Friday 27 January 2012

Some Useful Windows Tricks


Enabling NumLock on by Default-

To have numlock turned on for each user:

Start Regedit
Go to HKEY_CURRENT_USER\Control Panel\Keyboard\InitialKeyboardIndicators
Change the value from 0 to 2
Turn Numlock on manually
Log off and back on again.
For all users, make the same change to HKEY_USERS\.DEFAULT\Control Panel\Keyboard\InitialKeyboardIndicators


Increasing File System Caching-

To increase the amount of memory Windows will locked for I/O operations:

Start Regedit
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\Memory Management
Edit the key IoPageLockLimit
4096 - 32megs of memory or less
8192 - 32+ megs of memory
16384 - 64+ megs of memory
32768 - 128+ megs of memory
65536 - 256+ megs of memory


Adding / Removing Additional Programs-

By default, WindowsXP does not display all the programs you can add or remove.

To show this list:

Edit the \Windows\Inf\sysoc.inf file

In the Components section, simply remove the word hide.
This will leave two commas together (like on the rest of the items).
Then you can go to the Control Panel / Add or Remove Programs / Add/Remove Windows Components and the new items will be displayed.

[Components]
NtComponents=ntoc.dll,NtOcSetupProc,,4
WBEM=ocgen.dll,OcEntry,wbemoc.inf,hide,7
Display=desk.cpl,DisplayOcSetupProc,,7
Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,7
NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7
iis=iis.dll,OcEntry,iis.inf,,7
com=comsetup.dll,OcEntry,comnt5.inf,hide,7
dtc=msdtcstp.dll,OcEntry,dtcnt5.inf,hide,7
IndexSrv_System = setupqry.dll,IndexSrv,setupqry.inf,,7
TerminalServer=TsOc.dll, HydraOc, TsOc.inf,hide,2
msmq=msmqocm.dll,MsmqOcm,msmqocm.inf,,6
ims=imsinsnt.dll,OcEntry,ims.inf,,7
fp_extensions=fp40ext.dll,FrontPage4Extensions,fp4 0ext.inf,,7
AutoUpdate=ocgen.dll,OcEntry,au.inf,hide,7
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
msnexplr=ocmsn.dll,OcEntry,msnmsn.inf,,7
smarttgs=ocgen.dll,OcEntry,msnsl.inf,,7
RootAutoUpdate=ocgen.dll,OcEntry,rootau.inf,,7


Games=ocgen.dll,OcEntry,games.inf,,7
AccessUtil=ocgen.dll,OcEntry,accessor.inf,,7
CommApps=ocgen.dll,OcEntry,communic.inf,HIDE,7
MultiM=ocgen.dll,OcEntry,multimed.inf,HIDE,7
AccessOpt=ocgen.dll,OcEntry,optional.inf,HIDE,7
Pinball=ocgen.dll,OcEntry,pinball.inf,HIDE,7
MSWordPad=ocgen.dll,OcEntry,wordpad.inf,HIDE,7
ZoneGames=zoneoc.dll,ZoneSetupProc,igames.inf,,7


Changing the Internet Explorer Title-

Start Regedit
Go to HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title
Enter what you want appear in the title bar 


Automatically Ending Non-Responsive Tasks-

Start Regedit
Go to HKEY_CURRENT_USER\Control Panel\Desktop\AutoEndTasks
Set the value to be 1
In the same section, change the WaitToKillAppTimeout to the number of milliseconds you want.


Increasing System Performance-

If you have 512 megs or more of memory, you can increase system performance
by having the core system kept in memory.

Start Regedit
Go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\Memory Management\DisablePagingExecutive
Set the value to be 1
Reboot the computer 


To turn off balloon tips in applications that support XP Themes-

Start Regedit
Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Explorer\Advanced\
Create a DWORD value of EnableBalloonTips
Give it a value of 0
Disable the Remote Desktop Sharing (RDS) icon's menu
Disable the Remote Desktop Sharing (RDS) icon's menu


To Disable the Remote Desktop Sharing (RDS) icon's menu-

Start Regedit
Go to HKEY_LOCAL_MACHINE\Software\Microsoft\Conferencing \Mcpt
Create a new string value (Click on Edit > New > String Value).
Name the value Nx
Double-click on it and set it's value to 1
Close the registry
Now the menu options will be grayed out.


Disable Shared Documents-

To disable the Shared Documents folder that shows up on the network

Start Regedit
Go to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \
Create a new DWORD Value
Give it the name NoSharedDocuments
Give it a value of 1
Log off or reboot


Show Hidden Devices-

You can show hidden devices in the Device Manager. One way is by making a simple registry change. The other is through a batch file.

