PC Solution Centre: 2009

Tuesday, December 15, 2009

SBS 2008 and Virtualization

SBS 2008 and Virtualization
Possibly one of the most exciting topics in the market today – well perhaps not as exciting as SBS, but close!
Earlier this week we ran a special session for our partners covering the intended support details for running Windows Small Business Server 2008 in a virtual environment. We know that as you’re planning for the future deployments of SBS it’s important to know what scenarios we’re going to be supporting and how to identify which customers could potentially be virtualized.
You can view the webcast by going here. You’ll need to be a registered partner, but it’s a simple process to sign up.
We also thought we should share some of the details of the scenarios, and some of the common benefits of running these configurations.
Scenario One: Virtualizing the SBS Standard Server

In this configuration the SBS Standard server is virtualized on a single physical server. In this diagram we show an instance of the forthcoming Hyper-V server as the Parent Partition, but you could purchase a copy of Windows Server Standard instead. It is not supported to deploy the SBS Standard Server as a Parent partition.
This is a great scenario for low load environments, especially if over time their hardware requirements change.
Of course there are considerations for this type of deployment. First up the fax service is not supported. This due to the com port requirements of the fax service, and child partitions not supporting the connection to such devices.
Secondly backup services change. Again due to the way that child partitions present USB devices, you’ll instead need to mount the USB drive to the parent partition, and connect a newly created VHD to the child SBS Standard VM.
Scenario Two: Virtualizing the SBS Standard and Premium Servers

In this scenario a customer could use the Premium server to run as the Parent partition, with the Standard SBS server running as a child partition. It’s worth calling out also in this example that if the Parent Partition is only supporting virtualization then that license can also be deployed a child partition to support additional roles.
The great thing about this scenario is that you can virtualize SBS premium take full advantage of the licensing and consolidate your entire environment on to one server. Bare in mind that you’ll still need to adhere to the hardware requirements for each VM as you would if they were virtual.
Of course the same scenarios occur when it comes to backup and fax service.
Scenario Three: Keeping SBS Standard Physical and using Premium as a Virtualization Parent

In this final scenario the customer would deploy the SBS Standard Server on Physical hardware and then deploy the Premium server as the Hyper-V Host on a second physical machine. In this scenario you maintain the physical isolation of the Standard Server and it’s services, whilst utilizing the Premium server as a virtualization parent. In this case the same licensing applies, whereby if you only deploy virtualization services on the parent partition on the Premium server, you can then deploy that server as a child to run alternative roles for no additional licensing increment.

Finally it’s worth pointing out that we’re in the final stages of completing documentation which will be published to Technet. Once we’ve posted it there, we’ll let you know.

Windows Server 2008

How to install Windows Server 2008 without activating it
1. Run the Windows Server 2008 Setup program.
2. When you are prompted to enter a product key for activation, do not enter a key. Click No when Setup asks you to confirm your selection.
3. You may be prompted to select the edition of Windows Server 2008 that you want to evaluate. Select the edition that you want to install.

Note After Windows Server 2008 is installed, the edition cannot be changed without reinstalling it.
4. When you are prompted, read the evaluation terms in the Microsoft Software License Terms, and then accept the terms.
5. When the Windows Server 2008 Setup program is finished, your initial 60-day evaluation period starts. To check the time that is left on your current evaluation period, run the Slmgr.vbs script that is in the System32 folder. Use the -dli switch to run this script. The slmgr.vbs -dli command displays the number of days that are left in the current 60-day evaluation period.

How to manually extend the evaluation period
When the initial 60-day evaluation period nears its end, you can run the Slmgr.vbs script to reset the evaluation period. To do this, follow these steps:
1. Click Start, and then click Command Prompt.
2. Type slmgr.vbs -dli, and then press ENTER to check the current status of your evaluation period.
3. To reset the evaluation period, type slmgr.vbs –rearm, and then press ENTER.
4. Restart the computer.
This resets the evaluation period to 60 days.
How to automate the extension of the evaluation period
You may want to set up a process that automatically resets the evaluation period every 60 days. One way to automate this process is by using the Task Scheduler. You can configure the Task Scheduler to run the Slmgr.vbs script and to restart the server at a particular time.

Saturday, November 21, 2009

Microsoft New Edition 2010.

Office 2010 will mark the debut of free online versions of Word, Excel, PowerPoint, and OneNote, which will work in popular web browsers (Windows Internet Explorer, Mozilla Firefox, Google Chrome, and Apple Safari) but not in the Opera browser. Microsoft has confirmed that it will be released during Spring 2010, and a public beta was made available in November 2009.[7] A new edition of Office, Office Starter 2010, will replace the current low-end home productivity software, Microsoft Works.

Click the title and u'll find the deep study about the Microsoft 2010 edition

Tally Multiple line guide

just click the title u'll find how to multiple lines narrations in the tally.

Friday, October 16, 2009

Types of Servers

A Server is a computer or device on a network that manages network resources. For example, a file server is a computer and storage device dedicated to storing files Any user on the network can store files on the server. A print server is a computer that manages one or more printers and a network server is a computer that manages network traffic.
Servers are often dedicated, meaning that they perform no other tasks besides their server tasks. On multiprocessing operating systems however, a single computer can execute several programs at once. A server in this case could refer to the program that is managing resources rather than the entire computer.

What is Server Platform?

A term often used synonymously with operating system. A platform is the underlying hardware or software for a system and is thus the engine that drives the server.

Server types

Application Servers:

Sometimes referred to as a type of middleware, application servers occupy a large chunk of computing territory between database servers and the end user, and they often connect the two.
Middleware is a software that connects two otherwise separate applications For example, there are a number of middleware products that link a database system to a Web server This allows users to request data from the database using forms displayed on a Web browser and it enables the Web server to return dynamic Web pages based on the user's requests and profile.
The term middleware is used to describe separate products that serve as the glue between two applications. It is, therefore, distinct from import and export features that may be built into one of the applications. Middleware is sometimes called plumbing because it connects two sides of an application and passes data between them. Common middleware categories include:
* TP monitors
* DCE environments
* RPC systems
* Object Request Brokers (ORBs)
* Database access systems
* Message Passing

Audio/Video Servers

Audio/Video servers bring multimedia capabilities to Web sites by enabling them to broadcast streaming multimedia content. Streaming is a technique for transferring data such that it can be processed as a steady and continuous stream. Streaming technologies are becoming increasingly important with the growth of the Internet because most users do not have fast enough access to download large multimedia files quickly. With streaming, the client browser or plug-in can starts displaying the data before the entire file has been transmitted.
For streaming to work, the client side receiving the data must be able to collect the data and send it as a steady stream to the application that is processing the data and converting it to sound or pictures. This means that if the streaming client receives the data more quickly than required, it needs to save the excess data in a buffer If the data doesn't come quickly enough, however, the presentation of the data will not be smooth.
There are a number of competing streaming technologies emerging. For audio data on the Internet, the de facto standard is Progressive Network's RealAudio.

Chat Servers

Chat servers enable a large number of users to exchange information in an environment similar to Internet newsgroups that offer real-time discussion capabilities. Real time means occurring immediately. The term is used to describe a number of different computer features. For example, real-time operating systems are systems that respond to input > immediately. They are used for such tasks as navigation, in which the computer must react to a steady flow of new information without interruption. Most general-purpose operating systems are not real-time because they can take a few seconds, or even minutes, to react.
Real time can also refer to events simulated by a computer at the same speed that they would occur in real life. In graphics animation, for example, a real-time program would display objects moving across the screen at the same speed that they would actually move.

Fax Servers

A fax server is an ideal solution for organizations looking to reduce incoming and outgoing telephone resources but that need to fax actual documents.

FTP Servers

One of the oldest of the Internet services, File Transfer Protocol makes it possible to move one or more files securely between computers while providing file security and organization as well as transfer control.

Groupware Servers

A GroupWare server is software designed to enable users to collaborate, regardless of location, via the Internet or a corporate Intranet and to work together in a virtual atmosphere.

IRC Servers

An option for those seeking real-time capabilities, Internet Relay Chat consists of various separate networks (or "nets") of servers that allow users to connect to each other via an IRC network.

List Servers

List servers offer a way to better manage mailing lists, whether they are interactive discussions open to the public or one-way lists that deliver announcements, newsletters, or advertising.

Mail Servers

Almost as ubiquitous and crucial as Web servers, mail servers move and store mail over corporate networks via LANs and WANs and across the Internet.

News Servers

News servers act as a distribution and delivery source for the thousands of public news groups currently accessible over the USENET news network. USENET is a worldwide bulletin board system that can be accessed through the Internet or through many online services The USENET contains more than 14,000 forums called newsgroups that cover every imaginable interest group. It is used daily by millions of people around the world.

Proxy Servers

Proxy servers sit between a client program typically a Web browser and an external server (typically another server on the Web) to filter requests, improve performance, and share connections.

Telnet Servers

A Telnet server enables users to log on to a host computer and perform tasks as if they're working on the remote computer itself.

Web Servers

At its core, a Web server serves static content to a Web browser by loading a file from a disk and serving it across the network to a user's Web browser. The browser and server talking to each other using HTTP mediate this entire exchange.

Saturday, October 3, 2009

How to convert capital letters to lower case letters

1. You had the Caps Lock key set for the entire document or
2. You typed the document in a font with All Caps or Small Caps set.

