The Information Microsoft Hides on Your Computer
From http://fuckmicrosoft.com/ (Sorry for stealing your doc)
Long and interesting read - makes you wonder what else they hide about you on your PC?
Read the disclaimer though - I nearly deleted everything on my computer by mistake.
(Try looking through User.Dat files as well using notepad as well - search for incriminating words using the find command - Cant just delete these references though)
Microsoft's Really Hidden Files v2.0
by The Riddler
May 16, 2001
(v1.0 written on June 11, 2000)
DISCLAIMER:
I will not be liable for any damage or lost information, whether due to reader's error, or any other reason.
SUMMARY:
There are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two (major) things: Microsoft Internet Explorer has been logging all of the sites you have ever visited -- even after you've cleared your cache, and Microsoft's Outlook and Outlook Express has been logging ALL of your e-mail correspondence -- even after you've erased them from your trashbin. (This also includes all incoming and outgoing e-mail attachments.) And believe me, that's not even the half of it.
When I say that these files are hidden well, I really mean it. If you don't have any knowledge of DOS, then don't plan on finding these files on your own. I say this because some of these files will only be found in DOS while some of these folders can only be found in Windows Explorer. Additionally, there are some folders that will not be displayed by neither DOS nor Explorer -- but can only be found using a workaround. Basically what I am saying is if you didn't know these files existed then the chances of you running across them is slim to slimmer.
To give you an example of how sneaky this is, there are three hidden folders that may contain your name, address, phone, all the sites you've visited, every single e-mail you've sent/received, every attachment you've ever sent/received, everything you've searched for in a search engine, every filename you've downloaded, names of documents containing "sensitive" information, copies of all your cookies, full readable e-mail from your hotmail account, your PGP keys, and more.
Funny that Microsoft would make no mention of this on microsoft.com.
FORWARD:
I know there are some people out there that are already aware of some of the things I mention. I also know that most people are not. The purpose of this tutorial is teach people what is really going on with Microsoft's products and how to take control of their privacy again.
Thanks for reading.
INDEX
1. DEFINITIONS AND ACRONYMS
2. WHY YOU SHOULD ERASE THESE FILES
3. HOW TO ERASE THE FILES ASAP (Recommended for the non-savvy.)
3.1) If You Own Microsoft Internet Explorer
3.2) Clearing Your Registry
3.3) If You Own Outlook Express
3.4) Slack files
3.5) Keeping Microsoft Internet Explorer (Not recommended at all.)
4. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES (For the savvy.)
5. A LOOK AT OUTLOOK
6. HOW MICROSOFT DOES IT
7. +S MEANS [S]ECRET NOT [S]YSTEM
8. THE TRUTH ABOUT FIND FAST
8.1) Removing Find Fast
9. HOW HARD MICROSOFT TRIED TO KEEP PEOPLE FROM FINDING ABOUT IT
10. FINAL NOTE AND CONTACT INFORMATION
10.1) Recommended reading
11. SPECIAL THANKS
12. REFERENCES
Coming Very Soon:
mailbox.pst
pstores
Related Windows Tricks.
Reflection of why they use alphanumeric folders (9J3X7QZF4.)
Everything you didn't want to know about Find Fast.
The NSA-Key.
The [Microsoft Update] button.
Why the temp folders aren't intended to be temporary at all.
What's in those .dbx files?
--------------------------------------------------------------------------------
1. DEFINITIONS AND ACRONYMS
Well, the best definition I have been able to come up with is the following:
I) A "really hidden" file/folder is one that cannot be seen in Windows Explorer after enabling it to view all files, cannot be seen in MS-DOS after receiving a directory listing, and cannot be searched through using the "Find" utility.
a) There is at least one workaround to enabling Explorer to see them.
b) There is at least one workaround to enabling MS-DOS to see them.
c) There is at least one workaround to enabling the "Find" utility to search through them.
d) They are hidden intentionally.
II) Distinguishes "really hidden" file/folders from just plain +h[idden] ones, such as your "MSDOS.SYS" or "Sysbckup" folder.
III) Distinguishes from certain "other" intended hidden files, such as a file with a name of "šŸëœx¥."
DOS = Disk Operating System
MSIE = Microsoft Internet Explorer
TIF = Temporary Internet Files (folder)
HD = Hard Drive
OS = Operating System
--------------------------------------------------------------------------------
2. WHY SHOULD I ERASE THESE FILES?
1) Besides the glaring privacy risks.
2) Besides the fact that Microsoft is keeping these logs intentionally. (For reasons I can only imagine.)
3) These files can take up huge amounts of disk space. I've personally inspected a computer with almost 200 megs of this stuff, so you can imagine how much this can slow your computer down. After following these instructions you will probably notice a great improvement in performance.
--------------------------------------------------------------------------------
3. HOW TO ERASE THE FILES ASAP
Step by step information on how to erase these files as soon as possible. This section is recommended for the non-savvy. Further explanation can be found in Section 4.0. Please note that following these next steps will erase all your cache files, all your cookie files, and all of your e-mail correspondence. If you use the offline content feature with MSIE, following these next steps will remove this as well.
--------------------------------------------------------------------------------
3.1. IF YOU OWN A COPY OF MICROSOFT INTERNET EXPLORER
1) Shut your computer down, and turn it back on.
2) While your computer is booting keep pressing the [F8] key until you are given an option screen.
3) Choose "Command Prompt Only" (This will take you to true DOS mode.)
4) When your computer is done booting, you will have a C:> followed by a blinking cursor. Type in this hitting enter after each line.
CDWINDOWSTEMPOR~1
DELTREE/Y CONTENT.IE5
(If that didn't work then type this:)
CDWINDOWSAPPLIC~1TEMPOR~1
DELTREE/Y CONTENT.IE5
(If that didn't work then type this:)
CDWINDOWSLOCALS~1TEMPOR~1
DELTREE/Y CONTENT.IE5
(If this still does not work, and you are sure you are using MSIE5, then please e-mail me. Finding the location of these is a mission, and I'd certainly like to know where else MSIE likes to hide its cache. I believe older versions of MSIE keep them under "c:windowscontent".)
5) This will take a ridiculous amount of time to process. The longer it takes, the more records Microsoft had stored about you. When it gets done erasing that folder, then type this:
CD
DELTREE/Y TEMP
DELTREE/Y WIN386.SWP
CD WINDOWS
DELTREE/Y COOKIES
DELTREE/Y TEMP
DELTRE/Y WIN386.SWP
DELTREE/Y HISTORY
--------------------------------------------------------------------------------
3.2. CLEARING YOUR REGISTRY
Reboot your computer and wait for Windows to load back up.
1) Drop to DOS ("Start" > "Program Files" > "MS-DOS Prompt") and type this at prompt:
regedit
2) Your Registry Editor will pop up. Go to "Edit" > "Find"
3) Type in "TypedURLs" and then hit [Find Next]. You will be taken to all the places you've typed in URLs manually. 4) Erase any URLs that you find. Do not erase the folders. (They will be called "01," "02," "03," etc...) Double click on them to make sure they are URLs. I found mine here:
HKEY_USERS/Default/Software/Microsoft/Internet Explorer/TypedURLs/
HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/TypedURLs/
5) and while you're in here you might as well go here:
HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Current
Version/Explorer/RemoteComputer/NameSpace/
{d6277990-4c6a-11cf-8d87-00aa0060f5b5}
6) Delete the {d6277990-4c6a-11cf-8d87-00aa0060f5b5} key. This will make the "Find: Files or Folders" utility perform searches much faster.
--------------------------------------------------------------------------------
3.3. IF YOU HAVE OUTLOOK OR OUTLOOK EXPRESS INSTALLED
1) Install another e-mail program like Eudora, or Pegasus Mail. Make sure everything is setup correctly.
2) Backup any e-mail that you wish to save. (Print them out, or forward them to another box.)
3) Uninstall Outlook.
Warning, this conveniently does not erase any e-mail correspondence. To double check drop back to your DOS prompt and type this:
dir *.mbx /s/p
dir *.mbx /s/p/ah
The files you are looking for are:
INBOX.MBX
OUTBOX.MBX
SENTIT~1.MBX
DELETE~1.MBX
DRAFTS.MBX
If these files come up they will be listed in either of these folders:
C:WindowsApplication DataMicrosoftOutlook ExpressMail
C:Program Filesinternet mail and news%USER%mail
(If the .mbx files are located anywhere else then you probably don't want to delete them since they aren't from outlook. If they are from outlook, however, then please e-mail me.)
Now type either of the following (depending on the location of your .mbx files). Remember, this will erase all your e-mail correspondence so backup what you want to keep by printing them out or forwarding them to another box. Hopefully by now you have already set up Eudora or Pegasus Mail.
CDWINDOWSAPPLIC~1MICROS~1OUTLOO~1
DELTREE/Y MAIL
or
CDPROGRA~1INTERN~1%USER%
(replace "%user%" with the proper name.)