Start Regedit
Go to HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Control \ Session Manager \ Environment
Create a string DEVMGR_SHOW_NONPRESENT_DEVICES
Give it a value of 1 


Disable Passport Pop-Up-

Normally, WindowsXP will prompt you 10 times that You Need a Passport to use WindowsXP Internet communication features...

To disable this

Start Regedit
Go to HKEY_CURRENT_USER \ Software \ Microsoft \ MessengerService
Edit the binary key PassportBalloon
Give it a value of 0A (0A 00 00 00)


Preventing Applications from Stealing the Focus-

To prevent applications from stealing the focus from the window you are working

Start Regedit
Go to HKEY_CURRENT_USER \ Control Panel \ Desktop
Edit the key ForegroundLockTimeout
Give it a value of 00030d40 


Creating a Password Recovery Disk-

In case you forget your password, you can create a password recovery floppy disk beforehand to help you out of this problem.

Single-click Start menu
Go to the Control Panel / User Accounts
Click the User Account
On the left hand side, click on Prevent forgotten password
You will need to know your password to create the disk.
If you don't remember your password sometime in the future, click on the green arrow like normal at the login and you will be prompted to insert the password recover disk. 


Renaming the Start Button-

To rename the start button, you will need a hex editor.
My preference is UltraEdit

Copy the \windows\explore.exe file to a new name (e.g. explorer_1.exe)
With the hex editor, open that file and go to offset 412b6
You will see the word start with blanks between each letter
Edit it be any 5 characters or less
Save the file
Boot to DOS
Copy the existing c:\windows\explorer.exe to explorer.org
Copy explorer_1.exe to explorer.exe
You will also need to replace the explorer.exe in the c:\windows\system32\dllcache file as well with the new one.
Note: If the partition is NTFS and you can't access the files from DOS:

Start Regedit
Go to HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon.
Change the value of Shell from Explorer.exe to explorer_1.exe


Changing the Registered Owner-

Start Regedit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
From there you can edit the name in the Registered Owner key 


Enable / Disable the Task Manager-

Start Regedit
Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\Curre ntVersion\Policies\System
Create the Dword value DisableTaskMgr
Give it a value of 0 to enable it
Give it a vaule of 1 to disable it

**********************************************************************

Monday 16 January 2012

Tweek OS like XP etc. & Speed It Up

We all are different. We like different things; we want to be unique and try to avoid the routine. The same things apply to the user-operating system relationship. Windows comes in a rough initial “shape” but not everybody is willing to accept it. So here are some useful changes to make it more comfortable.

Tip #1-
1. Command your Windows Explorer to start in the location of your choice

By default, when you access Windows Explorer it will go directly to the My Documents folder. To change this, right click on the icon and replace the Target field with: “%SystemRoot%explorer.exe /e, c:”. You can make it start in your games folder or any other location. For example, you can instruct it to start directly on My Computer by adding this string: “%SystemRoot%explorer.exe /e,”.

Tip #2-
2. Teach Windows to automatically log on to your account

Many of you may have realized that Windows does no longer log on directly to your account when you boot the computer. This happens because of the .NET Framework Update from m*cro$oft that creates an extra user account named ASP.NET. Of course, you would think that the easiest method is not to update the .NET Framework or to delete the newly created account. However, it is better to configure Windows to automatically log on to the user of your choice by using this method:

Go to Start->Run, type “control userpasswords2” and click OK. The “Users” window will appear; select the account you want to automatically log on to then uncheck the “Users must enter a user name and password to use this computer” option. If you have a password set, type it to complete the process. Unfortunately, this is available just for Windows
XP Professional users.

Tip #3-
3. Are you in a hurry and your PC doesn’t want to Shut Down rapidly? Here are some tips:

For both Home and Professional edition users go to Start->Run and type “regedit” to fire up the Registry Editor. Navigate to the following key:
[HKLMSYSTEMCurrentControlSetControlSession ManagerMemory Management] and set the “ClearPageFileAtShutdown” value to 0.

XP Professional users can do this via the Group Policy Editor. To start it, go to Start->Run and type “secpol.msc”. Click Local Policies, then Security Options, and set “Shutdown: Clear virtual memory page file” to Disabled.

These registry tweaks may solve the problem partially because there may be other processes, services or malfunctioning installed applications that cause the shutdown procedure to take a long time.

