How many spyware items are infecting your computer?
I just had, by mistake, a plug-in called Intelligent Explorer attach to my browser. What a nightmare! I have another article on this topic, but this brings home a point. Spyware or adware items are continually infecting computers. Most computers have no protection from them. Most frightening is the frequency of them. From the InfosecWriters web site, "According to a 2004 survey by America Online and the National Cyber Security Alliance, 91% of users questioned were familiar with the term spyware. Only 53% believed their computers were infected, but a scan found that 80% of their PCs had some type of spyware installed on them." It goes on to say, "...The average number of spyware components per computer was 93 with one computer having well over a thousand."
What is Spyware?
Butte College (www.bctv.butte.edu/support/spyware.html) offers this definition:
“The term ‘spyware’ is broadly defined as any program that gets into your computer without permission and hides in the background while it makes unwanted changes to your user experience.
Spyware is generally not designed to damage your computer. The damage it does is more a by-product of its main mission, which is to serve you targeted advertisements or make your browser display certain sites or search results.
At present, most spyware targets only the Windows operating system (Internet Explorer).”
To be fair, spyware can be harmless, for example tracking cookies don’t do much. While such things infringe on your privacy, they don't really harm anything. Others, however, are extremely dangerous.
So what do you do about it?
No spyware program seems to do everything, but there are a lot of goods solutions out there that can help. Here is a list of some of the top Spyware tools to look at:
1) Try Ad-Aware 6.0 Professional from LavaSoft (there is also a free version with less functionality)
2) Spybot Search & Destroy from PepiMK Software
3) Xoftspy form Pareto Logic
5) Spyware Guard from Javacool Software is a free program
4) Pest Patrol (now part of Computer Associates by acquisition)
5) McAfee Anti-Spyware
One thing is for certain: you do need to take spyware seriously. For some reason, too many people out there think anti-virus solutions are the end-all solution. They are not.
And, when all else fails?
Finally, as drastic as it seems, if your computer has been infected with a large number of spyware programs, the only solution you may have is backing up your data, and performing a complete reinstall of the operating system.
Thursday, April 1, 2010
SECURITY AND ENCRYPTION
About Encryption and Making Your System Secure
What does encryption do for me?
Encryption and cryptographic software has been used in many different ways to make systems more secure. This article discusses only a few ways that such software can make your system more secure, including:
1) Encrypting your email
2) Encrypting your files
To programs are mentioned that will help encrypt information. There are many more programs out there that will help, but these programs are good and a good place to start as any. They have the added benefit of both being free with source code available.
Will encryption stop people from accessing my information?
Encryption simply makes it harder for people to gain access to important information, like passwords or sensitive information in a file. The first thing you should know about encryption is that the algorithm that is used to encrypt can be simple or more complex and that affects how securely what you have encrypted is protected. Encryption systems have been broken when the method of encryption is understood by hackers and is easy to break.
Why bother to encrypt my email?
It should be noted that email is far less secure than paper mail for two very good reasons: first, electronic data can be accessed easily over an Internet and secondly, electronic data is really simple to copy. There is a very good chance that someone has snooped around in your email despite your best intentions to stop it.
How do I go about encrypting my email?
There are many programs out there that can help you encrypt your email. A very popular one is PGP (Pretty Good Privacy) or its Gnu offshoot GPG.
PGP (http://www.pgpi.org/) self-describes itself this way: This "is a program that gives your electronic mail something that it otherwise doesn't have: Privacy. It does this by encrypting your mail so that nobody but the intended person can read it. When encrypted, the message looks like a meaningless jumble of random characters. PGP has proven itself quite capable of resisting even the most sophisticated forms of analysis aimed at reading the encrypted text."
Why bother to encrypt my files?
The answer to this boils down to what you store on your computer. If you have financial data with important information like social security numbers, email addresses, account numbers and passwords, then you open yourself up to losing very valuable information. Most corporate Internet security employees will attest to the widespread theft of very valuable information. As long as you are connected to the Internet you are vulnerable.
How do I go about encrypting my files?
AxCrypt File Encryption Software (http://axcrypt.sourceforge.net/) Self-described as "Free Personal Privacy and Security for Windows 98/ME/NT/2K/XP with AES-128 File Encryption, Compression and transparent Decrypt and Open in the original application."
What does encryption do for me?
Encryption and cryptographic software has been used in many different ways to make systems more secure. This article discusses only a few ways that such software can make your system more secure, including:
1) Encrypting your email
2) Encrypting your files
To programs are mentioned that will help encrypt information. There are many more programs out there that will help, but these programs are good and a good place to start as any. They have the added benefit of both being free with source code available.
Will encryption stop people from accessing my information?
Encryption simply makes it harder for people to gain access to important information, like passwords or sensitive information in a file. The first thing you should know about encryption is that the algorithm that is used to encrypt can be simple or more complex and that affects how securely what you have encrypted is protected. Encryption systems have been broken when the method of encryption is understood by hackers and is easy to break.
Why bother to encrypt my email?
It should be noted that email is far less secure than paper mail for two very good reasons: first, electronic data can be accessed easily over an Internet and secondly, electronic data is really simple to copy. There is a very good chance that someone has snooped around in your email despite your best intentions to stop it.
How do I go about encrypting my email?
There are many programs out there that can help you encrypt your email. A very popular one is PGP (Pretty Good Privacy) or its Gnu offshoot GPG.
PGP (http://www.pgpi.org/) self-describes itself this way: This "is a program that gives your electronic mail something that it otherwise doesn't have: Privacy. It does this by encrypting your mail so that nobody but the intended person can read it. When encrypted, the message looks like a meaningless jumble of random characters. PGP has proven itself quite capable of resisting even the most sophisticated forms of analysis aimed at reading the encrypted text."
Why bother to encrypt my files?
The answer to this boils down to what you store on your computer. If you have financial data with important information like social security numbers, email addresses, account numbers and passwords, then you open yourself up to losing very valuable information. Most corporate Internet security employees will attest to the widespread theft of very valuable information. As long as you are connected to the Internet you are vulnerable.
How do I go about encrypting my files?
AxCrypt File Encryption Software (http://axcrypt.sourceforge.net/) Self-described as "Free Personal Privacy and Security for Windows 98/ME/NT/2K/XP with AES-128 File Encryption, Compression and transparent Decrypt and Open in the original application."
SECURITY
Surfing the Web
Surfing the Web Anonymously – Questions to Ask
When you surf the web it is possible to learn information about you even when you don't want to advertise who you are. This is true even if your system contains no virus or malware software. Specifically information that is easily available online includes your IP address, your country (and often more location information based on IP address), what computer system you are on, what browser you use, your browser history, and other information. It gets worse. People can get your computer's name and even find out your name if your machine supports programs like finger or identd. Also, cookies can track your habits as you move from machine to machine.
How do people get this basic information about you?
When you visit another web site, information about you can be retrieved. Basically, information is intercepted and used by others to track your Internet activities.
How do you stop this from happening?
First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you. The anonymous proxy server replaces your Internet address for its own. This has the effect of hiding your IP address and making it much harder for people to track you.
How do I get an anonymous proxy server?
There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster. Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service. ShadowSurf (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.
Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html).
Does an anonymous proxy server make you 100% safe?
No. Still, you are much better off if you use such technology.
What other things should I be concerned about when trying to keep my private information private?
Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this. Secondly, delete cookies after each session. Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.
Website Security Rules of the Road
In 2004, online consumer spending was at a record $65.1 billion. More and more people are attracted to the ease of online shopping and are spending higher amounts. Unfortunately, the chances of becoming a victim of Internet fraud are also increasing. The Internet National Fraud Center Watch reported that the average loss to fraud victims for just the first six months of 2005 was $2,579. This is compared to the $895 average for all of 2004.
Complaints relating to general merchandise purchases (goods never received or misrepresented) accounted for 30% of Internet fraud complaints, and auction purchases (goods never received or misrepresented) topped the list at 44%.
While many e-commerce Websites are reputable and have taken the necessary safety precautions to protect you, it never hurts to always proceed cautiously. If you are making an online purchase consider these easy steps:
1. Use only one credit card, preferably with a low credit limit, when making online purchases. Avoid using an ATM or debit card.
2. Be wary of unsolicited offers by sellers. The Internet National Fraud Information Center Watch reported that email, as a method of contact by Internet scammers was up 22% in 2004.While the offer may be legitimate, spammers like to use this tactic to side-step reputable sites that provide consumer protection for online purchases.
3. Use only reputable e-commerce websites that list a street address and telephone number in case you need to contact them directly.
4. Read the website’s privacy policy. Some websites may reserve the right to sell/give your information to a third party. Check the document to see if they allow an opportunity to “opt-out” of receiving special offers from third-party vendors or for permission to share your personal information.
5. Check for a lock symbol in the status bar at the bottom of your Web browser window. Also, do not provide your personal information if the website address doesn’t start with “https” (a sign that the site is using a secure server).
