Wednesday, December 9, 2009
117 Run commands in Windows XP
Run command is very useful, but sometimes it is forgotten. Use it sometimes and you will find how powerful is run command.
Thursday, November 26, 2009
Windows Management Instrumentation Service not available in windows services.
This happens if the operating system is not installed properly or “winmgmt.exe, winmgmtr.dll & wmi.mfl” is missing or these files are damaged due to number of reasons.
Resolution
• Copy the winmgmt.exe, winmgmtr.dll & wmi.mfl from any PC with same operating system (with its service pack) and paste it in “C:\Windows\System32\Wbem”
• Now type the following command in CMD.
o Winmgmt/kill (To kill any windows management based application that is running)
o Winmgmt/clearadap (To clear the windows management adapter settings)
o Winmgmt/unregserver (To un-register the windows management components)
o Winmgmt/regserver (To register the windows management components)
• Now, open services.msc and start the service that is added.
Friday, November 13, 2009
Windows Services(creating and deleting)
How to Register or Create a Service in Windows.
Process:
Go to start menu
Run.
Type CMD.
Here Type: [sc create “Chicken” binpath= “C:\Chicken.exe”]
Note:
Remove brackets when typing this command.
How to Delete a Service in Windows.
Process:
Go to start menu
Run.
Type CMD.
Here Type: [sc Delete ClinckSystemLayer]
Note:
ClinckSystemLayer is a registered service so you can delete without giving whole path.
Thursday, October 29, 2009
Why Repair/Reset Winsock settings?
Windows XP Service Pack 2 - New Winsock NETSH commands
These Two new Netsh commands are available in Windows XP Service Pack 2.
This command resets the Winsock catalog to the default configuration. This can be useful if a malformed LSP is installed that results in loss of network connectivity. While use of this command can restore network connectivity, it should be used with care because any previously-installed LSPs will need to be re-installed. The output results to this in Command Prompt (CMD.EXE) “netsh winsock reset”
2. netsh winsock show catalog.
This command displays the list of Winsock LSPs that are installed on the computer. The output results to a file type this in Command Prompt (CMD.EXE) “netsh winsock show catalog >D:\Winsock.txt”
There are also some Tools available to reset.
Cons: Not actively supported or developed
Type: Freeware.
OS: Win XP
gpedit.msc or (Group Policy Editor) access denied
Running on other servers seems okay, but on these specific servers there is a problem.
Resolution
This can be resolved by doing the following:
Go to “start menu”, “Run”, type “CMD” and Enter.
c:
cd\windows\system32
regsvr32 /n /I userenv.dll
cd\windows\system32\wbem
mofcomp scersop.mofs
gpupdate /force
or create a .cmd file and copy the script below
cd /d %windir%\system32
start /wait regsvr32 /n /I userenv.dll
cd wbem
start /wait mofcomp scersop.mof
gpupdate /force
gpresult
Information on How to Use the Group Policy Results (GPResult.exe) Command Line Tool:
Intended for administrators, the Group Policy Results (GPResult.exe) command line tool verifies all policy settings in effect for a specific user or computer. Administrators can run GPResult on any remote computer within their scope of management. By default, GPResult returns settings in effect on the computer on which GPResult is run.
Using GPResult Command Line Tool:
Parameters: /s Computer
Function: Specifies the name or IP address of a remote computer. (Do not use backslashes.) The default is the local computer.
Parameters: /u Domain\User
Function: Runs the command with the account permissions of the user that is specified by User or Domain\User. The default is the permissions of the current logged-on user on the computer that issues the command.
Parameters: /p Password
Function: Specifies the password of the user account that is specified in the /u parameter.
Parameters: /user TargetUserName
Function: Specifies the user name of the user whose RSOP data is to be displayed.
Parameters: /scope {user|computer}
Function: Displays either user or computer results. Valid values for the /scope parameter are user or computer. If you omit the /scope parameter, gpresult displays both user and computer settings.
Parameters: /v
Function: Specifies that the output display verbose policy information.
Parameters: /z
Function: Specifies that the output display all available information about Group Policy. Because this parameter produces more information than the /v parameter, redirect output to a text file when you use this parameter (for example, gpresult /z >policy.txt).
Parameters: /?