Tip #4-
4. Being a long time user of Windows, you are now aware of the Show Desktop utility function, but back in the past you have removed it from Quick Launch. Don’t know how to restore it?

Go to Start->Run and type the command “regsvr32 /n /i:U shell32”. The icon will reappear in Quick Launch.

Tip #5-
5. Remove the username and picture from the new Windows XP Start Menu

The Windows XP start menu displays your username and a picture at the top. Many complain that they don’t want this information to be shown but there is no solution for this. Well, there is, of course without disabling the Welcome Screen and Windows XP Themes.
Go to C:Documents and SettingsAll UsersApplication DataMicrosoftUser Account Pictures. Inside the folder there is a BMP picture file named after your username. If your name is Smith then the picture file should be named Smith.BMP. Rename it to Smith2.BMP, then rename the following folder: C:Documents and SettingsAll UsersApplication DataMicrosoftUser Account PicturesDefault Pictures to “Old_Default Pictures”.

To remove the user name, go to the Registry Editor (Start->Run->regedit) and look for [HKEY_CURRENT_USERSoftwareMicrosoft WindowsCurrentVersionPoliciesExplorer]. In the right panel, set the “NoUserNameInStartMenu” value to 1. After a system reboot, no username or picture will be shown.

Tip #6-
6. Windows forgets your Folder settings?

If you are a meticulous person you might like to customize your folders to look nice, changing the view mode, position or display options. After restarting, you realize that everything was in vane, you lost the settings. This is due to the fact that by default Windows XP remembers the settings for at most 400 folders. To solve this go to Registry Editor and look after these keys:
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsShell] and
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsShellNoRo am]. Set the BagMRU Size to 5 000 (or up to 8 000). Now it's solved!

Tip #7-
7. Set the command prompt to a desired path.

When you type CMD in the “Start->Run” window to access the command prompt, you notice that it will go to the user’s home directory. To change that, use the Registry Editor to navigate to [HKEY_CURRENT_USERSoftwareMicrosoft Command Processor].
In the right panel, look for Autorun. If it misses, create a new REG_SZ and set the folder there, preceded by a CD (as you type in DOS). Example: typing just CD makes the Command Prompt default to C: drive. You can also type “CMD /?” in the Command Prompt for detailed information about its parameters.

Tip #8-
8. Sometimes you might be unable to preview JPG, GIF and HTM files in the Display Properties dialog. To solve this error type “REGSVR32 /i SHIMGVW.DLL” and “REGSVR32 /i MSHTML.DLL” in Start->Run.

Tip #9-
9. Clear the "Search for files and folders" history in Windows XP to keep your privacy.

Go to Registry Editor and look for [HKEY_CURRENT_USERSoftwareMicrosoft Internet Explorer ExplorerBars{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}FilesNamedMRU]. There you can delete the items.

Tip #10-
10. Your zip archiver software has expired and after uninstall there is no zip associated program, although Windows can deal with zip archives.

Go to Start->Run and type “REGSVR32 ZIPFLDR.DLL” or “cmd /c assoc .zip=CompressedFolder”.

Please note that due to the large number of settings and changes that might have previously been applied to your Windows system, some of the tweaks mentioned above might not work as they were described.

Warning:- 
Make a backup of the registry before tweaking it.....or create a System Restore point before applying the tweaks. And try the tweaks at your own risk. 

**********************************************************************

The Best Way to "Hide" Your Files/Folders in OS


Introduction-


Before writing this article, I searched the forum for existence of similar articles and found none, so I thought to share this with you all. I have seen many software as being an engineering student that offer various ways to hide your files, but none of them was satisfactory for me as the one I'm about to mention. That's TrueCrypt Software.

Background-


TrueCrypt is a wonderful software which offers "ON-THE-FLY" encryption. Best of all, it's FREE and open-source !

As TrueCrypt.org mentions, the main features of TrueCrypt are :
  • Creates a virtual encrypted disk within a file and mounts it as a real disk.
  • Encrypts an entire partition or storage device such as USB flash drive or hard drive.
  • Encrypts a partition or drive where Windows is installed.
  • Encryption is automatic, real-time (on-the-fly) and transparent.
  • Provides plausible deniability, in case an adversary forces you to reveal the password:
    Hidden volume (steganography) and hidden operating system.
  • Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.
You can download it for free from : http://www.truecrypt.org/downloads

Using TrueCrypt to Hide your Files-


Now, let me show you how you can hide your files with TrueCrypt.
[ I will tell how to create simple encrypted volumes here. I won't cover Hidden volume/Hidden OS creation. I may cover them in subsequent parts, or you may refer TrueCrypt manual ]

Download and install TrueCrypt 6.2. Open TrueCrypt.exe and then follow the steps below :

STEP 1 : Create a TrueCrypt Volume




Step 1 : Create a new TrueCrypt Volume.
  • Open TrueCrypt.exe
  • Click "Create Volume".