DELTREE/Y MAIL
--------------------------------------------------------------------------------
3.4. SLACK FILES
As you may already know, deleting files only deletes the references to them. They are in fact still sitting there on your HD and can be easily recovered by anyone.
BCWipe is a nice program that will clear these files.
For you DOS buffs, there's a program called FileDust that got a 5 star rating on ZDNET, if that matters.
If you are using PGP then there is a "Freespace Wipe" option under PGPtools.
Norton Utilities has a nice filewiping utility.
You might want to check out Evidence Eliminator's 30 day trial. This is probably the best program as far as your privacy goes.
--------------------------------------------------------------------------------
3.5. KEEPING MICROSOFT INTERNET EXPLORER
If you insist on using Microsoft Internet Explorer then I strongly recommend that you check out at least one of these programs:
PurgeIE
Anonymizer Window Washer
Cache and Cookie Washer for IE
I have already tried and tested some other programs and you'd be surprised on how many of them DON'T pass the tests. For example, HistoryKiller 2001 claims it erases all the files, but don't count on it.
--------------------------------------------------------------------------------
4. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES
This next section is for those of you who are more interested in learning the ins and outs of your computer. This section is intended for the savvy user.
1) First, drop to DOS and type this at prompt (in all lower-case):
c:windowsexplorer /e,c:windowstempor~1content.ie5
You see all those alphanumeric names listed under "content.ie5?" (left-hand side) That's Microsoft's idea of making this project as hard as possible. (Earlier versions of Internet Explorer simply called them "cache#.") These are your alphanumeric folders that MSIE has created to keep your cookies and cache. Write these names down. (They should look something like this: 6YQ2GSWF, QRMTKLWF, U7YHQKI4, 7YMZ516U, WQK6Z9UV, etc...) If you click on any of these folders then nothing will be displayed. Not because there aren't any files here, but because Windows Explorer has lied to you. If you want to view the contents of these alphanumeric folders you will have to do so in DOS. (Actually, there is a workaround that Skywalker taught me, but it's a little bit harder to explain. I promise to cover this tip in the next version.)
2) Restart in MS-DOS mode. (You must restart because windows has "locked" down some of the files.)
3) Type this in at prompt:
CDWINDOWSTEMPOR~1CONTENT.IE5
CD %alphanumeric%
(replace the "%alphanumeric%" with the first name that you just wrote down.)
DIR/P
Note: Not only are you in a folder that DOS claims does not exist, but you are now looking at cache/cookies that Windows Explorer claims do not exist.
These folders are directly responsible for the mysterious erosion of hard drive space you may have been noticing. Just a couple interesting things you can find in here:
Pictures from all those porn sites you've visited.
Other internet cache files completely wasting your disk space.
If you use Hotmail (or any webmail service) you can probably see some of your old messages laying around here. To see them for yourself, copy them into another directory and open them with your browser.
Retrieving your personal information from these cookies is a snap. For example if you've ever shopped at Amazon.com then there's access to your name and e-mail. If you're a user on Hollywood.com then there's your city, state, and zip. MP3.com keeps some goodies as well.
Feel free to check out all your alphanumeric folders, before going on to the next step.
5) Type this in:
CDWINDOWSTEMPOR~1CONTENT.IE5
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
You will be brought to a blue screen with a bunch of binary.
6) Press and hold the [Page Down] button until you start seeing lists of URLs. These are all the sites that you've ever visited as well as a brief description of each. You'll notice it records everything you've searched for in a search engine in plain text, in addition to the URL.
7) When you get done searching around you can go to "File" > "Exit."
8) Next you'll probably want to erase these files by typing this:
DELTREE/Y C:WINDOWSTEMPOR~1
(replace "c:windowstempor~1" with the location of your TIF folder if different.)
This will take a seriously long time to process. Then go check out your History.
9) Type this:
CDWINDOWSHISTORYHISTORY.IE5
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
You will be brought to a blue screen with more binary.
10) Press and hold the [Page Down] button until you start seeing lists of URLS again.
This is another recording of the sites you've visited. There also may be some other things in here. E-mail me if you find anything interesting. I will share with you a snippet of what I found in my index.dat file.
Client UrlCache
MMF Ver 5.2@
@ 3 yiâ
€
àOÐ ê:+0
0
'
}*Á 5.t
xt
59
MS6C:%
\DAVE'S
HD.TXT
MSIE5.
C:
Did you note the "C:" and "\DAVE'S HDMSIE5.TXT"?
"Dave" is the fictitious name that I use on my computer. "Dave's HD" is the name of my root folder on my LAN. "MSIE5.TXT" is the name of a text file that I've been saving on my computer. It contains research from THIS project that I've been working on. Mostly URLs and notes.
Do you see anything wrong with this picture? It took notice on a file on my HD, folks. MY HARD DRIVE. Not only that, but it is saving it in a folder that cannot be seen by neither DOS nor Windows Explorer. Is it a coincidence that this file was related to the research of this tutorial?
Obviously, my first suspicion was that Microsoft was scanning my HD and logging any "sensitive" information. In this case, my msie5.txt probably had something in it that Microsoft didn't like. To read more about my findings read "THE TRUTH ABOUT FIND FAST" in section 8.0.
1) If you're still with me, type this:
CDWINDOWSHISTORY
2) check out the mmXXX.dat files (and delete them), then type:
CDWINDOWSHISTORYHISTORY.IE5
CD MSHIST~1
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
More URLs from your internet history. Note there are probably other mshist~x folders here. 3) You can repeat these steps for every occurrence of the mshistxxxxxxxx file.
4) By now you'll probably want to type in this:
CD WINDOWS
DELTREE/Y HISTORY
This is about it as far as I know. You may also want to take a look at your *.mbx files if you own Outlook. (dir *.mbx/s) More detailed information is covered in the next chapter.
--------------------------------------------------------------------------------
5. A LOOK AT OUTLOOK EXPRESS
Would you think twice about what you said if you knew it was being recorded? E-mail correspondence leaves a permanent record of everything you've said -- even after you've told Outlook to erase it. You are given a false sense of security sense you've erased it twice, so surely it must be gone. The first time Outlook simply moves it to your "Deleted Items" folder. The second time you erase it Outlook simply "pretends" it is gone. The truth is your messages are still being retained in a "really hidden folder."
Furthermore, as if that wasn't disturbing enough, Outlook Express also keeps records of EVERY SINGLE file attachment in an ENCRYPTED database. Can you believe this, folks?
For example, I attached this zip file and sent it to myself.
PK '…Ž*}™ P AAAÀ€ Öø)-8³PK +…Ž*8øM3 P
BBBÀ€ ×ø%-8³PK .…Ž*ÄÖ. P CCCÀ€ Øø!-8³PK
2…Ž*² å` P DDDÀ€ Ùø -8³PK '…Ž*}™ P
AAAPK +…Ž*8øM3 P 1BBBPK
.…Ž*ÄÖ. P bCCCPK 2…Ž*² å` P
"DDDPK ÄÄ
And it recorded this in both my inbox.mbx file and outbox.mbx file:
UEsDBBQAAAAIACeFjip9jZkaEAAAAFAAAAADAAAAQUFBrcCBAAAAAIAg1vgpljizAFBLAwQUAAAA
CAArhY4qOPhNMxAAAABQAAAAAwAAAEJCQq3AgQAAAACAINf4JZY4swBQSwMEFAAAAAgALoWOKsTW
Lp0QAAAAUAAAAAMAAABDQ0OtwIEAAAAAgCDY+CGWOLMAUEsDBBQAAAAIADKFjiqyEuVgEAAAAFAA
AAADAAAARERErcCBAAAAAIAg2fgdljizAFBLAQIUABQAAAAIACeFjip9jZkaEAAAAFAAAAADAAAA
AAAAAAEAIAAAAAAAAABBQUFQSwECFAAUAAAACAArhY4qOPhNMxAAAABQAAAAAwAAAAAAAAABACAA
AAAxAAAAQkJCUEsBAhQAFAAAAAgALoWOKsTWLp0QAAAAUAAAAAMAAAAAAAAAAQAgAAAAYgAAAEND
Q1BLAQIUABQAAAAIADKFjiqyEuVgEAAAAFAAAAADAAAAAAAAAAEAIAAAAJMAAABERERQSwUGAAAA
AAQABADEAAAAxAAAAAAA
Cheers to the first person to discover the algorithm.
Anyway, by now you are probably wishing you knew where these records were kept. Don't worry they're right here:
c:program filesinternet mail and news%user%mail*.mbx
(replace %user% with the name you use.)
Or, if you're lucky:
c:windowsapplication datamicrosoftoutlookmail*.mbx
I found it odd that the first time I installed outlook, my e-mail data was saved automatically into "internet mail and news." After I uninstalled and reinstalled, it changed its mind and put it into my "application data."