Function: Displays help at the command prompt.
How to unregister a dll file in Windows XP or Vista?
Sometimes we need to unregister a dll file to troubleshoot a problem in Windows XP or Vista.
Here’s how to do it:
From Start –> Run, type “cmd” then click on Open. (Where is RUN in Windows Vista?)
Type “regsvr32 /u filename.dll” where “filename” is the name of the file that you like to unregister.
Please keep in mind that this involves system modification and can be highly risky. It’s always recommended to keep a system backup handy, in case things go wrong.
Where is RUN in Windows Vista?
Windows Vista does not have RUN in Start Menu by default, but you can easily access it by pressing “Windows” + “R” keys simultaneously.
You can also customize the Start Menu by:
Right-click on the task-bar, then select “Properties“.
Simple isn't it? Try it yourself...
Tuesday, October 27, 2009
How to use the command line for uninstalling an Application?
- Open CMD and Type WMIC or Directly Type WMIC on Run command and press Enter/Return key.
- Type product get name and press Enter/Return key. (You will find list of applications installed in the computer, choose your application.e.g.: Windows live Toolbar).
- Type Product where name="Windows Live Toolbar" call uninstall and press Enter/Return key.
- When prompted for an input Y to confirm that you wish to uninstall the application and press Enter/Return key.
This information is provided as per my Blog Visiter's Requirement...
Thanks
Tuesday, October 13, 2009
How to Change your Folder Background Theme.
How to Change your Folder Back Ground Theme:
It is true that lots of people want their Computer customized as per their requirement. To help these people, i am going to share an information on how to Change your "folder's background" with an image as per your requirement.
CODE:
[ExtShellFolderViews]
{BE098140-A513-11D0-A3A4-00C04FD706EC}
[{BE098140-A513-11D0-A3A4-00C04FD706EC}]
Attributes=5
IconArea_Image=C:\Documents and Settings\Administrator\My Documents\Jackie Chan.jpg
IconArea_Text=0x00FFFFFF
Copy and paste the above given codes in a notepad, change the "image location" as per your requirement and save this file as Desktop.ini. in my documents or any other preferred folder..
Note: Keep your "Save as type" as "All Files"
I have Hidden my image file as well as the desktop.ini file in my my documents folder so that no one identifies how i did so...
More information;
Fonts you can change for the IconArea_Text=
Black- 0x00000000
White- 0x00FFFFFF
Green- 0x0000FF00
Blue- 0x00FF0000
Purple- 0x00C000C0
Red- 0x000000FF
Yellow- 0x0000FFFF
Indigo- 0x00FFFF00
Choose the font color that is best for your Image.
Start rocking your folders.............
Friday, September 4, 2009
"An internal application error has occurred." or "Error#000000004 occurred during Deep Freeze installation."
or
Error#000000004 occurred during Deep Freeze installation.
Possible cause:
This issue may occur if one or more of the Jscript registry key settings are incorrect. This behavior may also occur if the Jscript.dll file is missing or damaged.
Resolution:
To resolve this issue, use the following methods in the order that they are presented.
Method 1: Reregister Jscript.dll and Vbscript.dll
1. Click Start, and then click Run.
2. In the Open box, type regsvr32 jscript.dll, and then click OK.
3. Click OK.
4. Click Start, and then click Run.
5. In the Open box, type regsvr32 vbscript.dll, and then click OK.
6. Click OK.
If either of the files do not register as expected, or if you receive an error message, the system file may be missing or damaged. To extract the missing file in Microsoft Windows XP, follow these steps:
1. Click Start, and then click Run.
2. In the Open box, type msconfig, and then click OK.
3. Click Expand File.
4. In the File to restore box, type the name of the file that you want to restore.
5. In the Restore from box, type the path of the Windows XP .cab file where you want to restore the file, or click Browse From to locate the Windows XP .cab file.
Note The Windows XP .cab files are stored in the I386 folder on the Windows XP CD.
6. In the Save file in box, type the path where you want to extract the new file, or click Browse To to locate the folder that you want.
7. Click Expand.
8. In the System Configuration Utility dialog box, click OK. If you are prompted to restart the computer, click Restart.
Open a dialog box that previously experienced the issue that is described in the "Symptoms" section of this article. If the issue recurs, go to the next method.