6. Choose only verified sellers. Check to see if the vendor is a verified member of a reputable third party such as the Better Business Bureau, VeriSign, or Guardian eCommerce. These third-party sites help to ensure online consumers will be protected when shopping or conducting e-commerce transactions.
7. Check that the delivery date posted is reasonable. If you have not dealt with the vendor on a regular basis, be wary of any Website that states the shipment will be delayed 20 or more days. Delivery dates of 7-10 days are more common.
8. Keep a paper trail of all online transactions. Print out a hard copy of the transaction and keep it in a file for future reference.
9. Be wary of website offers that just sound too good to be true. The Internet is littered with get rich quick scams and false advertising claims. Investigate all claims thoroughly before proceeding.
10. If you do not receive what you paid for, and the vendor will not return your emails or calls, contact your state’s Department of Consumer Affairs for further assistance.
Trojan Horse
Trojan Horse….Greek Myth or Computer Nemesis?
We have all heard the term Trojan Horse, but what exactly is it? A Trojan Horse is a destructive program that masquerades as a harmless application. Unlike viruses, Trojan Horses do not replicate themselves, but they can be just as destructive. One of the most dangerous examples of a Trojan is a program that promises to rid your computer of viruses but instead introduces viruses into your computer.
The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.
When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.
To increase your odds of not encountering a Trojan, follow these guidelines.
1. Remain diligent
Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.
2. Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.
3. Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
4. Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines.
Department of Defense Crackdown on Security
The top commander of the department of Defense network operations just ordered a crackdown on security. According to a recent article by NetworkWorld on January 16,2006, Lt. General Charles Croom is quoted as saying, “The attacks are coming from everywhere and they’re getting better.” His talk was the keynote address at the Department of Defense Cyber Crime Conference held on January 9 - 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint Task Force. Over 500 computer crime specialists from the FBI and the military attended the event.
The crackdown was related to a recent arrest of a “Computer Virus Broker” named Jeanson James Ancheta. On further investigation, a Department of Justice press release from Nov 3rd, 2005 offered the following information on this incident, “In the first prosecution of its kind in the nation, a well-known member of the “botmaster underground” has been indicted on federal charges for profiting from the use of “botnets” – armies of computers that are under the control of the botmaster and are used to launch destructive attacks or to send huge quantities of spam across the Internet.
Jeanson James Ancheta, 20, of Downey, California, was arrested this morning by special agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday in two separate conspiracies, as well as substantive charges of attempting to cause damage to protected computers, causing damage to computers used by the federal government in national defense, accessing protected computers without authorization to commit fraud and money laundering.”
The press release goes on to describe more details of this scheme that clearly show why the Deparment of Defense is so concerned (for more information go to: http://www.usdoj.gov/criminal/cybercrime/anchetaArrest.htm )
“Ancheta had become an affiliate of several different advertising service companies, and those companies paid him a commission based upon the number of installations. To avoid detection by network administrators, security analysts and law enforcement, Ancheta would vary the download times and rates of the adware installations. When companies hosting Ancheta’s adware servers discovered the malicious activity, Ancheta redirected his botnet armies to a different server he controlled to pick up adware. To generate the roughly $60,000 he received in advertising affiliate proceeds, Ancheta caused the surreptitious installation of adware on approximately 400,000 compromised computers. Ancheta used the advertising affiliate proceeds he earned to pay for, among other things, the multiple servers used to conduct his schemes.
Ancheta used programs powerful enough to cause the infection of computers at the Weapons Division of the United States Naval Air Warfare Center in China Lake, as well as computers belonging to the Defense Information Systems Agency, a component of the United States Department of Defense. Both networks are used exclusively by the federal government in furtherance of national defense. After being arrested this morning at the FBI Field Office in Los Angeles, Ancheta was transported to United States District Court in Los Angeles. It is unclear if he will make his initial court appearance this afternoon or tomorrow. Ancheta is charged with two counts of conspiracy, two counts of attempted transmission of code to a protected computer, two counts of transmission of code to a government computer, five counts of accessing a protected computer to commit fraud and five counts of money laundering. Count 17 of the indictment seeks the forfeiture of more than $60,000 in cash, a BMW automobile and computer equipment that the indictment alleges are the proceeds and instrumentalities of Ancheta’s illegal activity.”
Some recent news. Ancheta pleaded guilty to charges of conspiring to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea agreement - plus heavy fines.
Spyware Beware
Spyware and Adware are not only an ever increasing nuisance for computer users everywhere, but also a booming industry. According to Webroot Software, Inc., the distribution of online advertisements through spyware and adware has become a $2 billion industry.
The aggressive advertising and spying tactics demonstrated by some of these programs, require an equally aggressive response from a seasoned eradicator. Sunbelt Software is such a company. A leader in Anti-Spyware, Anti-Spam, Network Security and System Management tools, they gave consistently remained on the cutting-edge of anti-spyware programming since 1994.
One of their more notable software applications is CounterSpy 1.5. CounterSpy is designed to detect and remove spyware that is already in your computer system. Additionally, it provides real-time protection while preventing browser hijacking and changes to your computer’s Registry.
Other notable features include:
• Detection and Removal of Tracking Cookies – while it is true that applications like Microsoft AntiSpyware Beta are free, they do not include the ability to detect and remove tracking cookies like CounterSpy does.
• History Cleaner - erases any traceable trails left on your computer as you surf the Internet.
• Secure File Eraser - a powerful deletion tool that can completely eliminate all files you want removed from your computer including images, music, movies and applications.
• PC Explorer - allows you a look into files and areas that are normally inconvenient to access, such as your startup programs, browser helper objects, and ActiveX programs that are being downloaded or used.
• Support for Older Operating Systems – includes Windows 98SE, Windows ME, and Windows NT.
Recommended by PC World, ConsumerSearch, and Dell, CounterSpy holds one of the highest effective ratings for spyware removal. It also received high marks from TopTenReviews (2006) for ease of use, customization/installation, and help/support. For only $19.95 per machine, users can receive a one year subscription with updates, upgrades, and technical support from real live humans. CounterSpy definitely provides ease of use and affordability for just about any computer user from the novice to the expert.
Computer Viruses that Come a Callin’
Every day new computer viruses are created to annoy us and to wreck havoc on our computer systems. Below are ten viruses currently cited as being the most prevalent in terms of being seen the most or in their ability to potentially cause damage. New viruses are created daily. This is by no means an all inclusive list. The best thing you can do is to remain vigilant, keep your anti-virus software updated, and stay aware of the current computer virus threats.
Virus: Trojan.Lodear
A Trojan horse that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.
Virus: W32.Beagle.CO@mm
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.
Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.
Virus: W32/Netsky-P
A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.
Virus: W32/Mytob-GH
A mass-mailing worm and IRC backdoor Trojan for the Windows platform. Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.
Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.
Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).
Virus: Zafi-D
A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".
Virus: W32/Netsky-D
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.
Virus: W32/Zafi-B
A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to “We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)”
Surfing the Web Anonymously – Questions to Ask
When you surf the web it is possible to learn information about you even when you don't want to advertise who you are. This is true even if your system contains no virus or malware software. Specifically information that is easily available online includes your IP address, your country (and often more location information based on IP address), what computer system you are on, what browser you use, your browser history, and other information. It gets worse. People can get your computer's name and even find out your name if your machine supports programs like finger or identd. Also, cookies can track your habits as you move from machine to machine.
How do people get this basic information about you?
When you visit another web site, information about you can be retrieved. Basically, information is intercepted and used by others to track your Internet activities.
How do you stop this from happening?
First of all, it is possible to serf the web anonymously and thereby stop leaving a trail for others to find. Note that this is not fool-proof, but it makes it much harder for people to know who you are. There are products called anonymous proxy servers that help protect you. The anonymous proxy server replaces your Internet address for its own. This has the effect of hiding your IP address and making it much harder for people to track you.
How do I get an anonymous proxy server?
There are many vendors who sell anonymous proxy servers. There are also free proxy servers available to you. Two such products are ShadowSurf and Guardster. Guardster (http://www.guardster.com/) offers various services for anonymous and secure access to the web, some paid as well as a free service. ShadowSurf (http://www.shadowsurf.com/) ShadowSurf provides anonymous surfing at their site for free. Go to it and you will find a box to enter a URL that you want no one to track. There are many others, but here are two that are frequently used.
Another interesting product, given the recent news about the Google search engine filtering its findings for the Chinese government, is Anonymizer (http://www.anonymizer.com). This company, among others, recently (Feb 1st, 2006) pressed that it "is developing a new anti-censorship solution that will enable Chinese citizens to safely access the entire Internet filter-free" (http://www.anonymizer.com/consumer/media/press_releases/02012006.html).
Does an anonymous proxy server make you 100% safe?
No. Still, you are much better off if you use such technology.