In the first situation, do this:

1. Select all the text by pressing CTRL/A.
2. Press SHIFT/F3 repeatedly to cycle through three types of cases: UPPER, lower and Sentence.

In the second situation, do this:

1. Select all the text by pressing CTRL/A.
2. Click in the text and select Font from the pop-up menu.
3. Uncheck the All Caps and Small Caps checkboxes.
4. Click OK.

Wednesday, September 30, 2009

Microsoft Security Essentials Now Available

Microsoft releases its free antivirus suite

Microsoft first released a public beta of its Security Essentials antivirus suite back in June and it was met with mostly positive reviews. The public beta was only open for the first 75,000 downloaders and that limit was reached rather quickly.

Today, however, Microsoft has released the final version of Security Essentials and anyone running Windows XP, Windows Vista, or Windows 7 can download it for free. Microsoft Security Essentials offers basic antivirus, spyware, and malware protection -- it also offers real-time protection and regularly updated malware signature files via Microsoft's Dynamic Signature Service.

Since Microsoft Security Essentials provides the bare minimum protections for a Windows-based machine, other niceties such as a firewall and multi-PC management are not available. This should appease Microsoft's competitors in the anti-malware software segment.

Those who wish to try out the software can download it directly from the Microsoft Security Essentials website. The download requires that your PC pass Windows Genuine Advantage checks, so only legit Windows users will have access to the software.

Tuesday, September 29, 2009

How to remove this virus:

Step 1: Press CTRL+ALT+DEL (Task Manager Opens up) and go to the processes tab
Look for svchost.exe under the image name. There will be many but look for the ones which have your username under the username
Press DEL to kill these files. It will give you a warning, Press Yes
Repeat for more svchost.exe files with your username and repeat. Do not kill svchost.exe with system, local service or network service!

Step 2: Now open My Computer
In the address bar, type C:\heap41a and press enter. It is a hidden folder, and is not visible by default.
Delete all the files here

Step 3: Now go to Start –> Run and type Regedit
Go to the menu Edit –> Find
Type “heap41a” here and press enter. You will get something like this “[winlogon] C:\heap41a\svchost.exe C:\heap(some number)\std.txt”
Select that and Press DEL. It will ask “Are you sure you wanna delete this value”, click Yes. Now close the registry editor.
Now the virus is gone.

Step 4: Over to Pendrive:
But be sure to delete the autorun.inf file and any folder whose name ends with .exe in the pen drive. (thanks to Savita at Mozillazine)

Thats it...!

Monday, September 28, 2009

How to Delete Run History in Windows

Steps

1. Go to Start → Run.
2. In the text field, type regedit and hit enter to open the Registry Editor.
3. Navigate to HKEY_CURRENT_USER → Software → Microsoft → Windows → CurrentVersion → Explorer → RunMRU.
4. On the right panel, you will find the programs that you have used when accessing the RUN command. They will be listed as a, b, c, etc.
5. Right-click on the program you want to delete and click on Delete.
6. Click Yes in the next dialog box to confirm. You will then need to restart your computer for the changes to take effect.

Run history to be automatically deleted every time you start your computer, then go to the following location in the Registry Editor:

HKEY_CURRENT_USER → Software → Microsoft → Windows → CurrentVersion → Policies → Explorer. There on the right hand side panel look for ClearRecentDocsOnExit, double click on it and type in its value as 1 and make sure Hexadecimal is selected. Then just click on OK and close the Registry Editor.
• A good thing also to do is to create a restore point using system restore: start, All programs, Accessories, System tools, System restore. This is only if things go wrong you can go back to before this happened

Steps to remove the little paragraph symbols and arrows in microsoft word!

1. Click on the "¶" in the drawing tool bar.

2. This buttion is used to reveal formatting.

3. uncheck the “SHOW ALL FORMATTING MARKS” which is in the bottom of the right end.

Thats all...

Saturday, September 26, 2009

Add RemoteApp programs and configure global deployment settings

After you have prepared the terminal server to host RemoteApp programs, you can use TS RemoteApp Manager to do the following:
• Add programs to the RemoteApp Programs list
• Configure global deployment settings
In TS RemoteApp Manager, you can also delete, modify, import RemoteApp programs and settings from another terminal server, or export RemoteApp programs and settings to another terminal server. For more information, see Manage RemoteApp programs and settings.
Add programs to the RemoteApp Programs list
To make a RemoteApp program available to users through any distribution mechanism, you must add the program to the RemoteApp Programs list. By default, programs that you add to the list are configured to be available through TS Web Access.
To add a program to the RemoteApp Programs list
1. Start TS RemoteApp Manager. To do this, click Start, point to Administrative Tools, point to Terminal Services, and then click TS RemoteApp Manager.
2. In the Actions pane, click Add RemoteApp Programs.
3. On the Welcome to the RemoteApp Wizard page, click Next.
4. On the Choose programs to add to the RemoteApp Programs list page, select the check box next to each program that you want to add to the RemoteApp Programs list. You can select multiple programs.
Note

The programs that are shown on the Choose programs to add to the RemoteApp Programs list page are the programs that are found on the All Users Start menu on the terminal server. If the program that you want to add to the RemoteApp Programs list is not in the list, click Browse, and then specify the location of the program's .exe file.
5. To configure the properties for a RemoteApp program, click the program name, and then click Properties. You can configure the following:
o The program name that will appear to users. To change the name, type a new name in the RemoteApp program name box.
o The path of the program executable file. To change the path, type the new path in the Location box, or click Browse to locate the .exe file.
Note

You can use system environment variables in the path name. For example, you can substitute %windir% for the explicit path of the Windows folder (such as C:\Windows). You cannot use per user environment variables.
o The alias for the RemoteApp program. The alias is a unique identifier for the program that defaults to the program's file name (without the extension). We recommend that you do not change this name.
o Whether the RemoteApp program is available through TS Web Access. By default, the RemoteApp program is available through TS Web Access setting is enabled. To change the setting, select or clear the check box.
o Whether command-line arguments are allowed, not allowed, or whether to always use the same command-line arguments.
o The program icon that will be used. To change the icon, click Change Icon.
6. When you are finished configuring program properties, click OK, and then click Next.
7. On the Review Settings page, review the settings, and then click Finish.
The programs that you selected should appear in the RemoteApp Programs list.
Configure global deployment settings
You can configure global deployment settings that apply to all RemoteApp programs in the RemoteApp Programs list. These settings will apply to any RemoteApp program that you make available through TS Web Access. Additionally, these settings will be used as the default settings if you create .rdp files or Windows Installer packages from any of the listed RemoteApp programs.
Note

Any changes to deployment settings that you make when you use TS RemoteApp Manager to create .rdp files or Windows Installer packages will override the global settings.

Install programs on the terminal server

We recommend that you install programs on the terminal server after you have installed the Terminal Server role service. If you install a program from a Windows Installer package, the program will automatically install in Terminal Server Install mode. If you are installing from another kind of Setup package, use either of the following methods to put the server into Install mode:
• Use the Install Application on Terminal Server option in Control Panel to install the program.
• Before you install a program, run the change user /install command from the command line. After the program is installed, run the change user /execute command to exit from Install mode.
If you have programs that are related to each other or have dependencies on each other, we recommend that you install the programs on the same terminal server. For example, we recommend that you install Microsoft Office as a suite instead of installing individual Office programs on separate terminal servers.
You should consider putting individual programs on separate terminal servers in the following circumstances:
• The program has compatibility issues that may affect other programs.
• A single program and the number of associated users may fill server capacity.
Verify remote connection settings
By default, remote connections are enabled after you install the Terminal Server role service. You can use the following procedure to add users and groups that need to connect to the terminal server, and to verify or to change remote connection settings.
To verify remote connection settings
1. Start the System tool. To do this, click Start, click Run, type control system in the Open box, and then click OK.
2. Under Tasks, click Remote settings.
3. In the System Properties dialog box, on the Remote tab, ensure that the Remote Desktop connection setting is configured correctly, depending on your environment. You can select either of the following options:
o Allow connections from computers running any version of Remote Desktop (less secure)
o Allow connections only from computers running Remote Desktop with Network Level Authentication (more secure)
For more information about the two options, on the Remote tab, click the Help me choose link.
4. To add the users and groups that need to connect to the terminal server by using Remote Desktop, click Select Users, and then click Add.
The users and groups that you add are added to the Remote Desktop Users group.
Note

Members of the local Administrators group can connect even if they are not listed.
5. When you are finished, click OK to close the System Properties dialog box.

Install the Terminal Server role service

1. Open Server Manager. To open Server Manager, click Start, point to Administrative Tools, and then click Server Manager.
2. Under Roles Summary, click Add Roles.
3. On the Before You Begin page of the Add Roles Wizard, click Next.
4. On the Select Server Roles page, select the Terminal Services check box, and then click Next.
5. On the Terminal Services page, click Next.
6. On the Select Role Services page, select the Terminal Server check box, and then click Next.
7. On the Uninstall and Reinstall Applications for Compatibility page, review the information, and then click Next.
8. On the Specify Authentication Method for Terminal Server page, select the desired authentication method, and then click Next.
9. On the Specify Licensing Mode page, select the licensing mode that applies to your Terminal Services environment, and then click Next.
10. On the Select User Groups Allowed Access To This Terminal Server page, add any users or groups that you want to add to the Remote Desktop Users group, and then click Next.
11. On the Confirm Installation Selections page, verify that the Terminal Server role service will be installed, and then click Install.
12. On the Installation Results page, you are prompted to restart the server to finish the installation process. Click Close, and then click Yes to restart the server.
13. After the server restarts, the Resume Configuration Wizard completes the installation. When you see an Installation succeeded status message on the Installation Results page, click Close.

