tansqrx

Once you get it fixed for one folder you can always apply the changes to all folders. Lets say you have it fixed for the C: drive, go to Tools > Folder Options… > View > Click Apply to All Folders. This still has to be the strangest things I have heard and I would love to know how you fix it. Better yet I would love to know how it happened in the first place.

Can you explain just a tad more? Does this happen when you open My Computer > C: > Some Folder? Or does it happen when AutoRun is detected by a CD, DVD, or removable media? If it is the first then I have no idea, I have never heard of such a thing happening and I donât know if it is even possible (it is if this is the case but I digress). The second problem can be fixed by configuring AutoRun. Windows XP and Vista (I canât remember if 2000 also) use a formula to tell how to open an AutoRun item. Vista is slightly different than XP but they are basically the same. If the documents are mostly pictures then a picture viewer is used, for music the music formatting is used. One of the first things I do to a new computer is turn off all AutoRun options for all drives. I consider it a security issue and I donât like the idea of a random CD executing code on my machine without permission. The tool that I use is TweakUI (http://forums.xisto.com/no_longer_exists/) from Microsoft. While looking over my copy of TweakUI, I noticed the following tipâTo Customize AutoPlay settings, open My Computer, right-click the drive you want to customize, select Properties, then AutoPlayâThose instructions may be exactly what you are looking for but I would suggest you also take a look at TweakUI and see if there is anything useful to you in there (like disabling AutoRun all together).

No, this does not work on a corporate (Active Directory) computer. Actually this does not work on a regular computer unless you have logged in with another administrator rights account. This may be a little different and might work on a XP Home edition machine but you will never find (shouldn’t find) one of them in a corporate environment.

Like everyone else has stated it would be best if you describe your problem more. What type of computer is it and any other events leading up to this point. With that aside let me give you a quick run down of what you can do. I will assume it is a desktop.• Take out (unhook) all non essential cards and parts. This includes sound cards, hard drives, and any other cards. Basically all you will be left with is the CPU, memory, motherboard, power supply, case, and keyboard. If this fixes your problem then add each removed component one at a time and reboot. This should show you where the problem is.• Almost every computer has diagnostic error codes when it comes to POST (the startup self test that every computer performs). Most of the time you will hear a series of beeps that are arranged as alternating long and short beeps. Write what you hear down such as long, short, short, short. Then go to the motherboard manufacture’s website and get the manual for that board. It might take some digging but you should find the codes. In my case I have an Asus motherboard and the preceding code means that there is a memory problem.• Not every computer uses sound. Also check for a series of lights on the back of the computer. Dell is very well known for using this and usually has four LEDs labeled as A, B, C, and D. A normal boot usually has all green LEDs. Anything else can be referenced on the manufacture’s website.• Reseat everything. A card or memory could have been bumped loose. For example take out the memory, clean it and the socket, and then reinstall it.• Clean everything with compressed air. This shouldn’t do anything at all but I have seen stranger things happen. Most people use the ESD safe compressed air cans from you local retailer. I find that they are very expensive and just use the air compressor in my garage. I’ve been using it for years and never had a problem yet.• If after all of this you still get nothing then it is most likely either the processor or the motherboard. Reseat the processor just to make sure.• It can also be the power supply. You can usually rule this out if the fans come on.• The last step is start replacing parts with known good ones. This is not always a possibility as not everyone keeps parts lying around like me. At this stage it might be best to just take it to a repair shop and get them to give you a free report if you don’t have the spare parts. I would suggest a local computer repair shop over someone like Best Buy as they will be more likely not to charge you an arm and a leg.I usually find that the first few steps ferret out the problem excluding a hardware failure. The first thing to do is absolutely get those error codes and go from there. Hope this helps and post again with what you find or need more help.

I can only take a guess but here are my assumptions. The first administrator account is the default “Administrator” account that came with XP. You also have the fast user pick welcome screen (you don’t have to press ctl-alt-del and then enter a username and password).By default when you create an alternate administrator account the default Administrator account is not shown on the welcome screen. Microsoft assumes that you created this other administrator account when you first installed Windows so it usually is not a problem. (As a side note you usually have to provide this as the last step during an install so I don’t know how this happened either unless you have Home Edition or a pre-SP2 release). Not to fear because all your files are still there and the account is still active. If all you need are the files then you can access them by browsing to C:\Documents and Settings\Administrator\My Documents. You can also change the settings of having the Administrator account shown on the welcome screen by either editing the registry (https://www.petri.com/add_the_administrator&%2339;s_account_to_the_welcome_screen_in_xp_pro) or using TweakUI (http://forums.xisto.com/no_longer_exists/). I would recommend just copying the files out of the C:\Documents and Settings\Administrator\My Documents folder and calling it a day. If you still want to see the account then get TweakUI, it has many additional features that you may find interesting.