What other things should I be concerned about when trying to keep my private information private?
Three other items come to mind when trying to keep your information private. First, you can use an encrypted connection to hide your surfing. This article does not go into detail on this, but search the web and you will find a lot of information on this. Secondly, delete cookies after each session. Third, you can configure your browser to remove JavaScript, Java, and active content. This actually leads to limitations, so you need to think about the cost/benefit of this course of action.
Website Security Rules of the Road
In 2004, online consumer spending was at a record $65.1 billion. More and more people are attracted to the ease of online shopping and are spending higher amounts. Unfortunately, the chances of becoming a victim of Internet fraud are also increasing. The Internet National Fraud Center Watch reported that the average loss to fraud victims for just the first six months of 2005 was $2,579. This is compared to the $895 average for all of 2004.
Complaints relating to general merchandise purchases (goods never received or misrepresented) accounted for 30% of Internet fraud complaints, and auction purchases (goods never received or misrepresented) topped the list at 44%.
While many e-commerce Websites are reputable and have taken the necessary safety precautions to protect you, it never hurts to always proceed cautiously. If you are making an online purchase consider these easy steps:
1. Use only one credit card, preferably with a low credit limit, when making online purchases. Avoid using an ATM or debit card.
2. Be wary of unsolicited offers by sellers. The Internet National Fraud Information Center Watch reported that email, as a method of contact by Internet scammers was up 22% in 2004.While the offer may be legitimate, spammers like to use this tactic to side-step reputable sites that provide consumer protection for online purchases.
3. Use only reputable e-commerce websites that list a street address and telephone number in case you need to contact them directly.
4. Read the website’s privacy policy. Some websites may reserve the right to sell/give your information to a third party. Check the document to see if they allow an opportunity to “opt-out” of receiving special offers from third-party vendors or for permission to share your personal information.
5. Check for a lock symbol in the status bar at the bottom of your Web browser window. Also, do not provide your personal information if the website address doesn’t start with “https” (a sign that the site is using a secure server).
6. Choose only verified sellers. Check to see if the vendor is a verified member of a reputable third party such as the Better Business Bureau, VeriSign, or Guardian eCommerce. These third-party sites help to ensure online consumers will be protected when shopping or conducting e-commerce transactions.
7. Check that the delivery date posted is reasonable. If you have not dealt with the vendor on a regular basis, be wary of any Website that states the shipment will be delayed 20 or more days. Delivery dates of 7-10 days are more common.
8. Keep a paper trail of all online transactions. Print out a hard copy of the transaction and keep it in a file for future reference.
9. Be wary of website offers that just sound too good to be true. The Internet is littered with get rich quick scams and false advertising claims. Investigate all claims thoroughly before proceeding.
10. If you do not receive what you paid for, and the vendor will not return your emails or calls, contact your state’s Department of Consumer Affairs for further assistance.
Trojan Horse
Trojan Horse….Greek Myth or Computer Nemesis?
We have all heard the term Trojan Horse, but what exactly is it? A Trojan Horse is a destructive program that masquerades as a harmless application. Unlike viruses, Trojan Horses do not replicate themselves, but they can be just as destructive. One of the most dangerous examples of a Trojan is a program that promises to rid your computer of viruses but instead introduces viruses into your computer.
The Trojan can be tricky. Who hasn’t been online and had an advertisement pop up claiming to be able to rid your computer of some nasty virus? Or, even more frightening, you receive an email that claims to be alerting you to a new virus that can threaten your computer. The sender promises to quickly eradicate, or protect, your computer from viruses if you simply download their “free”, attached software into your computer. You may be skeptical but the software looks legitimate and the company sounds reputable. You proceed to take them up on their offer and download the software. In doing so, you have just potentially exposed yourself to a massive headache and your computer to a laundry list of ailments.
When a Trojan is activated, numerous things can happen. Some Trojans are more annoying than malicious. Some of the less annoying Trojans may choose to change your desktop settings or add silly desktop icons. The more serious Trojans can erase or overwrite data on your computer, corrupt files, spread other malware such as viruses, spy on the user of a computer and secretly report data like browsing habits to other people, log keystrokes to steal information such as passwords and credit card numbers, phish for bank account details (which can be used for criminal activities), and even install a backdoor into your computer system so that they can come and go as they please.
To increase your odds of not encountering a Trojan, follow these guidelines.
1. Remain diligent
Trojans can infect your computer through rogue websites, instant messaging, and emails with attachments. Do not download anything into your computer unless you are 100 percent sure of its sender or source.
2. Ensure that your operating system is always up-to-date. If you are running a Microsoft Windows operating system, this is essential.
3. Install reliable anti-virus software. It is also important that you download any updates frequently to catch all new Trojan Horses, viruses, and worms. Be sure that the anti-virus program that you choose can also scan e-mails and files downloaded through the internet.
4. Consider installing a firewall. A firewall is a system that prevents unauthorized use and access to your computer. A firewall is not going to eliminate your computer virus problems, but when used in conjunction with regular operating system updates and reliable anti-virus software, it can provide additional security and protection for your computer.
Nothing can guarantee the security of your computer 100 percent. However, you can continue to improve your computer's security and decrease the possibility of infection by consistently following these guidelines.
Department of Defense Crackdown on Security
The top commander of the department of Defense network operations just ordered a crackdown on security. According to a recent article by NetworkWorld on January 16,2006, Lt. General Charles Croom is quoted as saying, “The attacks are coming from everywhere and they’re getting better.” His talk was the keynote address at the Department of Defense Cyber Crime Conference held on January 9 - 14, 2005 in Clearwater, Florida. The event is sponsored by the Defense Cyber Crime Center and the Joint Task Force. Over 500 computer crime specialists from the FBI and the military attended the event.
The crackdown was related to a recent arrest of a “Computer Virus Broker” named Jeanson James Ancheta. On further investigation, a Department of Justice press release from Nov 3rd, 2005 offered the following information on this incident, “In the first prosecution of its kind in the nation, a well-known member of the “botmaster underground” has been indicted on federal charges for profiting from the use of “botnets” – armies of computers that are under the control of the botmaster and are used to launch destructive attacks or to send huge quantities of spam across the Internet.
Jeanson James Ancheta, 20, of Downey, California, was arrested this morning by special agents with the Federal Bureau of Investigation. Ancheta was indicted yesterday in two separate conspiracies, as well as substantive charges of attempting to cause damage to protected computers, causing damage to computers used by the federal government in national defense, accessing protected computers without authorization to commit fraud and money laundering.”
The press release goes on to describe more details of this scheme that clearly show why the Deparment of Defense is so concerned (for more information go to: http://www.usdoj.gov/criminal/cybercrime/anchetaArrest.htm )
“Ancheta had become an affiliate of several different advertising service companies, and those companies paid him a commission based upon the number of installations. To avoid detection by network administrators, security analysts and law enforcement, Ancheta would vary the download times and rates of the adware installations. When companies hosting Ancheta’s adware servers discovered the malicious activity, Ancheta redirected his botnet armies to a different server he controlled to pick up adware. To generate the roughly $60,000 he received in advertising affiliate proceeds, Ancheta caused the surreptitious installation of adware on approximately 400,000 compromised computers. Ancheta used the advertising affiliate proceeds he earned to pay for, among other things, the multiple servers used to conduct his schemes.
Ancheta used programs powerful enough to cause the infection of computers at the Weapons Division of the United States Naval Air Warfare Center in China Lake, as well as computers belonging to the Defense Information Systems Agency, a component of the United States Department of Defense. Both networks are used exclusively by the federal government in furtherance of national defense. After being arrested this morning at the FBI Field Office in Los Angeles, Ancheta was transported to United States District Court in Los Angeles. It is unclear if he will make his initial court appearance this afternoon or tomorrow. Ancheta is charged with two counts of conspiracy, two counts of attempted transmission of code to a protected computer, two counts of transmission of code to a government computer, five counts of accessing a protected computer to commit fraud and five counts of money laundering. Count 17 of the indictment seeks the forfeiture of more than $60,000 in cash, a BMW automobile and computer equipment that the indictment alleges are the proceeds and instrumentalities of Ancheta’s illegal activity.”
Some recent news. Ancheta pleaded guilty to charges of conspiring to violate anti-spam and computer misuse laws, and fraud and will serve from 4-6 years in prison, under the plea agreement - plus heavy fines.
Spyware Beware
Spyware and Adware are not only an ever increasing nuisance for computer users everywhere, but also a booming industry. According to Webroot Software, Inc., the distribution of online advertisements through spyware and adware has become a $2 billion industry.
The aggressive advertising and spying tactics demonstrated by some of these programs, require an equally aggressive response from a seasoned eradicator. Sunbelt Software is such a company. A leader in Anti-Spyware, Anti-Spam, Network Security and System Management tools, they gave consistently remained on the cutting-edge of anti-spyware programming since 1994.
