It is often happens the very annoying alert message in the windows operating system, "Task manager has been disabled by the administrator!" really??. This is because of some malicious program being run in the back ground and it is normally invisible to the user. The only easy way to monitor this simply the task manager! right?. Task manager is a graphic tool used to monitor the current running process and applications and related details of these.
it is happy to know that the malicious program writers or the virus writers are really scare with this Task manager. A experienced administrator can easily find out
with the help of this task manager what are the suspected programs running in the background other than the normal programs. consequently their program process could be stopped by the administrator. In order to prevent this these ugly guys often programmed into disable the task manager.
Task manager can be re enabled in a file using "gpedit.msc" in the administrative templates that is there.But the "ugly" writers are more than of that when we re enable the task manager, within seconds or less than of second they will disappear it again.This means the malicious program still running in the background and must be stopped right?
Here is the solution...
netstat command could be used for alternative of to identify what are the program running in the background according to their name,memory usage and process ID.
here is a brief description of netstat with very useful options.
netstat -anbo
-n Displays addresses and port numbers in numerical form.
-o Displays the owning process ID associated with each connection
-a Displays all connections and listening ports
-b Displays the executable involved in creating each connection or
listening port.
the above command in the cmd will result a detailed status of the program with name, process id, including the dll fles etc.
simply use the process id to input to the "tskill" command.
ex.
tskill 8299
where 8299 will be the process id of suspected process.And this is one of the ways you can achieve this task right?.
regards..
Showing posts with label Windows. Show all posts
Showing posts with label Windows. Show all posts
Wednesday, September 23, 2009
Tuesday, July 28, 2009
windowsXP command manual
To get the whole commands that would be supported by the windowsXp go to
start--> run
in run window type
hh ntcmds.chm
this will open a command manual of chm format.
start--> run
in run window type
hh ntcmds.chm
this will open a command manual of chm format.
Rebuild the Windows boot.ini.
Insert the Microsoft Windows XP CD
Reboot the computer form CD
Setup menu press R to open the recovery console
Enter the Admin password
Type bootcfg /rebuild to start the rebuild process.
The rebuild process will step you through a number of steps depending upon how many operating systems
or u can type /fastdetect to automatically detect the available options.
type exit to reboot the computer.
Reboot the computer form CD
Setup menu press R to open the recovery console
Enter the Admin password
Type bootcfg /rebuild to start the rebuild process.
The rebuild process will step you through a number of steps depending upon how many operating systems
or u can type /fastdetect to automatically detect the available options.
type exit to reboot the computer.
Thursday, July 23, 2009
FIX Master Boot Record
The simplest way to repair or re-create MBR is to run Microsoft's standard utility called FDISK with a parameter /MBR, like
A:\> FDISK.EXE /MBR
FDISK is a standard utility included in MS-DOS, Windows 95, 98, ME.
If you have Windows NT / 2000 / XP, you can boot from startup floppy disks or CD-ROM, choose repair option during setup, and run Recovery Console. When you are logged on, you can run FIXMBR command to fix MBR.
1. First, restart your computer with the Windows XP setup disk in the CD drive. If you don’t have your original disk, borrow one or download a ISO image from a torrent site.
2. When prompted, boot from the CD drive by pressing any key. If Windows loads automatically, you will first have to enter the BIOS setup and change the order of the boot devices to start with the CD drive.
change boot order
3. Once the setup loads, you will see the option to press R to repair a Windows installation.
repair windows
4. Once the Recovery Console loads up, you will have to type in a number that corresponds to your Windows installation. This is normally just 1. Press Enter and then type in the Administrator password.
recovery console
5. Now at the prompt, type in fixmbr. Your damaged MBR will now be replaced with a new master boot record and your computer should now be able to boot properly. Note that you may also want to run the fixboot command to repair the boot sector with a new one.
A:\> FDISK.EXE /MBR
FDISK is a standard utility included in MS-DOS, Windows 95, 98, ME.
If you have Windows NT / 2000 / XP, you can boot from startup floppy disks or CD-ROM, choose repair option during setup, and run Recovery Console. When you are logged on, you can run FIXMBR command to fix MBR.
1. First, restart your computer with the Windows XP setup disk in the CD drive. If you don’t have your original disk, borrow one or download a ISO image from a torrent site.
2. When prompted, boot from the CD drive by pressing any key. If Windows loads automatically, you will first have to enter the BIOS setup and change the order of the boot devices to start with the CD drive.
change boot order
3. Once the setup loads, you will see the option to press R to repair a Windows installation.
repair windows
4. Once the Recovery Console loads up, you will have to type in a number that corresponds to your Windows installation. This is normally just 1. Press Enter and then type in the Administrator password.
recovery console
5. Now at the prompt, type in fixmbr. Your damaged MBR will now be replaced with a new master boot record and your computer should now be able to boot properly. Note that you may also want to run the fixboot command to repair the boot sector with a new one.
Subscribe to:
Posts (Atom)
LinkWithin