Perhaps but Yahoo! issues mandatory updates to critical exploits. You usually have to try fairly hard not to get the update once Yahoo! has issued one.

I have been aware of the latest Yahoo! Jukebox and until recently Messenger exploits for about a week. Starting on the 3rd of February, three critical vulnerabilities were posted for datagrid.dll and mediagrid.dll which are part of the Yahoo! Jukebox offering (http://www.securityfocus.com/bid/27578, http://www.securityfocus.com/bid/27579, http://www.securityfocus.com/bid/27590). The reason that I waited so long to post this is because the details were inconsistent and it didnât add up to me. The versions of Messenger that were listed as vulnerable are absolutely ancient with the most recent being version 5.x. I tried to find similar DLLs on my system (I have 9.0 beta) but they were simply not present even with the Yahoo! music plug-in. This leads me to believe that this exploit is a non-issue and doesnât really deserve any attention besides possible research material. As of the 7th of February the postings from SecurityFocus have been changed to reflect that only Yahoo! Music Jukebox 2.2 is affected. What appeared to be a great exploit for Messenger has become nothing.

The possible take over also has me concerned. I normally use Hotmail for my email but Yahoo! Messenger for instant messaging. I also have a large amount of time invested into Messenger so I would be slightly disappointed if it just went poof. If this does happen then it would be interesting to see which services win. Currently Yahoo! dominates in email and IM users but Microsoft has strongholds in other areas. I have a feeling that it would be gradual (5+ years) but all of the Yahoo! branded services would eventually disappear.That is if Yahoo! takes the bait. This has been going on for three years and it hasn’t happened yet.

If you haven’t already heard, it looks like researchers have finally published code to break the Yahoo! CAPTCHA (http://unsakred.net/)(http://forums.xisto.com/no_longer_exists/). The authors only claim a 35% success rate but that is more than enough for automated bots to do their magic. The original site is at http://forums.xisto.com/no_longer_exists/ and the files are at http://forums.xisto.com/no_longer_exists/. I have not verified any of this so download at your own risk.

I will agree and disagree with this depending on the definition of “hack.” If you mean that you can make the program behave in a way that the original programmers did not expect then yes you can hack anything. If you mean being able to run an exploit against the program, more specifically a remote exploit then no you can’t hack anything. I believe the original discussion is about the latter.If a program has no bugs then there is no way an exploit can be found. The definition of an exploit is taking advantage of a bug in the software. The tricky part of this definition is there have never been any bug free programs and there never will be. Even a simple hello world program may be prone to an exploit at some time due to a bug in the underlying OS or any of the API’s called. In the software engineering community bugs are measured as defects (bugs) per 1000 source lines of code. A good number that a program should shoot for is usually around 2. This means that a program with thousands or even millions of lines of code will always have bugs.The technical answer is that you can create a program that can not be exploited but the practical answer is that you can always be able to exploit a program.

I guess it all comes down to the cultural values of the company, Yahoo! and Google in this case. I think of Yahoo! as the old media and Google as the new media in the way they think. Google is more open to experimenting with free and realizing they will still get some profit. Yahoo! is more conservative thinking because they can’t quite get over loosing some of their revenue.I also think the YMSG protocol is still closed because of some historical reasons. Messenger was created before Google made the grand proclamation that everything should be open source. YMSG was born in the era where closed source was the standard and by the very nature of it birth it has a hard time going open. You still have some managers and programmers that have been working on messenger for ten years. It’s always been that way and there is no need to change in their mind.Both views have valid points. In the end I am not overly concerned that YMSG is a closed protocol. As long as I have a network protocol analyzer at my disposal I will be able to figure out what is going on under the hood. It is very selfish for me to say this but I would hate to see Yahoo! go open because I would loose some of my clout as being one of the few sites that publish YMSG data.

