Boot Block Recovery For Free

Posted on by
Reply

You don’t need to pay a measly sum of dollars just to recover from a boot block mode. Here it is folks:

AWARD Bootblock recovery:

That shorting trick should work if the boot block code is not corrupted, and it should not be if /sb switch is used when flashing the bios (instead of /wb switch).

The 2 pins to short to force a checksum error varies from chip to chip. But these are usually the highest-numbered address pins (A10 and above).

These are the pins used by the system to read the System BIOS (original.bin for award v6), calculate the ROM checksum and see if it’s valid before decompressing it into memory, and subsequently allow Bootblock POST to pass control over to the System BIOS.

You just have to fool the system into believing that the System BIOS is corrupt. This you do by giving your system a hard time reading the System BIOS by shorting the 2 high address pins. And when it could not read the System BIOS properly, ROM Checksum Error is detected “so to speak” and Bootblock recovery is activated.

Sometimes, any combination of the high address pins won’t work to force a checksum error in some chips, like my Winbond W49F002U. But shorting the #WE pin with the highest-numbered address pin (A17) worked for this chip. You just have to be experimentative if you’re not comfortable with “hot flashing” or “replacement BIOS”.

But to avoid further damage to your chip if you’re not sure which are the correct pins to short, measure the potential between the 2 pins by a voltmeter while the system is on. If the voltage reading is zero (or no potential at all), it is safe to short these pins.

But do not short the pins while the system is on. Instead, power down then do the short, then power up while still shorting. And as soon as you hear 3 beeps (1 long, 2 short), remove the short at once so that automatic reflashing from Drive A can proceed without errors (assuming you had autoexec.bat in it).

About how to do the shorting, the tip of a screwdriver would do. But with such minute pins on the PLCC chip, I’m pretty comfortable doing it with the tip of my multi-tester or voltmeter probe. Short the pins at the point where they come out of the chip.

AMIBIOS Recovery bootblock:

1. Copy a known working BIOS image for your board to a floppy and rename it to AMIBOOT.ROM.
2. Insert the floppy in your system’s floppydrive.
3. Power on the system while holding CTRL+Home keys. Release the keys when you hear a beep and/or see the floppy light coming on.
4 . Just wait until you hear 4 beeps. When 4 beeps are heard the reprogramming of the System Block BIOS went succesfull, so then you may restart your system.

Some alternative keys that can be used to force BIOS update (only the System Block will be updated so it’s quite safe):
CTRL+Home= restore missing code into system block and clear CMOS when programming went ok.
CTRL+Page Up= restore missing code into system block and clear CMOS or DMI when programming went ok.
CTRL+Page Down= restore missing code into system block and do not clear CMOS and DMI area when programming went ok
Btw: the alternative keys work only with AMIBIOS 7 or higher (so for example an AMI 6.26 BIOS can be only recovered by using CTRL+Home keys).
[eminimall]

BLACKOUT Flashing

Recovering a Corrupt AMI BIOS chip

With motherboards that use BOOT BLOCK BIOS it is possible to recover a corrupted BIOS because the BOOT BLOCK section of the BIOS, which is responsible for booting the computer remains unmodified. When an AMI BIOS becomes corrupt the system will appear to start, but nothing will appear on the screen, the floppy drive light will come on and the system will access the floppy drive repeatedly. If your motherboard has an ISA slot and you have an old ISA video card lying around, put the ISA video card in your system and connect the monitor. The BOOT BLOCK section of the BIOS only supports ISA video cards, so if you do not have an ISA video card or your motherboard does not have ISA slots, you will have to restore your BIOS blind, with no monitor to show you what’s going on.

AMI has integrated a recovery routine into the BOOT BLOCK of the BIOS, which in the event the BIOS becomes corrupt can be used to restore the BIOS to a working state. The routine is called when the SYSTEM BLOCK of the BIOS is empty. The restore routine will access the floppy drive looking for a BIOS file names AMIBOOT.ROM, this is why the floppy drive light comes on and the drive spins. If the file is found it is loaded into the SYSTEM BLOCK of the BIOS to replace the missing information. To restore your BIOS simply copy a working BIOS file to a floppy diskette and rename it AMIBOOT.ROM, then insert it into the computer while the power is on. The diskette does not need to be bootable or contain a flash utility. After about four minutes the system will beep four times. Remove the floppy diskette from the drive and reboot the computer. The BIOS should now be restored.

Recovering a Corrupt AWARD BIOS

With AWARD BIOS the process is similar but still a bit different. To recover an AWARD BIOS you will need to create a floppy diskette with a working BIOS file in .BIN format, an AWARD flash utility and an AUTOEXEC.BAT file. AWARD BIOS will not automatically restore the BIOS information to the SYSTEM BLOCK for this reason you will need to add the commands necessary to flash the BIOS in the AUTOEXEC.BAT file. The system will run the AUTOEXE.BAT file, which will in turn flash the BIOS. This is fairly easy. Here are the steps you need to take.

