Having trouble copying from XP Pro to Vista ??

The permissions that Vista requires seem more stringent than in XP Pro. I have happily copied from XP Pro to XP Pro for years. When copying from XP machine to Vista machine, files will copy; but when on Vista machine and trying to copy from XP, some files copied and other s didn’t.
I tried about 50 different solutions – none worked! The XP machine has not set the permissions in a way that Vista can copy from, so you need to set them up on the XP machine.
1. Go to the folder (not file) that stores the files that won’t copy (eg. the yellow My Documents folder).
2. Right click on the folder and select PROPERTIES.
3. Select the SECURITY tab.
4. Select ADVANCED (bottom right).
5. Make sure you select the PERMISSIONS tab if it isn’t already selected.
6. Click on “Allow _ Everyone _ Modify _ ….” the lines with MODIFY on, are the ones that are preventing the files from transferring.
7. Now that the “Allow _ Everyone _ Modify _ ….” line is selected, click EDIT.
8. In the list of permissions in the next window, you’ll see some UNSELECTED boxes under the heading ALLOW.
9. SELECT each of these to give full control to the EVERYONE name.
10. Click OK
11. Place ticks in both boxes at the bottom left of this window (Advanced Security Settings window)… Box headings are …(INHERIT FROM PARENT THE PERMISSION ENTRIES and REPLACE PERMISSION ENTRIES ON ALL CHILD OBJECTS)
12. Click OK
13. Click OK
Now the XP machine will give full rights to the VISTA machine to copy files over.
My VISTA machine has File Sharing switched on. To check this select CONTROL PANEL, then select NETWORK AND SHARING CENTRE. Under this window you can turn on a number of actions including FILE SHARING (it should be ON).
Hope this helps.

Move over Stuxnet, Say Hello to the new Cyberweapon: “Flame”

(Screenshot of Iran CERT warning for “Flame” Malware)

Yesterday Iran’s Computer Emergency Response Team released a warning about a new modular malware that resembled Stuxnet and Duqu. Dubbed “Flame”, the new cyberweapon is causing quite a stir in the media with it’s “advanced features and complexity”.

But looking at the malware’s features disclosed by Iran’s CERT team, it doesn’t seem very game stopping:

  • Distribution via removable medias
  • Distribution through local networks
  • Network sniffing, detecting network resources and collecting lists of vulnerable passwords
  • Scanning the disk of infected system looking for specific extensions and contents
  • Creating series of user’s screen captures when some specific processes or windows are active
  • Using the infected system’s attached microphone to record the environment sounds
  • Transferring saved data to control servers
  • Using more than 10 domains as C&C servers
  • Establishment of secure connection with C&C servers through SSH and HTTPS protocols
  • Bypassing tens of known antiviruses, anti malware and other security software
  • Capable of infecting Windows Xp, Vista and 7 operating systems
  • Infecting large scale local networks

All of these “threats” have been seen before. I especially liked the “bypassing tens of known anti-viruses…” line.

But there are several features that do set “Flame” apart from the pack. First of all the malware is very large, a whopping 20MB. Also, it contains several files and seems to be able to attack using swappable modules. But there is more.

According to an article on The Register, Flame has the following features:

  • It has been active for at least 2 years, but possibly 5-8 years
  • Contains exploits for known and fixed vulnerabilities
  • Uses open source libraries
  • Uses a SQLlite database
  • Uses some Scripts written in Lua (of Angry Birds fame)

All the big name security companies that have analyzed it seem to agree that with it’s complexity, it was most likely written by a Nation State and not individuals or small groups.

The malware could have been created by Israel (and possibly the US) as many of the countries that have detected infection would be logical targets for them.

As according to Symantec:

Initial telemetry indicates that the targets of this threat are located primarily in Palestinian West Bank, Hungary, Iran, and Lebanon. Other targets include Russia, Austria, Hong Kong, and the United Arab Emirates. The industry sectors or affiliations of individuals targeted are currently unclear.”

I am not sure of it’s “CyberWeapon” title, as it seems to be an information gatherer. Definitely worth keeping an eye on, but as with “APT” and “Stuxnet”, I am sure the media will beat this topic to death.


p/s: Credit to http://cyberarms.wordpress.com

“Remote” tab missing in My Computer properties

When you right-click My Computer icon in the Desktop and choose Properties, the Remote tab may be missing. As a result, you may be unable to configure the Remote Assistance / Remote Desktop settings. To restore the tab, follow these steps:

Click Start, Run and type this command:

regsvr32 %systemroot%\system32\remotepg.dll

If you receive an error stating that the module could not be found, or stating no registration helper is registered for this file type (which indicates a corrupt DLL), extracting a new copy from XP CD should help. Make sure that you extract the updated copy of the DLL file if you have applied the XP Service Pack in your system. Register the DLL again.

(Extract the DLL from a Slipstreamed XP CD, or copy the remotepg.dll from ServicePackFiles\i386 folder to Windows\System32 folder)

To extract the DLL from Windows XP CD, type this in Command Prompt


Where X:\ is your CD-ROM drive letter. The above command assumes Windows is installed in C:\ drive. If not, change the drive letter / Path accordingly.




How to expand Windows XP files from the installation disk

Microsoft Windows XP – Expand command