One of their more notable software applications is CounterSpy 1.5. CounterSpy is designed to detect and remove spyware that is already in your computer system. Additionally, it provides real-time protection while preventing browser hijacking and changes to your computer’s Registry.
Other notable features include:
• Detection and Removal of Tracking Cookies – while it is true that applications like Microsoft AntiSpyware Beta are free, they do not include the ability to detect and remove tracking cookies like CounterSpy does.
• History Cleaner - erases any traceable trails left on your computer as you surf the Internet.
• Secure File Eraser - a powerful deletion tool that can completely eliminate all files you want removed from your computer including images, music, movies and applications.
• PC Explorer - allows you a look into files and areas that are normally inconvenient to access, such as your startup programs, browser helper objects, and ActiveX programs that are being downloaded or used.
• Support for Older Operating Systems – includes Windows 98SE, Windows ME, and Windows NT.
Recommended by PC World, ConsumerSearch, and Dell, CounterSpy holds one of the highest effective ratings for spyware removal. It also received high marks from TopTenReviews (2006) for ease of use, customization/installation, and help/support. For only $19.95 per machine, users can receive a one year subscription with updates, upgrades, and technical support from real live humans. CounterSpy definitely provides ease of use and affordability for just about any computer user from the novice to the expert.
Computer Viruses that Come a Callin’
Every day new computer viruses are created to annoy us and to wreck havoc on our computer systems. Below are ten viruses currently cited as being the most prevalent in terms of being seen the most or in their ability to potentially cause damage. New viruses are created daily. This is by no means an all inclusive list. The best thing you can do is to remain vigilant, keep your anti-virus software updated, and stay aware of the current computer virus threats.
Virus: Trojan.Lodear
A Trojan horse that attempts to download remote files. It will inject a .dll file into the EXPLORER.EXE process causing system instability.
Virus: W32.Beagle.CO@mm
A mass-mailing worm that lowers security settings. It can delete security-related registry sub keys and may block access to security-related websites.
Virus: Backdoor.Zagaban
A Trojan horse that allows the compromised computer to be used as a covert proxy and which may degrade network performance.
Virus: W32/Netsky-P
A mass-mailing worm which spreads by emailing itself to addresses produced from files on the local drives.
Virus: W32/Mytob-GH
A mass-mailing worm and IRC backdoor Trojan for the Windows platform. Messages sent by this worm will have the subject chosen randomly from a list including titles such as: Notice of account limitation, Email Account Suspension, Security measures, Members Support, Important Notification.
Virus: W32/Mytob-EX
A mass-mailing worm and IRC backdoor Trojan similar in nature to W32-Mytob-GH. W32/Mytob-EX runs continuously in the background, providing a backdoor server which allows a remote intruder to gain access and control over the computer via IRC channels. This virus spreads by sending itself to email attachments harvested from your email addresses.
Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This family of worm variations possesses similar characteristics in terms of what they can do. They are mass-mailing worms with backdoor functionality that can be controlled through the Internet Relay Chat (IRC) network. Additionally, they can spread through email and through various operating system vulnerabilities such as the LSASS (MS04-011).
Virus: Zafi-D
A mass mailing worm and a peer-to-peer worm which copies itself to the Windows system folder with the filename Norton Update.exe. It can then create a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. W32/Zafi-D copies itself to folders with names containing share, upload, or music as ICQ 2005a new!.exe or winamp 5.7 new!.exe. W32/Zafi-D will also display a fake error message box with the caption "CRC: 04F6Bh" and the text "Error in packed file!".
Virus: W32/Netsky-D
A mass-mailing worm with IRC backdoor functionality which can also infect computers vulnerable to the LSASS (MS04-011) exploit.
Virus: W32/Zafi-B
A peer-to-peer (P2P) and email worm that will copy itself to the Windows system folder as a randomly named EXE file. This worm will test for the presence of an internet connection by attempting to connect to www.google.com or www.microsoft.com. A bilingual, worm with an attached Hungarian political text message box which translates to “We demand that the government accommodates the homeless, tightens up the penal code and VOTES FOR THE DEATH PENALTY to cut down the increasing crime. Jun. 2004, Pécs (SNAF Team)”
How To Enable or Disable Simple File Sharing in Windows XP
Simple File Sharing is a feature introduced in Microsoft Windows XP. Simple File Sharing removes some file sharing security options available in other versions of Windows. This helps Windows XP administrators quickly set up folder shares.
Simple File Sharing (SFS) is always enabled and cannot be disabled in Windows XP Home Edition. The below step-by-step instructions explain how to enable/disable SFS in Windows XP Professional.
1. Open My Computer from the Start Menu or Windows XP Desktop. A new My Computer window will appear.
2. Open the Tools menu and choose the "Folder Options..." option from this menu. A new Folder Options window will appear.
3. Click on the View tab and locate the "Use Simple File Sharing (Recommended)" checkbox in the list of Advanced Settings.
4. To enable Simple File Sharing, ensure this checkbox is checked. To disable Simple File Sharing, ensure this checkbox is not checked. Click inside the checkbox to alternately enable and disable the option.
5. Click OK to close the Folder Options window. The settings for Simple File Sharing are now updated; no computer reboot is required.
Tips:
1. The Simple File Sharing checkbox should be at or near the bottom of the Advanced Settings list in the My Computer Folder Options.
2. Enabling Simple File Sharing prevents the ability to assign user-level passwords to shares. When Simple File Sharing is enabled on a computer, remote users will not be prompted for a password when accessing that computer's shares.
3. If the Windows XP Professional computer is part of a Windows domain rather than a Windows workgroup, this process for enabling or disabling Simple File Sharing has no effect. Simple File Sharing always remains disabled for computers joined to domains.
What You Need:
• Computer running Windows XP Professional
Simple File Sharing (SFS) is always enabled and cannot be disabled in Windows XP Home Edition. The below step-by-step instructions explain how to enable/disable SFS in Windows XP Professional.
1. Open My Computer from the Start Menu or Windows XP Desktop. A new My Computer window will appear.
2. Open the Tools menu and choose the "Folder Options..." option from this menu. A new Folder Options window will appear.
3. Click on the View tab and locate the "Use Simple File Sharing (Recommended)" checkbox in the list of Advanced Settings.
4. To enable Simple File Sharing, ensure this checkbox is checked. To disable Simple File Sharing, ensure this checkbox is not checked. Click inside the checkbox to alternately enable and disable the option.
5. Click OK to close the Folder Options window. The settings for Simple File Sharing are now updated; no computer reboot is required.
Tips:
1. The Simple File Sharing checkbox should be at or near the bottom of the Advanced Settings list in the My Computer Folder Options.
2. Enabling Simple File Sharing prevents the ability to assign user-level passwords to shares. When Simple File Sharing is enabled on a computer, remote users will not be prompted for a password when accessing that computer's shares.
3. If the Windows XP Professional computer is part of a Windows domain rather than a Windows workgroup, this process for enabling or disabling Simple File Sharing has no effect. Simple File Sharing always remains disabled for computers joined to domains.
What You Need:
• Computer running Windows XP Professional
How To Restore Hal.dll From the Windows XP CD
The hal.dll file is a hidden file that is used by Windows XP to communicate with your computer's hardware. Hal.dll can become damaged, corrupted or deleted for a number of reasons and is usually brought to your attention by the "missing or corrupt hal.dll" error message.
Follow these easy steps to restore the damaged/corrupted or missing hal.dll file from the Windows XP CD using the Recovery Console.
1. Enter Windows XP Recovery Console.
2. When you reach the command line prompt (detailed in Step 6 in the link above), type the following and then press Enter:
3.
4. expand d:\i386\hal.dl_ c:\windows\system32
Using the expand command as shown above, d represents the drive letter assigned to the optical drive that your Windows XP CD is currently in. While this is most often d, your system could assign a different letter. Also, c:\windows represents the drive and folder that Windows XP is currently installed on. Again, this is most often the case but your system could be different.
5. If you're prompted to overwrite the file, press Y.
6. Take out the Windows XP CD, type exit and then press Enter to restart your PC.
Assuming that a missing or corrupt hal.dll file was your only issue, Windows XP should now start normally.
Follow these easy steps to restore the damaged/corrupted or missing hal.dll file from the Windows XP CD using the Recovery Console.
1. Enter Windows XP Recovery Console.
2. When you reach the command line prompt (detailed in Step 6 in the link above), type the following and then press Enter:
3.
4. expand d:\i386\hal.dl_ c:\windows\system32
Using the expand command as shown above, d represents the drive letter assigned to the optical drive that your Windows XP CD is currently in. While this is most often d, your system could assign a different letter. Also, c:\windows represents the drive and folder that Windows XP is currently installed on. Again, this is most often the case but your system could be different.
5. If you're prompted to overwrite the file, press Y.
6. Take out the Windows XP CD, type exit and then press Enter to restart your PC.
Assuming that a missing or corrupt hal.dll file was your only issue, Windows XP should now start normally.