· Create a bootable floppy diskette
· Copy the BIOS file and flash utility to the diskette
· Create an text file with any standard text editor and add the following lines

@ECHO OFF
FLASH763 BIOSFILE.BIN /py

Note: In the above example I am assuming that you are using the FLASH763.EXE flash utility. You will need to replace the FLASH763 with the name of whatever flash utility you are using, and replace the BIOSFILE.BIN with the name of the BIOS file you are using. You will also need to change the ‘/py’ to whatever the command is for your flash utility to automatically program the BIOS without user intervention. If you do not know the command to automatically flash your BIOS type the name of the flash utility with a space and then /? to display the utility’s help screen. The help screen should pecify the command switch to automatically flash your BIOS. If you are using the FLASH763.EXE utility then the switch to automatically flash your BIOS is ‘/py’.

BIOS Update Procedure

Posted on by
1

All latest Motherboards today, 486/ Pentium / Pentium Pro etc.,ensure that upgrades are easily obtained by incorporating the system BIOS in a FLASH Memory component. With FLASH BIOS, there is no need to replace an EPROM component. Once downloaded, the upgrade utility fits on a floppy disc allowing the user to save, verify and update the system BIOS. A hard drive or a network drive can also be used to run the newer upgrade utilities. However, memory managers can not be installed while upgrading.

Most pre-Pentium motherboards do not have a Flash BIOS. The following instructions therefore do not apply to these boards. If your motherboard does not have a Flash BIOS (EEPROM) you will need to use an EPROM programmer to re-program the BIOS chip. See your dealer for more information about this.

Please read the following instructions in full before starting a Flash BIOS upgrade:
A. Create a Bootable Floppy (in DOS)

•With a non-formatted disk, type the following:

format a:/s

•If using a formatted disk, type:

sys a:

This procedure will ensure a clean boot when you are flashing the new BIOS.

B. Download the BIOS file

•Download the correct BIOS file by clicking on the file name of the BIOS file you wish to download.

•Save the BIOS file and the Flash Utility file in the boot disk you have created. Unzip the BIOS file and the flash utility file. If you don’t have an “unzip” utility, download the WinZip for Windows 95 shareware/ evaluation copy for that one time use from _www.winzip.com or _www.pkware.com. Most CD ROMs found in computer magazines, have a shareware version of WinZip on them.

•You should have extracted two files:

Flash BIOS utility eg: flash7265.exe (for example)

BIOS eg: 6152J900.bin (example)

Use the latest flash utility available unless otherwise specified (either on the BIOS update page or in the archive file). This information is usually provided.
[eminimall]
C. Upgrade the System BIOS

During boot up, write down the old BIOS version because you will need to use it for the BIOS backup file name.

Place the bootable floppy disk containing the BIOS file and the Flash Utility in drive a, and reboot the system in MS-DOS, preferably Version 6.22

•At the A:> prompt, type the corresponding Flash BIOS utility and the BIOS file with its extension.

For example:

flash625 615j900.bin

•From the Flash Memory Writer menu, select “Y” to “Do you want to save BIOS?” if you want to save (back up) your current BIOS (strongly recommended), then type the name of your current BIOS and its extension after FILE NAME TO SAVE: eg: a:\613J900.bin

Alternatively select “N” if you don’t want to save your current BIOS. Beware, though, that you won’t be able to recover from a possible failure.

•Select “Y” to “Are you sure to program?”

•Wait until it displays “Message: Power Off or Reset the system”

Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system. If you write to BIOS but cannot complete the procedure, do not switch off, because the computer will not be able to boo, and you will not be given another chance to flash. In this case leave your system on until you resolve the problem (flashing BIOS with old file is a possible solution, provided you’ve made a backup before)

Make sure the new BIOS version has been loaded properly by taking note of the BIOS identifier as the system is rebooting.

For AMI BIOS
Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system holding the “END” key prior to power on until you enter CMOS setup. If you do not do this the first time booting up after upgrading the BIOS, the system will hang.

BIOS Update Tips
note:
1.Make sure never to turn off or reset your computer during the flash process. This will corrupt the BIOS data. We also recommend that you make a copy of your current BIOS on the bootable floppy so you can reflash it if you need to. (This option is not available when flashing an AMI BIOS).

2. If you have problems installing your new BIOS please check the following:

Have you done a clean boot?

In other words, did you follow the above procedure for making a bootable floppy? This ensures that when booting from “A” there are no device drivers on the diskette. Failing to do a clean boot is the most common cause for getting a “Memory Insufficient” error message when attempting to flash a BIOS.

If you have not used a bootable floppy, insure a clean boot either by

a) pressing F5 during bootup

b) by removing all device drivers on the CONFIG.SYS including the HIMEM.SYS. Do this by using the EDIT command.

Have you booted up under DOS?
Booting in Windows is another common cause for getting a “Memory Insufficient” error message when attempting to flash a BIOS. Make sure to boot up to DOS with a minimum set of drivers. Important: Booting in DOS does not mean selecting “Restart computer in MS-DOS Mode” from Windows98/95 shutdown menu or going to Prompt mode in WindowsNT, but rather following the above procedure (format a: /s and rebooting from a:\).

