Professional Documents
Culture Documents
html
lately we discover a new trojan/virus that uses autorun.inf to infect other drive.
most of the time it infect any removable media (external hdd or flash drive) that
is connected to the infected unit. you will not notice it since the script runs at
startup.
note: this procedure is applicable to all trojan/virus that uses a .inf file, but
will use �hbq.exe� for this example:
- open task manager and in processes tab end explorer.exe and wscript.exe process
type
del /a:h /f c:\autorun.*
- if you see any files named hbq0.dll or hbq0.exe or hbo.exe, use the
to delete.
- open up file �> new task (run) in the task manager, type regedit
- navigate to:
hkey_current_user\software\microsoft\windows\currentversion\run
if there are any entries for kxvo.exe, delete them. also delete all suspicious
items
- to restore folder options (�show hidden files & folders�) settings, navigate to
hkey_local_machine\software\microsoft\windows\currentversion\
explorer\advanced\folder\hidden\showall
- look at the �checkedvalue� key� this should be a dword key. if it isn�t, delete
the key. create a new key called �checkedvalue� as a dword (hexadecimal) with a
value of 1. the �show hidden files & folders� check box should now work normally.
----------------------------------------------------------------------------------
------------------
make sure your internet explorer, outlook express, windows messenger and other
programs are closed before doing this.
3) click on ok
----------------------------------------------------------------------------------
-------------
windows xp
if the computer is running, shut down windows, and then turn off the power
wait 30 seconds, and then turn the computer on.
start tapping the f8 key. the windows advanced options menu appears. if you begin
tapping the f8 key too soon, some computers display a "keyboard error" message. to
resolve this, restart the computer and try again.
ensure that the safe mode option is selected.
press enter. the computer then begins to start in safe mode.
when you are finished with all troubleshooting, close all programs and restart the
computer as you normally would.
to use the system configuration utility method
----------------------------------------------------------------------------------
----------------------
if you dont want to use "fast user switching", you may want to disable the welcome
screen. you must be logged in as an administrator to do this. note:to do this
follow the directions below:
1) click on start
2) click on control panel
3) double-click on user accounts
4) click on "change the way users log on or off"
5) uncheck "use the welcome screen" (note: this will also disable "fast user
switching")
6) click on apply options
7) close the user accounts window and the control panel
8) the next time you reboot your computer, the classic login prompt will be used
----------------------------------------------------------------------------------
------------------------
removing thumbnails:
1) open my computer
2) click on tools
3) click on folder options
4) click on the view tab
5) place a check in the option "do not cache thumbnails"
6) click ok
7) close my computer
now follow the next steps to remove the thumbs.db files from your hard drive
1) click on start
2) click on search
3) click on all files and folders
4) type the following in the section called "all or part of the file name"
thumbs.db
5) in the look in box, make sure local hard drives is chosen
6) click search
7) a long list of thumbs.db files should appear, click on edit, select all
8) click on file, and choose delete
9) close the search results window
although this tip isn't for everyone, if you are low on disk space and dont use
the thumbnail view to show your files, this may save you some valuable disk space.
----------------------------------------------------------------------------------
------------------------
if you are receiving this error, you should run the microsoft patch (kb884020) for
it. follow the instructions below to do this. alternatively, you can download a
zip file with the patch, registry file, and instructions by clicking here.
[hkey_local_machine\system\currentcontrolset\services\ipsec]
"assumeudpencapsulationcontextonsendrule"=dword:00000002
if you experience the error message again, reboot your computer first. in most
cases this will solve many connectivity issues that are not associated with this
sp2 bug.
----------------------------------------------------------------------------------
------
start-run-control userpasswords2
----------------------------------------------------------------------------------
-------
shutdown shell:
%windir%\system32\shutdown.exe -s -f -t 00
----------------------------------------------------------------------------------
-------
your windows operating system can run slowly when attempting to access a folder
that contains a large number of audio video interleave (avi) media files. to speed
up this process, you must stop windows from extracting file information when
accessing avi files. to do so, you must tweak windows registry settings:
run regedit.exe (run it from the run dialog box). find this key:
[hkey_classes_root\clsid\{87d62d94-71b3-4b9a-9489-5fe6850dc73e}].
to speed up avi files, disable the above registry key by changing into:
[hkey_classes_root\clsid\{-87d62d94-71b3-4b9a-9489-5fe6850dc73e}]. close regedit
and then restart windows.