Tuesday, September 22, 2009

How to Remove the Popup Ads in Avira Antivir

While Avira Antivir has one of the best detection rates of all antivirus, one of the main disadvantages is that after updating, you get annoying full-screen ads nagging you to upgrade. To remove these, read on

Steps
Windows 2000 / Windows XP Pro
1. Go to Start > Run.
2. Type gpedit.msc and click OK.
3. Navigate through User Configuration > Administrative Templates > System.
4. Double click "Don't run specified Windows applications".
5. Enable it and click show.
6. Add "avnotify.exe".
7. Click OK on all open windows.
8. Restart.
Alternate:
1. Start > Run: secpol.msc (You can also access this program through 'Control Panel > Administrative Tools > Local Security Policy' this is useful if it is easier the location of this rather than the file name)
2. Right click "Software Restriction Policies," Choose "New Software Restriction Policies." (Skip this step if there are subfolders in Software Restriction Policies already.)
3. Right Click "Additional Rule" folder > New Path Rule.
4. Where it says Path, Type the path of avnotify.exe on your computer, or use the Browse button to find it. (On XP64 using a default install of Avira, the path is: (C:\Program Files (x86)\Avira\AntiVir PersonalEdition Classic\avnotify.exe)
5. Make sure the "Security Level" Dropdown menu is selected as "Disallowed"
6. If you would like to make sure it went through correctly, open the Additional Rules folder, and verify the path and security level.
7. Enjoy the absence of nag windows.

Windows XP Home
1. Boot into Safe Mode.
2. Log into an account with administrator privileges.
3. Open [driveinstalledon]:\Program Files\Avira\AntiVir PersonalEdition Classic.
4. Right click on avnotify.exe and go to Properties > Security > Advanced.
5. Click on Edit-> Traverse Folder / Execute File-> deny-> OK.
6. Repeat for all users.
7. Reboot your computer normally.

Windows Vista Business/Ultimate
1. Open the control panel through Start > Control Panel.
2. Go to Administrative Tools > Local security policy.
3. Click on Software Restriction Policy > Action > Create new restriction policy.
4. Right-click, and go to additional rules > new path rule.
5. Click Browse and navigate to C:\Program Files\Avira\AntiVir Desktop\ and double-click avnotify.exe.
6. Set the security level to Disallowed.
7. Click apply and OK.

Windows Vista Home
1. Go to C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe for the current version, 9. For earlier versions, go to C:\Program Files\Avira\AntiVir PersonalEdition Classic\avnotify.exe.
2. Right-click avnotify.exe and go to Properties > Security.
3. Under the group or username SYSTEM, click edit.
4. Put a checkmark under the DENY column for "read and execute".

Tips
• Before giving up, try setting a restriction on avnotify.dll as well.
• An easier way to do this is just to pay for Avira AntiVir Premium, if you are satisfied with the free version.
• Another way suggested by some users to handle this problem is to use a program called Clickoff. You can download it at: http://www.johanneshuebner.com/en/clickoff.shtml

Disable password complexity

1. Start --> Run --> GPMC.msc

2. Expand 'Forest:' --> Domains --> 'Your Domain'

3. Right click 'Default Domain Policy' and choose 'Edit'

4. Expand: 'Computer Configuration' --> 'Policies' --> 'Windows Settings' --> 'Security Settings' --> 'Account Policy' --> 'Password Policy'

5. On the right pane, double click 'Password must meet complexity requirements'

6. Change to 'Disable'

7. Start --> Run --> gpupdate

Tuesday, September 15, 2009

Manual steps to remove the Win32/Conficker virus

Notes
• These manual steps are not required any longer and should only be used if you have no antivirus software to remove the Conficker virus.
• Depending on the Win32/Conficker variant that the computer is infected with, some of these values referred to in this section may not have been changed by the virus.
The following detailed steps can help you manually remove Conficker from a system:
1. Log on to the system by using a local account.
Important Do not log on to the system by using a Domain account, if it is possible. Especially, do not log on by using a Domain Admin account. The malware impersonates the logged on user and accesses network resources by using the logged on user credentials. This behavior allows for the malware to spread.
2. Stop the Server service. This removes the Admin shares from the system so that the malware cannot spread by using this method.
Note The Server service should only be disabled temporarily while you clean up the malware in your environment. This is especially true on production servers because this step will affect network resource availability. As soon as the environment is cleaned up, the Server service can be re-enabled.

To stop the Server service, use the Services Microsoft Management Console (MMC). To do this, follow these steps:
a. Depending on your system, do the following:
 In Windows Vista and Windows Server 2008, click Start, type services.msc in the Start Search box, and then click services.msc in the Programs list.
 In Windows 2000, Windows XP, and Windows Server 2003, click Start, click Run, type services.msc, and then click OK.
b. Double-click Server.
c. Click Stop.
d. Select Disabled in the Startup type box.
e. Click Apply.
3. Remove all AT-created scheduled tasks. To do this, type AT /Delete /Yes at a command prompt.
4. Stop the Task Scheduler service.
o To stop the Task Scheduler service in Windows 2000, Windows XP, and Windows Server 2003, use the Services Microsoft Management Console (MMC) or the SC.exe utility.
o To stop the Task Scheduler service in Windows Vista or in Windows Server 2008, follow these steps.

Important This section, method, or task contains steps that tell you how to modify the registry. However, serious problems might occur if you modify the registry incorrectly. Therefore, make sure that you follow these steps carefully. For added protection, back up the registry before you modify it. Then, you can restore the registry if a problem occurs. For more information about how to back up and restore the registry, click the following article number to view the article in the Microsoft Knowledge Base:
322756 (http://support.microsoft.com/kb/322756/ ) How to back up and restore the registry in Windows
a. Click Start, type regedit in the Start Search box, and then click regedit.exe in the Programs list.
b. Locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule
c. In the details pane, right-click the Start DWORD entry, and then click Modify.
d. In the Value data box, type 4, and then click OK.
e. Exit Registry Editor, and then restart the computer.

Note The Task Scheduler service should only be disabled temporarily while you clean up the malware in your environment. This is especially true on Windows Vista and Windows Server 2008 because this step will affect various built-in Scheduled Tasks. As soon as the environment is cleaned up, re-enable the Server service.
5. Download and manually install security update 958644 (MS08-067). For more information, visit the following Microsoft Web site:
http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx (http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx)
Note This site may be blocked because of the malware infection. In this scenario, you must download the update from an uninfected computer, and then transfer the update file to the infected system. We recommend that you burn the update to a CD because the burned CD is not writable. Therefore, it cannot be infected. If a recordable CD drive is not available, a removable USB memory drive may be the only way to copy the update to the infected system. If you use a removable drive, be aware that the malware can infect the drive with an Autorun.inf file. After you copy the update to the removable drive, make sure that you change the drive to read-only mode, if the option is available for your device. If read-only mode is available, it is typically enabled by using a physical switch on the device. Then, after you copy the update file to the infected computer, check the removable drive to see whether an Autorun.inf file was written to the drive. If it was, rename the Autorun.inf file to something like Autorun.bad so that it cannot run when the removable drive is connected to a computer.
6. Reset any Local Admin and Domain Admin passwords to use a new strong password. For more information, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/cc875814.aspx (http://technet.microsoft.com/en-us/library/cc875814.aspx)
7. In Registry Editor, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost
8. In the details pane, right-click the netsvcs entry, and then click Modify.
9. If the computer is infected with the Win32/Conficker virus, a random service name will be listed.

Note With Win32/Conficker.B, the service name was random letters and was at the bottom of the list. With later variants, the service name may be anywhere in the list and may seem to be more legitimate. If the random service name is not at the bottom, compare your system with the "Services table" in this procedure to determine which service name may have been added by Win32/Conficker. To verify, compare the list in the "Services table" with a similar system that is known not to be infected.

Note the name of the malware service. You will need this information later in this procedure.
10. Delete the line that contains the reference to the malware service. Make sure that you leave a blank line feed under the last legitimate entry that is listed, and then click OK.

Notes about the Services table
o All the entries in the Services table are valid entries, except for the items that are highlighted in bold.
o The items that are highlighted in bold are examples of what the Win32/Conficker virus may add to the netsvcs value in the SVCHOST registry key.
o This may not be a complete list of services, depending on what is installed on the system.
o The Services table is from a default installation of Windows.
o The entry that the Win32/Conficker virus adds to the list is an obfuscation technique. The highlighted, malicious entry that is supposed to resemble the first letter is a lowercase "L." However, it is actually an uppercase "I." Because of the font that is used by the operating system, the uppercase "I" seems to be a lowercase "L."

11. In a previous procedure, you noted the name of the malware service. In our example, the name of the malware entry was "Iaslogon." Using this information, follow these steps:
1. In Registry Editor, locate and then click the following registry subkey, where BadServiceName is the name of the malware service:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BadServiceName
For example, locate and then click the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Iaslogon
2. Right-click the subkey in the navigation pane for the malware service name, and then click Permissions.
3. In the Permissions Entry for SvcHost dialog box, click Advanced.
4. In the Advanced Security Settings dialog box, click to select both of the following check boxes:
Inherit from parent the permission entries that apply to child objects. Include these with entries explicitly defined here.