To erase these files simply type: (of course if you do this you will kill all of your e-mail messages, so backup what you want to keep.)
Deltree c:windowsintern~1%user%mail
or
Deltree c:windowsapplic~1micros~1outloo~1mail
--------------------------------------------------------------------------------
6. HOW MICROSOFT DOES IT
Ever wonder how Microsoft makes these folders invisible to both DOS and Windows Explorer? I was completely baffled by how Microsoft was accomplishing this since even using a DOS 6.2 boot disk wouldn't work for me. I was honestly pretty upset that the answer escaped me for so long, but after wondering around in the folders I finally figured it out.
The "desktop.ini" is a standard text file that can be added to any folder to customize certain aspects of the folder's behavior. In these cases, Microsoft utilized the desktop.ini file to make these files invisible. Invisible to Windows Explorer, invisible to DOS, and even invisible to the "Find" Utility (so you wouldn't be able to perform searches in these folders!)
Here are a couple examples:
Found in the c:windowstemporary internet filesdesktop.ini and the c:windowstemporary internet filescontent.ie5desktop.ini contains this text:
[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}
Found in the c:windowshistorydesktop.ini and the c:windowshistoryhistory.ie5desktop.ini contains this text:
[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}
CLSID={FF393560-C2A7-11CF-BFF4-444553540000}
The UICLSID line cloaks the folder in both DOS and Explorer. The CLSID line disables the "FIND" utility from searching through the folder. Additionally, it gives a folder the appearance of the "History" folder. (You'll know what I mean if you fiddle with them enough.)
Erasing these desktop.ini files will give DOS and Windows Explorer proper viewing functionality once again. The problem with erasing them is windows will reconstruct them on your next bootup. The workaround is to edit the desktop.ini files and remove everything except for the [.ShellClassInfo]. This will trick windows into thinking they have still covered their tracks, so they won't think to reconstruct them again.
By the way, if you erase these keys from your Registry it will not un-hide these folders. Still, I'm sure somebody could play with this enough to figure out a way to completely disable Microsoft from ever hiding files on your computer again.
--------------------------------------------------------------------------------
7. +S MEANS [S]ECRET NOT [S]YSTEM
Here are three easy true or false questions regarding DOS. Play along like you needed to know the answers to get your A+ certification.
1) True or false: Executing the dir/s command in root will display all the "normal" files and directories on your hard drive.
The correct answer is 'true.'
2) True or false: Executing the dir/s/ah command in root will display all the "hidden" files and directories on your hard drive.
Again, the correct answer is 'true.'
3) True or false: Executing the dir/s/as command in root will display all the "system" files and directores on your hard drive.
The correct answer is 'you wish.'
When DOS tries to get a list of the subdirectories of any +s[ystem] folder it hits a brick wall. Not only does this mean Microsoft has taken extra precautions to keep people from finding these files, but it defeats the whole purpose of the "/s" switch in the first place. Nice one.
In case you didn't understand, here's a small experiment that will show you what I mean.
Since the content.ie5 and history.ie5 subfolders are both located within a +s[ystem] folder, we will run the experinment with them. The proper command to locate them should be this:
CD
DIR *.IE5 /s/as
The problem is that you will receive a "No files found" error message.
This proves that all subfolders/files that are located within a system folder will not be listed. But believe me, it's there.
Now, the really interesting thing is that you (luckily) can get around this brick wall. That is, once you are in the system folder, then the brick wall no longer has an effect on the directory listings. For example:
CDWINDOWSTEMPOR~1
DIR *.IE5 /as
1 folder(s) found.
Oh good, now you can see them. (But only after you knew the exact location.) In other words, if you didn't know the folders existed then finding them would be almost impossible.
--------------------------------------------------------------------------------
8. THE TRUTH ABOUT FIND FAST
Have you ever wondered what that "Find Fast" program was under your control panel? I've spent about an hour on microsoft.com reading help files and I STILL have no clue of what it's good for. Here's the most informative snippet I found on microsoft.com.
"The Find Fast Indexer is a utility that builds indexes to speed finding documents using the Open and Open Office Documents commands in Microsoft Office programs, including Microsoft Outlook."
So what does that mean? Well, if you read it carefully you'll see that Microsoft never mentions that it will speed up your searches. In fact it has nothing to do with the "Find: Files or Programs" utility. I think what Microsoft is really trying to say is that when you go to "File" > "Open" under Microsoft Word, then your list of documents will be displayed quicker.
If that is what they are saying then it is a lie. I hope you don't think I am taking Microsoft's quote out of context here. I'm only trying to show you all the methods that Microsoft went through to make it appear that the Find Fast utility speeds up searches.
For example if you go to "Edit" (under Microsoft Word), you will notice there is a "Fast Find" icon next to it. (Binoculars icon.) This is usally a clear indication that it is related to the Find Fast program. However, if you re-read that quote, it doesn't mention anything about finding words "within" a document, but only the document itself. Here are some more quotes from Microsoft:
"The Find Fast Indexer tool tracks the location on the hard disk of all Microsoft Word for Windows documents by default. When one of these files is moved, the Find Faster Indexer tool updates its index."
"Indexes are used to make file searches faster in Office programs."
"The Find Fast Indexer is installed on your computer when you install Microsoft Office 97. Find Fast builds an index to speed up finding documents from the Open dialog box in Microsoft Office programs."
I wasn't able to find one single shred of evidence that it helped you "search" faster. Yet, Microsoft insisted on calling the program "Find Fast." THEN they decided to add the Find Fast icon next to the [Search Document], as if Find Fast had anything to do with searching the document.
So now do you think you know the truth?
What would you say if I told you that Find Fast was scanning and indexing every single file on your hard drive? Did you know that in Office 95, the Find Fast Indexer had an "exclusion" list comprised of .exe, .swp, .dll and other extensions, but the feature was eliminated? If you were a programmer, would you program Find Fast to index every single file, or just the ones with Office extensions?
Here are some other interesting facts:
Find Fast automatically loads on every boot (because it added to your Startup folder.)
If you have ever had problems with scandisk (restarting due to "disk writes."), it is because Find Fast was indexing your hard drive in the background.
Now here is a good example of the lengths Microsoft has gone through to keep people from finding out Find Fast indexes their hard drives. (Always good to have an alibi.) And I quote:
"When you specify the type of documents to index in the Create Index dialog box, Find Fast includes the document types that are listed in the following table.
Doc Type File Name Extension
Microsoft Office files All the Microsoft Excel, Microsoft Web documents PowerPoint, Microsoft Project, and Microsoft Word document types listed in this table. Microsoft Binder (.odb, .obt) and Microsoft Access (.mdb) files. Note that in .mdb files, only document properties are indexed.
Microsoft Excel workbooks .xl* files
Microsoft PowerPoint files .ppt (presentation), .pot (template), .pps (auto-running presentation) files
Microsoft Project files .mpp, .mpw, .mpt, .mpx, .mpd files
Microsoft Word documents .doc (document), .dot (template), .ht* (Hypertext Markup Language document), .txt (text file), .rtf (Rich Text Format) files
All files *.* files
Did you get that last part? If you were a wealthy man and you decided to buy every single car in the car lot, would you
a) Say, "I'll take the red ones, the blue ones, the silver ones, the white ones, the champagne ones, and all of them," or
b) "I'll take them all sir."
As you can see, they don't want people to realize that Find Fast is keeping an index of your entire hard drive. They walk around the car lot saying "I'll take the red ones, the blue ones, the silver ones,..."
I personally witnessed the Find Fast Indexer "creep" its way back into my Startup folder after I removed it. There's no possible way I could have done this on purpose. In fact the only way I could have done it is if I created a shortcut to Find Fast and then moved the shortcut into Startup manually. There's no option on the Find Fast program to add it to Startup.
Am I making this up? Did I imagine it? Well, even if I am, then that doesn't change the overwhelming amount of inconsistencies. For example:
1) Drop to DOS
2) CD
3) DIR FF*.* /AH (This will bring up a listing of ffast-related files.)
4) edit /75 %ff% (insert %ff% with any of the names that were listed.)
Notice the incredible amount of disk accesses to your "really hidden" "Temporary Internet Files" folder? What is the obsession that Find Fast has with these hidden folders, anyway?
--------------------------------------------------------------------------------
8.1. REMOVING THE FIND FAST PROGRAM
1) Reboot your computer in MS-DOS Mode.
2) Delete the FindFast.CPL file from c:windowssystem
3) Delete the shortcut under c:windowsstart menuprogramsstartup
4) Delete the FindFast.EXE file from c:progra~1micros~1office
Other related files that are safe to erase:
5) FFNT.exe, FFSetup.dll, FFService.dll, FFast_bb.dll, "c:>ff*.*"
Notice you will loose no functionality after erasing these files? Actually, you will gain functionality.