Securing Windows XP Home Edition
Use Private Folders To Protect Data: As mentioned in Step 1 above, Windows XP Home uses something called Simple File Sharing for sharing files, folders and other resources. When you mark a file or folder as Shared, anyone who can get to your computer can access the share and the data it contains because of how Windows XP Home uses the Guest account and its blank password (unless you have followed the information in Step 1) to grant access. Windows XP Home does not allow for more customized file and folder sharing like you would find in Windows 2000 or in Windows XP Professional (with Simple File Sharing disabled).
Windows XP Home does offer the polar opposite of sharing though- marking a folder Private. If you mark a folder as Private the contents of that folder and any sub-folders will be accessible only by you.
To make the most of this feature it helps if you keep all of your personal or confidential data in one place so that you can just mark the one folder as Private rather than having to scour the computer looking for various folders you might want to keep Private. Your User Account folder under Documents and Settings which contains your My Documents folder, your Favorites and other personal configuration data for Windows is marked Private by default in Windows XP Home.
To mark a folder as private you need to right-click on it and select Sharing and Security. On the Sharing tab click the checkbox that says "Make This Folder Private". If the folder is owned by another user or by the operating system itself this option will be grayed out. You may also see a checkmark inthe box that is grayed out if the folder is a sub-folder of a different folder already marked as Private.
4. Use Limited Accounts For Everyday Use: Windows 2000 and Windows XP Professional offer a number of different user account types and also provide a means to create your own custom user account types. Windows XP Home essentially offers two choices- Administrator and Limited. The Administrator account has essentially full control over anything and everything on the computer. The Limited account can use the computer, but is extremely restricted in its ability to install software or alter system configurations in any way.
One of the primary reasons for using the Limited account is to protect the system from yourself. It's possible that a family member with Administrator access can accidentally change or delete critical information on the computer. It is also possible that someone with an Administrator account may have their account hacked or become infected with a virus or worm of some sort. Typically, the attacker or malware will be able to wreak havoc on the system using the access privileges of the account that has been compromised. So, it makes sense to save your Administrator account for when it is needed, but use Limited accounts for everyday use by most users.
To choose an account type in Windows XP Home click on User Accounts in the Control Panel. Once you select a user you can click on the "Change My Account Type" button. You will be able to choose between Administrator and Limited and can see a brief description of the abilities of each account type. You are required to have at least one Administrator account, so be sure to leave or create one- but save it for use when necessary and stick to using Limited accounts wherever possible.
5. Upgrade to Windows XP Professional: I realize that switching operating systems isn't exactly helpful for securing the one you have. However, it is truly my best recommendation for someone using Windows XP Home edition that wants to ensure a high degree of security on their system.
The Simple File Sharing "feature" which doesn't let you protect individual files or select which users can simply read the file vs. which ones can change or delete it turns out to be a feature you may not want if you're trying to be secure.
Windows XP Home lets you mark folders and their data as Private, but does not include support for EFS (Encrypted File System) which you can use in Windows 2000 and in Windows XP Professional to encrypt your data for even more protection from unauthorized access.
These are just a couple of reasons. The bottom line is that it seems that Microsoft did not have security in mind when selecting the features and options to include in Windows XP Home. Users who truly want to be secure (and don't want to switch to Linux or another operating system entirely) should move to Windows XP Professional
Windows XP Home does offer the polar opposite of sharing though- marking a folder Private. If you mark a folder as Private the contents of that folder and any sub-folders will be accessible only by you.
To make the most of this feature it helps if you keep all of your personal or confidential data in one place so that you can just mark the one folder as Private rather than having to scour the computer looking for various folders you might want to keep Private. Your User Account folder under Documents and Settings which contains your My Documents folder, your Favorites and other personal configuration data for Windows is marked Private by default in Windows XP Home.
To mark a folder as private you need to right-click on it and select Sharing and Security. On the Sharing tab click the checkbox that says "Make This Folder Private". If the folder is owned by another user or by the operating system itself this option will be grayed out. You may also see a checkmark inthe box that is grayed out if the folder is a sub-folder of a different folder already marked as Private.
4. Use Limited Accounts For Everyday Use: Windows 2000 and Windows XP Professional offer a number of different user account types and also provide a means to create your own custom user account types. Windows XP Home essentially offers two choices- Administrator and Limited. The Administrator account has essentially full control over anything and everything on the computer. The Limited account can use the computer, but is extremely restricted in its ability to install software or alter system configurations in any way.
One of the primary reasons for using the Limited account is to protect the system from yourself. It's possible that a family member with Administrator access can accidentally change or delete critical information on the computer. It is also possible that someone with an Administrator account may have their account hacked or become infected with a virus or worm of some sort. Typically, the attacker or malware will be able to wreak havoc on the system using the access privileges of the account that has been compromised. So, it makes sense to save your Administrator account for when it is needed, but use Limited accounts for everyday use by most users.
To choose an account type in Windows XP Home click on User Accounts in the Control Panel. Once you select a user you can click on the "Change My Account Type" button. You will be able to choose between Administrator and Limited and can see a brief description of the abilities of each account type. You are required to have at least one Administrator account, so be sure to leave or create one- but save it for use when necessary and stick to using Limited accounts wherever possible.
5. Upgrade to Windows XP Professional: I realize that switching operating systems isn't exactly helpful for securing the one you have. However, it is truly my best recommendation for someone using Windows XP Home edition that wants to ensure a high degree of security on their system.
The Simple File Sharing "feature" which doesn't let you protect individual files or select which users can simply read the file vs. which ones can change or delete it turns out to be a feature you may not want if you're trying to be secure.
Windows XP Home lets you mark folders and their data as Private, but does not include support for EFS (Encrypted File System) which you can use in Windows 2000 and in Windows XP Professional to encrypt your data for even more protection from unauthorized access.
These are just a couple of reasons. The bottom line is that it seems that Microsoft did not have security in mind when selecting the features and options to include in Windows XP Home. Users who truly want to be secure (and don't want to switch to Linux or another operating system entirely) should move to Windows XP Professional
How To Restore NTLDR and Ntdetect.com From the Windows XP CD
The NTLDR and Ntdetect.com files are important system files that are used by your computer to start the Windows XP operating system. These files can become damaged, corrupted or deleted for a number of reasons and are usually brought to your attention by the "NTLDR is Missing" error message.
Follow these easy steps to restore the damaged/corrupted or missing NTLDR and Ntdetect.com files from the Windows XP CD using the Recovery Console.
1. Enter Windows XP Recovery Console.
2. When you reach the command prompt (detailed in Step 6 in the link above), type the following two commands, pressing Enter after each one:
copy d:\i386\ntldr c:\
copy d:\i386\ntdetect.com c:\
In the command listed above, d represents the drive letter assigned to the optical drive that your Windows XP CD is currently in. While this is most often d, your system could assign a different letter. Also, c:\ represents the root folder of the partition that Windows XP is currently installed on. Again, this is most often the case but your system could be different.
3. If you're prompted to overwrite either of the two files, press Y.
4. Take out the Windows XP CD, type exit and then press Enter to restart your PC.
Assuming that missing or corrupt versions of the NTLDR and/or Ntdetect.com files were your only issues, Windows XP should now start normally.
Follow these easy steps to restore the damaged/corrupted or missing NTLDR and Ntdetect.com files from the Windows XP CD using the Recovery Console.
1. Enter Windows XP Recovery Console.
2. When you reach the command prompt (detailed in Step 6 in the link above), type the following two commands, pressing Enter after each one:
copy d:\i386\ntldr c:\
copy d:\i386\ntdetect.com c:\
In the command listed above, d represents the drive letter assigned to the optical drive that your Windows XP CD is currently in. While this is most often d, your system could assign a different letter. Also, c:\ represents the root folder of the partition that Windows XP is currently installed on. Again, this is most often the case but your system could be different.
3. If you're prompted to overwrite either of the two files, press Y.
4. Take out the Windows XP CD, type exit and then press Enter to restart your PC.
Assuming that missing or corrupt versions of the NTLDR and/or Ntdetect.com files were your only issues, Windows XP should now start normally.
How To Repair or Replace Boot.ini in Windows XP
The boot.ini file is a hidden file that is used to identify in what folder on which partition and on which hard drive Windows XP is located. Boot.ini can become damaged, corrupted or deleted for a number of reasons and is usually brought to your attention by an error message.
Follow these easy steps to repair the damaged/corrupted boot.ini file or replace it if it has been deleted.
1. Enter Windows XP Recovery Console. The Recovery Console is an advanced diagnostic mode of Windows XP with special tools that will allow you to restore the boot.ini file.
2. When you reach the command line (detailed in Step 6 in the link above), type the following command and then press Enter.
bootcfg /rebuild
3. The bootcfg utility will scan your hard drives for any Windows XP installations and then display the results. Follow the remaining steps to add your Windows XP installation to the boot.ini file.