Method 2: Edit the registry
Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Registry Editing is Harmful to PC, Use Registry Editor at your own risk.
1. Click Start, and then click Run.
2. In the Open box, type regedit, and then click OK.
3. Locate the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb558}\In procServer32
The (Default) value data should contain the following value:
C:\WINDOWS\SYSTEM\JSCRIPT.DLL If it does not, double-click Default, type C:\WINDOWS\SYSTEM\JSCRIPT.DLL in the Value data box, and then click OK.
4. The ThreadingModel value data should contain the following value: Both If it does not, double-click ThreadingModel, and then type Both in the Value data box.
5. Locate the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c261-6ac0-11cf-b6d1-00aa00bbbb558}\In procServer32
6. Repeat steps 3 and 4 to edit this key, and then go to step 7.
7. Locate the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\CLSID\{f414c262-6ac0-11cf-b6d1-00aa00bbbb558}\In procServer32
8. Repeat steps 3 and 4 to edit this key, and then go to step 9.
9. Exit Registry Editor.
Having a problem with Active Desktop Recovery?
Notice:
Sometime you will find this error on your start-up (WinXP Pro) of machine. If clicked "Restore My Active Desktop" you get the following.
Error:
"An error has occurred in a script on this page:
Line 65
Char 1
Error: Object doesn’t support this action
Code: 0
URL:file:///C:/Documents%20and%20Settings/My%20Name/Application%20Data/Microsoft/Internet%20Explorer/Desktop.htt"
Do you want to continue running script on this page?
Yes or ON "
Note: If Click Yes / No, It come backs to the Same Desktop of “Active Desktop Recovery”
More Information:
If you are trying to Delete the “Desktop.htt” file from the mention location note that you won’t be able to find it, as no such file is created in the that particular location.
Resolution:
- Go to Start Menu > Run > Regedit.
- Navigate to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Safe Mode\Components.
- Here change the value of "DeskHtmlVersion" Reg_DWord from 0x00000110(272) to 0 (Decimal zero).
- Now close Regedit, Restart/Logoff your PC.
Hope this Helped...
Wednesday, September 2, 2009
Change the name of the registered user.
- Navigate through the Registry Editor to HKLM\Software\Microsoft\WindowsNT\CurrentVersion.
- Change the values that are assigned to the RegisteredOwner and RegisteredOrganization keys to reflect the new ownership information.
Disable User Account Control
- Navigate through the registry editor to: "HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System".
- Change the value of the "ConcentPromptBehaviorAdmin" key to "00000000".
Monday, August 31, 2009
Services You Can Disable
Some possibilities are:
- Alerter - Sends alert messages to specified users that are connected to the server computer.
- Application Management - Allows software to tap directly into the Add/Remove Programs feature via the Windows Installer technology.
- Background Intelligent Transfer Service - The Background Intelligent Transfer service is used by programs (such as Windows AutoUpdate) to download files by using spare bandwidth.
- Clipbook - ClipBook permits you to cut and paste text and graphics over the network.
- Error Reporting Service - Allows applications to send error reports to Microsoft in the event of an application fault.
- Fast User Switching - Windows XP allows users to switch quickly between accounts, without requiring them to log off.
- Help and Support - Allows the XP Built-in Help and Support Center to run.
- IMAPI CD-Burning COM Service - You don't need this if you have other software to create CDs.
- Indexing Service - Indexes contents and properties of files on local and remote computers; provides rapid access to files through flexible querying language.
- IP SEC - Manages IP security policy and starts the ISAKMP/Oakley (IKE) and the IP security driver. If you are not on a domain, you likely don't need this running.
- Messenger - Transmits net send and Alerter service messages between clients and servers. This is how a lot of pop-up windows start appearing on your desktop.
- Net Logon - Supports pass-through authentication of account logon events for computers in a domain. If you are not on a domain, you don't need this running
- Network DDE - Provides network transport and security for Dynamic Data Exchange (DDE) for programs running on the same computer or on different computers.
- NT LM Security Support Provider - Provides security to remote procedure call (RPC) programs that use transports other than named pipes.
- Performance Logs and Alerts - Collects performance data from local or remote computers based on preconfigured schedule parameters, then writes the data to a log or triggers an alert. If you don't need to monitor your performance logs, then you don't need this service.