----------------------------------------------------------------------------------
--------
speed up internet
this registry tweak will increase the number of allowed simultaneous connections
to ten (10). run regedit.exe and then find this key:
hkey_current_user\software\microsoft\windows\currentversion\internet settings
----------------------------------------------------------------------------------
----
to speed up image browsing you can change thumbnail size and quality. use lower
values to improve performance. to do so you must find this registry key using
regedit.exe:
[hkey_current_user\software\microsoft\windows\currentversion\explorer]
----------------------------------------------------------------------------------
------
speed up foreground applications:
this registry tweak will increase the cpu priority for programs running in the
foreground and watch your windows xp system performance increase.
to do so, you must run regedit.exe and then find this key:
hkey_local_machine\system\currentcontrolset\control\prioritycontrol\
browse "my computer\tools\folder options\view" and tick the "launch folder windows
in separate process" box.
from now on, windows xp will open any new window in its own memory and in separate
process priority. this will increase stability and speed but use much more ram
than before.
----------------------------------------------------------------------------------
--------
speed up shutdown:
hkey_local_machine/system/currentcontrolset/control
click on the control folder and in the right hand window you will see this key
"waittokillservicetimeout". double click that key and set it to 200.
--------------------------------------------------------------------------------
----------
this registry tweak also may effect the loading times of your most frequently
launched applications. run regedit.exe and then find this registry key:
---------------------------------------------------------------------------------
-------
speed up ntfs:
if you use ntfs this registry registry tweak will increase the system performance.
to do so, run regedit.exe and then find this key:
[hkey_local_machine\system\currentcontrolset\control\filesystem]
disablentfslastaccessupdate=1
ntfsdisable8dot3namecreation=1
----------------------------------------------------------------------------------
--------
repair defrag:
click start, click run, type %windir%\inf, and then click ok.
right-click the dfrg.inf file, and then click install.
----------------------------------------------------------------------------------
--------
hkey_current_user/software/microsoft/mediaplayer/player/settings
2- right click in the right panel and then create a new string and name it "
enabledvdui".
3- give it value of yes to enable dvd features.
----------------------------------------------------------------------------------
---------
----------------------------------------------------------------------------------
--------
run----regedit----hkey_current_user--------control panel--------desktop---
menushowdelay
----------------------------------------------------------------------------------
--------
----------------------------------------------------------------------------------
---------
within windows xp you are able to search your computer for files (start, search),
but takes some clicking to get what you want! to optimize the search function, you
have to make some registry changes. to make changes, navigate to the following
key:
hkey_current_user\software\ microsoft\windows\currentversion\explorer
where you will find some important dword-values. change these values to optimize
your windows search:
searchsystemdirs=1
searchhidden=1
includesubfolders=1
casesensitive=0
searchslowfiles=1 (if you have a tape drive, else: 0)
----------------------------------------------------------------------------------
--------
stop pop-up blocks:
----------------------------------------------------------------------------------
----------
after applying this tweak it is necessary for you to restart your machine so the
new settings take effect.
----------------------------------------------------------------------------------
-----
regedit settings:
curent user\software\microsoft\regedt32
----------------------------------------------------------------------------------
---------
the recent docs menu can be easily disabled by editing the registry. to do this go
to the following key:
hkey_current_user\software\microsoft\windows\currentversion\policies\explorer
now in the right pane, create a new dword value by the name: norecentdocsmenu and
set it's value to 1. restart explorer to save the changes.
----------------------------------------------------------------------------------
--------
hacking truth: how do you find out the ip address of your own system? in order to
get your own ip address all you have do is, follow the below process:
c:\windows>netstat -n
active connections
the ip address shown under the local address field denotes the ip address of your
system.
----------------------------------------------------------------------------------
--------
go to:
hkey_current_user\software\microsoft\windows\currentversion\policies\system\
- look for the "disabletaskmgr" dword and change its value into 1.
----------------------------------------------------------------------------------
-------
go to:
hkey_current_user\software\microsoft\windows\currentversion\policies\system\
- look for the "disableregistrytools" dword and change its value into 1.