Have you entered the full file name of the flash utility and the BIOS plus its extension?
Do not forget that often you will need to add a drive letter (a:\) before flashing the BIOS. Example: when asked for file name of new BIOS file which is on your floppy disk, in case you’re working from c:\ your will need to type a:\615j900.bin, rather than 615j900.bin only.

Big Brother and Ndisuio.sys A new Internet phenomenon?

Posted on by
1

Ndisuio.sys, a very mysterious system file is present in Windows XP and is a driver for wireless things such as wi-fi and bluetooth. However, there have been many issues with this file downloading immense amounts of data and perhaps causing activity that is “big brother”ish.

The fact that hardly any information on this file downloading data is available by Microsoft makes things quite suspicious about it. It has even been noted that it looked as if it was transferring data to major companies like Comcast, Road Runner, Time Warner, BTC and Verizon.

The good news is, it turns out this file duplicates data that is sent/received, so wherever you go, it will also transfer the data to that file but it does not leave the computer/network so it’s not spyware. So it’s not as much of a big brother situation then it looks like. It simply performs internal communication tasks and stands for NDIS user I/O, hence, NDISUIO. NDISUIO is also used as a driver by many developers as it makes certain wireless network tasks easier such as implementing it for 802.11x connections. Some firewalls also use it as it can get the data in order to filter it.
[eminimall]
But duplicating this data can hog resources for no reason, so disabling it is the best thing to do. The data rate of this file’s received data is huge, so that indicates that the data transfer is not over the Internet, but locally. So it’s just a duplicate of network activity but because it’s local everything transfers faster but uses more resources then casual internet usage as there’s more data involved at a given time span of 1 second, for example.

To disable this file, go to the control panel, administration tools, services, Wireless Zero Configuration, double click and disable it. This file is probably required to run if you use any linksys wireless devices.

A simple TCP spoofing attack

Posted on by
1

Over the past few years TCP sequence number prediction attacks have become a real threat against unprotected networks, taking advantage of the inherent trust relationships present in many network installations.  TCP sequence number prediction attacks have most commonly been implemented by opening a series of connections to the target host, and attempting to predict the sequence number which will be used next.  Many operating systems have
therefore attempted to solve this problem by implementing a method of generating sequence numbers in unpredictable fashions.  This method does not solve the problem.

This advisory introduces an alternative method of obtaining the initial sequence number from some common trusted services.  The attack presented here does not require the attacker to open multiple connections, or flood a port on the trusted host to complete the attack.  The only requirement is that
source routed packets can be injected into the target network with fake source addresses.

This advisory assumes that the reader already has an understanding of how TCP sequence number prediction attacks are implemented.

The impact of this advisory is greatly diminished due to the large number of organizations which block source routed packets and packets with addresses inside of their networks.  Therefore we present the information as more of a ‘heads up’ message for the technically inclined, and to re-iterate that
the randomization of TCP sequence numbers is not an effective solution
against this attack.

Technical Details
~~~~~~~~~~~~~~~~~

The problem occurs when particular network daemons accept connections with source routing enabled, and proceed to disable any source routing options on the connection.  The connection is allowed to continue, however the reverse route is no longer used.  An example attack can launched against the in.rshd daemon, which on most systems will retrieve the socket options
via getsockopt() and then turn off any dangerous options via setsockopt().

An example attack follows.

Host A is the trusted host
Host B is the target host
Host C is the attacker

Host C initiates a source routed connection to in.rshd on host B, pretending
to be host A.

Host C spoofing Host A         <SYN>    –>  Host B in.rshd

Host B receives the initial SYN packet, creates a new PCB (protocol control block) and associates the route with the PCB.  Host B responds, using the reverse route, sending back a SYN/ACK with the sequence number.

Host C spoofing Host A  <–  <SYN/ACK>       Host B in.rshd

Host C responds, still spoofing host A, acknowledging the sequence number. Source routing options are not required on this packet.

Host C spoofing Host A         <ACK>    –>  Host B in.rshd

We now have an established connection, the accept() call completes, and control is now passed to the in.rshd daemon.  The daemon now does IP options checking and determines that we have initiated a source routed connection.  The daemon now turns off this option, and any packets sent
thereafter will be sent to the real host A, no longer using the reverse route which we have specified.  Normally this would be safe, however the attacking host now knows what the next sequence number will be.  Knowing this sequence number, we can now send a spoofed packet without the source
routing options enabled, pretending to originate from Host A, and our command will be executed.

In some conditions the flooding of a port on the real host A is required if larger ammounts of data are sent, to prevent the real host A from responding with an RST.  This is not required in most cases when performing this attack against in.rshd due to the small ammount of data transmitted.

It should be noted that the sequence number is obtained before accept() has returned and that this cannot be prevented without turning off source routing in the kernel.

As a side note, we’re very lucky that TCP only associates a source route with a PCB when the initial SYN is received.  If it accepted and changed the ip options at any point during a connection, more exotic attacks may be possible. These could include hijacking connections across the internet without playing a man in the middle attack and being able to bypass IP options checking imposed by daemons using getsockopt().  Luckily *BSD based TCP/IP stacks will not do this, however it would be interesting to examine other implementations.

Impact
~~~~~~

The impact of this attack is similar to the more complex TCP sequence number prediction attack, yet it involves fewer steps, and does not require us to ‘guess’ the sequence number.  This allows an attacker to execute arbitrary commands as root, depending on the configuration of the target
system.  It is required that trust is present here, as an example, the use of .rhosts or hosts.equiv files.