--------------------------------------------------------------------------------
9. HOW HARD MICROSOFT TRIED TO KEEP PEOPLE FROM FINDING ABOUT IT
In case the desktop.ini file wasn't enough proof. ("Whoops, we didn't know the desktop.ini file would turn folders invisible?") And in case you thought disabling DOS's "/s" switch for system folders was just a "bug." And in case you thought Microsoft disabled the Find utility from searching through the folders just to save you time (uh huh) -- then feel free to check out this thread on the Hackers.com BBS.
--------------------------------------------------------------------------------
10. FINAL NOTE AND CONTACT INFO
This tutorial is being updated ALL THE TIME. If you have any input then please e-mail me so I can compile it into future versions. You may have noticed many requests to contact me throughout this tutorial. This is because I am very eager to find out everything there is to know about this. But just so I am not swamped with old updates, please make sure you are reading the most current version.
My e-mail address is located below. Although it may not be done in a timely fasion, I always reply to all of my e-mail. By the way, I deleted my PGP due to security reasons. So if you want to contact me privately, then I'm sure we can work out something else.
Thanks for reading, -- The Riddler
e-mail: mailto:ther1ddler@fuckmicrosoft.com?Subject=Feedback from fuckMicrosoft.com Article
hangout: http://www.hackers.com/bulletin/
--------------------------------------------------------------------------------
10.1. RECOMMENDED READING
And if you aren't already paranoid enough here's some sites/articles that I definitely reccomend:
http://www.theregister.co.uk/content/4/18002.html
http://www.findarticles.com/m0CGN/3741/55695355/p1/article.jhtml
http://www.mobtown.org/news/archive/msg00492.html
http://194.159.40.109/05069801.htm
http://www.yarbles.demon.co.uk/mssniff.html
http://www.macintouch.com/o98security.html
http://www.theregister.co.uk/content/archive/3079.html
http://www.fsm.nl/ward/
http://slashdot.org/
http://www.peacefire.org/
http://stopcarnivore.org/
http://nomorefakenews.com/
http://grc.com/steve.htm#project-x
--------------------------------------------------------------------------------
11. SPECIAL THANKS
Thank you Skywalker, for being in the right place at the right time. You were the only one who seemed interested in helping me further my research.
Thank you to everybody who has e-mailed me specifically just to thank me. The kind words mean a lot to me and played a big motivator to get this text finished.
And thank you to Hackers.com, for developing a fantatsic site with a great community feel, without which, this tutorial would never have existed.
--------------------------------------------------------------------------------
12. REFERENCES
http://support.microsoft.com/support/kb/articles/Q137/1/13.asp
http://support.microsoft.com/support/kb/articles/Q136/3/86.asp
http://support.microsoft.com/support/kb/articles/Q169/5/31.ASP
http://support.microsoft.com/support/kb/articles/Q141/0/12.asp
http://support.microsoft.com/support/kb/articles/Q205/2/89.ASP
http://support.microsoft.com/support/kb/articles/Q166/3/02.ASP
http://www.insecure.org/sploits/Internet.explorer.web.usage.logs.html
http://www.parascope.com/cgi-bin/psforum.pl/topic=matrix&disc=514&mmark=all
http://www.hackers.com/bulletin/
http://slashdot.org/articles/00/05/11/173257.shtml
http://peacefire.org/
How to get IP's:-
Getting Ip's:--
To see the ip all computers you are connected to (web servers, people attempting to hack into your computer).
Go to dos (start>run>type command) and run the netstat command. Type netstat /? for details.
Type netstat -r at the command prompt to see the ip of all computers you are connected to
In MSN (and other programs) when you are chatting to someone everything you type goes through the MSN servers first (they act as a proxy) so you see their ip rather than who you are chatting to. You can get round this by sending them a file as MSN doesn't send file through its proxy.
When you type the netstat -r (or -a for a different view) the ip's are under the foreign address table. The ports are seperated by a : . Different programs use different ports, so you can work out which ip's are from which program.
Connecting to other computers and what ports are:--
Servers send information. Clients retrieve. Simple.
Windows comes with a built in program to connect to other computers called telnet.
To start Windows telnet Start menu> Run> type Telnet. Click connect> remote system
Ports are doors into computers. Hosts are computer names
(ip number or a name that is translated into the ip automatically)
Different programs open different ports, but they always open the same ports so other computers know which port to connect to. You can get a port list listing all the different ports, but a basic one is:
11 :- Sends info on the computer
21 :- FTP (File transfer program)
23 :- Telnet (Login to the computers command line)
25 :- Smtp (Sends mail)
80 :- Http (Web pages)
There are thousands of different programs using different ports. You can get programs called portscanners which check a computer for all ports up to a certain number, looking for ways in. You can portscan a computer looking for ways-in.
Anyway, back to telnet.
Type www.yahoo.com as the host and port as 80 the click connect.
If nothing happens, you're in. Wow. You are connected to Yahoo's server.
You can now type http commands (you are connected to an http server, so it supports http commands). Ie. on an ftp server you can type open and it will do something. On an http server it will just wonder what the hell you are on about.
Type get / http/1.0 then press enter twice to get the file on the server at / (try /index.html) etc.)
Allowing dos and regedit in a restricted Windows
See http://blacksun.box.sk/tutorials/format.php3?file=windows.html for some very cool tactics.
A very simple tactic I found after accidentally locking myself out of dos and regedit is to open notepad and type the following:
REGEDIT4
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesWinOldApp]
"Disabled"=dword:0
[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
"DisableRegistryTools"=dword:0
Save it as something.reg then run it. Simple.
Making undeletable, unreadable folders
Tested on Windows 95/98
By holding down alt, then typing numbers on the number pad (right of the keyboard) you can create special characters. If you hold down alt, then press 1, then let go, you got the ascii character 1. You try some randomn numbers. This goes all the way up to 255. Open a dos prompt, and type md (alt+1+9+4)someword. md is the dos command to make a directoy, now try and open the directory in Windows, you can't. To open it, type ren (alt+1+9+4)someword someword (ren is the dos command to rename)
Proxies
Proxies are computers that you connect through, hiding your computer. Most aren't anonymous, they give away your ip. Some are. Good anonymous proxies: mail.uraltelecom.ru:8080 and 194.247.87.4:8080.
Different programs require different ways of using proxies. To do it in internet explorer 5 go to tools, internet options, connections, settings. In the above proxies they are in the format host:port
Password files
If you lock yourself out of Windows stuff, all passwords are stored in files called *.pwl in C:windows. Download showpass.zip from hereto view all passwords stored. Or rename the files to .bak to delete passwords.
In Unix, passwords are normally stored at etc/passwd. This can be viewed using the cat command (prints a file to screen): cat etc/passwd. Make sure you're passwords are shadowed (not actually in etc/passwd). Also make sure they aren't in a file called shadow, especically not in a file called etc/shadow.
Unix passwords are encrypted far better than Windows one's (to be fair, Windows 95 isn't designed for users), but can still be cracked through a program called jon. See here.
Securing your website
Ftp Ftp is how you upload your web site, if somone finds out the password they can add/ delete anything. Brute forcing is the most common ftp attack, where a program guesses every possible combination (or from a list of words). An eight letter alpha-numeric word is almost impossible to crack, as the process is slow.
The real problem is with server side scripting. Pages other than plain html (ie. pages that perform commands on the host) are a security risk. The main problems are scripts that write to pages (guestbooks etc.). If when the guestbok is viewed it has a .shtml extension, then it can execute commands. Eg. a malicious visitor could place the following shtml command in a messege:
2
the OS w/ less BS
Basic Hacking Tools
What's My IP: 117.197.208.107
(page loaded) date and time: Saturday, 19-Jan-2008 23:12:46 GMT
browser & OS: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.6) Gecko/20070725 Firefox/2.0.0.6
JavaScript status: ENABLED (lower security - CLICK HERE to find out stuff JavaScript knows about you)
No black magic tricks here just basic information obtained with Server Side Includes. Basically the web routes data from one location to another using an IP address. To make things easier to understand an IP address might have a machine name or domain name related to your ISP. However doing reverse DNS lookup using of an “IP address” might not give accurate results, because a proxy might be in use.
Too often it seems so called experts on FOX and other infotainment network outlets stereotype “hackers” and sensationalize “hacking,” so my goal with this part of my site is to put the risks into prospective and show people a few simple tricks of the trade.
First off a “hacker” is someone who plays with technology for enjoyment but the term has become synonymous with “cracker,” a person that performs an illegal act. So ya ask should ya be are worried about crackers? Well I’d say if you use windows ya have a greater chance of being a target. To find out how secure or unsecure you are, perform an internet connection security analysis (of commonly probed ports). If ya want a computer without spyware and virus (or virii, as some would prefer) BS common with windows and just plain works get a Mac and hack proof it!
BTW if ya have a question then read my Hacking FAQ's else try the graffiti wall to post a question or share a comment about stuff like hacking WiFi. PS if ya want to know the big secret of hacking, it’s RTFM!
