a new installation, the drivers for the add-in SATA controller/motherboard must be loaded at the beginning of installation. The drivers for the controller/motherboard can probably be found either on the CD that came with it or on the manufacturer’s website. Simply load the required drivers on the diskette and have it ready.