Solutions
~~~~~~~~~

The ideal solution to this problem is to have any services which rely on IP based authentication drop the connection completely when initially detecting that source routed options are present.  Network administrators and users can take precautions to prevent users outside of their network from taking advantage of this problem.  The solutions are hopefully already either implemented or being implemented.

1. Block any source routed connections into your networks
2. Block any packets with internal based address from entering your network.

Network administrators should be aware that these attacks can easily be launched from behind filtering routers and firewalls.  Internet service providers and corporations should ensure that internal users cannot launch the described attacks.  The precautions suggested above should be implemented
to protect internal networks.

Example code to correctly process source routed packets is presented here as an example.  Please let us know if there are any problems with it. This code has been tested on BSD based operating systems.

u_char optbuf[BUFSIZ/3];
int optsize = sizeof(optbuf), ipproto, i;
struct protoent *ip;

if ((ip = getprotobyname(“ip”)) != NULL)
ipproto = ip->p_proto;
else
ipproto = IPPROTO_IP;
if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) &&
optsize != 0) {
for (i = 0; i < optsize; ) {
u_char c = optbuf[i];
if (c == IPOPT_LSRR || c == IPOPT_SSRR)
exit(1);
if (c == IPOPT_EOL)
break;
i += (c == IPOPT_NOP) ? 1 : optbuf[i+1];
}
}

One critical concern is in the case where TCP wrappers are being used.  If a user is relying on TCP wrappers, the above fix should be incorporated into fix_options.c.  The problem being that TCP wrappers itself does not close the connection, however removes the options via setsockopt().  In this case when control is passed to in.rshd, it will never see any options present, and the connection will remain open (even if in.rshd has the above patch incorporated).  An option to completely drop source routed connections will hopefully be provided in the next release of TCP wrappers.  The other option
is to undefine KILL_IP_OPTIONS, which appears to be undefined by default. This passes through IP options and allows the called daemon to handle them accordingly.
[eminimall]
Disabling Source Routing
~~~~~~~~~~~~~~~~~~~~~~~~

We believe the following information to be accurate, however it is not guaranteed.

— Cisco

To have the router discard any datagram containing an IP source route option issue the following command:

no ip source-route

This is a global configuration option.

— NetBSD

Versions of NetBSD prior to 1.2 did not provide the capability for disabling source routing.  Other versions ship with source routing ENABLED by default. We do not know of a way to prevent NetBSD from accepting source routed packets.
NetBSD systems, however, can be configured to prevent the forwarding of packets when acting as a gateway.

To determine whether forwarding of source routed packets is enabled, issue the following command:

# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt

The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.

Forwarding of source routed packets can be turned off via:

# sysctl -w net.inet.ip.forwsrcrt=0

Forwarding of all packets in general can turned off via:

# sysctl -w net.inet.ip.forwarding=0

— BSD/OS

BSDI has made a patch availible for rshd, rlogind, tcpd and nfsd.  This patch is availible at:

ftp://ftp.bsdi.com/bsdi/patches/patches-2.1

OR via their patches email server <patches@bsdi.com>

The patch number is
U210-037 (normal version)
D210-037 (domestic version for sites running kerberized version)

BSD/OS 2.1 has source routing disabled by default

Previous versions ship with source routing ENABLED by default.  As far as we know, BSD/OS cannot be configured to drop source routed packets destined for itself, however can be configured to prevent the forwarding of such packets when acting as a gateway.

To determine whether forwarding of source routed packets is enabled, issue the following command:

# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt

The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.

Forwarding of source routed packets can be turned off via:

# sysctl -w net.inet.ip.forwsrcrt=0

Forwarding of all packets in general can turned off via:

# sysctl -w net.inet.ip.forwarding=0

— OpenBSD

Ships with source routing turned off by default.  To determine whether source routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off, and 1 meaning it is on.  If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

This will prevent OpenBSD from forwarding and accepting any source routed packets.

— FreeBSD

Ships with source routing turned off by default.  To determine whether source routing is enabled, the following command can be issued:

# sysctl net.inet.ip.sourceroute

The response will be either 0 or 1, 0 meaning that source routing is off, and 1 meaning it is on.  If source routing has been turned on, turn off via:

# sysctl -w net.inet.ip.sourceroute=0

— Linux

Linux by default has source routing disabled in the kernel.

— Solaris 2.x

Ships with source routing enabled by default.  Solaris 2.5.1 is one of the few commercial operating systems that does have unpredictable sequence numbers, which does not help in this attack.

