Installed Applications
Installed Applications
· Spybot Search and Destroy
· Malwarebytes’ AntiMalware
· Super AntiSpyware
· Microsoft Security Essentials AntiVirus
· VLC Media Player
· K-Lite Video Codecs
· Adobe Reader
· Adobe Flash Player
· Cute PDF Converter
· Microsoft .NET
· Microsoft Silver light
· Java
· Adobe Air
· CCleaner
· Defraggler
· CD Burner XP
· 7-Zip
Spybot Search and Destroy
This program is for removing malware. It must be updated before being run.
1. Make sure your computer is online. Open the “Spybot – Search & Destroy” icon, from within the “Cleanup Tools” folder on the Desktop. Click “Search for Updates” button or the globe that says “Update” to check for updates.
2. If updates are available you will be asked to select an update server near you, if you click the “Continue” button Spybot will automatically select a server near you. If there are no updates available skip to step six.
3. Make sure all update boxes are checked, you may need to use the scroll bar on the right to view the entire list. Click the “Download” button to begin updating.
Note: You may receive a message asking to re-apply immunization, just click the “OK” button to continue.
4. When updates are finished click “exit” to finish update and return to main screen.
5. Click on the shield that says “Immunize” to open the Immunize screen. Spybot will check your current protection status, when done click on the Green Cross that says “Immunize“, near the top of the window.
6. Click on the Magnifying glass that says “Search & Destroy” to open the scan screen. Click on “Check for problems” to start the scan.
Note: You may receive a “Hint of The Day” message. Click on “Hide permanently” to reveal detection list. You can also click on the blue link that says “Hide this information” to make even more room for the detection list..
7. If infections are found, make sure all boxes are checked. You may need to use the scroll bar to the right of the list to view the entire list. Click “Fix Selected Problems“, near the top of the window.
8. Click the “Yes” button to confirm removal of all infections. When removal is done you can close the program.
Malwarebytes’ AntiMalware
This program is for removing malware. It must be updated before being run.
1. Make sure your computer is online. Open the “Malwarebytes Anti-Malware” icon, from within the “Cleanup Tools” folder on the Desktop, and click on the “Update” tab at the top of the window.
2. Click the “Check for Updates” button, near the left side of the window, to update.
3. Malwarebytes will begin to update, if it is not already up to date.
4. When updating is finished Click the “OK” button to continue.
5. Click on the “Scanner” tab, Select “Perform Quick Scan“, and Click the “Scan” button to start the scan.
6. When the scan completes click the “OK” button to continue.
7. Now you can click the “Show Results” button.
8. A scan log file will show, feel free to just close this window.
9. Make sure all infections are checked, you have to use the scroll bar to the right to view all infection. Click the “Remove Selected” button to remove infections.
10. You may receive a window asking to restart your computer to finish removing infections. Make sure you save any open documents and close any other programs you have open, then click the “yes” button to restart the computer and remove all infections.
Super AntiSpyware
This program is for removing malware. It must be updated before being run.
1. Make sure your computer is online. Open the “Super AntiSpyware” icon, from within the “Cleanup Tools” folder on the Desktop.
2. Click on the Preferences button to customize how SUPERAntiSpyware will scan your computer.
- When the program’s preferences screen opens, click on the Scanning Control tab and put a checkmark in the following options
- Close browsers before scanning.
- Scan for tracking cookies.
When done, the settings on the Scanning Control preferences screen should be similar to the image below.
Now press the Close button to go back to the main screen.
- You will now be at the main screen and should click on the Scan your Computer… button to begin the scanning process.
- You will now be at the Scan page where you can choose the type of scan you would like to perform as shown by the image below.
At this screen you should select the Perform Complete Scan option and then press the Next button to start scanning your computer.
- SUPERAntiSpyware will now prompt you to close all of your browser windows in order to continue. Please click on the Yes button.
- SUPERAntiSpyware will now start to scan your computer for malware as shown in the image.
- When the scan is finished a screen will appear showing the summary of what was detected as shown in the image below.
You should click on the OK button to close the summary screen box and continue with the removal process.
- You will now be at a screen displaying all the malware that the program has found. Please note that the infections found may be different than what is shown in the image below.