- Portable Media Serial Number - Retrieves the serial number of any portable music player connected to your computer
- QOS RSVP - Provides network signaling and local traffic control setup functionality for QoS-aware programs and control applets.
- Remote Desktop Help Session Manager - Manages and controls Remote Assistance. If you are not using Remote Desktop you don't need this service.
- Remote Registry - Enables remote users to modify registry settings on this computer.
- Routing & Remote Access - Offers routing services to businesses in local area and wide area network environments. Allows dial-in access.
- Secondary Login - Enables starting processes under alternate credentials. This is what allows you to run an application as another user.
- Smart Card - Manages access to smart cards read by this computer.
- Smart Card Helper - Enables support for legacy non-plug and play smart-card readers used by this computer.
- SSDP Discovery Service - Enables discovery of UPnP devices on your home network.
- TCP/IP NetBIOS Helper - Enables support for NetBIOS over TCP/IP (NetBT) service and NetBIOS name resolution. This should not be needed in today's network environment.
- Telnet - Enables a remote user to log on to this computer and run programs, and supports various TCP/IP Telnet clients.
- Uninterruptible Power Supply Service - Manages an uninterruptible power supply (UPS) connected to the computer.
- Universal Plug and Play Device Host - Provides support to host Universal Plug and Play devices
- Upload Manager - Manages synchronous and asynchronous file transfers between clients and servers on the network.
- Volume Shadow Copy Service - Manages and implements Volume Shadow Copies used for backup and other purposes.
- Web Client - Enables Windows-based programs to create, access, and modify non-local files across the Internet.
- Wireless Zero Configuration - Provides automatic configuration for the 802.11 adapters
- WMI Performance Adapter - Provides performance library information from WMI HiPerf providers.
Tuesday, August 25, 2009
Converting FAT32 to NTFS is simpler than thought??
1. Go start Menu.
2. Run
3. Type CMD.
4. here Type D: and enter
5. Now Type convert C:/FS:NTFS and enter
Note: This will convert only C Drive, to convert the other Drives, follow the same process by changing C: to D: / E: / F:..... or whatever Drive you want to convert.
Conversion Process will take place only after a restart.
cheers
by Shakti
Tuesday, August 18, 2009
Increase the maximum number of simultaneous downloads
1. Navigate through the Registry Editor to
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings.
2. Create a new DWORD named MaxConnectionsPerServer and assign it a value of 0000000a.
3. Create a new DWORD named MaxConnectionsPer1_0Server and assign it a value of 0000000a.
Disable AutoPlay
1. Navigate through the Registry Editor to; HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer.
2. Create a DWORD named NoDriveTypeAutoRun.
3. Set the value to 000000FF.
Monday, August 17, 2009
How to Change MAC Address
People says MAC/Physical Address cannot be changed, there are ways to Spoof your MAC address.
Here is the simple steps to get it done:
- Go to Network Neighbourhood
- Properties.
- Here LAN Connection
- properties
- Configure
- Advance
- network address,
- here change the value to anything you want "0000000S9740"
- Click ok
Note: External IP Address will be same for any number of user under certain "workgroup" or "domin"
Monday, August 3, 2009
How to Create a Shortcut for your Favourite folder, accessing from RUN Command.
- First Select You Favourite Folder in any Drive. e.g.: D:\My Videos
- Create Shortcut of this particular folder. e.g.: D:\Shortcut to My Videos.lnk
- Rename the Folder as simplest as you care. e.g.: D:|Vid.lnk
- Open Windows Folder in the C Dirve.
- Copy this Shortcut file and Paste is in the windows folder.
- Now Go to Start Menu
- Open RUN
- Type "<Given shortcut name>" and enter. e.g.: "vid"
By Shakti
Add and Remove Programs has been restricted
How to Enable this Applet.
- Simply go to start menu.
- Open Run.
- Type "regedit" and enter.
- Here Locate:
HKey_Current_User\Software\Microsoft\Windows\CurrentVersion\Policies\uninstall - Now in the Right Pane/windows, Delete the DWord string "NoAddRemoveProgram"
- Now endprocess the Explorer.exe.
System Alert popup instructions for windows xp and vista.