4. The first prompt asks Add installation to boot list? (Yes/No/All).
Type Y in response to this question and press Enter.
5. The next prompt asks you to Enter Load Identifier:.
This is the name of the operating system. For example, type Windows XP Professional or Windows XP Home Edition and press Enter.
6. The final prompt asks you to Enter OS Load options:.
Type /Fastdetect here and press Enter.
7. Take out the Windows XP CD, type exit and then press Enter to restart your PC.
Assuming that a missing or corrupt boot.ini file was your only issue, Windows XP should now start normally.
Follow these easy steps to repair the damaged/corrupted boot.ini file or replace it if it has been deleted.
1. Enter Windows XP Recovery Console. The Recovery Console is an advanced diagnostic mode of Windows XP with special tools that will allow you to restore the boot.ini file.
2. When you reach the command line (detailed in Step 6 in the link above), type the following command and then press Enter.
bootcfg /rebuild
3. The bootcfg utility will scan your hard drives for any Windows XP installations and then display the results. Follow the remaining steps to add your Windows XP installation to the boot.ini file.
4. The first prompt asks Add installation to boot list? (Yes/No/All).
Type Y in response to this question and press Enter.
5. The next prompt asks you to Enter Load Identifier:.
This is the name of the operating system. For example, type Windows XP Professional or Windows XP Home Edition and press Enter.
6. The final prompt asks you to Enter OS Load options:.
Type /Fastdetect here and press Enter.
7. Take out the Windows XP CD, type exit and then press Enter to restart your PC.
Assuming that a missing or corrupt boot.ini file was your only issue, Windows XP should now start normally.
NTLDR is Missing.
NTLDR is Missing.
Issue:
NTLDR is Missing.
Related errors:
Below are the full error messages that may be seen when the computer is booting.
NTLDR is Missing
Press any key to restart
Boot: Couldn't find NTLDR
Please insert another disk
NTLDR is missing
Press Ctrl Alt Del to Restart
Causes:
1. Computer is booting from a non-bootable source.
2. Computer hard disk drive is not properly setup in BIOS.
3. Corrupt NTLDR and/or NTDETECT.COM file.
4. Misconfiguration with the boot.ini file.
5. Attempting to upgrade from a Windows 95, 98, or ME computer that is using FAT32.
6. New hard disk drive being added.
7. Corrupt boot sector / master boot record.
8. Seriously corrupted version of Windows 2000 or Windows XP.
9. Loose or Faulty IDE/EIDE hard disk drive cable.
10. Failing to enable USB keyboard support in the BIOS.
Solutions:
Computer is booting from a non-bootable source
Many times this error is caused when the computer is attempting to boot from a non-bootable floppy disk or CD-ROM. First verify that no floppy diskette is in the computer, unless you are attempting to boot from a diskette.
If you are attempting to boot from a floppy diskette and are receiving this error message it is likely that the diskette does not have all the necessary files and/or is corrupt.
If you are attempting to install Windows XP or Windows 2000 and are receiving this error message as the computer is booting verify that your computer BIOS has the proper boot settings. For example, if you are attempting to run the install from the CD-ROM make sure the CD-ROM is the first boot device, and not the hard disk drive.
Second, when the computer is booting you should receive the below prompt.
Press any key to boot from the CD
Important: When you see this message press any key such as the Enter key immediately, otherwise it will try booting from the hard drive and likely get the NTLDR error again.
Note: If you are not receiving the above message and your BIOS boot options are set properly it's also possible that your CD-ROM drive may not be booting from the CD-ROM properly. Verify the jumpers are set properly on the CD-ROM drive. Additional information about checking the CD-ROM drive connections can be found on document CH000213.
Additional information: This error has also been known to occur when a memory stick is in a card reader and the computer is attempting to boot from it. If you have any type of card reader or flash reader make sure that no memory stick is inside the computer.
Computer hard disk drive is not properly setup in BIOS
Verify that your computer hard disk drive is properly setup in the BIOS / CMOS setup. Improper settings can cause this error. Additional information on how to enter the BIOS / CMOS setup can be found in document CH000192.
Corrupt NTLDR and/or NTDETECT.COM file
Windows 2000 users
Windows XP users
Windows 2000 users
If your computer is using Microsoft Windows 2000 and you are encountering the NTLDR error. Create the below boot.ini file on the floppy diskette drive.
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect
Copy the NTLDR and NTDETECT.COM files from another computer using the same operating system. Both of these files are located in the root directory of the primary hard disk drive. For example, C:\NTLDR and C:\NTDETECT.COM should be the locations of these files on many computers.
• Please keep in mind that these files are hidden system files, if you need additional help with viewing hidden files in Windows please see document CH000516.
Once these files have been copied to a floppy diskette reboot the computer and copy the NTLDR and NTDETECT.COM files to the root directory of the primary hard disk drive. Below is an example of what commonly should be performed from the A:\> drive.
copy ntldr c:
copy ntdetect.com c:
After the above two files have been copied, remove the floppy diskette and reboot the computer.
Windows XP users
1. Insert the Windows XP bootable CD into the computer.
2. When prompted to press any key to boot from the CD, press any key.
3. Once in the Windows XP setup menu press the "R" key to repair Windows.
4. Log into your Windows installation by pressing the "1" key and pressing enter.
5. You will then be prompted for your administrator password, enter that password.
6. Copy the below two files to the root directory of the primary hard disk. In the below example we are copying these files from the CD-ROM drive letter, which in this case is "e." This letter may be different on your computer.
copy e:\i386\ntldr c:\
copy e:\i386\ntdetect.com c:\
7. Once both of these files have been successfully copied, remove the CD from the computer and reboot.
Misconfiguration with the boot.ini file
Edit the boot.ini on the root directory of the hard disk drive and verify that it is pointing to the correct location of your Windows operating system and that the partitions are properly defined. Additional information about the boot.ini can be found on document CH000492.
Attempting to upgrade from a Windows 95, 98, or ME computer that is using FAT32
If you are getting this error message while you are attempting to upgrade to Windows 2000 or Windows XP from Windows 95, Windows 98, or Windows ME running FAT32 please try the below recommendations.
1. Boot the computer with a Windows 95, Windows 98 or Windows ME bootable diskette.
2. At the A:\> prompt type:
sys c:
3. After pressing enter you should receive the "System Transferred" message. Once this has been completed remove the floppy diskette and reboot the computer.
New hard disk drive being added
If you are attempting to add a new hard disk drive to the computer make sure that drive is a blank drive. Adding a new hard disk drive to a computer that already has Windows installed on it may cause the NTLDR error to occur.
If you are unsure if the new drive is blank or not try booting from a bootable diskette and format the new hard disk drive.
Corrupt boot sector / master boot record
It's possible your computer's hard disk drive may have a corrupt boot sector and/or master boot record. These can be repaired through the Microsoft Windows Recovery console by running the fixboot and fixmbr commands.
Additional information and help in getting into the Microsoft Windows Recovery console can be found on document CH000627.
Seriously corrupted version of Windows 2000 or Windows XP
If you have tried each of the above recommendations that apply to your situation and you continue to experience this issue it is possible you may have a seriously corrupted version of Microsoft Windows. Therefore we would recommend you reinstall Microsoft Windows 2000 and Windows XP.
If you are encountering this issue during your setup you may wish to completely erase your computer hard disk drive and all of its existing data and then install Microsoft Windows 2000 / Windows XP. Additional information about erasing the computer and starting over can be found on document CH000186.
Loose or Faulty IDE/EIDE hard disk drive cable
This issue has been known to be caused by a loose or fault IDE/EIDE cable. If the above recommendation does not resolve your issue and your computer hard disk drive is using an IDE or EIDE interface. Verify the computer hard disk drive cable is firmly connected by disconnected and reconnecting the cable.
If the issue continues it is also a possibility that the computer has a faulty cable, try replacing the hard disk drive cable with another cable and/or a new cable.
Additional information:
NTLDR
Short for NT loader, NTLDR is a program loaded from the hard drive boot sector that displays the Microsoft Windows NT startup menu and helps Microsoft Windows NT/2000/XP load.
Issue:
NTLDR is Missing.
Related errors:
Below are the full error messages that may be seen when the computer is booting.
NTLDR is Missing
Press any key to restart
Boot: Couldn't find NTLDR
Please insert another disk
NTLDR is missing
Press Ctrl Alt Del to Restart
Causes:
1. Computer is booting from a non-bootable source.
2. Computer hard disk drive is not properly setup in BIOS.
3. Corrupt NTLDR and/or NTDETECT.COM file.
4. Misconfiguration with the boot.ini file.
5. Attempting to upgrade from a Windows 95, 98, or ME computer that is using FAT32.
6. New hard disk drive being added.
7. Corrupt boot sector / master boot record.
8. Seriously corrupted version of Windows 2000 or Windows XP.
9. Loose or Faulty IDE/EIDE hard disk drive cable.
10. Failing to enable USB keyboard support in the BIOS.
Solutions:
Computer is booting from a non-bootable source
Many times this error is caused when the computer is attempting to boot from a non-bootable floppy disk or CD-ROM. First verify that no floppy diskette is in the computer, unless you are attempting to boot from a diskette.