You should now click on the Next button to remove all the listed malware. SUPERAntiSpyware will now delete all of the files and registry keys that were detected and add them to the program’s quarantine. When removing the files, SAS may require you to reboot your computer in order to remove certain files. If it displays a message stating that it needs to reboot, please press the Yes button to allow it to do so. Your computer should now reboot.
- Once your computer has rebooted, the malware should be removed and you can use your computer like normal. If you wish to view a log of what was removed, you can start the SUPERAntiSpyware program and then click on the Preferences button. Now click on the Statistics/Logs tab and then double-click on the log you would like to view.
CCleaner
This program removes temporary system files and temporary internet files. This program also fixes registry errors and can remove programs and startup items.
1. Open the “CCleaner” icon from within the “Cleanup Tools” folder on your desktop.
Special Note: Cookies sometimes store usernames & passwords for sites that you visit regularly. If you like it when a web site recognizes you & auto-logs you in, uncheck the “Cookies“, box from the list near the left side of the window.
2. Click the “Run Cleaner” button, in the lower right corner of the window, to begin cleaning. You may get the following window. By putting a check in the “check-box“, near the lower left of the window, you can prevent the window from coming up again. Then click the “OK” button to begin Cleaning.
3. When program finishes you can close window. If Ccleaner removes more than about 500MB from your computer you may need to run CCleaner more often.
Microsoft Security Essentials
This program removes viruses and must be updated periodically. This program runs all the time in the background and should not require much attention.
Microsoft Security Essentials has a simple home page that shows the security state of your computer.
A green icon means that the security status of your computer is good. Microsoft Security Essentials is up -to- date and is running in the background to help protect your computer against malware and other malicious threats. When your computer has an issue that requires your attention, the look of the Microsoft Security Essentials home page changes based on the issue. The status pane turns either yellow or red depending on the situation, and an action button appears in a prominent location on the page with the suggested action.
A yellow icon means that status is fair or potentially unprotected and that you should take some action, such as turning on real-time protection, running a system scan, or addressing a medium-severity or low-severity threat.
A red icon means that your computer is at risk and that you must address a severe threat to protect it. Click the button to take the recommended action and Microsoft Security Essentials will clean the detected file and then do a quick scan for additional malicious software.
Office 2010 Home and Student, Unable to “Open With” Word, Excel etc.
A customer just brought in a machine to be reformatted, and asked us to put Office on it for him. However as of now we are still waiting for our first retail copies of Office 2010 Home and Student to arrive. Thinking I was clever I installed the trial version from the Microsoft Website and figured I’ d pop the key in as soon as the final version arrived. Immediately something seemed bizarre. The Start Menu Group for Office 2010 had (English) appended to the end of it. I right clicked on the executables and realised they were pointing to “C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE” What the hell I think. Why is Office being Virtualised? Apparently this is a product of the use as you download feature of the Digital Download, they use an application virtualisation layer to allow you to use the app while it downloads all of the features. However this causes an unexpected problem, there is no easy way to open other non-standard formats from Explorer in Office. I developed this fix because a customer needs the ability to open WPS and XLR (Works Spreadsheet) files. As soon as the retail disks arrive I’ m going to uninstall Office and put a correct copy on there but for now I came up with this.
I made a new batch file, with the contents:
“C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVH.EXE” “Microsoft Excel 2010 9014006104090000″ %1
Then I saved it as “openwithexcel.bat”, then I told the Open With dialog to always use that batch file to open XLR. Worked no Problem, I then made a second batch file called “openwithword.bat” with the contents:
How to Convert an Avast Pro 4.8 Key into a Avast 5.0 Key
After much searching I have found the answer. You can convert an Avast 4.8 Professional Edition Key to an Avast Profession Edition 5.0 key here: http://www.avast.com/resend-license.php
Complete Guide to Install Windows 7 on the eee PC 1000 series (Drivers, ACPI and All)
I saw a few incomplete guides out there, including the one that I used to install Windows 7 on my eee PC 1000. I figured this would be a good time to make a guide specifically for you in the same situation as I was. This guide will tell you how to acquire Windows 7, prepare a flash drive to install Windows 7, and to acquire the neccessary drivers after installation is finished.
Step 1. Acquire Windows 7.
Your Free for One Year Windows 7 Key and Release Client DVD-ISO can be downloaded from here:
http://www.microsoft.com/windows/windows-7/download.aspx
The N270 ATOM processor does not support x86_64 (amd64) extensions, so you’re going to want to grab the 32bit version.