We can all breathe a little easier now because Yahoo! is offering automatic virus scanning of sent files in Messenger (https://yahoomessenger.tumblr.com/). The catch is that you need the latest version of Norton Antivirus to get this brand new and unique level of protection. So the question is this, have I been unsafe and at the risk of getting a virus with my current antivirus software? Is this a completely new concept that Norton and Yahoo! created for me? The answer is simple, although there are no out right lies in the article, it is very misleading and nothing more than a scare tactic to get you to buy Norton Antivirus.It appears that Norton has dropped a load of advertising cash into Yahoo! coffers for the special privilege of being the recommending antivirus for Messenger. In the end it is only advertising and not any added functionality over any standard antivirus package. The only difference that I can see is that Yahoo! added a special API that Norton can use to scan a file before it actually hits the file system. As you will see it does not help catch viruses, it only moves the scanning phase to a different level in the file creation process.All antivirus and firewall programs work by hooking a select few Windows API functions. In the case of antivirus programs they are most concerned with the functions used by Windows to create or move a file. What a hook does is basically add functionality to a function call by injecting extra code. Microsoft provides this “feature” out of the box even if it is not usually condoned or documented very well. When a file is transferred through Messenger it is usually kept in a memory buffer until the transfer is complete. At this time Messenger creates a file on the file system and writes the contents of the memory buffer to disk. To make this file a particular Windows API is called by the OS and if an antivirus is running the hook will also be executed. As you can see no matter how the file gets on to your system, a program will always have to use the create file API and subsequently scan the file for viruses.This new miraculous new feature may actually be scanning the memory buffer before it is written to disk but I am only guessing. Even if it scans the memory, you are not getting any benefit from using this method and in some cases it may even be slower. So fear not my fellow Messenger user you are still safe even if you are not using Norton Antivirus.

An article from Security Focus (http://www.securityfocus.com/brief/665) states that Yahoo! is considering adding support for OpenID (http://openid.net/). This would add Yahoo! to the growing number of sites that are supporting the open source effort. There is no mention of Yahoo! Messenger but I would guess that it will not be supported immediately by the desktop client. For those who have not heard of OpenID I would suggest doing some research. It promises to get rid of the hundreds (perhaps thousands for some) of separate website passwords. You could essentially use the same credentials for every site that supports OpenID. One of the reasons that I am so excited about this is some of the extra security that could be added. I recently got the PayPal security key (https://www.paypal.com/us/webapps/mpp/security/security-protections) and if you are familiar with any of the RSA tokens then you should know what this does. It is a physical device that fits on your keychain and generates a unique six digit number every 30 seconds. When you go to log into PayPal you add the six digits on the end of your password and it makes a unique password for you every 30 seconds. The security key is synchronized with the PayPal servers so it can confirm that only the person holding the security key can log in. This adds another factor to the traditional three factor authentication model and makes stealing someoneâs PayPal account almost impossible (at least from a password point of view). Even if someone knows, sniffs, or phishes your password, it is only good for 30 seconds and then a new one is required.The interesting part of this is that the makers of the PayPal security key is VeriSign which also makes it own branded security token. VeriSign also happens to be an OpenID provider (http://forums.xisto.com/no_longer_exists/) and you can use their security token with OpenID. What this means is that you now have a very high security password that changes every 30 seconds for every website that you visit. If for some reason you give your password to an unscrupulous website or your favorite websiteâs password database gets hacked, you will have no fear that your password is compromised because it was only good for 30 seconds. With OpenID gaining support I am sure there will be a lot more interesting and more secure ideas put forth that will make the bad guyâs life a little harder.

In keeping with the original discussion, here are some good starting points for getting into the exploit business. I had a user post a similar question on my site and this is part of my response. Discovering exploits is not exactly an easy task. It usually takes a lot of time and a fair bit of programming skill and knowledge. I certainly donât want to discourage you but I want to prepare you for what you are facing. I have never personally found a useable exploit for Messenger but I havenât been trying lately either. Here is a little bit of information to get you started. ⢠In the past year there have only been around 5 exploits for Messenger found and there have been a lot of people looking. ⢠Finding exploits may be hard but the result is usually very distinctive. You will usually have a program crash where the program tries to access restricted memory. From the crash work your way back to see what caused it. ⢠Messenger has been beat on for many year so all the low hanging fruit has been picked. You should look at some of the newer features like phone. ⢠For all of Yahooâs faults, one thing they do well is patch exploits and security vulnerabilities quickly. Once an exploit goes public you usually have less than a week to use it before a mandatory patch is issued. ⢠There is no magic exploit program, if there were then I would have already used it and the program would be useless to you. There are several programs that you should gather, one particular class of programs are called fuzzers. They basically throw junk data at a program until it crashes. o https://en.wikipedia.org/wiki/Fuzz_testing o http://peachfuzz.sourceforge.net/ o https://hdm.io/tools/axman/ ⢠You will also need disassembly tools. o IDA Pro - http://www.datarescue.com/ o OllyDbg - http://www.ollydbg.de/ o Debugging Tools for Windows - http://forums.xisto.com/no_longer_exists/ ⢠Another good addition is a good virtual machine to separate you activites from your main desktop. o VMWare â http://www.vmware.com/ ⢠A good place to start is watch for 0-day exploits from others and study old exploits. You can download older versions of Messenger from many different places to see how the older ones operate. Watch for new exploits on some of the more popular security list such as Bugtraq at http://www.securityfocus.com/archive/1 ⢠You should also read some books about exploits. One that I recommend starting with is The Shellcoder's Handbook: Discovering and Exploiting Security Holes. I hope this gets you started. Let me know if you need any more information and remember that there is no silver bullet or quick solution to what you asked.