We know of no method to prevent Solaris from accepting source routed connections, however, Solaris systems acting as gateways can be prevented from forwarding any source routed packets via the following commands:

# ndd -set /dev/ip ip_forward_src_routed 0

You can prevent forwarding of all packets via:

# ndd -set /dev/ip ip_forwarding 0

These commands can be added to /etc/rc2.d/S69inet to take effect at bootup.

— SunOS 4.x

We know of no method to prevent SunOS from accepting source routed connections, however a patch is availible to prevent SunOS systems from forwarding source routed packets.

This patch is availible at:

ftp://ftp.secnet.com/pub/patches/source-routing-patch.tar.gz

To configure SunOS to prevent forwarding of all packets, the following command can be issued:

# echo “ip_forwarding/w 0″ | adb -k -w /vmunix /dev/mem
# echo “ip_forwarding?w 0″ | adb -k -w /vmunix /dev/mem

The first command turns off packet forwarding in /dev/mem, the second in /vmunix.

— HP-UX

HP-UX does not appear to have options for configuring an HP-UX system to prevent accepting or forwarding of source routed packets.  HP-UX has IP forwarding turned on by default and should be turned off if acting as a firewall.  To determine whether IP forwarding is currently on, the following
command can be issued:

# adb /hp-ux
ipforwarding?X      <- user input
ipforwarding:
ipforwarding: 1
#

A response of 1 indicates IP forwarding is ON, 0 indicates off.  HP-UX can be configured to prevent the forwarding of any packets via the following commands:

# adb -w /hp-ux /dev/kmem
ipforwarding/W 0
ipforwarding?W 0
^D
#

— AIX

AIX cannot be configured to discard source routed packets destined for itself, however can be configured to prevent the forwarding of source routed packets. IP forwarding and forwarding of source routed packets specifically can be turned off under AIX via the following commands:

To turn off forwarding of all packets:

# /usr/sbin/no -o ipforwarding=0

To turn off forwarding of source routed packets:

# /usr/sbin/no -o nonlocsrcroute=0

Note that these commands should be added to /etc/rc.net

If shutting off source routing is not possible and you are still using services which rely on IP address authentication, they should be disabled immediately (in.rshd, in.rlogind).  in.rlogind is safe if .rhosts and
/etc/hosts.equiv are not used.

10 reasons why PCs crash U must Know

Posted on by
3

Fatal error: The system has become unstable or is busy,” it says. “Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications.”

You have just been struck by the Blue Screen of Death. Anyone who uses Mcft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?

1 Hardware conflict

The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.

For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.

If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:

* Start-Settings-Control Panel-System-Device Manager.

Often if a device has a problem a yellow ‘!’ appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.

Sometimes a device might share an IRQ with something described as ‘IRQ holder for PCI steering’. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.

Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is www.driverguide.com. If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).

When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.

To be fair to Mcft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.

2 Bad Ram

Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.

But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.

One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.

Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.

EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programmes.

3 BIOS settings

Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.

Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.

A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer’s display.

Mcft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to ‘yes’ to allow Windows to do this.).

4 Hard disk drives

After a few weeks, the information on a hard disk drive starts to become piecemeal or fragmented. It is a good idea to defragment the hard disk every week or so, to prevent the disk from causing a screen freeze. Go to

* Start-Programs-Accessories-System Tools-Disk Defragmenter

This will start the procedure. You will be unable to write data to the hard drive (to save it) while the disk is defragmenting, so it is a good idea to schedule the procedure for a period of inactivity using the Task Scheduler.

The Task Scheduler should be one of the small icons on the bottom right of the Windows opening page (the desktop).

Some lockups and screen freezes caused by hard disk problems can be solved by reducing the read-ahead optimisation. This can be adjusted by going to

* Start-Settings-Control Panel-System Icon-Performance-File System-Hard Disk.

Hard disks will slow down and crash if they are too full. Do some housekeeping on your hard drive every few months and free some space on it. Open the Windows folder on the C drive and find the Temporary Internet Files folder. Deleting the contents (not the folder) can free a lot of space.

Empty the Recycle Bin every week to free more space. Hard disk drives should be scanned every week for errors or bad sectors. Go to

* Start-Programs-Accessories-System Tools-ScanDisk

Otherwise assign the Task Scheduler to perform this operation at night when the computer is not in use.
[eminimall]

5 Fatal OE exceptions and VXD errors

Fatal OE exception errors and VXD errors are often caused by video card problems.

These can often be resolved easily by reducing the resolution of the video display. Go to

* Start-Settings-Control Panel-Display-Settings

Here you should slide the screen area bar to the left. Take a look at the colour settings on the left of that window. For most desktops, high colour 16-bit depth is adequate.

If the screen freezes or you experience system lockups it might be due to the video card. Make sure it does not have a hardware conflict. Go to

* Start-Settings-Control Panel-System-Device Manager

Here, select the + beside Display Adapter. A line of text describing your video card should appear. Select it (make it blue) and press properties. Then select Resources and select each line in the window. Look for a message that says No Conflicts.

If you have video card hardware conflict, you will see it here. Be careful at this point and make a note of everything you do in case you make things worse.

The way to resolve a hardware conflict is to uncheck the Use Automatic Settings box and hit the Change Settings button. You are searching for a setting that will display a No Conflicts message.