Replace permission entries on all child objects with entries shown here that apply to child objects.
12. Press F5 to update Registry Editor. In the details pane, you can now see and edit the malware DLL that loads as "ServiceDll." To do this, follow these steps:
1. Double-click the ServiceDll entry.
2. Note the path of the referenced DLL. You will need this information later in this procedure. For example, the path of the referenced DLL may resemble the following:

%SystemRoot%\System32\doieuln.dll

Rename the reference to resemble the following:

%SystemRoot%\System32\doieuln.old

3. Click OK.
13. Remove the malware service entry from the Run subkey in the registry.
1. In Registry Editor, locate and then click the following registry subkeys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
2. In both subkeys, locate any entry that begins with "rundll32.exe" and also references the malware DLL that loads as "ServiceDll" that you identified in step 12b. Delete the entry.
3. Exit Registry Editor, and then restart the computer.
14. Check for Autorun.inf files on any drives on the system. Use Notepad to open each file, and then verify that it is a valid Autorun.inf file. The following is an example of a typical valid Autorun.inf file.

[autorun]

shellexecute=Servers\splash.hta *DVD*

icon=Servers\autorun.ico

A valid Autorun.inf is typically 1 to 2 kilobytes (KB).
15. Delete any Autorun.inf files that do not seem to be valid.
16. Restart the computer.
17. Make hidden files visible. To do this, type the following command at a command prompt:
reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL /v CheckedValue /t REG_DWORD /d 0x1 /f
18. Set Show hidden files and folders so that you can see the file. To do this, follow these steps:
1. In step 12b, you noted the path of the referenced .dll file for the malware. For example, you noted a path that resembles the following:
%systemroot%\System32\doieuln.dll
In Windows Explorer, open the %systemroot%\System32 directory or the directory that contains the malware.
2. Click Tools, and then click Folder Options.
3. Click the View tab.
4. Select the Show hidden files and folders check box.
5. Click OK.
19. Select the .dll file.
20. Edit the permissions on the file to add Full Control for Everyone. To do this, follow these steps:
1. Right-click the .dll file, and then click Properties.
2. Click the Security tab.
3. Click Everyone, and then click to select the Full Control check box in the Allow column.
4. Click OK.
21. Delete the referenced .dll file for the malware. For example, delete the %systemroot%\System32\doieuln.dll file.
22. Enable the BITS, Automatic Updates, Error Reporting, and Windows Defender services by using the Services Microsoft Management Console (MMC).
23. Turn off Autorun to help reduce the effect of any reinfection. To do this, follow these steps:
1. Depending on your system, install one of the following updates:
* If you are running Windows 2000, Windows XP, or Windows Server 2003, install update 967715. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
967715 (http://support.microsoft.com/kb/967715/ ) How to disable the Autorun functionality in Windows
* If you are running Windows Vista or Windows Server 2008, install security update 950582. For more information, click the following article number to view the article in the Microsoft Knowledge Base:
950582 (http://support.microsoft.com/kb/950582/ ) MS08-038: Vulnerability in Windows Explorer could allow remote code execution
Note Update 967715 and security update 950582 are not related to this malware issue. These updates must be installed to enable the registry function in step 23b.
2. Type the following command at a command prompt:
reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer /v NoDriveTypeAutoRun /t REG_DWORD /d 0xff /f
24. If the system is running Windows Defender, re-enable the Windows Defender autostart location. To do this, type the following command at the command prompt:
reg.exe add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "Windows Defender" /t REG_EXPAND_SZ /d "%ProgramFiles%\Windows Defender\MSASCui.exe –hide" /f
25. For Windows Vista and later operating systems, the malware changes the global setting for TCP Receive Window Autotuning to disabled. To change this setting back, type the following command at a command prompt:
netsh interface tcp set global autotuning=normal

If, after you complete this procedure, the computer seems to be reinfected, either of the following conditions may be true:

* One of the autostart locations was not removed. For example, either the AT job was not removed or an Autorun.inf file was not removed.
* The security update for MS08-067 was installed incorrectly.

This malware may change other settings that are not addressed in this article. Please visit the following Microsoft Malware Protection Center Web page for the latest details about Win32/Conficker:
http://www.microsoft.com/security/portal/Entry.aspx?Name=Win32/Conficker (http://www.microsoft.com/security/portal/Entry.aspx?Name=Win32/Conficker)

Tuesday, September 8, 2009

Why does Internet Connection Sharing not install File and Printer Sharing by default. Therefore?

To install File and Printer Sharing:
1. Click Start, point to Settings, click Control Panel, and then double-click Network.
2. Click Add, click Services, and then double-click File and Printer Sharing for Microsoft Networks.
3. Double-click TCP/IP (shared)->External Adapter (or Dial-Up Adapter if a dial-up connection is used).
4. Click OK, and then click the Bindings tab. Click to clear the File and Printer Sharing check box.
5. Click OK.
6. Click OK, and then restart the computer when you are prompted.
Sharing Folders or Printers
File and Printer Sharing must be installed on any computer on which folders or printers will be shared on the network.
To share a folder or printer, use the right mouse button to click a folder (Microsoft Windows 98 and Microsoft Windows 95 are unable to share specific files) or printer, click Sharing, click Share As, type a name for the share, select the access level, and click OK.
To map a network drive, use the right mouse button to click Network Neighborhood, and then click Map Network Drive.
Type \\computername\sharename, where computername is the name of the computer sharing the folder or printer, and sharename is the name of the shared folder or printer.
NOTE: Binding File and Printer Sharing to the external adapter and opening the SMB ports on the ICS host makes all shared folders and printers accessible from the Internet and creates a possible security issue. Although ICS is not designed to function as a firewall or provide strong firewall protection, shared files and folders possess a reasonable level of security if configured in the manner described in this article.

How to delete Orkut account and Facebook account

To delete the Orkut account follow the following simple steps:

1) Log in to your orkut accout you wish to delete.

2) Now click Settings link on the left pane on your home page.

3) In the General tab you will notice a section my account in the lower portion of the page.

4) Click the delete my orkut account link provided in this section.

5) You will then notice that a page opens and tells you to click the link delete my account to delete your account. It also tells you that it will take 24 hours to do so.

6) A new window opens which tells to read a note given carefully. Now check the checkbox corresponding to the statement Yes, I want to permanently remove orkut from my Google account.

7) Enter your password in the given textbox.

8) Now click Remove Orkut button.

9) A new window opens that tells you that your account has been deleted.

To delete Facebook account you can do two things:

1) Deactivate your account-This is temporary deactivation of your account. Your phtotos and other material will be saved i.e. you will remain invisible to your friends. You can later Activate your account.

2) Delete your account This will permanently delete your account. Here is the link to delete your account – Delete My Account page.

Steps to deactivate your account

1) Log in to your Facebook account.

2) On the bottom of the page you click the link Account

3) Go to Deactivate Account section at the bottom of the page and click deactivate link.

4) You will then be asked a series of questions. Answer them as per your convenience

5) Now click Deactivate My Account button given at the bottom.

6) You will then be asked to enter some text in a text box. Then click Submit button

7) Your account will be deactivated now.

Wednesday, September 2, 2009

What is the best way to remove a virus? (Computer virus)

In order that downtime be short and losses low, do the minimum that you
must to restore the system to a normal state, starting with booting the
system from a clean diskette (see G8). It is *never* necessary to low-
level format a hard disk to recover from a virus infection!

If backups of infected or damaged files are available and, in making
them, appropriate care was taken to ensure that infected files have not
been included in the backups (see D10), restoring from backup is the
safest solution, even though it can be a lot of work if many files are
involved.

More commonly, a disinfecting program is used, though disinfection is
somewhat controversial and problematic (see E8). If the virus is a boot-
sector infector, you can continue using the computer with relative
safety (if the hard disk's partition table is left intact) by booting
from a clean system diskette. However, it is wise to go through all
your diskettes removing any infections as, sooner or later, you will be
careless and leave an infected diskette in the machine when it reboots,
or give an infected diskette to a someone who doesn't have appropriate
defenses to avoid infection.

Most PC boot-sector infections can be cured by the following simple
process--pay particular care to make the checks in Steps 2 and 3.

Note that removing an MBR virus in the following way may not be
desirable, and may even cause valuable information to be lost. For
instance, the One_Half virus gradually encrypts the infected hard drive
"inwards" (starting from the "end" and moving towards the beginning),
encrypting two more tracks at each boot. The information about the size
of the encrypted area is *only* stored in the MBR. If the virus is
removed using the method above, this information will be irrecoverably
lost and part of the disk with unknown size will remain encrypted.

1. Boot the PC from a clean system floppy--this must be MS-DOS
5.0 or version 6.0 or higher of PC-DOS or DR DOS. This
diskette should carry copies of the DOS utilities MEM, FDISK,
CHKDSK, UNFORMAT and SYS. (See G8 for help on making an
emergency boot diskette.)

2. Check that your memory configuration is "normal" with MEM
(see C10 for assistance here). Check that your hard disk
partitioning is normal--run FDISK and use the "Display
partition information" option to check this. MS-DOS 5.0 (or
later) users can use UNFORMAT /L /PARTN.

3. Try doing a DIR of your hard disk/s (C:, D:, etc).

You should continue with Step 4 *only* if all the tests in
Step 2 and this step pass. Do *NOT* continue if you were
unable to correctly access *all* your hard disks, as you will
quite possibly damage critical information making permanent
data damage or loss more likely.