I suppose the preference of chat clients is personal but I never cared for Google talk very much. I also don’t think that just because a product or protocol is open source it is the best on the market. In the end it comes down to the fact that most of my friends are on Yahoo! so I am also on Yahoo!

Of course there are ways to hack Yahoo! Messenger but are you willing to take the time? For all of Yahoo’s faults, having a long patch time is not one of them. In other words Yahoo! will issue a fix for any given vulnerability within a few days and a mandatory update within a week. This means that once a problem (critical security) comes to Yahoo’s attention you don’t have very much time to react and take advantage of the problem.This means that those “hacks” on the hundreds of nukePHP boards may have worked 5 years ago but unless they are truly zero-day you will not get anything from them. The only meaningful way to hack Messenger is to come up with an exploit yourself. This takes work and I myself have had a lot of fun researching but I wouldn’t expect to get anything in under 3 months of hard research. As my friend turbomax has said I run a quite little site at ycoderscookbook.com just about this sort of thing. If you are truly interested, stop by the forums and ask some questions. I may not have as many members as some of those other sites but when it comes down to the actual programming aspect of Yahoo! Messenger, I think this is the place to visit.I will get a list of things together later for you to look into. Is there any one thing that you are trying to “hack”? Are you trying to get into someone else’s account, see if a contact is invisible, or perhaps something else?

Well here we go down the rabbit hole. The original saying comes from the Bible in 1 Timothy 6:10. The King James Version states the following: âFor the love of money is the root of all evil: which while some coveted after, they have erred from the faith, and pierced themselves through with many sorrows.â I have heard this many places before, apparently when this passage was translated into English, it was not translated quite correctly. Many modern translations state that the love of money is A root of evil. Another translation is that the love of things or covetousness is the root of all evil. You can see most of the main stream translations at http://biblehub.com/1_timothy/6-10.htm. You can also read some commentary on the subject at http://www.cbn.com/four0four.aspx?aspxerrorpath=/spirituallife/CBNTeachi/FAQ_money.aspx. I do not mean to make this a purely Christian discussion but the original saying comes from the Bible and I am trying to keep it in the same context.

Wow that is just…wow. The fact that they hung up on you shows you how much they really want your business. I hate to say it but this is starting to become the normal approach to “customer service.” Unless you sue them you will never get their attention. I even get the feeling that asking for a supervisor would not do anything in this case. Since state law indicates that you have the right to record the conversation, next time don’t let them know, just record.

Not exactly. The main gist of the article was to record the conversation if you are one of the participating parties. By the time the conversation gets to the audio form no amount of encryption will prevent it from being recorded.

The latest post on the official Yahoo! Messenger blog appears to be out of place to me (https://yahoomessenger.tumblr.com/). It is not part of the usual suspects of promising unneeded features or unabashed promotion of Messenger. Instead it is a fairly useful commentary on how to record a Messenger phone session using third party applications. The Yahoo! Messenger blog references a New York Times article (https://myaccount.nytimes.com/auth/login?URI=www-nc.nytimes.com/2008/01/03/technology/personaltech/03ASKK-002.html&REFUSE_COOKIE_ERROR=SHOW_ERROR) where a user asked if there is a way to record Messenger phone calls. While most of the people will look at this piece and say how cool, I looked at it and asked the question, âis this legal?â I do not know exactly how VoIP correlates to traditional phone service, I do know that there are some fairly stringent laws on the books in the US about wiretapping. I decided to do a little research and find out if you are in danger if you use any recording program to record Yahoo! Messenger phone conversations. In the US the law defines two cases. If you are not one of the parties involved in the conversation then listening or recording a telephone conversation is considered wiretapping and you will go to jail. The other possibility is to be one of the parties of the conversation which is most likely the case when you are using a tool described in the Messenger blog. I found out that on the federal level it is completely legal to record a telephone conversation even if the other person does not know about the recording. It is certainly courtesy to let the other party know that they are being recorded but it will not get you thrown in jail. With this comes with a few strings. Several states (California, Connecticut, Florida, Illinois, Maryland, Massachusetts, Michigan, Montana, Nevada, New Hampshire, Pennsylvania and Washington) do have a law against recording someone without their knowledge and when the telephone call takes place in one of these states you have to notify the other party. From what I have read this is usually not a big deal but you should still be aware of the law. Given the bigger picture this is not that big of a deal to me. I donât think anyone shouldnât be able to sleep at night over breaking this law if it even exists in your state. The big surprise to me is that the manager of Messenger spent so much time talking about a third part application that most likely breaks the Messenger Terms of Service and produces no revenue for Yahoo! In the end I did learn something new and perhaps you will too. http://www.rcfp.org/reporters-recording-guide http://forums.xisto.com/no_longer_exists/ https://en.wikipedia.org/wiki/Wiretapping