Step 1.1 : Create encrypted file container.
  • Select the highlighted option
  • Click "Next".

Step 1.2 : Select volume type.
  • Select Standard Volume.
  • Click "Next".

Step 1.3 : Enter the location of volume.
  • Enter Path to any file which will act as a volume. ( Example shows "C:\Backup", file Extension is not necessary )
  • Click "Next".

Step 1.4 : Select Encryption Options.
  • I recomment leaving the encryption algorithm as AES because
    • AES is fastest among available options.
    • Although AES 256 is weakest among the available options, it is still very hard to crack.
  • Select any hash Algo.
  • Click "Next".

Step 1.5 : Select Volume size.
  • I have entered size as 6 GB, enter any size you want.
  • Click "Next".

Step 1.6 : Enter the password that will protect the volume.
Warning :
  • I recommend not to use keyfiles because if you loose them or if the content is changed slightly your whole volume will become useless.
  • If you loose your key then you are doomed ! No one can recover your volume.


Step 1.7 : Format !
  • Choose FAT or NTFS File system.
  • Move your mouse inside the window for about a minute.
  • Click Format.

Step 1.8 : Done !
  • After formating is done click OK
  • Then Click Exit

Now you have successfully created a TrueCrypt volume.

STEP 2 : Mounting the volume


You can use a truecrypt volume like any other disk. You can store files, delete them, defragment it, clean it etc.. But before gaining access to the disk, you must mount it like this :


Step 2 : Mounting the volume.
  • Open TrueCrypt.exe
  • Click "Select File"
  • Select the file and click "Open"

Step 2.1 : Select the Drive Letter.


Step 2.2 : Password
  • Enter the correct password for your volume and it will be mounted successfully and will be shown in the Windows Explorer list

STEP 3 : Using the volume


Now that the volume is mounted, you can check it in My Computer :



You can start using it right away. Put all your secret stuff into it. Copying into a TrueCrypt encrypted volume will be slower because files are encrypted in real-time.

STEP 4 : Dismounting the volume


When you are done using the volume, you should dismount it so that no-one else can gain access to the volume :


Step 4 : Dismounting the volume
  • Simply select the drive letter ( here Z: ), and click Dismount.
  • To Dismount all mounted volumes, Click "Dismount All".


Advantages of TrueCrypt-

  • Your data is safely hidden inside your volume.
  • Your volume is password protected !
  • Data is not just written, but is encrypted. So, if anyone opens your volume in a hex-editor or anything like that, he won't be able to make anything out of it.
  • There is no way to differentiate a TrueCrypt volume from an ordinary file. Any file say "Report.doc" can also be used as a TrueCrypt volume. People might doubt the exceptionally high file size though.
  • You can also create hidden volumes inside TrueCrypt volumes so that even if you are forced to reveal the password by someone, your files can still be protected inside hidden volume.

Note-
NEVER LOSE THE VOLUME PASSWORD / KEY-FILE, ELSE YOUR VOLUME WILL BE COMPLETELY USELESS.

**********************************************************************

All About Windows Registry And Registry Editing


What is Registry?


Registry is a database where Windows stores all types of settings and option related information, in other word, it consists of all information regarding hardware, software, users etc. Now, in place of Win 95 or 98, registry was build up with two hidden files - USER.DAT & SYSTEM.DAT, but now it consists with another file. Named CLASSES.DAT


The Structure of Registry-


Registry is a Hierarchical Structure, just like our disk’s directory tree or Windows explorer. Now if we run the registry editor (Start -> Run -> Regedit), then we will find six main braches, called HIVE. Each hives contains some keys, now every key contains some subkey or value. This value stores all the information in the Registry!
All The Six Hives Of Registry.

1. HKEY_CLASSES_ROOT – It contains all the information related to File Association, OLE and Windows Shorten.
2. HKEY_CURRENT_USER – It consists of all the information for a particular active user who is in log on condition, e.g, logon names, desktop settings or start up menu etc.
3. HKEY_LOCAL_MACHINE – This hive contains all hardware and software related information.
4. HKEY_USERS – It contains all information related to users. For every user, there exists a SID subkey.
5. HKEY_CURRENT_CONFIG – It stores hardware configuration setting related information of current user related to HKEY_LOCAL_MACHINE.
6. HKEY_DYN_DATA – It stores all information about plug-n-play devices.