4. Replace the program (code) part of the MBR by using the MS-,
or PC-DOS FDISK /MBR command. If you use DR DOS 6.0, or
later, select the FDISK menu option "Re-write Master Boot
Record".

5. Replace the DOS boot sector using the command SYS C: (or
whatever is correct for your first hard disk partition). For
this step, the version of DOS on your boot diskette must be
*exactly* the same as is installed on your hard disk (this
may mean you have to first reboot with a clean boot diskette
other than that used in Step 1). If you are using a disk
compression system, such as DoubleSpace of DriveSpace, check
the documentation on how to locate the physical drive on
which the compressed volume is installed, and apply the SYS
command to that instead. Usually this is drive H: or I:.

6. Reboot from your hard disk and check that all is well--if not
(which is unlikely if you made the recommended checks), seek
expert help.

7. As you will get re-infected by forgetting an infected
diskette in your A: drive at boot time, you have to clean all
your floppies as well. This is harder, as there is no simple
way of doing this with standard DOS tools. You can copy the
files from each of your floppies, re-format them and copy the
files back, but this is a very tedious process (and prone to
destructive errors!). At this point you probably should
consider obtaining some good antivirus software.

FDISK /MBR will only overwrite the boot loader code in the MBR of the
*first* hard drive in a system. However, a few viruses will infect both
drives in a two drive system. Although the second hard drive is never
booted from in normal PC configurations, should the second drive from
such a machine ever be used as the first drive in a system, it will
still be infected and in need of disinfecting.

What steps should be taken in diagnosing and identifying viruses? (Computer virus)

Most of the time, a virus scanner program will take care of that for
you. To help identify problems early, run a virus scanner:

1. On new programs and diskettes (write-protect diskettes before
scanning them).
2. When an integrity checker reports a mismatch.
3. When a generic monitoring program sounds an alarm.
4. When you receive an updated version of a scanner (or you have
a chance to run a different scanner than the one you have
been using).

Because of the time required, it is not generally advisable to set a
scanner to check your entire hard disk on every boot.

If you run into an alarm and your scanner doesn't identify anything or
doesn't properly clean up for you, first verify that the version you are
using is the most recent. Then get in touch with a reputable antivirus
researcher, who may ask you to send in a copy of the infected file.
(Also see C9; and F4 if you decide you need to ask for help on Virus-
L/comp.virus.)

Friday, August 28, 2009

VPN Setup & Configurations

Configuring VPN in Windows XP Professional
For configuring the VPN connection, you need to have a static IP address of the remote computer of your company and the host name. You can configure the VPN connection in Windows XP Professional by the following method.
1. Click Start > Control Panel > Click Network and Internet connection > Click Network Connections.
2. Here you need to create new connection and click next
3. Here click “Connect to network at my work place” click next.
4. Click “Virtual Private Network” and click next.

5. Here type the meaningful name for your company or any other network connection and click next.
6. Here click “Do not dial the initial connection and click next.
7. Here type the hostname and the IP address of the computer to which you want to connect.
8. Press next and then press finish.
Installing VPN in Windows 2000 Professional
Make sure that you are connected to the internet and you are also connected to the LAN.
1. Start > Administrative Tools > Routing and Remote Access
2. Click the server name in the tree and on the action menu click Configure and Enable Routing and Remote Access and click next.
3. Click Virtual Private Network (VPN Server) in the common configurations and click next.
4. In the remote client protocols, make sure that the TCP/IP is included in the list. Click yes to all available protocols and click next.
5. Select the Internet connection that will connect to the internet in the internet connection box and click next.
6. In the IP address management box select automatically to assign the IP addresses through the DHCP server.
7. In the “Managing Multiple Remote Access Server select this option “No, I don’t want to setup this server to use Radius Server Now. Click Next > Click Finish.
8. Now right click on the Ports node and click properties now click WAN mini port (PPTP) and then click configure.
9. Type the maximum number of the allowed simultaneous PPTP VPN connections to this server.
Configuring VPN Server in Windows 2000
You can configure the VPN server further by the following methods.
1. Start > Admin Tools > Routing and Remote Access.
2. Right click the server name and then properties.
3. Select “Enable this computer as a router” on the general tab.
4. Here you have the choice to select Local Area Routing or LAN or Demand Dial Routing click ok and close all the dialog boxes.
Configuring VPN Connection in the Client Computer
1. Start > Settings > Network and dialup connection
2. Make new connection
3. Click next and then click connect to a private network through Internet
a. Click Automatically Dial this initial connection and select your dial up internet connection from the list.
b. If you use cable modem then select “Do not dial this initial connection”.
4. Click next
5. Here type the host name and the IP address of the remote computer to which you want to connect.
6. Type the descriptive name of the connection and click next.

Wednesday, August 26, 2009

How to Change/Resetting user passwords in Win Server 2003/XP/2000

Users occasionally forget their passwords to their local user accounts. You can manually reset a user’s password.This tutorial will explain how to reset users password in Windows 2003/XP/2000.

Reset a local user account password for Windows XP/2000 Professional

click Start, click Control Panel, double-click Administrative Tools, and then double-click Computer Management.

Once you opened the Computer Management (Local)—>System Tools—>Local Users and Groups–>click Users.

In the details pane, right-click the user name, and then click Set Password

Read the warning message, and then, if you want to continue, click Proceed.

In New password and in Confirm password, type a new password, and then click OK.

NOTE:- To perform above procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer
is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.

Reset a domain user account password for Windows Server 2003/2000

click Start, click Control Panel, double-click Administrative Tools, and then double-click Active Directory Users and Computers.

In the console tree Active Directory Users and Computers/Domain name/ click on Users

In the details pane, right-click the user name, and then click Reset Password.

Type a new password in New Password and in Confirm New Password, and then click OK.

NOTE:- To perform above procedure, you must be a member of the Domain Admins group or the Enterprise Admins group in Active Directory, or you must have been delegated the appropriate authority.

How To Create an Active Directory Server in Windows Server 2003

Creating the Active Directory
After you have installed Windows Server 2003 on a stand-alone server, run the Active Directory Wizard to create the new Active Directory forest or domain, and then convert the Windows Server 2003 computer into the first domain controller in the forest. To convert a Windows Server 2003 computer into the first domain controller in the forest, follow these steps:

1. Insert the Windows Server 2003 CD-ROM into your computer's CD-ROM or DVD-ROM drive.
2. Click Start, click Run, and then type dcpromo.
3. Click OK to start the Active Directory Installation Wizard, and then click Next.
4. Click Domain controller for a new domain, and then click Next.
5. Click Domain in a new forest, and then click Next.
6. Specify the full DNS name for the new domain. Note that because this procedure is for a laboratory environment and you are not integrating this environment into your existing DNS infrastructure, you can use something generic, such as mycompany.local, for this setting. Click Next.
7. Accept the default domain NetBIOS name (this is "mycompany" if you used the suggestion in step 6). Click Next.
8. Set the database and log file location to the default setting of the c:\winnt\ntds folder, and then click Next.
9. Set the Sysvol folder location to the default setting of the c:\winnt\sysvol folder, and then click Next.
10. Click Install and configure the DNS server on this computer, and then click Next.
11. Click Permissions compatible only with Windows 2000 or Windows Server 2003 servers or operating systems, and then click Next.
12. Because this is a laboratory environment, leave the password for the Directory Services Restore Mode Administrator blank. Note that in a full production environment, this password is set by using a secure password format. Click Next.
13. Review and confirm the options that you selected, and then click Next.
14. The installation of Active Directory proceeds. Note that this operation may take several minutes.
15. When you are prompted, restart the computer. After the computer restarts, confirm that the Domain Name System (DNS) service location records for the new domain controller have been created. To confirm that the DNS service location records have been created, follow these steps:
1. Click Start, point to Administrative Tools, and then click DNS to start the DNS Administrator Console.
2. Expand the server name, expand Forward Lookup Zones, and then expand the domain.
3. Verify that the _msdcs, _sites, _tcp, and _udp folders are present. These folders and the service location records they contain are critical to Active Directory and Windows Server 2003 operations.

Adding Users and Computers to the Active Directory Domain
After the new Active Directory domain is established, create a user account in that domain to use as an administrative account. When that user is added to the appropriate security groups, use that account to add computers to the domain.

1. To create a new user, follow these steps:
1. Click Start, point to Administrative Tools, and then click Active Directory Users and Computers to start the Active Directory Users and Computers console.
2. Click the domain name that you created, and then expand the contents.
3. Right-click Users, point to New, and then click User.
4. Type the first name, last name, and user logon name of the new user, and then click Next.
5. Type a new password, confirm the password, and then click to select one of the following check boxes:

* Users must change password at next logon (recommended for most users)
* User cannot change password
* Password never expires
* Account is disabled
Click Next.
6. Review the information that you provided, and if everything is correct, click Finish.
2. After you create the new user, give this user account membership in a group that permits that user to perform administrative tasks. Because this is a laboratory environment that you are in control of, you can give this user account full administrative access by making it a member of the Schema, Enterprise, and Domain administrators groups. To add the account to the Schema, Enterprise, and Domain administrators groups, follow these steps:
1. On the Active Directory Users and Computers console, right-click the new account that you created, and then click Properties.
2. Click the Member Of tab, and then click Add.
3. In the Select Groups dialog box, specify a group, and then click OK to add the groups that you want to the list.
4. Repeat the selection process for each group in which the user needs account membership.
5. Click OK to finish.
3. The final step in this process is to add a member server to the domain. This process also applies to workstations. To add a computer to the domain, follow these steps:
1. Log on to the computer that you want to add to the domain.
2. Right-click My Computer, and then click Properties.
3. Click the Computer Name tab, and then click Change.
4. In the Computer Name Changes dialog box, click Domain under Member Of, and then type the domain name. Click OK.
5. When you are prompted, type the user name and password of the account that you previously created, and then click OK.