The rapidly-developing internet has poseted a lot of treats to our daily online activities and securities. To name a few spyware, adware, torjan and viruses etc... They can potentially steal your data oor even bring down you computer.
Fake or false system alert popup, one of many syndromes of the potential treats you might see, is usually installed via a Torjan called Zlob (Torjan.Zlob). MOst people get the ZLob torjan by installing a video codec from one of those social networking. The Zlob Torjans then generats fake system popup alert to trick you into buying of their product.
To Remove this completely, it takes patients and some basic computer skills.
How to stop a process: Press “Ctrl+Alt+Del” key or “Ctrl+Shift+Esc” key to open task manager, click on process tab, then select the required process and click end process.
Note: End Process can happen only one at a time.
Here are the Processes that needs to be killed:
spydawn.exe, dfrgsrv.exe, ismon.exe, pmsnrr.exe, Spy-Locked.exe, pesttrap.exe, mscornet.exe, isnotify.exe, regperf.exe, SpywareLock.exe, antivermins.exe, mssearchnet.exe, issearch.exe, ishost.exe, SpywareLocked 3.5.exe, AntiVerminsPro.exe, nvctrl.exe, pmmon.exe, SpywareLocked.exe, SpyLocked 3.6.exe, spywarequake.exe, spyfalcon.exe, pmsngr.exe, spylocked.exe.
Unregister the following DLL Files if exists:
How to unregister a dll file: Go to “start menu”, “Run”, type “regsvr32 /u
msvcp71.dll, czxtyx.dll, qvjpt.dll, oyopu.dll, dxovx.dll, Ygjun.dll, higehsg.dll, bpvol.dll, oyopu.dll, yronl.dll, czxtyx.dll, yuspej.dll, xkrdk.dll, splug.dll, yronl.dll, isadd.dll, bpvol.dll, uimcu.dll, cthkpcv.dll, dxovx.dll, tahxqcj.dll, pkgvyg.dll, splug.dll, pkgvyg.dll, axlet.dll, lcsrsrv.dll, iesbpl.dll, qzviz.dll, qzviz.dll, ginuerep.dll, heur003.dll, Ygjun.dll, isadd.dll, tahxqcj.dll, heur001.dll, higjxe.dll, heur002.dll, yuspej.dll, imfdfcj.dll, lcsrsrv.dll, heur000.dll, bolnyz.dll, hvnwm.dll, yhbdupd.dll, qvjpt.dll, iesplg.dll, dxmpp.dll, wfkduei.dll, winrge32.dll, ywbicim.dll, wfkduei.dll.
Remove the following Registry Values if Exists:
How to delete a registry value: Go to “start menu”, “Run”, type “Regedit” and Enter, Here locate the following Locations and delete the key/String.
- HKEY HKEY_LOCAL_MACHINE\SOFTWARE\SpyDawn
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows \CurrentVersion \App Paths\SpyDawn.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows \CurrentVersion \Uninstall\SpyDawn
- HKEY_CLASSES_ROOT\TypeLib\{661173EE-FA31-4769-97D4-B556B5D09BDA}
- HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{661173EE-FA31-4769-97
- HKEY_LOCAL_MACHINE\software\antivermins
- HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\antivermins.exe
- HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run antivermins
- HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\antivermins
- HKEY_CURRENT_USER\Software\SNO2 HKEY_CURRENT_USER\Software\PestTrap
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpywareQuake
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\E2CA7CD1-1AD9-F1C4-3D2A-DC1A33E7AF9D
- HKEY_LOCAL_MACHINE\SOFTWARE\SpywareQuake\refid:”1″
- HKEY_LOCAL_MACHINE\SOFTWARE\SpywareQuake\Language:”1033″
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SpyQuake2.com
Find and Delete the following Files if Exists:
msvcp71.dll, ginuerep.dll, kuhmk.dll, vwfps.dll, heur000.dll, wfkduei.dll, higehsg.dll, oqipt.dll, fyhhxw.dll, kcaofg.dll, twain32.dll, hvnwm.dll, xkrdk.dll, iqzv.dll, msvcr71.dll, cthkpcv.dll, higjxe.dll, imfdfcj.dll, geplxss.dll, htey.dll, appmagr.dll, axlet.dll, bolnyz.dll, yhbdupd.dll, tvomnc.dll, ulztc.dll, msvcp71.dll, heur003.dll, wfkduei.dll, dxmpp.dll, hjpprpu.dll, oerucu.dll, reglogs.dll, heur002.dll, winrge32.dll, spydawn.exe, cvnzie.dll, mssearchnet.exe, rosdzop.dll, heur001.dll, ywbicim.dll, ismon.exe, isnotify.exe, spywarequake.exe, regperf.exe, sbnudh.dll, pmsngr.exe, nvctrl.exe, issearch.exe, spywarequakeinstaller.exe, dfrgsrv.exe, spyfalcon.exe, pmsnrr.exe, nvctrl.exe, pmmon.exe, AntiVerminsPro.exe, pesttrap.exe, antivermins.exe, ishost.exe, mscornet.exe.