If you are attempting to boot from a floppy diskette and are receiving this error message it is likely that the diskette does not have all the necessary files and/or is corrupt.
If you are attempting to install Windows XP or Windows 2000 and are receiving this error message as the computer is booting verify that your computer BIOS has the proper boot settings. For example, if you are attempting to run the install from the CD-ROM make sure the CD-ROM is the first boot device, and not the hard disk drive.
Second, when the computer is booting you should receive the below prompt.
Press any key to boot from the CD
Important: When you see this message press any key such as the Enter key immediately, otherwise it will try booting from the hard drive and likely get the NTLDR error again.
Note: If you are not receiving the above message and your BIOS boot options are set properly it's also possible that your CD-ROM drive may not be booting from the CD-ROM properly. Verify the jumpers are set properly on the CD-ROM drive. Additional information about checking the CD-ROM drive connections can be found on document CH000213.
Additional information: This error has also been known to occur when a memory stick is in a card reader and the computer is attempting to boot from it. If you have any type of card reader or flash reader make sure that no memory stick is inside the computer.
Computer hard disk drive is not properly setup in BIOS
Verify that your computer hard disk drive is properly setup in the BIOS / CMOS setup. Improper settings can cause this error. Additional information on how to enter the BIOS / CMOS setup can be found in document CH000192.
Corrupt NTLDR and/or NTDETECT.COM file
Windows 2000 users
Windows XP users
Windows 2000 users
If your computer is using Microsoft Windows 2000 and you are encountering the NTLDR error. Create the below boot.ini file on the floppy diskette drive.
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINNT
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINNT="Microsoft Windows 2000 Professional" /fastdetect
Copy the NTLDR and NTDETECT.COM files from another computer using the same operating system. Both of these files are located in the root directory of the primary hard disk drive. For example, C:\NTLDR and C:\NTDETECT.COM should be the locations of these files on many computers.
• Please keep in mind that these files are hidden system files, if you need additional help with viewing hidden files in Windows please see document CH000516.
Once these files have been copied to a floppy diskette reboot the computer and copy the NTLDR and NTDETECT.COM files to the root directory of the primary hard disk drive. Below is an example of what commonly should be performed from the A:\> drive.
copy ntldr c:
copy ntdetect.com c:
After the above two files have been copied, remove the floppy diskette and reboot the computer.
Windows XP users
1. Insert the Windows XP bootable CD into the computer.
2. When prompted to press any key to boot from the CD, press any key.
3. Once in the Windows XP setup menu press the "R" key to repair Windows.
4. Log into your Windows installation by pressing the "1" key and pressing enter.
5. You will then be prompted for your administrator password, enter that password.
6. Copy the below two files to the root directory of the primary hard disk. In the below example we are copying these files from the CD-ROM drive letter, which in this case is "e." This letter may be different on your computer.
copy e:\i386\ntldr c:\
copy e:\i386\ntdetect.com c:\
7. Once both of these files have been successfully copied, remove the CD from the computer and reboot.
Misconfiguration with the boot.ini file
Edit the boot.ini on the root directory of the hard disk drive and verify that it is pointing to the correct location of your Windows operating system and that the partitions are properly defined. Additional information about the boot.ini can be found on document CH000492.
Attempting to upgrade from a Windows 95, 98, or ME computer that is using FAT32
If you are getting this error message while you are attempting to upgrade to Windows 2000 or Windows XP from Windows 95, Windows 98, or Windows ME running FAT32 please try the below recommendations.
1. Boot the computer with a Windows 95, Windows 98 or Windows ME bootable diskette.
2. At the A:\> prompt type:
sys c:
3. After pressing enter you should receive the "System Transferred" message. Once this has been completed remove the floppy diskette and reboot the computer.
New hard disk drive being added
If you are attempting to add a new hard disk drive to the computer make sure that drive is a blank drive. Adding a new hard disk drive to a computer that already has Windows installed on it may cause the NTLDR error to occur.
If you are unsure if the new drive is blank or not try booting from a bootable diskette and format the new hard disk drive.
Corrupt boot sector / master boot record
It's possible your computer's hard disk drive may have a corrupt boot sector and/or master boot record. These can be repaired through the Microsoft Windows Recovery console by running the fixboot and fixmbr commands.
Additional information and help in getting into the Microsoft Windows Recovery console can be found on document CH000627.
Seriously corrupted version of Windows 2000 or Windows XP
If you have tried each of the above recommendations that apply to your situation and you continue to experience this issue it is possible you may have a seriously corrupted version of Microsoft Windows. Therefore we would recommend you reinstall Microsoft Windows 2000 and Windows XP.
If you are encountering this issue during your setup you may wish to completely erase your computer hard disk drive and all of its existing data and then install Microsoft Windows 2000 / Windows XP. Additional information about erasing the computer and starting over can be found on document CH000186.
Loose or Faulty IDE/EIDE hard disk drive cable
This issue has been known to be caused by a loose or fault IDE/EIDE cable. If the above recommendation does not resolve your issue and your computer hard disk drive is using an IDE or EIDE interface. Verify the computer hard disk drive cable is firmly connected by disconnected and reconnecting the cable.
If the issue continues it is also a possibility that the computer has a faulty cable, try replacing the hard disk drive cable with another cable and/or a new cable.
Additional information:
NTLDR
Short for NT loader, NTLDR is a program loaded from the hard drive boot sector that displays the Microsoft Windows NT startup menu and helps Microsoft Windows NT/2000/XP load.
MBR AND MONKEY VIRUS
Master Boot Record, MBR is also sometimes referred to as the master boot block and is the first sector of the computer hard disk drive used to determine what partition a computer will boot. The MBR tells the computer where to find and how to load the operating system. It also tells the computer how the hard drive is organized and provides information about the drive's partitions.
The master boot record is located on the first sector of the hard drive; it's the first program the computer runs after performing a memory check and looking for a bootable disk (if set in CMOS). The MBR is also susceptible to boot sector viruses that can corrupt or delete the MBR, which can leave the hard drive unusable and prevent the computer from booting up. A well-known MBR virus is the Stone Empire Monkey Virus.
MBR virus
A type of computer virus that modifies and/or infects the Master Boot Record, generally causing the computer to lose CD-ROM support and/or cause Microsoft Windows to run in compatibility mode.
VIRUS INFORMATION
Information about the Stoned Empire Monkey Virus
The Monkey virus was first discovered in Edmonton, Canada, in the year 1991. The virus spread quickly to USA, Australia and UK and is now one of the most common boot sector viruses.
As the name indicates, Monkey is a distant relative of Stoned. Its technical properties make it quite a remarkable virus, however the virus infects the Master Boot Records of hard disks and the DOS boot records of diskettes, just like Stoned. Monkey spreads only through diskettes.
Monkey does not let the original partition table remain in its proper place in the Master Boot Record, as Stoned does. Instead it moves the whole Master Boot Record to the hard disk's third sector, and replaces it with its own code. The hard disk is inaccessible after a diskette boot, since the operating system cannot find valid partition data in the Master Boot Record - attempts to use the hard disk result in the DOS error message Invalid drive specification.
When the computer is booted from the hard disk, the virus is executed first, and the hard disk can thereafter be used normally. The virus is not, therefore, easily noticeable, unless the computer is booted from a diskette.
The fact that Monkey encrypts the Master Boot Record besides relocating it on the disk makes the virus still more difficult to remove. The changes to the Master Boot Record cannot be detected while the virus is active, since it reroutes the BIOS-level disk calls through its own code. Upon inspection, the hard disk seems to be in its original shape.
Detecting the virus
It is difficult to spot the virus, since it does not activate in any way. A one-kilobyte reduction in DOS memory is the only obvious sign of its presence. The memory can be checked MS- DOS's CHKDSK and MEM programs. However, even if MEM reports that the computer has 639 kilobytes of basic memory instead of the more common 640 kilobytes, it does not necessarily mean that the computer is infected. In many computers, the BIOS allocates one kilobyte of basic memory for its own use.
The Monkey virus is quite compatible with different diskette types. It carries a table containing data for the most common diskettes. Using this table, the virus is able to move a diskette's original boot record and a part of its own code to a safe area on the diskette. Monkey does not recognize 2.88 megabyte ED diskettes; however, and partly overwrites their File Allocation Tables. Some revisions can be spotted by running fdisk and displaying the partition information; if you see % # or any other strange characters as the partition, label, etc, it's a good possibility that you may have the virus.