A message that welcomes you to the domain is generated.
6. Click OK to return to the Computer Name tab, and then click OK to finish.
7. Restart the computer if you are prompted to do so.

Troubleshooting
You Cannot Open the Active Directory Snap-ins
After you have completed the installation of Active Directory, you may not be able to start the Active Directory Users and Computers snap-in, and you may receive an error message that indicates that no authority can be contacted for authentication. This can occur if DNS is not correctly configured. To resolve this issue, verify that the zones on your DNS server are configured correctly and that your DNS server has authority for the zone that contains the Active Directory domain name. If the zones appear to be correct and the server has authority for the domain, try to start the Active Directory Users and Computers snap-in again. If you receive the same error message, use the DCPROMO utility to remove Active Directory, restart the computer, and then reinstall Active Directory.

For additional information about configuring DNS on Windows Server 2003, click the following article numbers to view the articles in the Microsoft Knowledge Base:
323380 (http://support.microsoft.com/kb/323380/EN-US/ ) How To Configure DNS for Internet Access in Windows Server 2003
324259 (http://support.microsoft.com/kb/324259/EN-US/ ) How To Configure DNS in a New Workgroup Environment in Windows Server 2003
323418 (http://support.microsoft.com/kb/323418/EN-US/ ) How To Integrate DNS with an Existing DNS Infrastructure If Active Directory Is Enabled in Windows Server 2003
323417 (http://support.microsoft.com/kb/323417/EN-US/ ) How To Integrate Windows Server 2003 DNS with an Existing DNS Infrastructure in Windows Server 2003
324260 (http://support.microsoft.com/kb/324260/EN-US/ ) How To Configure DNS Records for Your Web Site in Windows Server 2003
323445 (http://support.microsoft.com/kb/323445/EN-US/ ) How To Create a New Zone on a DNS Server in Windows Server 2003

Saturday, August 22, 2009

How to Remove Trojan Horse Or the Top 3 Ways to Get Rid of Trojan Virus

The good thing about Trojan Horses: It's not that difficult to remove them. But the bad thing is that Trojan Viruses are quite difficult to find.

Although they will not corrupt files or delete things on your hard disk, using them allows hackers to detect your credit card number, your social security number or some other private data. And of course, this is 1000 times worse.

The problem about deleting Trojan Horses is that since they have a variety of forms, there is no single method to delete them. Normally, using some antivirus software will help detecting and removing the Trojan Horses hiding on your hard disk. You can also try to clear the temporary internet files and delete them manually. Otherwise try this:

1) Open the System Information Utility (msinfo32.exe). You will find it at:
C:program filescommonmicrosoft sharedmsinfo. This program shows you all the processes running on any windows system, even those that are hidden from the task list that you normally use to look up the running processes on your PC. Now look for task listings which you do not recognize. Check the filenames and paths. Open your virus scanner and run the executable or .dll through it.

2) Open your antivirus software (If you don't have one, download AVG Anti-Virus Free Edition 7.5. It's pretty good and free). Run a virus scan. After the scan delete the value that was detected from the registry (first back up the registry!):

A) Click "Start > Run"
B) Type "regedit"
C) Click "OK"
D) Go to the subkey:

HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServices

E) Now delete any value in the right pane that was detected during the scan
F) Exit the Registry Editor

3) If the steps 1) and 2) didn't help, download the free program HijackThis. It shows all the processes running on your system. Once listed, you can manually select and delete the fishy processes.

Friday, August 21, 2009

How to fix: Cannot Delete File: Cannot Read from the Source File or Disk

Now that you are logged on as the administrator in safe mode follow these steps

1. Open control panel from the start menu
2. Select USER ACCOUNTS from the control panel menu icons
3. Select Create New account from the list of tasks
4. In the new task windows, give the account a two or three letter name, not any real user name. and click the next button
5. select the LIMITED account feature by selecting the little radio button at the top, and click the create account button at the bottom
6. close all program windows and restart windows
7. when windows boots you will see the new user id, log in on the new user account that you just created
8. you may get some funny flags and request when you log in , but they are not to worry, let the system finish logging you in and when all activity has finished, restart windows again in safe mode
9. log in as administrator again
10. Open my documents from the start menu and click the folders icon to open up the left hand panel of the explorer window.
11. Navigate to the file/folder parent folder you want to delete (the one you renamed to something like "Delete Me")
12. Have it selected in the right hand pane of explorer (remember you can only move this file or folder if it is inside the parent folder)
13. From the file menu at the top select edit then select move to folder....
14. when the navigation widow opens, navigate to C:documents and settings new user id new user id documents (new user id is the account name you created) and select the move button
15. Now restart windows normally and log into your normal account
16. open control panel from the start menu
17. select user accounts
18. select change accounts
19. select the new user account you created
20. select delete account
21. select to delete all files, and delete account

Thursday, August 20, 2009

How to Remove the Popup Ads in Avira Antivir

How to Remove the Raila Odinga Virus

Step 1

Follow the link in the Resources section to AVG Anti-Virus. Download the anti-virus program and then run its installation file.

Step 2

Open the Start menu and click on "Shut Down." Choose the "Restart" option and wait for your computer manufacturer's logo to appear on the monitor screen. Press the "F8" keyboard button repeatedly until a new list of options appears on the screen.

Step 3

Scroll down to the menu entry named "Safe Mode." Highlight the entry and hit the Enter key to start up your computer with the Safe Mode feature turned on.

Step 4

Open the Start menu and then click on the "My Computer" icon. Open up the "C:\" drive and then click on the folder named "System32." Look for a file with either the ".jpg" or ".gif" extension that was created very recently.

Step 5

Right-click on the file and then choose the "Delete" option. Check to see if there is a file named "Raila Odinga.jpg." Delete the file if it is present. Delete each of the Microsoft Word files contained in the folder.

Step 6

Close the "My Computer" window and then open the anti-virus program that you installed. Run the anti-virus program's update process by clicking on the "Update Now" button.

Step 7

Click on the "Computer Scan" button and then click on the option to run a scan through your entire hard drive, instead of just one section of the computer. Click on "Remove Problems" once the scan has finished running. Restart your computer to finish removing the Ralia Odinga virus from your machine.

Changing user password in XP without having to know the existing password

For some reason you forgot your password or another user forgot their password this will help you to reset the user password without having their old password.
click on Start>Run>and type cmd
From the command prompt window, type net users
This will show you every account that is made onto the computer whether it is hidden or not.
Change an account password
Login as administrator click on Start>Run>and type cmd
Type net user then the name of the account then * and press enter.
Examples
net user administrator *
net user “Joe Smith” *
Put the name in quotes if it contains spaces.
From there it should ask for a new password. Type in your new password (type very carefully - the command window won’t display what you type) and once more to confirm it. If you get the message that the command succeeded successfully you entered your new password without any problem.

Firefox: Some security tips

Hi to all, the day before i searched useful topic in the internet, i found this:

There are several reasons why Firefox is the Web browser of choice for many of us. Providing a safe Web surfing experience is one of the more important ones. I’d like to offer some tips that will make surfing the Web with Firefox even safer.
——————————————————————————————————————-
It’s important to easily determine whether a Web site that should be using https, actually is. When Firefox first came out it used a method that was easily discernible. The address bar would turn yellow and a lock icon would appear on the right-hand side of the address bar:

That feature was replaced by a small blue frame surrounding the Web site’s favicon in the third version of Firefox. Additionally, clicking on the blue field reveals more information about the Web site’s SSL certificate:

I’m not particularly convinced the new approach is better. It’s easy to miss whether the site is using https or not, especially if the favicon is blue. Also, I’ve read that the blue frame and most favicons are easy to forge.
As to why the change, my guess would be that Firefox developers thought Extended Validation (EV) certificates were going to become the norm and focused on a way to better display the EV information. I think they succeeded, placing the Web-site’s name in a green frame is very distinguishable:

It’s a nice concept, but the use of EV certificates isn’t that prevalent, which kind of defeats the whole purpose. If my memory serves me correctly, less than one percent of all Web sites using SSL have EV certificates. It’s understandable though. By design, the vetting process is more in-depth, which drives up the cost of obtaining an EV certificate.
A well-kept secret
A good friend of mine let me in on what I’d call a hidden gem and I wanted to pass it along. It’s not perfect, but it certainly helps increase awareness of whether a Web site is using https or not. Besides it’s simple to do:
1. Type about:config in the address bar.
2. Firefox will display the following warning.
3. Click on the “I’ll be careful, I promise” button.
4. Enter “browser.identity.ssl_domain_display” (minus quotes) in the Filter box.
5. Double click on entry, which opens a dialogue box.
6. Change the entry from zero to one.
What this does is change the appearance of how the address bar displays information for Web sites using regular SSL certificates. As you can see below, except for the frame being blue instead of green it looks identical to what’s displayed by a Web site using an EV certificate. This should help reduce the risk of confusing secured Web sites with unsecured ones.