Domain Lookup Enter a domain (for example COM or CH which is short Switzerland), and you can get the name of the country for which that domain is associated.
eMail Dossie Validate and investigate eMail addresses (for example USER@HOSTNAME).
Finger If you can pull a Finger, (for example USER@HOSTNAME) this will tell you various information about that account.
IP Location IP Address Locator Tool (for example 17.254.3.183), will return a map dynamically generated using the U.S. Census Bureau's TIGER Mapping Service.
IP Targeting Target the IP host in Latitude/Longitude (for example Micro$oft.COM), will return Lat, Lon: (47.675, -122.117), useful if you want to nuke the evil empire.
MAC Address MAC address Short for Media Access Control address, a hardware address that uniquely identifies each node of a network (for example "apple" or "allied" or "00:A0:40" or " 00:80:C7").
man man formats and displays the on-line (UNIX) manual pages. If you specify section, man only looks in that section of the manual.
NMAP NMAP is a utility for port scanning large networks (for example APPLE.COM).
NSLookup If the domain name has been activated (for example APPLE.COM), it will return a numerical value such as 17.254.3.183.
PING The ping utility sends a packet to the specified host (for example APPLE.COM) and waits for a reply. The host address and round-trip times for each pair of packets are displayed.
Port Number The Internet Storm Center gathers more than 3,000,000 intrusion detection log entries every day and providing authoritative data on the types of attacks that are being mounted against computer ports (for example 80 or 19).
Reverse DNS Type in an IP address (for example 17.254.3.183) to find out the DNS or the Domain Name Server.
Traceroute Traceroute tracks the path taken by packets as they travel from source (the default is the San Diego Super Computer Center) to destination (for example APPLE.COM).
Traffic Rank The traffic rank (for example APPLE.COM) is based on aggregated historical traffic data from millions of Alexa Toolbar users and is a combined measure of page views and users (reach.)
Uptime Report a site’s (for example APPLE.COM) operating system, web server, and netblock owner together with, if available, a graphical view of the time since last reboot for each of the computers serving the site.
Whois Whois, can determine whether the domain name you desire is already in use (for example APPLE.COM); in addition you can learn who administers a particular site; and you can view a list of a site’s name servers.
IP Calculator takes an IP address and netmask and calculates the resulting broadcast, network, Cisco wildcard mask, and host range. PHP Subnet Calculator - to install, just move PHP Subnet Calculator SubnetCalc.php into the webroot of a php capable webserver.
Use IP & CIDR Netmask: 10.0.0.1/22
Or IP & Netmask: 10.0.0.1 255.255.252.0
Or IP & Wildcard Mask: 10.0.0.1 0.0.3.255
IP & Mask or CIDR
At Toorcon 2003 (Information Security Conference) a talk was given on utilities people in the know seem to find most useful. So FYI here a rough list of the top 20 hacking tools. FYI insecure.org has a list of top 75 Security Tools.
Nessus The "Nessus" Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix.
Ethereal Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session.
Snort Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks.
Netcat Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol
TCPdump TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications.
Hping Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions).
DNSiff DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.).
GFI LANguard GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil's advocate alerting you to security vulnerabilities.
Ettercap Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis.
Nikto Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers.
John the Ripper John the Ripper is a fast password cracker, currently available for many flavors of Unix.
OpenSSH OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks.
TripWire Tripwire is a tool that can be used for data and program integrity assurance.
Kismet Kismet is an 802.11 wireless network sniffer - this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area.
NetFilter NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling.
IP Filter IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services.
pf OpenBSD Packet Filter
fport fport identifys all open TCP/IP and UDP ports and maps them to the owning application.
SAINT SAINT network vulnerability assessment scanner detects vulnerabilities in your network's security before they can be exploited.
OpenPGP OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann.
Internet Storm Center Status by DShield.org is an attempt to collect data about cracker activity from all over the internet. The data is cataloged and summarized, which enables trends to be discovered. The site also postes a Survival Time, which is the average time between attacks on various networks.
Internet Status
HackerWatch - World Internet Traffic Map lets you report and share information that helps identify, combat, and prevent the spread of Internet threats and unwanted network traffic.
Akamai monitors global Internet conditions around the clock. With this real-time data it is possible to identify the global regions with the greatest attack traffic, cities with the slowest Web connections (latency), and geographic areas with the most Web traffic (traffic density).
A “Proxy” is an application that breaks the connection between sender and receiver, thus protecting your internet privacy (to some degree) while you are surfing. Enjoy the proxy gateway list(1) and list(2). If you’re curious, try Test Page for Web Anonymzing Services to test the various proxies yourself. Note as of 11/19/2001 those suffering from corporate oppression and Muslims in Saudi Arabia, UAE, etc. looking for porn better have alternative plans, because Safeweb turns off free service.
URL (for example APPLE.COM)
Anonymizer BugMeNot.com proxify
WebWarper
The University of Toronto's Internet Censorship Explorer permits anyone with a Web browser to test the limits of certain national and organizational Internet-blocking schemes. Users simply enter a target URL and a country into a search field on the Censorship Explorer's website. The software then scans the ports of available servers in that country, looking for open ones.
If you’re interested in anonymous surfing (i.e. the phaster proxy gateway), and wondering is someone watching your every move, then you may also know eMail is not private (it is like sending a postcard that leaves a trail). So here is a list of free eMail services, some of which include a measure of security. B.T.W. if you have any browser privacy issues, I have Netscape Navigator secrets and tips on how to secure Internet Explorer (concepts presented here apply to all browsers).
Phaster computer security resources search includes: exploits/bugs, internet security tools, guides to ethical hacking, encryption, network security documentation, hacks, cracks, phreaking stuff, etc.
Select an ALT News Group - Google Powered
Serials 2000 and serials & keys are clearinghouses of serial numbers for thousands of commercial and shareware programs that allows a user to check out disabled features of demo programs and reinstall software you may have misplaced the keys for like Windows 98, Windows ME, etc. Cyxla has gathered together a nice default password database of all mayor hardware and software manufacturers such as 3com, Celplex,Cajun ,Cisco, Lotus Domino, Shiva, Cisco, Avaya, microsoft, meridian, shiva, siemens.
If you’re a hacker or just curious, ya might want to check out CyberLaw an educational service focusing on legal issues concerning computer technology. CyberLex reports legal developments touching the computer industry and is distributed monthly throughout the United States. The Cyberlaw Encyclopedia is a large nexus on legal matters pertaining to cyberspace.
Buzz words like “Hacker” are used by the media, politicians, corporations and government agencies for so called (dis)information warfare (IW). B.T.W. looking for info on: anthrax, Bin Laden, Bush, etc?
Center for Secure Information Systems
Disinformation
Federation of American Scientists: DoctrineLINK
i2 Inc. - visual investigative analysis software
Joint Vision - how the U.S. military can exploit advanced technologies
Psychological Operations/Warfare
SIGNAL
The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections. The Internet Traffic Report monitors the flow of data around the world. It then displays a value between zero and 100. Higher values indicate faster and more reliable connections.
BTW another site I found interesting is TeleGeography which has an innovative approach to cartography and distills complex data sets into attractive maps showing various patterns like the world's Internet backbone architecture scaled by aggregate capacity and international telephone traffic statistics converted into a route-flow diagram.
Internet Status
Many factors such as: your modem speed, phone line quality (unless you are connecting with an ISDN line or a cable modem), computer hardware (processor speed, cache, etc.), and web traffic jams affect how fast you connect to the internet and how fast web pages load on your computer. The following links will test your internet connection speed.
speakeasy.net - speedtest
dslreports.com - speed test
Bandwidth Speed Test
Golden Hill Free Web JavaScript Bandwidth Test
WiFi is an open-standard technology that enables wireless connectivity between laptops and local area networks and until reciently, wireless local area networks have been just another grass roots hobbyist technology. FYI a WiFi protocol analyzer can help you plan and secure your network even if you don't use WiFi...
3
Top Tricks n Cheats
This Is crazy!!
Updated 14/Jan/07
keep checking
For New Updates Jump to our Home Page
Click here
Set Processes Priority
Follow this tip to increase the priority of active processes, this will result in prioritisation of processes using the CPU.
CTRL-SHIFT-ESC
1.Go to the second tab called Processes, right click on one of the active processes, you will see the Set Priority option
2.For example, your Run your CDwriter program , set the priority higher, and guess what, no crashed CD’s
Shutdown Trick !
Imidiate rapid shut down window
while shutting down window. open task manager(Ctr+Alt+Del),
Select shut down tab. and press ' Ctrl ' key while select Turn Off from dis tab.
Count 5 4 3 2 1 Voila!!! U r window will rapidly shut down.
Speed Up Ur Shut down !!
Start Regedit.
