Problem:
When i double-click on a drive, it opens in new window. What is the problem, Is it because of a virus. Please help me.
Solution:
Open any explorer window, Click on Tools >> Folder options >> View.
Click on restore defaults.
If this does not solve your problem the it may be because of a virus attack.
You can perform the following steps to get rid of this.
Solution 1
Open start menu and click Run.
Type regsvr32 /i shell32.dll
Click Ok and if this message shows “DllRegisterServer and DllInstall in shell32.dll succeeded” that means the problem is solved.
Solution 2
In Run type regedit.exe to open the registry editor.
Traverse to HKEY_CLASSES_ROOT/Directory/Shell
Double click on the default value on right and set it as “none”.
Repeat the procedure for the key HKEY_CLASSES_ROOT/Drive/Shell.
Solution 3
Alternatively, you can download a registry file and merge it with your registry by double clocking it. Reboot your system after merging the file.
One of the methods listed above will definitely solve your problem.
Tuesday, September 21, 2010
NTDS.DIT
KCC: (Knowledge Consistency Checker):
It is a service of A.D., which is responsible for intimating, or updating the changes made either in DC or ADC.
Active Directory is saved in a file called NTDS.DIT
C:\windows\ntds\ntds.dit
NTDS.DIT - New Technology Directory Services. Directory Information Tree
It is a file logically divided into four partitions.
1. Schema partition
2. Configuration partition
3. Domain partition
4. Application partition
It is a set of rules schema defines AD, it is of 2 parts classes & attributes.
Ad is constructed with the help of classes and attributes.
1. Schema:
Logical partition in AD database “template” for AD database.
· Forms the database structures in which data is stored.
· Extensible
· Dynamic
· Protect by ACL (Access Control Lists) DACLs and SACLs (Directory&System ACLs)
· One schema for AD forest.
Collection of objects is called class.
Piece of information about the object is called attribute.
2. Configuration Partition:
Logical partition in AD database.
1 “map” of AD implementation
2 Contains information used for replication logon searches.
3 Domains
4 Trust relationships
5 Sites& site links
6 Subnets
7 Domain controller locations.
3. Domain Partition:
1 Logical partition in AD database.
2 Collections of users, computers, groups etc.
3 Units of replication.
4 Domain controllers in a domain replicate with each other and contain a full copy of the domain partition for their domain.
5 DCs do not replicate domain partition information for other domains
4. Application Partition:
1 It is a newly added partition in win2003. It can be added or removed
2 It can be replicated only to the specified DCs.
3 Useful when we are using AD integrated services like DNS, TAPI services etc..
It is a service of A.D., which is responsible for intimating, or updating the changes made either in DC or ADC.
Active Directory is saved in a file called NTDS.DIT
C:\windows\ntds\ntds.dit
NTDS.DIT - New Technology Directory Services. Directory Information Tree
It is a file logically divided into four partitions.
1. Schema partition
2. Configuration partition
3. Domain partition
4. Application partition
It is a set of rules schema defines AD, it is of 2 parts classes & attributes.
Ad is constructed with the help of classes and attributes.
1. Schema:
Logical partition in AD database “template” for AD database.
· Forms the database structures in which data is stored.
· Extensible
· Dynamic
· Protect by ACL (Access Control Lists) DACLs and SACLs (Directory&System ACLs)
· One schema for AD forest.
Collection of objects is called class.
Piece of information about the object is called attribute.
2. Configuration Partition:
Logical partition in AD database.
1 “map” of AD implementation
2 Contains information used for replication logon searches.
3 Domains
4 Trust relationships
5 Sites& site links
6 Subnets
7 Domain controller locations.
3. Domain Partition:
1 Logical partition in AD database.
2 Collections of users, computers, groups etc.
3 Units of replication.
4 Domain controllers in a domain replicate with each other and contain a full copy of the domain partition for their domain.
5 DCs do not replicate domain partition information for other domains
4. Application Partition:
1 It is a newly added partition in win2003. It can be added or removed
2 It can be replicated only to the specified DCs.
3 Useful when we are using AD integrated services like DNS, TAPI services etc..
Transfer of FSMO Roles
We can transfer the roles for some temporary maintenance issues on to ADC and again we can transfer back the roles onto DC.
We can transfer the roles in two ways
1. Command mode
2. Graphical mode
Transfer of roles through command:
On DC
Go to command prompt and type ntdsutil
Type: roles
Connections
Connect to server (name of ADC ex.sys2)
Q
Transfer schema master
Transfer RID master
Transfer infrastructure master
Transfer PDCQ
Q
Exit
Transferring roles using GUI:
On DC
Register the schema
For registering schema
Start > run > regsvr32 schmmgmt.dll
Transferring schema master
On Dc
Start>Run>mmc>click on file> select add/remove snap in
Select A.D.Schema>add>close>ok
From console root
Expand console root
Right click AD Schema
Change domain controller
Specify name
Ok
Right click AD schema
Select operations master
Click on change
Yes> ok> file> exit (need not to save)
Transferring Domain naming master:
On DC
Start>p>admin tools> ADDT>right click on ADDT
Connect to domain controller
Select ADC
Ok
Right click on ADDT
Operations master
Click on change>yes>ok> close
Transferring Domain wide master operations:
Start >p>admin tools> ADUC
Right click on ADUC
Connect to DC
Select ADC > ok
Right click on Domain name
Select operations master
Change>yes
Select PDC> change>yes>select infrastructure>change>close>close.