Revisit Perspectives
In August of 2008, I wrote an article about a Firefox add on called Perspectives. I’m not going to rehash the details; suffice it to say that I highly recommend installing it. Then forget about it. The application works quietly in the background making sure SSL certificates are valid. Now that I said that, I want to revise the configuration I used in the initial article, even though it makes Perspectives a bit noisier.
The two changes I’d like to propose are:
• Uncheck the default setting of “Allow perspectives to automatically override security errors”.
• Change “When to Contact Notaries” from the default to “Contact Notaries for all HTTPS sites”.

Perspectives isn’t perfect and the above changes may give additional false positives, but using the new settings will increase security while surfing the Web.
SSL Blacklist
Firefox version three checks a certificate’s revocation status using the online certificate status protocol. There’s a problem with that though. Like EV certifications the use of this protocol is very limited. In a somewhat ironic twist, all SSL certificates do contain information about where to obtain a certificate authority’s certificate revocation list, but Firefox isn’t setup to use them. Hmmm, this means Firefox isn’t capable of knowing whether a majority of existing SSL certificates are valid or not.
Màrton Anka seeing this deficiency developed the SSL Blacklist add on for Firefox. The application detects and reports on weak/revoked certificates or those that are still using the weak MD5 hash algorithm.
NoScript: a favorite
If you follow my articles, you will know that I think highly of Giorgio Maone’s Firefox add on NoScript. Giorgio realized that a vast majority of malicious Web sites use JavaScript exploits to leverage control of a victim’s computer. So he developed NoScript, which gives the user control on whether to allow or disallow execution of certain JavaScript code that NoScript deems as possibly harmful.
As you might guess, it’s a fairly noisy add on. NoScript is going to ask you quite often on whether you trust the site enough to allow JavaScript code execution. If that’s too granular, you have the option to change the setting “Scripts Globally Allowed (dangerous) from the default of disabled to enabled.

Doing so will make NoScripts considerably less intrusive, but any protection from JavaScript vulnerabilities is also removed. On a good note, even with scripts globally allowed you are still afforded protection from ClickJacking.
Final thoughts
There you have it, four tips that I use and recommend to all of my clients. None of them are perfect solutions, but they certainly elevate user security when surfing the Web with Firefox. Let me know if you have any favorite security add ons for Firefox that I may have missed. Also if you have started using Internet Explorer 8, I’d be curious to learn how it compares to Firefox security-wise.

Configure a new DNS server

To configure a new DNS server
• Using the Windows interface
• Using a command line
Using the Windows interface
1. Open DNS.
2. If needed, add and connect to the applicable server in the console.
3. In the console tree, click the applicable DNS server.
Where?
o DNS/Applicable DNS server
4. On the Action menu, click Configure a DNS Server.
5. Follow the instructions in the Configure a DNS Server Wizard.
Notes
• To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
• To open DNS, click Start, click Control Panel, double-click Administrative Tools, and then double-click DNS.
• If the DNS server is running locally, you do not need to perform step 2.
• As a best practice, use the checklist for installing a new DNS server. For more information, see Related Topics.
• When you finish configuring the server, you might need to complete additional tasks, such as enabling dynamic updates for its zones or adding resource records to its zones.
Using a command line
1. Open Command Prompt.
2. Type:
dnscmdServerName/Config {ZoneName|..AllZones} Property {1|0}

Value Description
dnscmd Specifies the name of the command-line tool.
ServerName Required. Specifies the DNS host name of the DNS server. You can also type the IP address of the DNS server. To specify the DNS server on the local computer, you can also type a period (.).
/Config Specifies the configuration command.
{ZoneName|..AllZones} Specifies the name of the zone to be configured. To apply the configuration for all zones hosted by the specified DNS server, type ..AllZones.
Property Specifies the server property or zone property to be configured. There are different properties available for servers and zones. For a list of the available properties, at the command prompt, type: dnscmd /Config /help.
{1|0} Sets configuration options to either 1 (on) or 0 (off). Note that some server and zone properties must be reset as part of a more complex operation.
Notes
• To perform this procedure, you must be a member of the Administrators group on the local computer, or you must have been delegated the appropriate authority. If the computer is joined to a domain, members of the Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run as to perform this procedure.
• To open a command prompt, click Start, point to All programs, point to Accessories, and then click Command prompt.
• This procedure requires the Dnscmd Windows support tool. For information about installing Windows support tools, see Related Topics.
• To view the complete syntax for this command, at a command prompt, type:
dnscmd/Config/help
• As a best practice, use the checklist for installing a new DNS server provided in the online Help. For more information, see Related Topics.
• When you finish configuring the server, you might need to complete additional tasks, such as enabling dynamic updates for its zones or adding resource records to its zones.
Formatting legend
Format Meaning
Italic Information that the user must supply
Bold Elements that the user must type exactly as shown
Ellipsis (...) Parameter that can be repeated several times in a command line
Between brackets ([]) Optional items
Between braces ({}); choices separated by pipe (|). Example: {even|odd} Set of choices from which the user must choose only one
Courier font Code or program output

To configure conditional forwarding as an attribute of DNS.

To configure conditional forwarding as an attribute of DNS, complete the following steps:
1. On a Windows Server 2003 domain controller, open the DNS console.
2. Right-click the DNS server you wish to work with and click Properties.
3. Select the Forwarders tab of the DNS properties dialog box for the selected server.
4. Click the New button to the right of the DNS domain list.
5. Enter the domain name for which the conditional forwarders should be configured — for example, sales.company.com — and click OK.
6. Click on the new domain forward that you just added in DNS domains list and type the IP address of the primary DNS server for that domain in the box below, labeled Selected Domains Forwarder IP Address List.
7. Click the Add button.
Once you click OK on the DNS properties dialog box, the conditional forwarder for the domain you specified will be ready to go; however, you may want to restart the DNS service just to make sure everything is working.
Note: For conditional forwarders to work, all the DNS servers in your Active Directory environment must run Windows Server 2003.

How to disable shutdown button on the Log-in screen

Windows 2000 Workstation's log-in screen has a "Shutdown" button which you can use to shutdown the system without ever logging in. But you can disable Windows 2000 Workstation's "Shutdown" button on the initial log-in screen:
• Run "RegEdit.exe" or "RegEdt32.exe"
• Select the following key:

HKEY_LOCAL_MACHINE\
SOFTWARE\Microsoft\Windows NT\
Current Version\Winlogon
• Add a value named "ShutdownWithoutLogon" of type "REG_SZ" and set it to "0".
• Restart Windows

Thursday, August 13, 2009

Excel 2003 as default application for opening .xls files

This method will turn off the office 2007 re-register feature that makes office 2007 applications the default program for office documents.

Make Excel 2003 the default application for opening .xls files stick by doing the following:
1. Start --> Run----> Regedit
2. Navigate to the following key: HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Excel\Options
3. Right click on the Options folder, Select New---> DWORD Value ----> Type "NoReReg" for the Dword Value without quotation marks.
4. Right click on the NoReReg DWORD Value and click Modify. In the Value Date box, type 1 and then click OK.
5. Once you have edited the registry key listed above, open Excel 2003 and click on Help (found on the main toolbar) and select Detect and Repair.
6. If Detect and Repair process completes successfully proceed to Step 7. If the Detect and Repair process stops and asks you for the .msi file, mount DiegoStart and go to Z:\software\common\office11 and double click on OWC11.msi file.
7. After performing steps 1-5, try opening an existing or a new .xls file by double clicking it. The .xls file should open by default using Excel 2003 instead of Excel 2007.

Wednesday, August 12, 2009

Control owner access rights in Windows Server 2008

Using the Creator Owner permissions in Windows allows a person who creates an object to set the permissions for it. For example, if the IT manager is working on confidential documents about business and IT policy and wants to allow others in different business units or departments to access them, she can select any groups or users she wants. At the same time, she can also restrict access to those she wants to exclude. Sometimes this works okay, but it can be a problem if the Creator Owner of a document leaves the organization or is reassigned and no longer has access to the target object.
In previous versions of Windows, up until Windows Server 2008, using an SMB share (Server Message Block protocol) for permissions and changing them from full control to modify was the best way this could be corrected. However, SMB share permissions are not as restrictive as NTFS (NT File System) permissions, which may introduce other issues.
Windows Server 2008 introduces a new, built-in identity called Owner Rights that allows the creator/owner of the document to be overridden by an administrator. To add this feature to a document or object, you simply need to add an entry to the access control list (ACL) for the object, specifying owner rights. To do so, complete the following steps:
• Right-click the object for which you want to change the access control list and choose properties.
• Choose the Security tab on the dialog box for the object.
• Below the Group or User Names box click Add.
• In the Browse For Groups Or Users selection box, enter Owner Rights and click OK.
• Assign Owner Rights to Modify permission not to Full Control permission.
• Click OK on the object’s Properties dialog box.
With this addition to the ACL, when the owner of the object attempts to change permissions, one of two things will happen. Depending on the operating system this user is running and the permissions associated with the user account, the permissions information may be disabled or an “access denied” message will appear when he or she tries to make a change.
What happens if the owner cannot change the permissions on a file?
Windows Server 2008 has provisions for this situation. Basically any users including an admin can lock themselves out of any object; however, users that are also members of the administrators group can assign ownership back to the domain administrators group, allowing any member (including the original owner) to modify the ownership of the object.
If you are a member of the administrators group, even though you can lock your self out of being able to change permissions or see an object, your other rights will allow you to correct the action.