That’s it! In order to avoid the malicious spyware and adware in the future, educate yourselves and be careful with ActiveX Components, Toolbars and JavaScript plugins.
My Best Suggestion is to Download a Free Antvirus, Update it completely and Scan you computer.
Saturday, August 1, 2009
Error: “Excel cannot access example.xls. The Document may be read only or encrypted”
This is happening because you are accesssing a file which has read only permission or permission not set at all...
Resolution:
- In case of FAT file format, Simply go to properties of that particular file and uncheck the read only check box. if the box is not ticked, then tick and un-tick it and apply. This will replace the file permission.
- If NTFS file format, Go to folder Option > View > Uncheck “use simple file sharing”.Note: This will enable the security tab in "XP NTFS File Format"
- Now right click on the file or folder you are accessing.
- Properties > security tab
- If the entire or required user groups exist, check for the recommended permissions for the particular users.Now click on advance tab and check “replace permissions entries on all child objects....”
- If the entire or required user groups doesn’t exists, Click on Add, Select users > Type the users name as per the recommendation.Click advance tab and “replace permissions entries on all child objects…”
This will Enable the required permission to access that particular file.
Saturday, July 11, 2009
How you can uninstall deep freeze when you forget password?
How to Uninstall Deep Freeze for Windows 2000/XP/Vista without the password.
Note: Without a complete uninstallation you may not be able to reinstall Deep Freeze on your system.
What we are going to do is edit the registry and delete the startup references to Deep Freeze. This will prevent the Deep Freeze driver from starting up the next time you boot. (c:\windows\system32\drivers\deepfrz.sys)
1. First we need a way to edit the registry. The way to do this depends on your situation. If your computer is thawed you can simply use Regedit. If your computer is frozen or if it doesn't boot you'll need to find another way. Here are some alternatives:
If you have a multiboot computer with another copy of Windows 2K/XP you can boot from there. Or, you can physically mount the disk on another computer that uses Windows 2K/XP.
You will probably use a tool that lets you boot and edit the registry. A good example of this is PE Builder that lets you build a Windows PE CD and boot Windows from there. Or use Bart's, http://www.nu2.nu/pebuilder/ or Winternals ERD Commander. There are several, including some USB memory sticks capable of booting like a CD. The goal here is to boot separately from your hard drive and access it while it is "asleep".
2. If your computer is thawed run Regedit. If it's not thawed follow one of the alternatives described above, and run Regedit (or Regedt32 on Windows 2K).
3. On the Find dialog box type UpperFilters and check only the Values checkbox. Then click Find Next.
4. The program will find a value with the name UpperFilters. Open this value and if there's a line with the name of the Deep Freeze driver (DeepFrz or DepFrzLo) delete it including the return, leaving the rest of the lines intact. Also, if you are using ThawSpace and you want to get rid of it delete that line too (ThwSpace), if you want to keep the ThawSpace leave it there. Press F3 to find the next match and repeat the operation until you have fixed all the UpperFilters values inside the HKLM\MySystem key.
5. Navigate to HKLM\MySystem\Select and check the value with the name Default. It has the number of the control set key that the system will use when booted. If it is 1 the control set is ControlSet001, if it is 2 the control set is ControlSet002, and so on. We'll assume the control set is ControlSet001 but you should use the one specified by the value Default.