Step 2. Prepare your Flash Drive.
I would recommend a 4GB drive, as the Windows DVD ISO is 2.35GB
First we’re going to open up diskpart to prepare the Flash Disk.
- Open command prompt. (Start > Run > cmd)
- At command prompt open diskpart (type diskpart then press enter)
- Next run the “list disk” command to get a view of the available devices connected to the machine.
- Now run select disk # where # is the number associated with your flash drive.
- Type “clean” to wipe the partition table
- Now type “create partition primary”, which will create a new partition
- Then type “active”, this will mark the partition bootable
- Next we will format the drive with the command “FORMAT fs=ntfs” you could also use FAT32 but I prefer NTFS. You can also add “quick” after NTFS to perform a quick format.
- Finally type “assign” to have windows assign the drive a mount point.
- Type “quit” to leave bootpart.
- You should now be back at command prompt.
- We now need to insert or mount the Windows 7 drive. Either burn the image to a disk or use a ISO mounting tool to mount the disk image. Once you have the image loaded in one way or another we’re going to run a file on the disk.
- Type the drive letter of the drive i.e. “i:” or “d:”
- Then type “cd boot”
- Bow run “bootsect /nt60 driveletterhere” wheras driveletterhere is the drive letter of your flash drive.
- Now your flash drive is prepared for the Windows 7 files. Copy the entire contents of the Windows 7 disk to the flash drive.
Step 3: Install Windows 7
The installation is actually remarkably straight forward. A lot of guides will tell you you have to run compact on the drive. Fortunately, most eee PC users have a 8GB OS drive and another drive for files. The end installation will leave you with around 1GB of free space on the OS SSD. So running compact is not neccesary if you do not want to.
- Make sure all of your files are backed up
- Reboot the eee PC
- Insert the Flash Drive
- While the POST screen is showing tap the ESC key
- From the boot menu select your USB Flash Drive
- Windows 7 installation should now start as normal.
- You should format the 8GB OS SSD during the installation, this way it does not install Windows 7 and leave your existing files alone. On the eee PCs with hard drives that may be fine but on the standard eee PC that would result in barely any free space.
Step 4: Drivers and Optimisation
Drivers
Windows 7 actually detects more hardware directly after install than Windows XP does. All of the hardware detects normally except the ASUS ACPI driver. It will detect in Device Manager as an “Unknown Device”. The Device ID is ACPI\ASUS010. This device also controls the eee PC specific hotkeys. For example the ability to turn off the Bluetooth and WiFi radios from within windows.
The ACPI Drivers and other Drivers are available on the ASUS Support website. Select your eee PC from the list, then download the ACPI drivers from underneath the “ATK” category.
You’ll get occasional popups saying that certain keys have been disabled from the utility. You can End the Process to end these messages, but you’ll also loose access to some function keys.
I’ve so far been able to get the the ACPI utility to stop complaining about the Intel Utility. I did this by downloading the Windows Vista 32bit Driver from the Intel Website. It’s the Intel 945GM Chipset that the eee PC 1000 uses. You’ll have to use the “Have Disk” method of overriding Windows 7. Since technically the Win7 driver is newer you’ll have to insist on using the older Windows Vista driver. Once the driver installs, for me I got a blank screen and I had to hard reboot. Once the computer rebooted I got one less annoying error from the ACPI utility. I believe you could use a similar process with the other drivers to satify the ASUS utility. I’ll update as I learn more.
Optimisation
I recommend you enable the “Windows Classic” theme, and go through the Windows Services panel to disable whatever Services you may not need.
I also recommend you right click on the Taskbar and use the properties section to shrink the toolbar. Although it might be perfect for a modern Hi-Res screen the New Windows 7 toolbar is a bit big for an eee PC.
Step 5: Update your Firmware on your eee PC 1000 (Optional)
Download the “ASUS Update Utility” under the Utilities Section on the ASUS Website. Extract it and install it. Use the MSI installer instead of the EXE, because the EXE will give you an error message about the version of windows not being correct. Once installed the ASUS Update Utility will download and install the latest Firmware version for your eeePC BIOS.
Reflash your Cisco 7940, 7941, 7960 or 7961 phone to SIP
- Cisco 7960
We now sell the SmartNET Service Agreements for these phones! (Necessary to get Firmware)
Use our web form to transmit your device information.