Navigate to HKEY_LOCAL_MACHINE/SYSTEM/CurrentControlSet/Control.
Click on the "Control" Folder.
Select "WaitToKillServiceTimeout"
Right click on it and select Modify.
Set it a value lower than 2000 (Mine is set to 200).
and !
Like previous versions of windows, it takes long time to restart or shutdown windows xp when the "Exit Windows" sound is enabled. to solve this problem you
must disable this useless sound. click start button then go to settings -> control panel -> Sound,Speech and Audio devices -> Sounds and Audio Devices -> Sounds, then under program events and windows menu click on "Exit Windows" sub-menu and highlight it.now from sounds you can select,choose "none" and then click apply and ok. now you can see some improvements when shutting down your system.
**new **
Crazy !!
Hide ur folders.. never known trick !!!!!!!!!! Disguise them to "Recycle Bin"
Rename any folder with extension {645FF040-5081-101B-9F08-00AA002F954E}
eg,
if u've a folder games
press F2,
then type, "games.{645FF040-5081-101B-9F08-00AA002F954E}"
c the magic....
then 2 get to original form,
remove the extension using
"ren games.{645FF040-5081-101B-9F08-00AA002F954E} games" in dos or as a bat file
n u are done..
~cheers~
System information
system up time only for xp professional edition
It boasts how long it can stay up. Whereas previous
versions of Windows were coy about how long they went
between boots, XP is positively proud of its stamina.
Go to the Command Prompt in the Accessories menu from
the All Programs start button option, and then type
'systeminfo'. The computer will produce a lot of
useful info, including the uptime. If you want to keep
these, type 'systeminfo > info.txt'. This creates a
file called info.txt you can look at later with
Notepad. (Professional Edition only).
lock pc just by double clicking mouse
You can lock your XP workstation with two clicks of
the mouse. Create a new shortcut on your desktop using
a right mouse click, and enter 'rundll32.exe
user32.dll,LockWorkStation' in the location field.
Give the shortcut a name you like. That's it -- just
double click on it and your computer will be locked.
And if that's not easy enough, Windows key + L will do
the same.
SPEED UP UR ACROBAT READER (ALMOST LIKE NOTEPAD)
Do u get irritated when acrobat reader takes 5/10 seconds to load when you want to open a pdf document. There is a way to speed up the loading.
1. Go to the installation folder of acrobat reader
(C:\program files\adobe\acrobat\reader\.. whatever)
2. Move all the files and folders from the "plugins" directory to the "Optional" directory. (I repeat.. cut and paste the files NOT copy & paste).
Also make sure that acrobat reader is not open else it will lock the files and not allow you to move the files).
Now your acrobat reader will load very fast
and almost as good as notepad..
Remove Stored username and Passwords !
To remove the Stored User Names and Passwords from your system, try this:
Click Start, Run and type Control keymgr.dll
Remove the entries from the list.
The other ways to access this dialog are:
Type Control Userpasswords2 in RUN box, click Advanced, Manage Passwords
-or-
From Control Panel, select your User Account, click Manage your network passwords
It Works
~ Cheers ~
*
Remove the Username and picture from Windows XP New Start Menu
The User account picture can be removed by turning off the Welcome Screen. Or, by switching to Windows Classic theme. Follow the method described in this article if you want to remove the username and picture from the Start Menu, without disabling the Welcome Screen and Windows XP Theme.
For those who want to remove the user name and user account picture from Start Menu, in order to have a blank blue panel at the top, try this:
Start Windows Explorer and go to this folder:
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures
From that folder, rename the BMP file which corresponds to your user account.
( For example, if your username is Robert, rename Robert.bmp to old_Robert.bmp )
Next, rename the following folder:
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\Default Pictures
to something else, say...
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures\No_Default Pictures
To remove the user name, follow these steps
Start regedit.exe and navigate to the this key:
HKEY_CURRENT_USER \ Software \ Microsoft\ Windows \ CurrentVersion \ Policies \ Explorer
In the right-pane, set NoUserNameInStartMenu value-data to 1
Close Regedit.exe and restart Windows.
You'll end up with a blue space at the top of the Start Menu.
To get back the username and the picture, reverse the above procedure.
For the New Start Menu, Windows XP looks for the
C:\Documents and Settings\All Users\Application Data\Microsoft\User Account Pictures
If the file is not found, it takes a picture from the "Default Pictures" sub-folder. By renaming the
~ Cheers ~.
Notepad Trick ! for complete list move to NOTEPAD TRICKS page !!
Well quite old but here is d complete collection
Step 1: Open Notepad
Step 2: Write following line in the notepad.
this app can break
Step 3: Save this file as xxx.txt
Step 4: Close the notepad.
Step 5: Open the file again.
Voilla!!
or
1> Open Notepad
2> Enter four words separated by spaces, wherein the first word has 4 letters, the next two have three letters, and the last word has five letters
3> DON'T hit enter at the end of the line.
4> Save the file.
5> Close Notepad.
6> Reopen Notepad.
7> Open the file you just saved.
or
Open a note pad
type Bush hid the facts
save that file,
close it
again open and see...
NOTEPAD "world trade centre trick".. :Rahul
Did you know that the flight number of the plane that had hit WTC ...on
9/11 was Q33N ....Open your Notepad in ur computer and type the flight
number i.e Q33N... Increase the Font Size to 72, Change the Font to
Wingdings. U will be amazed by the findings.
log trick !! make ur Notepad a diary !!
Sometimes we want to insert current data and time, whenever we open the file in the notepad. If you are a lazy person like me, who don’t like to press F5 whenever you open a notepad. Then here is a trick to avoid this. Just add a .LOG in the first line of your text file and close it.
Whenever you open the file with that text in the first line in the notepad, it will insert the current date and time at the end of the file. You can start entering your text after that.
WHY?
The reason this happens:
In notepad, any other 4-3-3-5 letter word combo will have the same results.
It is all to do with a limitation in Windows. Text files containing Unicode UTF-16-encoded Unicode are supposed to start with a "Byte-Order Mark" (BOM), which is a two-byte flag that tells a reader how the following UTF-16 data is encoded.
1) You are saving to 8-bit Extended ASCII (Look at the Save As / Encoding format)
2) You are reading from 16-bit UNICODE (You guessed it, look at the Save As / Encoding format)
This is why the 18 8-bit characters are being displayed as 9 (obviously not supported by your codepage) 16-bit UNICODE characters
~ cheers ~
SPEED UP MENU DISPLAY.!!
When using the start menu the you will notice a delay between different tiers of the menu hierarchy. For the fastest computer experience possible I recommend changing this value to zero. This will allow the different tiers to appear instantly.
Start Regedit. If you are unfamiliar with regedit please refer to our FAQ on how to get started.
Navigate to HKEY_CURRENT_USER\Control Panel\Desktop
Select MenuShowDelay from the list on the right.
Right on it and select Modify.
Change the value to 0.
Reboot your computer.
CLICKING * .AVI FILES ON EXPLORER CAUSING 100% CPU USAGE.!!
Well windows seem to have a REALLY big problem when it comes to reading AVI files. It seems that when you click on an AVI file in explorer, it'll try to read the entire AVI file to determine the width,height, etc. of the AVI file (this is displayed in the Properties window). Now the problem with Windows is that if you have a broken/not fully downloaded AVI file that doesnt contain this info, Windows will scan the entire AVI file trying to figure out all these properties which in the process will probably cause 100% CPU usage and heavy memory usage. To solve this problem all you have to do is the following:
1. Open up regedit
2. Goto HKEY_CLASSES_ROOT\SystemFileAssociations\.avi\shellex\PropertyHandler
3. Delete the "Default" value which should be "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"
Voila! Please not that this will no longer provide you with the windows properties displaying the AVI file information such as width, height, bitrate etc. But its a small price to pay for saving you resources.
NOTE: Please use caution when using regedit. Improper usage may cause windows to behave imcorrectly. Also, I cannot be held resposible. Backup your registry first.
CD ROM STOPS AUTOPLAYING/AUTORUN.!!
And the AutoPlay Tab has disappeared in My Computer, Devices With Removable Storage, Right Click on CDROM, Properties.
Solution: The service: "Shell Hardware Detection" has been set to Manual or Disabled. Go to Control Panel, Administrative Tools, Services. Return this service to "Automatic".
How to make your Desktop Icons Transparent
Go to Control Panel > System, > Advanced > Performance area > Settings button Visual Effects tab "Use drop shadows for icon labels on the Desktop"
DISPLAY MESSAGE ON STARTUP.
Start regedit, if you are unfamiliar with regedit please see our FAQ.
Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Modify the key legalnoticecaption with what you want to name the window.
Modify the key legalnoticetext with what you want the window to say. Restart
AUTO DELETE TEMPORARY FOLDER.!!
ll what i prefer is %temp% " without quotes.. at Start -> Run..
this opens ur temp folder n den u cal erase it neatly// still try dis one too..