This one just keeps popping up. I file this under the perpetual motion (https://en.wikipedia.org/wiki/Perpetual_motion) category. Basically put you can never get an object that moves forever because there is friction and you violate the conservation of energy (https://en.wikipedia.org/wiki/Conservation_of_Energy). When most people think they have the perfect free energy system they usually forget about friction and efficiency. Friction is everywhere. If you have two surfaces making contact then you have friction. If you have any surface making contact with air then you have friction. Friction leads to heat and heat is a loss of energy. You may think it is a large scientific conspiracy to hide a perpetual motion machine but I see hundreds of examples everyday of thermodynamics working and I have yet to see one example where it doesnât.I believe that solar power is the closest thing that we have to âfree energyâ but it does have a cost. As said before, solar panels are very inefficient and the process required to make them is rather nasty. Solar cells are based on silicon fabrication which is quickly becoming one of the largest âtechâ polluters.The simple fact is economy. Oil is cheaper and as long as oil is cheaper than alternative fuels it will be the dominant player. The oil companies are starting to see that threshold even now. As the price of gas rises people are starting to turn to previously too expensive fuels such ethanol and hydrogen. Even if you get past the oil problem you still have coal which some say is many more times abundant than oil.

Just be careful. It has been said in the past that when offending posts are taken down you loose your credits (plus penalty). This not only applies to the original poster but also anyone who posts in that thread. I know that I am also at risk but it is worth it just to make the reminder.

Rootkit Revealer Locks Up My SystemI recently tried to run rootkit revealer on my system just to make sure everything was running smoothly. I have no reason to think I should run it but I am doing it as scheduled preventive maintenance. The problem is that it completely locks up my system about 3 minutes into the scan, even the mouse dies. Nothing helps but a reboot. I noticed that it locks up during the registry scan or at least that’s the last thing displayed in the status bar. I also tried to check the logs but apparently there are none since it stops dead.I do have a few mitigating factors. I am running PGP full disk encryption so this may be causing some of the problems. If anyone has had similar problems please let me know.P.S. I haven’t seen anything similar in the rootkit revealer forums.

You never did tell us why you wanted both XP and Server so I will go off on a tangent. Get a virtual machine application and run them both at the same time. You can run XP as your main OS and then run Windows Server 2000 inside XP when you need to. I have dual booted every combination that you can think of (XP, 2000, Linux, and every variation there of) and it is certainly possible but a virtual machine makes it so much easier. My primary need for multiple operating systems is software development and exploit analysis. If I develop an application in XP I can quickly start a 2000 virtual machine and make sure it also runs there.In my opinion VMWare is the best but it is not free. Microsoft offers Virtual PC for free and it is OK for Microsoft only operating systems. If you want to run a web server (I assume this is why you want Server 2000) then this is a perfect solution. Run Windows 2000 in the virtual machine and then minimize and forget.

You can tell how many credits you have by looking at the top of the Xisto homepage. The basic hosting plan needs 10 credits to start and 30 credits for the regular plan. The application can be found at http://forums.xisto.com/no_longer_exists/. Since you posted under the FrontPage forum I assume you are considering using FrontPage as your HTML editor. After you get some content in FrontPage then go to the website tab and then upload to server. You will be prompted for a URL, username, and password witch will correspond to your Xisto information. I personally use FrontPage for my site (ycoderscookbook.com) and I think it is a quick and easy way to manage the site. A more traditional way of managing a website is to upload the files via FTP. You will need a FTP client such as Filezilla at https://filezilla-project.org/. Login with your Xisto credentials and browse your hosting space. Drop all your files into the HTML-Public folder. Most all HTML editors provide an easy way to upload your site as long as you have your credentials. From here you can go into cpanel and customize how your site responds. Cpanel has more options then anyone could ever need and provides a full feature set. I hope you do decide to join as I have found Xisto a great place to be. As long as you like to talk about geeky computer stuff you should never be at a loss for something to talk about.