This guide applies to the Cisco 7940, 7940G, 7941G, 7960, 7960G and 7961G. These phones are the real work horses of the IP Telephony industry. They’re sturdy, configurable and when used with Call Manager very robust. However you’re not here to learn how to use these phones with CallManager you’re hear to use reflash them to SIP, because you want to use them with Asterisk, PiaF, Trixbox, or any other SIP based PBX. This process is not that difficult but it can be frustrating without the right instructions, which is why I’m here to help.
Firstly, I’m not a big fan of these phones in a SIP atmosphere, I have one on my desk so they’re by no means terrible, but realistically Cisco’s SIP firmwares are much more limited than their SCCP firmwares. If you haven’t yet bought your phone, I’d recommend you buy a phone from Linksys. They’re made of virtually the same parts, except designed for the Small Business and SIP customers.
Let me explain more or less what you are doing, you are taking whatever firmware is on your phone and you will be reflashing it to the latest SIP firmware. Typically these phones come from Cisco with the SCCP, often called “Skinny” protocol. This protocol only works with the proprietary Cisco CallManager platform or with special asterisk modules. Although it is very rare to ‘brick’ these phones, it is possible. It is very important that you are patient with each step as well as careful that all of your connections are solid.
Alright, to reflash this phone you’re going to need:
- DHCP Server
- TFTP Server
- P0S3-07-5-00.zip (For the 7940/7960)
- cmterm-7940-7960-8.11.00-sip.cop (7940/7960) or cmterm-7941_7961-sip.8-5-2.cop (7941/7961)
- XMLDefault.cnf.xml configured correctly for your firmware. (Right Click Save As, or your browser might try to parse the XML) SERIOUSLY FOLLOW THOSE INSTRUCTIONS, THAT’S THE BIGGEST MISTAKE PEOPLE MAKE, MOST MODERN BROWSERS WILL PARSE XML.
If you have a Cisco Smartnet Contract already you can get the firmwares for the 7940/7960 here and for the 7941 and 7961 here. If you don’t have a Smartnet Contract I recommend you buy one from CDW. You can chance it on the internet trying to find a good Samaritan who has uploaded the firmwares for you but it’s seriously worth the 8$/year to have access to firmware updates.
Now the unusual part about reflashing the 7940 and 7960 generation of phones is that to get them to the most recent firmware often times they will have to be flashed twice. This is because sometime around the 7.5 firmware Cisco changed what I believe was the phone’s bootloader. For this reason it is necessary to take the phones directly from SCCP to P0S3-07-5-00 then to 8-11. Technically some phones may be able to go directly to the latest version from Cisco, but because it seems like the vast majority of phones with the SCCP firmware on them require this process, I now just assume that it will need to be done to streamline the process.
I’m going to steal a few bits from my Cisco 7970G Guide you can always use whatever TFTP server and DHCP server you like as long as you have the ability to set the DHCP options manually. Here we are going to use tftpd32, it has both a tftp and dhcp server inside.
To start make a folder on the desktop, I named mine CP-7940.
If you have a 7940 or 7960 extract the contents of P0S3-07-5-00.zip and cmterm-7940-7960-8.11.00-sip.cop with 7zip or WinRAR. The 7941 or 7961 will require you to extract the cmterm-7941_7961-sip.8-5-2.cop. If the archiver doesn’t automatically detect it’s extractable when you right click. Add a .gz to the end, it’ll figure it out. Then move the XMLDefault.cnf.xml that you downloaded from me into the same folder.
Now if you’re flashing a 7940 or 7960, you should have this in your directory.
- cmterm-7940-7960-8.11.00-sip.cop
- copstart.sh
- OS79XX.TXT
- P003-07-5-00.bin
- P003-07-5-00.sbn
- P003-08-11-00.bin
- P003-08-11-00.sbn
- P0S3-07-5-00.bin
- P0S3-07-5-00.loads
- P0S3-07-5-00.sb2
- P0S3-08-11-00.loads
- P0S3-08-11-00.sb2
- sip_load7.txt
- sip_load8.txt
- XMLDefault.cnf.xml
The P003-* files are SCCP files, but they are used by the SIP. SIP firmwares are typically labeled P0S3-*. You want to make sure the P0S3*.loads file is referenced in your XMLDefault, but the P003 files still need to be available.
or for the 7941/7961
- apps41.8-5-2TH1-9.sbn
- cnu41.8-5-2TH1-9.sbn
- copstart.py
- copstart.sh
- cvm41sip.8-5-2TH1-9.sbn
- dsp41.8-5-2TH1-9.sbn
- jar41sip.8-5-2TH1-9.sbn
- load115.txt
- load30018.txt
- load308.txt
- load309.txt
- SIP41.8-5-2S.loads
- term41.default.loads
- term61.default.loads
Now we have to modify our XMLDefault.cnf.xml file to reflect our intent to reflash the phone. Either download my starter file from above or add these line to your XMLDefault.cnf.xml. Here I’ve included the settings for both the 7940 as well as 7960 generation of phones.