First go into gpedit.msc
Next select -> Computer Configuration/Administrative Templates/Windows Components/Terminal Services/Temporary Folder
Then right click "Do Not Delete Temp Folder Upon Exit"
Go to properties and hit disable. Now next time Windows puts a temp file in that folder it will automatically delete it when its done! Note from Forum Admin: Remember, GPEDIT (Group Policy Editor) is only available in XP Pro.
make ur pdf files to speak
make ur pdf files to speak
here r the shortcuts for hearing pdf files in abobe reader 6.0 or higher
ctrl+shift+b ---->to hear the whole topic
ctrl+shift+v ---->to hear the page
Latest page update: made by rahuldutt1 , Oct 27 2007, 3:30 AM EDT (about this update About This Update rahuldutt1 Edited by rahuldutt1
10 words added
view changes
- complete history)
Keyword tags: cheats tips tips n tricks top tricks
More Info: links to this page
Bookmark: Del.icio.us Digg Blue Dot StumbleUpon
Keyword tags
Keyword tags: None
Start a New Thread
Threads
Start a New Thread as Reply as Anonymous (Get credit for your thread)
Subject: Please enter some text (at least 3 characters).
Message:
Please enter some text (at least 3 characters).
Quote:
Keyword tags: One or more of your tags have exceeded the 30 character limit.
Cancel
Posting...
Note: You can enter up to [REMCHARS] additional characters.
Did you know you can edit the content of this page by clicking EasyEdit?
(Showing the last 5 of 69 - view all)
Started By Thread Subject Replies Last Post
Anonymous hacking orkut password (page: 1 2 3) 45 Yesterday, 8:58 AM EST by suniljuvanale
Thread started: Apr 2 2007, 8:24 AM EDT Watch
hello rahul,
could u pls tell me how to hack orkut password? my email address is abhik20032001@yahoo.co.in
128 out of 141 found this valuable. Do you find this valuable? Do you?
Keyword tags: None
Post a Reply
Show Last Reply
Last Reply:
RE: hacking orkut password
By: suniljuvanale, Yesterday, 8:58 AM EST
hello rahul,
could u pls tell me how to hack orkut password? my email address is suniljuvanale1@yahoo.com
out of found this valuable. Do you find this valuable?
crazyboy12 Hacking Orkut Password 4 Monday, 2:51 PM EST by jackcool4u
Thread started: Jan 11 2008, 5:22 AM EST Watch
Hey hi Rahul,
Can u plz help me with the orkut hack password, i really need it one guy is messing up with my gal frnd, i need to teach him a lesson... so can plz do d needful... my id is jn.mcneil@gmail.com....
Many thanks
3 out of 4 found this valuable. Do you find this valuable? Do you?
Keyword tags: cheats tips tips n tricks top tricks
Post a Reply
Show Last Reply
Last Reply:
RE: Hacking Orkut Password
By: jackcool4u, Monday, 2:51 PM EST
i want to know one passward of orkut profile how can i do this plz tell me
out of found this valuable. Do you find this valuable?
Anonymous hacking orkut password 6 Jan 11 2008, 1:09 PM EST by nikhilbest
Thread started: Aug 21 2007, 6:40 AM EDT Watch
plz rahul help me to hack orkut password plz im very thankful to u for this........................plz, my id:kdash95@hotmail.com
7 out of 10 found this valuable. Do you find this valuable? Do you?
Keyword tags: None
Post a Reply
Show Last Reply
nikhilbest Last Reply:
RE: hacking orkut password
By: nikhilbest, Jan 11 2008, 1:09 PM EST
hi rahul sir
pls tell me the trick of hacking orkut password my frds were challanged me to hack anyone password.
pls help my id is nikhilbest@yahoo.com
bye
take care
1 out of 1 found this valuable. Do you find this valuable? Do you?
Anonymous hacking password 3 Dec 23 2007, 7:43 AM EST by muuuds
Thread started: Sep 7 2007, 5:45 AM EDT Watch
i wanna hack my enemys password can any body help me
my id is aadil_kalkoti@yahoo.com
3 out of 6 found this valuable. Do you find this valuable? Do you?
Keyword tags: None
Post a Reply
Show Last Reply
Last Reply:
RE: hacking password
By: muuuds, Dec 23 2007, 7:43 AM EST
dont use it it will hack ur own id..beware...its abogus site
1 out of 2 found this valuable. Do you find this valuable? Do you?
Anonymous hacking orkut password 2 Dec 10 2007, 2:07 PM EST by fatallyinjured
Thread started: Sep 12 2007, 7:47 PM EDT Watch
hello sir,
cud u plz tell me how to hack orkut password.................i have 2 do it at all cost else i`ll loose my girl................plz help me............
9 out of 10 found this valuable. Do you find this valuable? Do you?
Keyword tags: None
Post a Reply
Show Last Reply
Last Reply:
RE: hacking orkut password
By: fatallyinjured, Dec 10 2007, 2:07 PM EST
hello rahul
one of my relatives orkut id has been hacked ...n the hacker is using it to defame her...is there any way to hack back the profile???...it would be great if u could help...my email id is...fatallyinjured_s@yahoo.com......
thank u
0 out of 2 found this valuable. Do you find this valuable? Do you?
(Showing the last 5 of 69 - view all)
Related Content (what's this?Related ContentThanks to keyword tags, links to related pages and threads are added to the bottom of your pages. Up to 15 links are shown, determined by matching tags and by how recently the content was updated; keeping the most current at the top. Share your feedback on Wetpaint Central.)
[thread] CRACK PASSWORDS ON YOUR OWN.... DONT GET FOOLED FROM ANYONES TRAP [thread] Hacking Orkut Password [thread] bsnl broadband hack
[thread] CAUTION!!!!!!!!!!!!!!!carefully use code [thread] Cellphone monster flash files for Motorola [thread] Finding what location a cell phone is
[thread] Nokia 6060 [thread] HI,Rahul [thread] hacking
[page] Samsung Mobile Service Center CODES [page] Mobile (Cellphones) Hackiing [page] Nokia All Codes
4
:::::HACKING TRICKS::::::
blogs sifted to www.technotricks.co.nr
11.03.07
How to find the “real” IP address of a web site?
Posted in Internet at 4:10 pm by hackingtriks
You can use the PING utility included with Windows to determine the “real” IP address of a web site. Before using this utility, make sure you are not mapping a host name to some IP address with HostName Commander, because if you do, the PING utility will show the address you’ve set up with HostName Commander, instead of the “real” IP address.
To run the PING utility, click on the Windows Start button, and choose Run from the Start Menu. If you use Windows 95,98, or Me, enter “command” (without the quotes) as the command line to run. If you use Windows XP,2000, or NT, enter “cmd” (again, without the quotes). Click OK and the command prompt window should appear on the screen.
Now enter the word “ping” (without the quotes) followed by a space, followed by the host name you want to determine the IP address of, and press Enter:
ping.jpg
In this example, the IP address of the host name www.rkgit.edu.in is 74.52.201.2 & IP Address of the host name www.kiet.edu is 220.225.19.55 . (Keep in mind that the IP address may change in the future!). If the PING utility reports an error, make sure your computer is connected to the Internet when you are running it.
Permalink Comments
10.29.07
How to Lock the folders
Posted in Tutorial at 3:17 pm by hackingtriks
folder1.jpg
You can lock and unlock your folder with this simple trick !
Procedure :
1. Make a folder on the desktop and name it as “folder”
2. Now, open notepad and write ren folder folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} and now (Notepad Menu) File>save as.
3. In the ’save as’ name it as lock.bat and click save ! (Save it on Desktop)
4. Now, again open notepad again and write ren folder.{21EC2020-3AEA-1069-A2DD-08002B30309D} folder and now (Notepad Menu) File>save as.
5. In the ’save as’ name it as key.bat and click save ! (Save it on Desktop)
6. Now, double click lock.bat to lock the folder and now if you open your folder, control panel will open up !
7. Now, double click key.bat to open the folder and now if you open your folder, you can access your data inside the folder again !
8. Lock your folder and hide the key.bat somewhere else on your hard disk !
9. Whenever you want to open your folder just paste the key.bat on desktop and open your folder using it !
Permalink Comments
Install Linux with in Windows
Posted in information at 3:07 pm by hackingtriks
One problem people seem to have with installing Linux is the fact you have to download an .iso, and then burn it to a CD. While burning an .iso to a CD is not hard, unless you are into it, or have done it before, it can be confusing. That is, assuming you have a CD drive, CD burner, and spare CDs. Not to mention with some Windows CD burning programs, it’s not exactly obvious how to properly burn an .iso.To solve this Debian and Ubuntu are now offering a downloadable Windows .exe file that will install Linux while you are running Windows. The Ubuntu one apparently will do all it’s automatic, non-destructive partition magic (meaning it will make your system dual boot with both Windows and Linux without hurting the Windows OS).