Information about removal
The relocation and encryption of the partition table render two often-used methods of removing a MBR Virus unviable. One of these is the MS-DOS command FDISK /MBR, capable of removing most viruses that infect Master Boot Records. The other is using a disk editor to restore the Master Boot Record back on the zero track. Although both of these procedures destroy the actual virus code, the computer cannot be booted from the hard disk afterwards.
There are six different ways to remove the Monkey virus:
1. Purchase a Virus protection utility and have it clean the Virus. While not all virus protection programs are capable of removing this virus, generally additional add-ons can be installed allowing the virus protection utility to remove the virus.
2. The original Master Boot Record and partition table can be restored from a backup taken before the infection. Such a backup can be made by using, for example, the MIRROR /PARTN command of MS-DOS
3. The hard disk can be repartitioned by using the FDISK program, after which the logical disks must be formatted. All data on the hard disk will consequently be lost, however.
4. The virus code can be overwritten by using FDISK /MBR, and the partition table restored manually. In this case, the partition values of the hard disk must be calculated and inserted in the partition table with the help of a disk editor. The method requires expert knowledge of the disk structure, and its success is doubtful. Usually, this causes the current partitions to double, causing more havoc.
5. It is possible to exploit Monkey's stealth capabilities by taking a copy of the zero track while the virus is active. Since the virus hides the changes it has made, this copy will actually contain the original Master Boot Record. This method is not recommended, because the diskettes used in the copying may well get infected.
6. The original zero track can be located, decrypted and moved back to its proper place. As a result, the hard disk is restored to its exact original state. Some virus scanners have this capability, and can successfully remove the virus.
Microsoft DOS fixmbr command
Quick links
About fixmbr
Availability
Syntax
Examples
About fixmbr
The fixmbr command is a recovery console command that creates a new boot record. Availability
The fixmbr command is a recovery console command that is available in the below Microsoft operating systems.
Windows 2000
Windows XP
Index
Category:
MS-DOS
Companies:
Microsoft
Related Pages:
Resolved
Were you able to locate the answer to your questions?
• Yes
• No
Syntax
Repairs the master boot record of the boot disk. The fixmbr command is only available when you are using the Recovery Console
fixmbr [device_name]
device_name The device (drive) on which you want to write a new master boot record. The name can be obtained from the output of the map command.
Examples
fixmbr \Device\HardDisk0
In the above example the boot record would be re-written for the first disk drive.
Microsoft DOS map command
Quick links
About map
Availability
Syntax
Examples
About map
The map command is a recovery console command that displays the physical device name of a drive letter. Availability
The map command is a recovery console command that is available in the below Microsoft operating systems.
Windows 2000
Windows XP
Index
Category:
MS-DOS
Companies:
Microsoft
Related Pages:
Resolved
Were you able to locate the answer to your questions?
• Yes
• No
Syntax
Displays a mapping of drive letters to physical device names. This information is useful when you run the fixboot and fixmbr commands. The map command is only available when you are using the Recovery Console
map [arc]
arc Instructs the map command to display Advanced RISC Computing (ARC) device names instead of device names.
Examples
map
Displays all of the device names.
The master boot record is located on the first sector of the hard drive; it's the first program the computer runs after performing a memory check and looking for a bootable disk (if set in CMOS). The MBR is also susceptible to boot sector viruses that can corrupt or delete the MBR, which can leave the hard drive unusable and prevent the computer from booting up. A well-known MBR virus is the Stone Empire Monkey Virus.
MBR virus
A type of computer virus that modifies and/or infects the Master Boot Record, generally causing the computer to lose CD-ROM support and/or cause Microsoft Windows to run in compatibility mode.
VIRUS INFORMATION
Information about the Stoned Empire Monkey Virus
The Monkey virus was first discovered in Edmonton, Canada, in the year 1991. The virus spread quickly to USA, Australia and UK and is now one of the most common boot sector viruses.
As the name indicates, Monkey is a distant relative of Stoned. Its technical properties make it quite a remarkable virus, however the virus infects the Master Boot Records of hard disks and the DOS boot records of diskettes, just like Stoned. Monkey spreads only through diskettes.
Monkey does not let the original partition table remain in its proper place in the Master Boot Record, as Stoned does. Instead it moves the whole Master Boot Record to the hard disk's third sector, and replaces it with its own code. The hard disk is inaccessible after a diskette boot, since the operating system cannot find valid partition data in the Master Boot Record - attempts to use the hard disk result in the DOS error message Invalid drive specification.
When the computer is booted from the hard disk, the virus is executed first, and the hard disk can thereafter be used normally. The virus is not, therefore, easily noticeable, unless the computer is booted from a diskette.
The fact that Monkey encrypts the Master Boot Record besides relocating it on the disk makes the virus still more difficult to remove. The changes to the Master Boot Record cannot be detected while the virus is active, since it reroutes the BIOS-level disk calls through its own code. Upon inspection, the hard disk seems to be in its original shape.
Detecting the virus
It is difficult to spot the virus, since it does not activate in any way. A one-kilobyte reduction in DOS memory is the only obvious sign of its presence. The memory can be checked MS- DOS's CHKDSK and MEM programs. However, even if MEM reports that the computer has 639 kilobytes of basic memory instead of the more common 640 kilobytes, it does not necessarily mean that the computer is infected. In many computers, the BIOS allocates one kilobyte of basic memory for its own use.
The Monkey virus is quite compatible with different diskette types. It carries a table containing data for the most common diskettes. Using this table, the virus is able to move a diskette's original boot record and a part of its own code to a safe area on the diskette. Monkey does not recognize 2.88 megabyte ED diskettes; however, and partly overwrites their File Allocation Tables. Some revisions can be spotted by running fdisk and displaying the partition information; if you see % # or any other strange characters as the partition, label, etc, it's a good possibility that you may have the virus.
Information about removal
The relocation and encryption of the partition table render two often-used methods of removing a MBR Virus unviable. One of these is the MS-DOS command FDISK /MBR, capable of removing most viruses that infect Master Boot Records. The other is using a disk editor to restore the Master Boot Record back on the zero track. Although both of these procedures destroy the actual virus code, the computer cannot be booted from the hard disk afterwards.
There are six different ways to remove the Monkey virus:
1. Purchase a Virus protection utility and have it clean the Virus. While not all virus protection programs are capable of removing this virus, generally additional add-ons can be installed allowing the virus protection utility to remove the virus.
2. The original Master Boot Record and partition table can be restored from a backup taken before the infection. Such a backup can be made by using, for example, the MIRROR /PARTN command of MS-DOS
3. The hard disk can be repartitioned by using the FDISK program, after which the logical disks must be formatted. All data on the hard disk will consequently be lost, however.
4. The virus code can be overwritten by using FDISK /MBR, and the partition table restored manually. In this case, the partition values of the hard disk must be calculated and inserted in the partition table with the help of a disk editor. The method requires expert knowledge of the disk structure, and its success is doubtful. Usually, this causes the current partitions to double, causing more havoc.
5. It is possible to exploit Monkey's stealth capabilities by taking a copy of the zero track while the virus is active. Since the virus hides the changes it has made, this copy will actually contain the original Master Boot Record. This method is not recommended, because the diskettes used in the copying may well get infected.
6. The original zero track can be located, decrypted and moved back to its proper place. As a result, the hard disk is restored to its exact original state. Some virus scanners have this capability, and can successfully remove the virus.
Microsoft DOS fixmbr command
Quick links
About fixmbr
Availability
Syntax
Examples
About fixmbr
The fixmbr command is a recovery console command that creates a new boot record. Availability
The fixmbr command is a recovery console command that is available in the below Microsoft operating systems.
Windows 2000
Windows XP
Index
Category:
MS-DOS
Companies:
Microsoft
Related Pages:
Resolved
Were you able to locate the answer to your questions?
• Yes
• No
Syntax
Repairs the master boot record of the boot disk. The fixmbr command is only available when you are using the Recovery Console
fixmbr [device_name]
device_name The device (drive) on which you want to write a new master boot record. The name can be obtained from the output of the map command.
Examples
fixmbr \Device\HardDisk0
In the above example the boot record would be re-written for the first disk drive.
Microsoft DOS map command
Quick links
About map
Availability
Syntax
Examples
About map
The map command is a recovery console command that displays the physical device name of a drive letter. Availability
The map command is a recovery console command that is available in the below Microsoft operating systems.
Windows 2000
Windows XP
Index
Category:
MS-DOS
Companies:
Microsoft
Related Pages:
Resolved
Were you able to locate the answer to your questions?
• Yes
• No
Syntax
Displays a mapping of drive letters to physical device names. This information is useful when you run the fixboot and fixmbr commands. The map command is only available when you are using the Recovery Console
map [arc]
arc Instructs the map command to display Advanced RISC Computing (ARC) device names instead of device names.
Examples
map
Displays all of the device names.
Subscribe to:
Posts (Atom)