<loadInformation8 model="CP-7940">P003-08-8-00</loadInformation8>
<loadInformation115 model="CP-7941">SIP41.8-5-2S</loadInformation115>
<loadInformation309 model="Cisco 7941G-GE">SIP41.8-5-2S</loadInformation309>
<loadInformation7 model="CP-7960">P003-08-8-00</loadInformation7>
<loadInformation30018 model="CP-7961">SIP41.8-5-2S</loadInformation30018>
<loadInformation308 model="Cisco 7961G-GE">SIP41.8-5-2S</loadInformation308>
If you need any other phones check out my post on XMLDefault.cnf.xml loadInformation tags.
Next let’s configure TFTPd32
Firstly, determine how you are going to connect your 7940/60 to your DHCP/TFTP server. You’re going to need to make sure that there is no other routers on the network that could send competing DHCP broadcasts. I recommend one of two scenarios.
- Connecting the Phone and Computer directly with a Crossover cable.
- Connecting the Phone and Computer together on a network switch with no other devices. Notice I say SWITCH not a ROUTER. You could use a router if you configured it properly, but that’s another story.
The switch option works better because it prevents the computer’s LAN interface from going up and down depending on if the phone is plugged in or not.
Next you are going to need to get a copy of tftpd32:
Now that you have tftpd32 open and running, we need to configure it:
Open up the settings box
Enable DHCP Server, TFTP Server, and Log Viewer, all others can be unchecked.
Make sure that you have set the directory into the same directory as your Cisco Firmware Files.
Make sure you have the correct configuration files in the directory including a XMLDefault.cnf.xml that at least partially resembles this one: (right click save as)
Set TFTP Security to STANDARD, in the image it says None. It should not be set to none it should be set to STANDARD.
Make certain that the bind address is set to the correct interface.
When done go to the DHCP tab
Make sure a DHCP and DNS server are set. Under additional options set “69″ and make the IP the same as your TFTP server. Do not use these IP settings, they just server as a rough guide. The IP Pool starting address being out of the subnet is not intentional. Also under additional options the 19 was cut off by the size of the box. If you have problems with option 150, try option 66.
Check for any settings that I may have missed and double check that everything is correct.
Now it’s time to boot up the phone. If the phone is already on, a quick way to reboot it is by holding down the * key, the six key, and the settings key simultaneously. As the phone boots up watch the logs. With any luck it should boot up, and try to pull the SEPMAC.cnf then give up and move on to XMLDefault.cnf.xml. When it sees that file it should start downloading the firmware files and reboot. If after rebooting you see the phone look for a SIPMAC.cnf file then SIPDefault.cnf, your phone is successfully reflashed.
The 7941/7961 seems to reboot twice grabbing different files each time.
If the phone isn’t reflashing, double check your TFTP settings and make sure the phone is detecting your TFTP server. You may have to go into Network Settings and enable alternate TFTP server. Typically you can do this by moving to the option then pressing **# **to unlock it or going to setting then option 9. The default password is “cisco”. Then go to Network Configuration (Option 3) Then enable “Alternate TFTP Server” (Option 32) then type in the TFTP server address. The most common problem though is an error in the XMLDefault.cnf.xml file. I find myself having to do this very often on many networks.
Once you see the Sip logo in the upper right corner you are now safely flashed to 7.5. You’ll need to perform this process one more time to bring the phone up to the latest firmware. At the time of this writing that was 8.11. Open up your XMLDefault.cnf.xml file and replace the previous lines with
<loadInformation8 model=”IP Phone 7940″>P0S3-08-11-00</loadInformation8>
<loadInformation7 model=”IP Phone 7960″> P0S3-08-11-00</loadInformation7>
Reboot the phone again and it should update to the latest firmware.