The Debian installer can be found on goodbye-microsoft.com, and the Ubuntu one doesn’t seem like it’s ready, but you can read about it on the wiki page.
I don’t see myself using this as I tend to build my own servers (and use Mac on the desktop). However, I can see this being very useful for systems that come with Windows pre-installed and you want Linux instead.
In my experience, a Debian or Ubuntu CD is only used to boot the system anyway. Once a network is found all the software is loaded live over the net via apt-get so this removes the first step being local (and limits some waste). Very cool.
Permalink Comments
10.22.07
Free Domain Name
Posted in information at 10:31 pm by hackingtriks
Free Domain Name providers
http://www.s5network.info - free .com .net .org .info .biz offer
http://www.registerfly.com, www.nucleus.be - free .be offer
http://www.goodluckdomain.in/dotorg.html - free .org offer
http://www.domainsite.com - free .info offer
http://forums.inuration.net - free .com .net .org .info .biz offer
“Almost” domains (domain-like subdomains)
Note: More info on these services will be added soon
yoursite.co.nr www.co.nr
yoursite.biz.ly www.biz.ly
yoursite.net.tc, yoursite.net.ms, etc. www.smartdots.com, www.unonic.com, and www.cydots.com
yoursite.us.tt, yoursite.uk.tt, etc. www.joynic.com
yoursite.int.tl www.int.tl
yoursite.i.am, yoursite.on.to, etc www.v3.com
yoursite.q.la, yoursite.1.vg, etc. www.afraid.org
yoursite.4t.com, yoursite.8k.com, etc. www.freeservers.com
yoursite.b3.nu, etc. www.smartredirect.com
yoursite.com.ru, yoursite.net.ru, etc. www.lifelesspeople.com
yoursite.po.gs www.po.gs
yoursite.da.ru www.da.ru
yoursite.uni.cc www.uni.cc
yoursite———- www———-
yoursite.eu.org www.eu.org - only residents / non-profit orgs. in Europe
yoursite.za.net www.za.net - only residents / organis. in South Africa
Permalink Comments
10.19.07
How to Access Banned Websites
Posted in Hacking Triks at 8:18 pm by hackingtriks
Surfing at school? Parents enabled website blocking? Stuck behind a strict firewall? There are lots of ways around the problem so that you can get to the sites you want to see without those cybernannies tying your hands…
phproxy is “dedicated to bringing you fast web browsing from behind web filters”. Simply tap in the URL of that banned site you really must see, it could be Facebook, MySpace, Youtube, or a renegade blogger behind enemy lines, and you will be able to access it with no problems. More seriously, the proxy allows you to visit a site anonymously because it is the proxy itself that is visiting the banned site not you, and so keeps your browsing hidden from prying eyes allowing you to protect your online identity.
Such a proxy also allows you to visit sites that have banned your IP. This might be a forum or just a website or blog from which you or other users on your IP range (whether on your school or company network or your ISP account) have been barred access. The proxy server is an open gateway between your web destination and you.
Other proxies exist, such as www.the-cloak.com (please make sure you include the hyphen in that URL or you will be in for a shock), and this page provides a shipload more.
More on an additional approach (Psiphon) here - http://en.wikipedia.org/wiki/Psiphon
Of course, we should add a disclaimer at this point, please don’t use proxies or anonymizers to break the law or to cause malice and please don’t abuse the service as they are usually free.
Permalink Comments
(CrossOver Linux) Windows Applications, Seamlessly Integrated On Linux
Posted in Hacking at 6:44 pm by hackingtriks
cxshot_linux.png
CrossOver Linux allows you to install many popular Windows productivity applications, plugins and games in Linux, without needing a Microsoft Operating System license. CrossOver includes an easy to use, single click interface, which makes installing a Windows application simple and fast. Once installed, your application integrate seamlessly with your Gnome or KDE environment. Just click and run your application, exactly as you would in Windows, but with the full freedom of Linux.
CrossOver Linux lets you use many Windows plugins directly from your Linux browser. Plugins work on any x86 based Linux distribution and will integrate with most browsers including Firefox 1.x, Netscape 6.x, Konqueror, Mozilla, and Opera. CrossOver also integrates with Gnome and KDE to let you transparently open any Word, Excel or PowerPoint file. But even better, you can open these attachment types directly from any mail client.
One Application: Two Delicious Flavors!
We’ve created two versions of CrossOver Linux — Standard and Professional — to serve our home-user/enthusiast and corporate markets even better. CrossOver Linux Standard provides individual users with the ability to run a wide variety of Windows software cleanly and economically. CrossOver Linux Professional provides corporate users with the enhanced deployability and manageability features their environments demand.
Download CrossOver Linux
Permalink Comments
10.14.07
If Orkut Blocked..Surf Anonymously using JAP!!
Posted in Proxy tunnels at 2:50 am by hackingtriks
No problem if orkut/youtube etc is blocked in your office or college or school….and you are fed up of using proxy websites and there low urfing speeds.And what worse if these proxy websites are also blocked…..phew!!!!
But no problems….. Download JAP & Download Ultrasurf and easily surf any blocked website with anonymity
Step 1: Download JAP or ultrasurf
Step 2: Execute Setup file [may take few minutes depending upon internet speed]
Step 3: Change you Explorer LAN connection settings
Change the default gateway IP to 127.0.0.1 and port 4001
Thats it you have gained independence to free to surf any website….
jap1.jpg
Permalink Comments
10.13.07
Breaking Administrator’s Password!!
Posted in Hacking Triks at 4:15 am by hackingtriks
Administrator password can be broken by replacing sam file in system32\config by the sam file in repair folder of windows. it can be easily done on a machine with dual operating systems, simply log on to os other then the one whoes password is to be cracked the way is exactly same as written above but if there is a single os on a machine then there is only one way i.e to use ms dos start up disk or some other boot disk and replace the sam file in config folder with the one in repair folder
note:- this method works only if hard drive is FAT32 formatted because NTFS drive does’nt take boot from Ms DOS
This way you can remove the old administratOr password as if the windows is newly installed and the password was’nt set
Permalink Comments
Breaking Administrator’s Password!!
Posted in Hacking Triks at 4:15 am by hackingtriks
Administrator password can be broken by replacing sam file in system32\config by the sam file in repair folder of windows. it can be easily done on a machine with dual operating systems, simply log on to os other then the one whoes password is to be cracked the way is exactly same as written above but if there is a single os on a machine then there is only one way i.e to use ms dos start up disk or some other boot disk and replace the sam file in config folder with the one in repair folder
note:- this method works only if hard drive is FAT32 formatted because NTFS drive does’nt take boot from Ms DOS
This way you can remove the old administratOr password as if the windows is newly installed and the password was’nt set
Permalink Comments
10.08.07
Funky E-mail ID
Posted in information at 12:48 pm by hackingtriks
Hey friends r u bored from ur old email id????? Now msn present funky id 4 U such as heybaby.co.in, clubdhoni.co.in, kolkotarocks.co.in etc…. So why u wait just login www.coolhotmail.com & enjoy funky id…
serial
hese are instructions on how to crack the latest version of Windows XP with Service Pack 2 that uses the registration key: JD3T2-QH36R-X7W2W-7R3XT-DVRPQ.
**** IT WILL WORK WITH OTHER VERSIONS OF WINDOWS XP but not all! ****
This will allow you to bypass the Microsoft Genuine Validation thingy
this method works better than many others i've tried before. forget the cracks and injectors etc... this is the BEST WAY:
1) start > run > "regedit" (without the quotes of course)
2) go to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\WPAEvents\OOBETimer
...and doubleclick on it. Then change some of the value data to ANYTHING ELSE...delete some, add some letters, I don't care...just change it!
now close out regedit.
3) go to start > run > "%systemroot%\system32\oobe\msoobe.exe /a" (again, dont type the quotes)
4) the activation screen will come up, click on register over telephone, then click on CHANGE PRODUCT KEY, enter in this key: JG28K-H9Q7X-BH6W4-3PDCQ-6XBFJ.
Now you can dl all the updates without activating, and the Genuine Microsoft Validation thingy won't bug you no more!!
***Notes, this works best after a reformmat***
this method works better than many others i've tried before. forget the cracks and injectors etc... this is the BEST WAY:
1) start > run > "regedit" (without the quotes of course)
2) go to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\Windows NT\CurrentVersion\WPAEvents\OOBETimer
...and doubleclick on it. Then change some of the value data to ANYTHING ELSE...delete some, add some letters, I don't care...just change it!
now close out regedit.
3) go to start > run > "%systemroot%\system32\oobe\msoobe.exe /a" (again, dont type the quotes)
4) the activation screen will come up, click on register over telephone, then click on CHANGE PRODUCT KEY, enter in this key: JG28K-H9Q7X-BH6W4-3PDCQ-6XBFJ.
0 comments:
Post a Comment