6. Now go to HKLM\MySystem\ControlSet001\Services and delete the keys with the name of the Deep Freeze drivers (DeepFrz or DepFrzLo and DepFrzHi). Also, if you decided to get rid of the ThawSpace delete the key with the name of the ThawSpace driver (ThwSpace).
7. That's it. Now reboot and Deep Freeze will not load.
QUESTION: What if the BIOS settings prevent me from booting from CD or USB? Answer: Deep Freeze prevents you from decrypting the BIOS password, but it does not prevent removing it, if you have the right tool! Most of the BIOS hacking programs will not work to remove the BIOS password on a Deep Freeze protected computer, but CmosPwd by Christophe Grenier does: http://www.cgsecurity.org/wiki/CmosPwd#CmosPwd_Download
You'll need to know how to use a command line and install the driver. Yes, it uses a driver to remove the BIOS password. But it works, even on Deep Freeze protected computers. Use CmosPwd to remove the BIOS password and reset the default BIOS settings. Then you'll be able to boot from CD or USB and edit your computer's registry and remove the DeepFrz, DepFrzLo, and DepFrzHi references which start Deep Freeze.
Now here is a little known secret: Faronics (the makers of Deep Freeze) uses a special driver to remove broken or malicious Deep Freeze installations. They do not have any backdoor passwords, so they use a special driver to remove a Deep Freeze installation where the password is not known or that someone is having trouble with. Will they send it to you, or even admit to you that they have it? I don't know. But, even if you do have it, you will still have to boot separately from the hard drive and replace the existing Deep Freeze driver with the special one and reboot. And after that, you need to use a Deep Freeze installation file to fully uninstall Deep Freeze (it will be thawed when you boot up with the special driver). If you want to re-install Deep Freeze, you'll have to first delete the special driver too.
Only a few people have this driver. It is the only solution Faronics has for those who need to remove Deep Freeze without the password. And, like I said, you will have to be able to boot from CD or USB and access the NTFS hard drive. If the boot-up order is locked (hard drive first and only) in BIOS settings, use CmosPwd to reset BIOS and boot order. Then you can boot from CD or USB.
Booting from CD or USB and removing the registry references works also, but then you should uninstall Deep Freeze with an installation file once you are able to boot thawed.
If you are dealing with a trial version of Deep Freeze, just forward the BIOS date past 60 days and then restart.
If anyone is wondering if Deep Freeze has ever been hacked, the answer is "yes" it has, several times over the years. Most of the time these were weaknesses that Faronics was able to quickly fix or prevent. However, there was one hacker that really, REALLY gave them headaches. His name was Emiiano Scavuzzo from Argentina. http://usuarios.arnet.com.ar/fliamarconato/pages/emain.html He was really good at low level programming and used OllyDbg http://www.ollydbg.de/ to come up with about five versions of his "Deep Unfreezer" which gave Faronics their greatest challenge to date. Deep Unfreezer now only works on older versions of Deep Freeze.
Faronics is doing very, very well right now (as of 2008). They sold Apple Computer their Mac version of Deep Freeze, which, if you know how to look for it in the Applications folder on a Mac, is used in all the Apple Stores on both their desktops and their laptops. So, if you're ever in a Mac store playing around with PhotoBooth or whatever, and the computer settings are all messed up, just restart the Mac and thank Deep Freeze.
Do I have a copy of that special driver? I'll never tell. ;-)Thursday, June 11, 2009
How to Block websites from accessing.
This can be done if you are giving access to someone else to use your personal computer. since you don't want them to access any site which you wanted to prevent accessing from your PC, you can go through this.
It is the simplest and advanced way of blocking site instead of using some third party application to block such.
To Do:
Open CMD / Command Prompt
Type: "notepad c:/windows/system32/drivers/etc/hosts"
When pressed enter after typing the notepad window pops up with the hosts file's details.
or the other way to open is open "C:\WINDOWS\system32\drivers\etc"
here drag and drop the "hosts" file into a notepad.
here locate the line "127.0.0.1 localhost".
To Block a website e.g.: google
type below the line "127.0.0.1 localhost"
127.0.0.1 www.google.com
127.0.0.1 google.com
127.0.0.1 www.google.co.in/uk/za etc.....
127.0.0.1 google.co.in/uk/za etc.....
Save the file(do not save as anything or it wont work)