Every registry value contains 5 ata types –
REG_BINARY – Here data gathered in Raw binary format, basically it contains binary data related to Hardware component.
REG_DWORD – Here data stored in as byte number. It consists boolesn values e.g, ‘0’ or Disable and ‘1’ or Enable.
REG_MULTI_SZ – Here data stores as multiple string and null character separates each other data.
REG_SZ – Here data stored as simple readable text in standard string form.


Editing the Registry- 


If you open the registry editor you will find a simple ecplorer type window. Which consists of two parts, left side is called Navigation Pane, here we can find all the hives with + and – signs. If we click + sign, the hive will expand and all the key and subkeys will be displayed. And at the right side we will find the values of the key.
To change any value of any key, just double click on it and if you want to delete it, simple right click on it and select delete.

Windows 7 Registry Screenshot


Some Important Registry Editing!
1. How to know System BIOS information?
Find the key
HKEY_LOCAL_MACHINE/HARDWARE/DESCRIPTION/System
Now, at the right side you’ll see some keys, among them, view specified keys-
SystemBiosDate, SystemBiosVersion, etc.

2. How to know full information of your processor?
Find the key
HKEY_LOCAL_MACHINE/HARDWARE/DESCRIPTION/System/Central/Processor/O
Under this hive, you will see many keys, check all these keys to know your processor information! But do not modify it! Some times you’ll find values in Hexadecimal system, in that case, simply switch to decimal mode!

3. How to disable Autorun feature on Windows?
Find the key
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\policies\Explorer\NoDriveTypeAutorun
Please follow the codes

Code:
        
         Values                                                                 Meaning

       0x1 or 0x80                                            Disables AutoRun on drives of unknown type
          0x4                                                   Disables AutoRun on removable drives
          0x8                                                   Disables AutoRun on fixed drives
          0x10                                                 Disables AutoRun on network drives
          0x20                                                 Disables AutoRun on CD-ROM drives
          0x40                                                 Disables AutoRun on RAM disks
          0Xff                                                  Disables AutoRun on all kinds of drives 

Default Values:

         Values                                                            Meaning

            0x91                                          Windows Server 2008 and Windows Vista
            0x95                                          Windows Server 2003
            0x91                                          Windows XP
            0x95                                          Windows 2000


That’s All About Registry And Registry Editing!While editing the registry, don’t forget to make restore point, because wrong editing of registry may crash your Windows!
Be Careful and Enjoy!


**********************************************************************

Sunday 15 January 2012

Managing Startup Items in Windows OS

Windows options can be more easily modified in its XP version, than in any other.
First let me introduce the start up option. Whenever u boot a system it loads some of the programs other than system files in the background. Those are called start up items. These are really important because, once a virus enters into the system,to affect the system it loads itself into the start up. Since the start up items also includes many system files, u shud b very careful in deleting or modifying a start up entry.


Accessing Startup Items-


There are many ways to access the start up entries.
1. start-> run -> msconfig (Only in XP)

In the last tab u'll find the startup tab. Inside that it has Startup item, Command and Location.
2. By regedit also u can edit the items, but its not the safer way to do it. Since registry is the core of the OS, if u disturb it any way, It fails to work properly.

Many software are available in the net, which can help in modifying a startup entry. I'll list some of those.

3. Tuneup utilities and many more.
Using a sub tool inside the Tune up namely, Start up manager u can easily do modifications. 

4. From ur start up folder also u can access these entries.
root\Documents and settings\(User name)\Start Menu\Programs\Startup\
Inside this folder there will be some start up entries. U can even delete this, if u re sure that u don't need it. 

msconfig Screenshot


Modifying a Start Up Entry- 


With the msconfig tool u can't actually modify an entry. U can only enable it to load or disable. But with tuneup utils u can add an entry and even modify it. When ur system is affected with virus such as newfolder.exe,regsvr.exe and svchost.exe. U can easily evade them by tuning ur start up. 

Removing Unwanted Entries-


In order to remove the un wanted entries, u shud first know which is unwanted. 
for instance I'll list some of the unwanted entries
reader_sl.exe ----> Acrobat reader 
NMBgmonitor, Nerocheck ----> Nero
Adobe gamma loader -----> Adobe

CAUTION-
As i said already, System files also find a place in the start up entries. So be careful in modifying these. 


**********************************************************************