Another useful way to resolve video problems is to go to

* Start-Settings-Control Panel-System-Performance-Graphics

Here you should move the Hardware Acceleration slider to the left. As ever, the most common cause of problems relating to graphics cards is old or faulty drivers (a driver is a small piece of software used by a computer to communicate with a device).

Look up your video card’s manufacturer on the internet and search for the most recent drivers for it.

6 Viruses

Often the first sign of a virus infection is instability. Some viruses erase the boot sector of a hard drive, making it impossible to start. This is why it is a good idea to create a Windows start-up disk. Go to

* Start-Settings-Control Panel-Add/Remove Programs

Here, look for the Start Up Disk tab. Virus protection requires constant vigilance.

A virus scanner requires a list of virus signatures in order to be able to identify viruses. These signatures are stored in a DAT file. DAT files should be updated weekly from the website of your antivirus software manufacturer.

An excellent antivirus programme is McAfee VirusScan by Network Associates ( www.nai.com). Another is Norton AntiVirus 2000, made by Symantec ( www.symantec.com).

7 Printers

The action of sending a document to print creates a bigger file, often called a postscript file.

Printers have only a small amount of memory, called a buffer. This can be easily overloaded. Printing a document also uses a considerable amount of CPU power. This will also slow down the computer’s performance.

If the printer is trying to print unusual characters, these might not be recognised, and can crash the computer. Sometimes printers will not recover from a crash because of confusion in the buffer. A good way to clear the buffer is to unplug the printer for ten seconds. Booting up from a powerless state, also called a cold boot, will restore the printer’s default settings and you may be able to carry on.

8 Software

A common cause of computer crash is faulty or badly-installed software. Often the problem can be cured by uninstalling the software and then reinstalling it. Use Norton Uninstall or Uninstall Shield to remove an application from your system properly. This will also remove references to the programme in the System Registry and leaves the way clear for a completely fresh copy.

The System Registry can be corrupted by old references to obsolete software that you thought was uninstalled. Use RegistryBooster by Uniblue to clean up the System Registry and remove obsolete entries. It works on Windows 95, Windows 98, Windows 98 SE (Second Edition), Windows Millennium Edition (ME), NT4 and Windows 2000.

Read the instructions and use it carefully so you don’t do permanent damage to the Registry. If the Registry is damaged you will have to reinstall your operating system. Reg Cleaner can be obtained from http://www.registrybooster.com/

Often a Windows problem can be resolved by entering Safe Mode. This can be done during start-up. When you see the message “Starting Windows” press F4. This should take you into Safe Mode.

Safe Mode loads a minimum of drivers. It allows you to find and fix problems that prevent Windows from loading properly.

Sometimes installing Windows is difficult because of unsuitable BIOS settings. If you keep getting SUWIN error messages (Windows setup) during the Windows installation, then try entering the BIOS and disabling the CPU internal cache. Try to disable the Level 2 (L2) cache if that doesn’t work.

Remember to restore all the BIOS settings back to their former settings following installation.

9 Overheating

Central processing units (CPUs) are usually equipped with fans to keep them cool. If the fan fails or if the CPU gets old it may start to overheat and generate a particular kind of error called a kernel error. This is a common problem in chips that have been overclocked to operate at higher speeds than they are supposed to.

One remedy is to get a bigger better fan and install it on top of the CPU. Specialist cooling fans/heatsinks are available from www.computernerd.com or www.coolit.com

CPU problems can often be fixed by disabling the CPU internal cache in the BIOS. This will make the machine run more slowly, but it should also be more stable.

10 Power supply problems

With all the new construction going on around the country the steady supply of electricity has become disrupted. A power surge or spike can crash a computer as easily as a power cut.

If this has become a nuisance for you then consider buying a uninterrupted power supply (UPS). This will give you a clean power supply when there is electricity, and it will give you a few minutes to perform a controlled shutdown in case of a power cut.

It is a good investment if your data are critical, because a power cut will cause any unsaved data to be lost.

Google Talk Cheats

Posted on by
3

I dont think I ‘ve missed out anything here , Its Full n Final

With Google Talk being all the craze right now, some people hacking it, and others loving it, I figured that I would post a list of tips and tricks for those curious about the extra “features” Google implemented and has not said much about.

Registry Tweaks

You can edit most settings by opening regedit (start -> regedit),
and navigating to the key HKEY_CURRENT_USER\Software\Google\Google Talk.
The “Google/Google Talk” key has several sub-keys that hold different option values:
Accounts: This one has subkeys for each different account that has logged in on the client. These keys have different values that store the username, password and connection options.
Autoupdate: Stores the current version information. When the client checks for updates it compares Google’s response with these values. If an update is needed, it will download and update the new version.
Options: This is the most interesting part, where most of the current hacks should be used (keep reading).
Process: Stores the process ID. Probably used by Google Talk to detect if it’s already running or not.
1.) HKEY_CURRENT_USER\Software\Google\Google Talk\Options\show_pin
If 1, shows a “pin” next to the minimize button that keeps the windows on top of all the other open windows when clicked.
2.)HKEY_CURRENT_USER\Software\Google\Google Talk\Options\view_show_taskbutton
If 0, hides the taskbar button, and leaves the tray icon only, when the window is shown
3.)HKEY_CURRENT_USER\Software\Google\Google Talk\Options\away_inactive
If 1, status will be set as Away after the specified number of minutes.
4.)HKEY_CURRENT_USER\Software\Google\Google Talk\Options\away_screensaver
If 1, status will be set as Away after the specified number of minutes.
5.)HKEY_CURRENT_USER\Software\Google\Google Talk\Options\inactive_minutes
Number of inactive minutes to become away if auto-away is on.