This will get the phone reflashed, from here on you’ll need a configuration file to register the phone to a PBX. We have one already made for the Cisco 7941 / 7961 over here.
Script to automatically turn your CentOS 5.2 installation into a Router with Squid Caching
I’ve put a lot of time into this guy! And I’m proud to share it with you. This script and configuration files, when configured correctly for your network will turn your CentOS 5.2 installation into a network router with dhcp, dns, squid, samba, iptables and webmin. I’ve also provided all of these files tarballed together so that you can just untar them and use my configuration. Make sure you change the admin password in the first section of install.sh
NOTE: This script is missing one function. You must change net.ipv4.ip_forward = 0 to 1 inside of/etc/sysctl.conf
To run my script automatically just login as root and run the following commands:
wget http://www.greenwireit.com/blog/wp-content/uploads/2009/03/install.tar
tar xf install.tar
./install.sh
Notes: For this configuration eth0 is your WAN interface and eth1 is LAN. I actually have no method of testing this configuration because I had to sanitise it to get rid of my own network variables. If you have any problems PLEASE post them in the comments and I will adjust them.
install.sh
echo Setting Root Password
echo yourpasswordhere > /tmp/tmppass
passwd --stdin root < /tmp/tmppass
rm /tmp/tmppass
echo Password Changed
#
echo Setting up Repositories
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
echo Installing Dependencies
yum -y install perl-Net-SSLeay
echo Installing Webmin
rpm -Uhv http://internap.dl.sourceforge.net/sourceforge/webadmin/webmin-1.450-1.noarch.rpm
echo Installing Squid
yum -y install squid
echo Installing Samba
yum -y install samba
echo Installing dhcpd
yum -y install dhcp
echo Installing named
yum -y install bind
#
echo Copying Config Files
cp named.conf /var/named/chroot/etc/named.conf
cp dhcpd.conf /etc/dhcpd.conf
cp smb.conf /etc/samba/smb.conf
cp squid.conf /etc/squid/squid.conf
cp iptables /etc/sysconfig/iptables
echo Config Files Copied
#
echo Finishing Up
echo Starting Services
/etc/init.d/webmin start
/etc/init.d/squid start
/etc/init.d/smb start
/etc/init.d/dhcpd start
/etc/init.d/named start
/etc/init.d/iptables restart
iptables
*mangle
REROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
OSTROUTING ACCEPT [0:0]
COMMIT
*nat
REROUTING ACCEPT [0:0]
OSTROUTING ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth0 -p tcp -m tcp --dport 111 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 135:139 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 445 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 9022 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 4445 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 1720 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 5038 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 3306 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 21 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 23 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 25 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 79 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 110 -j REJECT --reject-with tcp-reset
-A INPUT -i eth0 -p tcp -m tcp --dport 143 -j REJECT --reject-with tcp-reset
-A OUTPUT -o lo -j ACCEPT
COMMIT
squid.conf, configured for transparent NAT. Which means as long as iptables is pointed to it, it will automatically cache and accelerate your internet connection.
acl all src 0.0.0.0/0.0.0.0
acl lan src 192.168.1.0/24
acl localhost src 127.0.0.1/255.255.255.255
http_access allow localhost
http_access allow lan
cache_mem 64 MB
cache_store_log none
http_access allow lan
http_access deny all
icp_access allow all
miss_access allow all
cache_mgr youremail@yourserver.com
http_port 3128 transparent
dhcpd.conf
ddns-update-style interim;
ignore client-updates;
DHCPARGS=eth1;
subnet 192.168.1.0 netmask 255.255.255.0
{
option routers 192.168.1.1;
option subnet-mask 255.255.255.0;
option domain-name-servers 192.168.1.1, 4.2.2.1;
range 192.168.1.10 192.168.1.150;
}
smb.conf
[global]
workgroup = workgroup
server string = Router
local master = no
domain master = no
preferred master = no
password server = None
guest ok = yes
guest account = root
security = SHARE
dns proxy = no
bind interfaces only = true
interfaces = eth1 192.168.1.1
[share]
path = /share
guest ok = yes
writeable = yes
create mask = 0777
[backup]
path = /backup
guest ok = yes
writeable = yes
create mask = 0777
named.conf
options {
forwarders {4.2.2.1; 4.2.2.2;};
forward only;
listen-on {192.168.1.1;};
};
How to Install Windows XP on a Dell Vostro 220 or Vostro 1520, the Crashless way!