FSMO Roles:
Flexible Single Master Operations Roles :
Forest wide Master Operation:
1. Schema master 2.Domain Naming master
Domain wide master operation:
3. PDC emulator
4. RID master
5. Infrastructure master
1.Schema Master:
Responsible for overall management of the entire schema in a forest.
The first DC installed acts as a schema master in the entire forest.
There can be only one schema master in the entire forest
2.Domain Naming Master:
Responsible for addition /removal of domains.
It maintains the uniqueness of domain names.
There can be only one DNM in the entire forest.
3. PDC emulator:
PDC provides backward compatibility for existing NT BDCs and workstations. (If it is running in mixed mode)
PDC updates the password changes made by the users.
It is also responsible for synchronizing the time.
There can be only one PDC emulator per domain.
4. RID master:
Responsible for assigning unique IDs to the objects created in the domain.
There can be only one RID master per domain
SID – Security Identifier it maintains a access control list. It is divided into two parts.
1. DID (Domain Identifier)
2. RID (Relative Identifier)
For knowing the SID of the user
>Start>run>cmd> whoami /user.
5. Infrastructure master:
Responsible for maintaining the updates made to the user & group membership.
It also maintains universal group membership.
There can be only one infrastructure master per domain
The term flexibility means we can transfer any of the 5 roles from DC to ADC
Forest wide Master Operation:
1. Schema master 2.Domain Naming master
Domain wide master operation:
3. PDC emulator
4. RID master
5. Infrastructure master
1.Schema Master:
Responsible for overall management of the entire schema in a forest.
The first DC installed acts as a schema master in the entire forest.
There can be only one schema master in the entire forest
2.Domain Naming Master:
Responsible for addition /removal of domains.
It maintains the uniqueness of domain names.
There can be only one DNM in the entire forest.
3. PDC emulator:
PDC provides backward compatibility for existing NT BDCs and workstations. (If it is running in mixed mode)
PDC updates the password changes made by the users.
It is also responsible for synchronizing the time.
There can be only one PDC emulator per domain.
4. RID master:
Responsible for assigning unique IDs to the objects created in the domain.
There can be only one RID master per domain
SID – Security Identifier it maintains a access control list. It is divided into two parts.
1. DID (Domain Identifier)
2. RID (Relative Identifier)
For knowing the SID of the user
>Start>run>cmd> whoami /user.
5. Infrastructure master:
Responsible for maintaining the updates made to the user & group membership.
It also maintains universal group membership.
There can be only one infrastructure master per domain
The term flexibility means we can transfer any of the 5 roles from DC to ADC
Remove open with menu or Search menu when we click on any drive
The symptom occurs because when autorun.vbs is created by trojan horse or virus.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Userinit=userinit.exe,autorun.exe Finally, autorun.bat will call wscript.exe to run autorun.vbs.
To correct and solve this error, follow this steps:
Run Task Manager (Ctrl-Alt-Del or right click on Taskbar) Stop wscript.exe process if available by highlighting the process name and clicking End Process. Then terminate explorer.exe process.
In Task Manager, click on File -> New Task (Runâ?¦). Type â??cmdâ?? (without quotes) into the Open text box and click OK.
Type the following command one by one followed by hitting Enter key:
del c:\autorun.* /f /s /q /a
del d:\autorun.* /f /s /q /a
del e:\autorun.* /f /s /q /a
OR
Go to Start
!
Run
!
cmd
!
ok
!
If you want to remove the infeced file from c drive then type c:
!
Press Enter
!
Type attrib autorun.inf -s -h -r
!
Press enter
!
del autorun.inf
!
Press enter
!
do the same in all infected Drives
!
Restart the System
OR
Once the Autorun.inf is infected it is not easy to delete it.
If you do the normal delete command, the autorun.inf keep coming back after you remove it.
Here is a way how to remove the infected Autorun.inf permanently:
Boot your system in safemode
!
Open your flash drive via command prompt (start>>run>>cmd.exe)
!
Activate your flash drive (e.g. flash drive is in J:, just type J:on the command prompt - don’t forget to press enter)
!
Type ATTRIB -H -R -S AUTORUN.INF then press “Enter”
!
Reboot your PC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Userinit=userinit.exe,autorun.exe Finally, autorun.bat will call wscript.exe to run autorun.vbs.
To correct and solve this error, follow this steps:
Run Task Manager (Ctrl-Alt-Del or right click on Taskbar) Stop wscript.exe process if available by highlighting the process name and clicking End Process. Then terminate explorer.exe process.
In Task Manager, click on File -> New Task (Runâ?¦). Type â??cmdâ?? (without quotes) into the Open text box and click OK.
Type the following command one by one followed by hitting Enter key:
del c:\autorun.* /f /s /q /a
del d:\autorun.* /f /s /q /a
del e:\autorun.* /f /s /q /a
OR
Go to Start
!
Run
!
cmd
!
ok
!
If you want to remove the infeced file from c drive then type c:
!
Press Enter
!
Type attrib autorun.inf -s -h -r
!
Press enter
!
del autorun.inf
!
Press enter
!
do the same in all infected Drives
!
Restart the System
OR
Once the Autorun.inf is infected it is not easy to delete it.
If you do the normal delete command, the autorun.inf keep coming back after you remove it.
Here is a way how to remove the infected Autorun.inf permanently:
Boot your system in safemode
!
Open your flash drive via command prompt (start>>run>>cmd.exe)
!
Activate your flash drive (e.g. flash drive is in J:, just type J:on the command prompt - don’t forget to press enter)
!
Type ATTRIB -H -R -S AUTORUN.INF then press “Enter”
!
Reboot your PC
Subscribe to:
Posts (Atom)