Outlook: Multiple Users Single Account?

Is there a way to set up MS Outlook (XP) so that multiple users can access a single account from their separate computers while retaining all of the files on a primary computer?

Basically, I'm the occasional IT department for a very small company and this is something like a feature request. There are two people with networked laptops, and one main desktop that is set up to retain all the email from this one account.

They want to use their laptops to read and send email from this account, and they want it to be just like they were reading and sending it from the desktop computer. Complete with archiving and deleting.

I am open to any suggestion that solves the problem, including those that don't involve Outlook. Here are some ideas I've had, but I have serious doubts about each of them.
• Setting the folder where the Outlook database lives as Shared, then pointing each laptop's Outlook installation to this same file. I have no idea if this will work. Ideally, they want to be able to use the email account at the same time, and I'm not sure this will allow that.
• Using Thunderbird. I don't know if it will help, but I think it would be cool to move them to more open-source applications.
• Setting up Remote Desktop or VNC, so they just log on through the LAN and use the desktop like they were sitting in front of it. This one is probably stretching it. Also, can anyone else use the computer while someone else is remotely logged in?

That's all the ideas I have. I imagine this is somewhat of a common enough problem so that someone has already solved this problem. That's what I keep telling them anyway.

How to disable shutdown button on the Log-in screen?

Wednesday, August 5, 2009

How to Speed Up Folder Access

In this page, I'll show you how to speed up folder access on your computer. Why you need to speed up folder access? In my opinion, you need to do that if you have a lot of folders and sub directories on your computer. Because when you access a directory, your windows system will wastes a lot of time updating the stamp showing the last access time for that directory. So you need to disable access update to stop your computer from doing this. Follow these steps to speed up folder access by disable access update on your computer.

1. Click on RUN, type Regedit in the open box and then click "OK".
2. Find HKEY_LOCAL_MACHINE > System > CurrentControlSet > Control > FileSystem
3. Create new DWORD Value called NtfsDisableLastAccessUpdate by right-click in a blank area of the window on the right and then select DWORD Value.
4. Double click on "NtfsDisableLastAccessUpdate", change the value data to 1 and then click OK. That's al

How to Auto DELETE temporary folder

For Beginers
what we used to prefer is, type "%temp% " {without quotes} in Start -> Run.This opens your temporary folder and then you can erase it easily, but still try dis one
too..

For Advance User
First go into gpedit.msc, Next select -> Computer Configuration/Administrative Templates/Windows Components/Terminal
Services/Temporary Folder, Then right click "Do Not Delete Temp Folder Upon Exit.
"Go to properties and hit disable. Now next time Windows puts a temp file in that folder it
will automatically delete it when its done!

Manually Removing PC Viruses!

Trick By vishnu vardhan reddy B On 4:23 AM
Have you ever been in the possition that you know you have an virus but you dont have any antivirus?? Its almost impossible to remove it manual without knowing about a few tips & tricks.
After reading this turtorial im sure you will know how to manual remove most of the virus lurking around. But that dosnt mean you shouldnt have any anti virus on you computer! Anyway, lets get starting with the turtorial.. I suppose you already know what safe mode is. If you dont try pressing the F8 key some times when you start your computer. You havto do this when your computer is about to start the first windows components. In win2k or xp i think you can press space and then F8 when it ask you if you want to go back to previous working setting.
Enough talk about how to start you computer in safe mode, but if you want to manual remove viruses you almost everytime haveto do this in safe mode becouse in safemode most viruses dosnt start. Only some few windows component is allowed to run in safemode. So here is what to do. Step:
1: Start your computer in safemode.
2: If you know where the virus are hiding delete the executable file.
3: Open the registry and go to the keys below and add an : in front of the value of the string that you think its the virus. Like this, if string is "virus" and its value is "c:\virus.exe" change its value to ":c:\virus.exe". The : is like comenting out the value. But if you are sure its the virus you can just delete the string. Here are the keys you maybe want to look at: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServicesOnce HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Runonce
NOTE-Firefox user might not able to view full path.For full path edit your text size smaller by pressing ctrl-.
4: The virus can start itself from some other places to. win.ini is the most common files that viruses can use. Soo you should find the files named win.ini and system.ini and look through them and see if you find anything.
5: Look through the startup folder that is normaly located in your profile directory \Start Menu\Programs\Startup.
6: Try searching for the virus executable to see if its hiding some other place.
7: Finally look through the list of services that windows is running. This list is often located under control panel - administrative tools - services. After this 7 steps just reboot your computer in normal mode and try to figure out if the virus is still there.. If not SUCCESS if yes, try to go back to safe mode and hunt some more. Off course this 7 steps will not work on every virus out there, but many of them.

Wednesday, July 22, 2009

Enable the Folder Option (Registry):

Enable the Folder Option (Registry):

1. Start→Run→Type “notepad” (without Quotes)→ Enter.
2. Type or Copy the Following Words.

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\...
"NoFolderOptions"=dword:0000000

[HKEY_CURRENT_USER\Software\Policies\M... Explorer\Restrictions]
"NoBrowserOptions"=dword:00000000

3. On the File Menu→ Save as name→ any name.reg (In the Desktop).
4. Close that and Double click that file.

5. Click “Yes”

6. Click “Ok”

Original Files Taken From the Website.

Friday, July 17, 2009

How to configure Internet Connection Sharing in Windows XP

How to use Internet Connection Sharing
To use Internet Connection Sharing to share your Internet connection, the host computer must have one network adapter that is configured to connect to the internal network, and one network adapter or modem that is configured to connect to the Internet.

On the host computer
On the host computer, follow these steps to share the Internet connection:

1. Log on to the host computer as Administrator or as Owner.
2. Click Start, and then click Control Panel.
3. Click Network and Internet Connections.
4. Click Network Connections.
5. Right-click the connection that you use to connect to the Internet. For example, if you connect to the Internet by using a modem, right-click the connection that you want under Dial-up.
6. Click Properties.
7. Click the Advanced tab.
8. Under Internet Connection Sharing, select the Allow other network users to connect through this computer's Internet connection check box.
9. If you are sharing a dial-up Internet connection, select the Establish a dial-up connection whenever a computer on my network attempts to access the Internet check box if you want to permit your computer to automatically connect to the Internet.
10. Click OK. You receive the following message:
When Internet Connection Sharing is enabled, your LAN adapter will be set to use IP
address 192.168.0.1. Your computer may lose connectivity with other computers on
your network. If these other computers have static IP addresses, it is a good idea to set them
to obtain their IP addresses automatically. Are you sure you want to enable Internet
Connection Sharing?
11. Click Yes.

The connection to the Internet is shared to other computers on the local area network (LAN). The network adapter that is connected to the LAN is configured with a static IP address of 192.168.0.1 and a subnet mask of 255.255.255.0

On the client computer
To connect to the Internet by using the shared connection, you must confirm the LAN adapter IP configuration, and then configure the client computer. To confirm the LAN adapter IP configuration, follow these steps:

1. Log on to the client computer as Administrator or as Owner.
2. Click Start, and then click Control Panel.
3. Click Network and Internet Connections.
4. Click Network Connections.
5. Right-click Local Area Connection, and then click Properties.
6. Click the General tab, click Internet Protocol (TCP/IP) in the This connection uses the following items list, and then click Properties.
7. In the Internet Protocol (TCP/IP) Properties dialog box, click Obtain an IP address automatically (if it is not already selected), and then click OK.

Note You can also assign a unique static IP address in the range of 192.168.0.2 to 192.168.0.254. For example, you can assign the following static IP address, subnet mask, and default gateway:

IP Address 192.168.0.2
Subnet mask 255.255.255.0
Default gateway 192.168.0.1

8. In the Local Area Connection Properties dialog box, click OK.
9. Quit Control Panel.

To configure the client computer to use the shared Internet connection, follow these steps:

1. Click Start, and then click Control Panel.
2. Click Network and Internet Connections.
3. Click Internet Options.
4. In the Internet Properties dialog box, click the Connections tab.
5. Click the Setup button.

The New Connection Wizard starts.
6. On the Welcome to the New Connection Wizard page, click Next.
7. Click Connect to the Internet, and then click Next.
8. Click Set up my connection manually, and then click Next.
9. Click Connect using a broadband connection that is always on, and then click Next.
10. On the Completing the New Connection Wizard page, click Finish.
11. Quit Control Panel.

When you now start Microsoft Internet Explorer, the client computer will try to connect to the Internet by using the host computer's shared Internet connection.

Troubleshooting
When you turn on Internet Connection Sharing on the host computer, the host computer's LAN adapter is automatically assigned the IP address of 192.168.0.1. Therefore, one of the following situations may occur:

* IP address conflict
Each computer on the LAN must have a unique IP address. If more than one computer has the same IP address, an IP conflict occurs, and one of the network adapters turns off until the conflict is resolved. To resolve this conflict, configure the client computer to automatically obtain an IP address, or assign it a unique IP address.
* Loss of network connectivity
If your network is configured with a different IP address range than Internet Connection Sharing uses, you will lose network connectivity with the host computer. To resolve this issue, configure the client computers to automatically obtain an IP address, or assign each client computer a unique IP address in the range of 192.168.0.2 to 192.168.0.254.

Original Article Taken From:
http://support.microsoft.com/kb/306126