Steps that you must perform before Windows XP will Install: Below is a narration.
Switch Hard Drive Controller from AHCI to ATA:
- F2 at BIOS Screen
- Standard CMOS Features
- SATA Mode: Change from AHCI to ATA
Make sure your Windows XP CD is Slipstreamed to SP2 or 3
- Download nLite from here
- Download Service Pack 3 here
- Use nLite to Copy files from XP CD, Slipstream and make ISO with the new disk image.
I customer brought in a machine I had ordered for them needing Windows XP. I had ordered it with Vista and assured her that everything would be okay. Well, unfortunately the hospital she works for will not support Vista. So with my foot in my mouth I put in my trusty Windows XP Home CD for customers. The machine loads up the first part of Windows Setup then crashes with a BSOD (Blue Screen of Death). Saying that I need to run chkdsk /f , along with some other information that I didn’t read. Well first thing this makes me think is SATA Controller? That’s exactly what it was. Windows XP apparently doesn’t work well with AHCI (out of the box), so you’ll have to use the above steps to switch the machine to ATA mode in the BIOS. After that I got almost to the same place then I got a pci.sys error. Which is apparently caused by another piece of hardware not supported by Windows XP until Service Pack 2. My Slipstreamed SP3 disk is was having CD-KEY issues with the Pre SP3 OEM key so I had to slipstream a new one using nLite. Once I had those two things out of the way Windows XP SP3 installed swimmingly
Watch out on the License Keys, you may have to use SP2.
Update 28 Mar 09:
Eric reports that if you install the chipset drivers before installing the other drivers you can end up experiencing a variety of strange issues. Eric reports that you can solve the problem by installing “Desktop System Software (DSS)” which is found in the System Utilities section [under Vostro 220 on the Dell Support site]. When checking the offerings I noted that one download was recently updated and marked “Urgent”.
If you found this article helpful, please link to it from your blog, or vote it on one of the Share and Enjoy links below. Google determines quality based on your link-support!
Removing Antivirus 2009 with a Hijacked Browser, and Blocked Applications
As a foreword, this guide is intended for Technicians, End-Users will find some of the terminology difficult to understand. I recommend that people who do not feel comfortable making system wide changes should consult a certified technician.
I had the great privilege the other day of removing one of the worst AV2009 (Antivirus 2009) infections I have ever seen. This Trojan is frighteningly hard to get rid of. What probably makes it most dangerous is not the actually annoying AV2009 popups but the other infections that AV2009 downloads onto the system.
Here are some symptoms I’ve seen caused by AV2009:
- Hijacking of TCP/IP Stack. Websites would be redirected affiliate pages.
- A wide number of secondary infections downloaded.
- Execution prevention of HijackThis, Spybot, SUPERantispyware. Malwarebytes Anti-malware, Killbox.
- Fake reboot screen and BSOD which makes the user think that purchasing is necessary to continue.
The most frustrating part of this entire endeavour is that most of the tools that the average technician is used to have been blocked by the trojan and its minions. Not to mention the enduser typically can’t download a remote control tool from a Technician’s portal. Here is what I had to do to remove the infection it was a slow process but it worked.
At nearly every step of the process it is necessary to rename the .exes of installers and executables. I recommend that before you get started you download the following apps from an uninfected computer to a flash drive.
- MBAM Malwarebytes Anti-malware
- SUPERAntiSpyware
- Spybot-S&D
- Killbox
- Process Explorer
- Unlocker
- ATF_Cleaner
- HijackThis
- PC Tools Spyware Doctor I was skeptical about these guys, but it’s not on the trojan’s Blacklist.
- Avira Anti-Vir
- SmitFraudFix
Rename each of them from their original filenames to something that will allow you to recognise them but remove important identifiers. An example would be SSD.exe instead of spybotinstall.exe. Copy them all to a flash drive so that you can avoid the frustration of dealing with a hijacked browser.
The trick to removing this infection is throwing everything at it. You’ll need to chisel away at the number of infections by using everyone of these tools to go at it from a different angle. The best way to deal with the hijacked connection is by setting up a proxy server on another machine on the network and using it as the internet connection.
I will provide you with the order I typically use, although you can can follow whichever you prefer.