More Tips & Tricks
Change the font size – While holding the control key, move the scroll wheel on your mouse either up or down. This trick works while being focused in either the read or write area.Insert line breaks – If you want to have a message that spans multiple paragraphs, just hold shift and hit enter. You can add as many new lines as you want to create.

Bold Text – To write something bold, you can use an asterisk before and after the word, like *this* .
Italic Text – To use italics, use an underscore before an after the word, like _this_ .

Switch windows – Hitting tab will cycle through open windows. It will select minimized conversations, to expand them just hit enter. If you just want to cycle through IM’s and don’t care about the buddy list, control-tab will do that and will automatically expand a minimized conversation if you settle on one.

Invitation Tips – You don’t need to say Yes or No when someone wants to add you as a friend; you can simply ignore it, the request will go away. (On the other hand, someone with whom you chat often will automatically turn to be your friend, unless you disable this in the options).

Show Hyperlinks – You can show your homepage or blog URL simply by entering the it in your away message (at the top of the main window). It will automatically turn to a link visible to others.

A message can be 32767 characters long.


How To Conference Calls :

What you need to do to have conference calls: Open up a copy of Google Talk on all computers with which you wish to conference. After one copy is opened make a new shortcut for Google Talk but at the end of it add /nomutex. If you installed it to the default folder then your shortcut should read “C:\Program Files\Google\Google Talk\googletalk.exe” /nomutex. Open 2nd instances of the software on every user’s computer. After this start a chain: User 1 should connect on one instance to user 2. User 2 will connect on his second instance to user 3. User 3 will connect using his second instance back to user 1. With this chain everyone is connected to everyone.

Nickname & Status Message :

You can’t change your nickname in a way that other people will see it change. Every nickname in the Google Talk contactlist is the part that is before @gmail.com (only the alphabetical characters are used) or the name you chosen for your GMail account. To change the nickname need to go to your Gmail account and change the name there. Choose Settings, Accounts, and then Edit info. Click on the second radio button, and enter your custom name. As a result all of your emails will have that nick as well, there is no way to seperate the two. You can add a website in your custom message, it will be clickable when someone opens a conversation window with you.

Contacts :

You don’t need to say Yes or No when someone wants to add you as a friend; you can simply ignore it, the request will go away. (On the other hand, someone with whom you chat often will automatically turn to be your friend, unless you disable this).
The Gmail account ‘user@gmail.com’ can’t be invited as your friend.
[eminimall]
Play Music :

It’s possible to broadcast music, MP3, etc.. through Google Talk.
Unplug your microphone. Double click on the speaker icon in the lower right corner. This will open up “Volume Control”. Select “Options” and then “Properties”. Then check the button next to “Recording” then click OK. You may also have to change your setting under Mixer Device. Now the Recording Control screen should be up. On my computer I selected “Wave Out Mix”. Click on the green phone in Google Talk and call your friend.

Keyboard Shortcuts

Ctrl + E – It centralizes the selected text, or the current line.
Ctrl + R – It justifies to the right the selected text, or the current line.
Ctrl + L – It justifies to the left the selected text, or the current line.
Ctrl + I – The same thing does that Tab.
Tab – It is giving the area to each of the windows opened by Google Talk.
Ctrl + Tab – The same thing does that Shift + Tab .
Shift + Tab – The same thing does that Tab but in reverse.
Ctrl + Shift + L -Switch between points, numbers, letters, capital letters, roman numbers and capital roman numbers
Ctrl + 1 (KeyPad) – It does a simple space between the lines.
Ctrl + 2 (KeyPad) – It does a double space between the lines.
Ctrl + 5 (KeyPad) – A space does 1.5 between the lines.
Ctrl + 1 (NumPad) – It goes at the end of the last line.
Ctrl + 7 (NumPad) – It goes at the begin of the last line.
Ctrl + F4 – It closes the current window.
Alt + F4 – It closes the current window.
Alt + Esc – It Minimize all the windows.
Windows + ESC – Open Google Talk (if it’s minimized, or in the tray)
F9 – Open Gmail to send an email to the current contact.
F11 – It initiates a telephonic call with your friend.
F12 – It cancels a telephonic call.
Esc – It closes the current window.

[HOWTO] Use multiple identities on Google Talk

Want to run Google Talk with multiple Gmail identities? If you have several Google Gmail accounts you also may want to run multiple instances of Google Talk This is especially important for families that share a single PC. Nothing worse than a family member signing you out so they can sign in under their own account!
Basically, to have “Google Polygamy” you need to run Google Talk with the following switch: /nomutex
Step 1: Right-click on the desktop
Step 2: Select New
Step 3: Select Shortcut
Step 4: Paste this into the text box:
“c:\program files\google\google talk\googletalk.exe” /nomutex
Step 5: Click Next and choose a shortcut name such as Google Talk1, Google Talk2, or something related to your Gmail account for easy remembering which account is which.
Step 6: Click OK a few times.

[HOWTO] Use Google Talk via a Web Browser

You want to use Google Talk anywhere ? Follow these guidelines :)
Step 1: Opens your favorite web browser at the following address :
http://www.webjabber.net:8080/jim/
Step 2: Follow the instructions of the Page.
Step 3: You can talk with your friends
Google’s Secret Command-Line Parameters
There are a few secret parameters you can add to Google Talk and make it function differently.
The most important, I think, is /nomutex, which allows you to run more than one instance of GT. Here are the others:
/nomutex: allows you to open more than one instance of Google Talk
/autostart: when Google Talk is run with this parameter, it will check the registry settings to see if it needs to be started or not. If the “Start automatically with Windows” option is unchecked, it won’t start.
/forcestart: same as /autostart, but forces it to start no matter what option was set.
/S upgrade: Used when upgrading Google Talk
/register: registers Google Talk in the registry, includig the GMail Compose method.
/checkupdate: check for newer versions
/plaintextauth: uses plain authentication mechanism instead then Google’s GAIA mechanism. Used for testing the plain method on Google’s servers.
/nogaiaauth: disables GAIA authentication method. The same as above.
/factoryreset: set settings back to default.
/gaiaserver servername.com: uses a different GAIA server to connect to Google Talk. Used for debug purposes only, there are no other known GAIA servers.
/mailto email@host.com: send an email with Gmail
/diag: start Google Talk in diagnostic mode
/log: probably has something to do with the diagnostic logging
/unregister: ?
/embedding: ?
To add these, open up your GT shortcut, and where it says “Target:” add one or more of these inside the quotations, but after the .exe part.

Command Line stuff

There are a few secret parameters you can add to Google Talk and make it function differently. The most important, I think, is /nomutex, which allows you to run more than one instance of GT. He Talk is run with this parameter, it will check the registry settings to see if it needs to be started or not. If the “Start automatically with Windows” option is unchecked, it won’t start.
/forcestart: same as /autostart, but forces it to start no matter what option was set.
/S upgrade: Used when upgrading Google Talk
/register: registers Google Talk in the registry, includig the GMail Compose method.
/checkupdate: check for newer versions
/plaintextauth: uses plain authentication mechanism instead then Google’s GAIA mechanism. Used for testing the plain method on Google’s servers.
/nogaiaauth: disables GAIA authentication method. The same as above.
/factoryreset: set settings back to default.
/gaiaserver servername.com: uses a different GAIA server to connect to Google Talk. Used for debug purposes only, there are no other known GAIA servers.
/mailto email@host.com: send an email with Gmail
/diag: start Google Talk in diagnostic mode
/log: probably has something to do with the diagnostic logging
/unregister: ?
/embedding: ? To add these, open up your GT shortcut, and where it says “Target:” add one or more of these inside the quotations, but after the .exe part. ere are the others:

/nomutex: allows you to open more than one instance of Google Talk
/autostart: when Google

Increase Dial up Download speed

Posted on by
39

Dial up Download speed is low and some time it can be unused for advanced user so to improve Dial up Download speed following registry editing is helpfull.

1. Direct in Regedit :
Open
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ Tcpip\Parameters

Edit as follows:
“SackOpts”=dword:00000001
“TcpWindowSize”=dword:0005ae4c
“Tcp1323Opts”=dword:00000003
“DefaultTTL”=dword:00000040
“EnablePMTUBHDetect”=dword:00000000
“EnablePMTUDiscovery”=dword:00000001
“GlobalMaxTcpWindowSize”=dword:0005ae4c

OR
[eminimall]
2. By .Reg file :
Open notepad & paste

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
“SackOpts”=dword:00000001
“TcpWindowSize”=dword:0005ae4c
“Tcp1323Opts”=dword:00000003
“DefaultTTL”=dword:00000040
“EnablePMTUBHDetect”=dword:00000000
“EnablePMTUDiscovery”=dword:00000001
“GlobalMaxTcpWindowSize”=dword:0005ae4c

>> Now save this file as speed.reg (in Windows). Execute it and observe the change!

wÅnnÅ w®îtË lîkË thî§?

Posted on by
3

This is really cool trick. I am sure everybody will like it.

Just follow the steps:

  1. Write your Message/Scrap in community or scrapbook.
  2. Copy paste the code below in your browser and then press enter. Please be ensured that you write the code in one line in the address bar.

    3. javascript:vartxt=document.getElementsByTagName(‘textarea’)[0];txt.v

  3. You will see change in the message you wrote.
  4. Press Submit and enjoy.

If you have any such cool tricks then Post it as a Comment to this Post. Your views about this post are welcome.