1. I recommend the first thing you do is to install Spybot’s Teatimer. This will allow you to control infections that may try to rewrite Registry values once you’ve deleted them. Often times the update server will be rerouted to localhost 127.0.0.1. If this happens, elect to not install updates immediately in the installer, you can specify a proxy later.
2. Nextly I usually run HijackThis and remove all the alien entries. Most of the harder infections will resist this because they use WinLogon and DLL hooks. But the simpler infections will not come back on next reboot.
3. Reboot the machine. This should let your HijackThis changes set in.
4. Run ATFCleaner. This will delete your Temporary Internet Files and System Temp files. This means that your scans will move a lot faster. Sometimes up to an hour faster.
5. I recommend that you now install Avira Anti-vir and have the real-time virus protection run. This means that while the other scans are running it will also double check the files. It means the scan will go much slower, but you won’t have to run a full scan later with Avira.
6. I now recommend that you run, Spybot, MBAM, SUPERAntiSpyware, PCTools Spyware Doctor. Reboot between each of these, if the application requests to run on reboot. Run it. This is going to take a while so let the applications run whenever they ask to. When the scans starts to come up clean, you can skip to the final step.
7. Use Unlocker/Killbox to remove any particularly stubborn files thatkeep coming up in the scans. Use safemode with command prompt to increase the likelihood that you’ll be able to delete the file. The Spyboot File Shredder is also a very useful way to destroy a stubborn file. Process Explorer is a useful way to see if a stubborn dll file is still loaded.
8. Finally check HijackThis one last time to verify that it comes up clean. From command prompt run “sfc /scannow”. This will check your windows installation for corrupt files. It should make sure that any files corrupted by the infections will be repaired.
Voilà . If this doesn’t work, you’re going to have to get creative. Or better yet, reformat. This infection is a real pain and you can’t win every battle.
Hard Refresh a Page in Firefox on a Mac (Ctrl+F5)
If you’re reading this chances are you’ve probably already learned that Ctrl + F5 in Firefox on Mac OSX opens the screen reader. Typically in most browsers Firefox, Chrome, Internet Explorer etcetera, Ctrl + F5 hard refreshes the page. Meaning that the browser does not read any of the information on the page from cache, instead it downloads everything fresh. The correct command to do a hard refresh in Firefox on a page (force the page to reload all data) is “Cmd (Apple) + Shift + R”. This only works on Firefox, not in Safari.
If you need to disable the screen reader press Ctrl + F5 again and it should turn off.
How to remap a Short Circuited Key
Did you spill some water / coffee / soda / beer / vodka on your keyboard? Well chances are one or more of the keys are acting strangely. If it’s an important key like a vowel letter, I think you may have no choice other than to get a new keyboard. Fortunately they’re not too expensive and not hard to replace…even for a laptop! (ebay) But what if it’s a not so often used key? Maybe it makes more sense to disable or reassign the damaged key rather than getting a new keyboard. A good buddy of mine Peter Althaus has this exact problem. His shorted key in question was the German Special Letter ß. Whenever he typed the Letter T, both T and ß would show up.
[5:47:13 PM] koolkarma says: now tßhe damn ß is ßtyping ißtself witßhoußt me pushing anytßhing.
The solution? Remap the key! We can remap the ß key to all zeros and disable the key in windows. There are a few ways of doing this. The cleanest way is using regedit, but it requires us to have the binary values for the keys we want to remap, unfortunately that’s not nearly as easy as using this clever app: SharpKeys
Make sure you have the Windows .NET 2.0 Framework Installed!
Once you do it’s a pretty quick process to disable or remap the key and fix your problem! Install .NET 2.0 and SharpKeys and open it up. This is what the first page looks like.
Go ahead and click add, here we can remap our keys around the way we want them.
Capturing a Key with SharpKeys
If you click the “Type Key” button you can skip ahead of trying to find the key in the list. Sometimes the key may be too broken to be tapped, but if it isn’t, I definitely recommend this route.
When you’re all done press Okay, then press Write to Registry and reboot. I definitely recommend you both disable the bad key and assign it a replacement key at the same time. For example if your Right Shift Key is broken, disable it and reassign it to the Left Windows key all in one go. This way you can use the “Type Key” feature on both sides. Chances are between the Caps Lock, Left and Right Windows Key and other not so often used keys on the keyboard you’ll be able to find a new home for your damaged key.
