Search This Blog

Thursday, April 25, 2013

Resetting Windows Password using Hiren Boot CD


Tested on: NT 3.51, NT 4 (all versions and SPs), Windows 2000 (all versions & SPs), Windows XP (all versions, also SP2 and SP3), Windows Server 2003 (all SPs), Windows Vista 32 and 64 bit (SP1 also), Window 7 (all variants). Some also say that it works on Windows Server 2008 too.
If used on users that have EFS encrypted files, and the system is XP or Vista, all encrypted files for that user will be UNREADABLE! and cannot be recovered unless you remember the old password again. If you don’t know if you have encrypted files or not, you most likely don’t have them (except maybe on corporate systems).
Boot your computer with Hiren’s BootCD and follow the steps below for resetting your password:

1. Enter “Offline NT/2000/XP/Vista/7 Password Changer”

With Up & Down keys select Offline ‘NT/2000/XP/Vista/7 Password Changer’ and press Enter.



2. Wait for “Offline NT Password & Registry Editor” to Load

On the screen below, you’ll see is several lines of text that quickly run down the screen. You don’t need to do anything here. Wait for “Offline NT Password & Registry Editor” to load.



3. Choose the Correct Hard Drive Partition

This step in the Offline NT Password & Registry Editor process is to select the partition that contains the Windows installation that you want to delete a password from.
Many computers have a single operating system installed on a single partition on a single hard drive, making this a very easy choice.
If that’s the case for you, just press ENTER to accept the default partition. Otherwise, type the number corresponding to the correct partition from the Candidate Windows partitions found list and then press ENTER.
If more than one partition is listed and you’re not sure which one to pick, chances are the larger partition is the one with Windows installed.
Every Windows 7 PC will have more than one partition listed.


4. Confirm the Windows Registry Path

Offline NT Password & Registry Editor now needs to know the exact location of the Windows Registry. Except in the rarest of occasions, the default location will be the correct one.
Just Press ENTER to accept the default Windows Registry path without writing anything else.


5. Choose the Password Reset Option

Offline NT Password & Registry Editor is now asking which part of the registry it should load.
Press ENTER to accept the default choice of Password reset.
The Offline NT Password & Registry Editor tool can perform various functions aside from resetting passwords but since that’s the focus of this particular walkthrough, that’s all we’ll discuss.


6. Choose the Edit User Data and Passwords Option

Now that the registry is loaded and available to the program, Offline NT Password & Registry Editor needs to know exactly what you want to do.
Press ENTER to accept the default choice of Edit user data and passwords.
This will load the necessary options for the actual password reset.



7. Enter the Username to Edit

Offline NT Password & Registry Editor now needs to know which user’s password you’d like to delete (erase, clear, blank, remove, call it what you like).
A default user is listed between the brackets at the prompt. In the above example, you can see that it’s the Administrator user.
If the default user is the user you’d like to remove the password from, simply press ENTER. Otherwise, enter the username and then press ENTER.



8. Type 1 to Clear (blank) user password and then press ENTER

At the bottom of the screen you’ll see the User Edit Menu with several options to choose from.
Type 1 for Clear (blank) user password and then press ENTER.
Offline NT Password & Registry Editor shows some interesting information about the username you entered in the last step – the full name, what groups the user belongs to, how many failed login attempts have taken place, how many total logins have been completed, and more.
If you see a check in the “Passwd not req.” box, this means that a password is not a requirement for this particular user. It does not mean that a password is not required to access the account in Windows. In other words, it’s saying that it is possible to erase this user’s password.


9. Type ! to quit the User Edit Tool

Assuming there weren’t any problems, you should see a Password cleared! message after entering 1 in the previous step.
Type ! to quit editing user and then press ENTER.
You must confirm these changes in a later step before they are actually complete. If you quit Offline NT Password & Registry Editor now then the password reset will not take place!


10. Type q to Quit Offline NT Password & Registry Editor

Enter q and then press ENTER to quit the Offline NT Password & Registry Editor registry editing tool.
Important: You’re still not done! You need to confirm your password reset change in the next step before it will take effect.

11. Type y and then press ENTER to confirm Password Reset Changes

At the Step FOUR: Writing back changes menu, Offline NT Password & Registry Editor asks if you want to write file(s) back.
Type y and then press ENTER.
You should see an EDIT COMPLETE message appear on screen. If you do, it means that Offline NT Password & Registry Editor has written the password changes to your computer!


12. Confirm That You’re Finished Using Offline NT Password & Registry Editor

Offline NT Password & Registry Editor gives you an option here to rerun the program. If you’ve been following along with this guide and everything seems to have worked properly then there’s little reason to repeat anything.
Press ENTER to confirm the default option of not rerunning the password reset.



13. Remove Hiren’s BootCD and Restart the Computer

That’s it! You’ve just completed the entire Offline NT Password & Registry Editor password removal process.

Remove Hiren’s BootCD from your CD/DVD drive and then manually reset your computer.Note: If you receive a “job control turned off” or a “can’t access tty” error, don’t worry. As long as the EDIT COMPLETE confirmation message was posted to the screen after you confirmed the password reset changes then your password was successfully reset. You should still be able to see the confirmation on the screen at this point.
In the next step, you’ll finally get to logon to Windows without entering a password!
Now that your password has been removed using Offline NT Password & Registry Editor, no password is required to log on to Windows.
If you are the only user on your computer, Windows will boot all the way to the desktop on the next reboot and will skip the logon screen altogether.
If you’re on a multi-user computer (as many families are), the logon screen will still appear after starting Windows but when you click on the user that had the password removed, you will not be prompted for a password and will instead enter Windows automatically.
Having a secure password is important so please don’t continue to use Windows without one. As soon as you’ve gained access to your computer again, configure a new password – one you can remember a little easier!

There is a video link to help you:




How To Disable AutoRun / AutoPlay In Windows 7 & Windows 8


Disable AutoRun / AutoPlay Using Local Group Policy Editor
Step 1: Pull up the Run dialog box (Win + R) and type gpedit.msc. Hit Enter to launch the Local Group Policy Editor.
Step 2: Within Group Policy Editor, navigate to this location:
Computer Configuration > Administrative Templates > Windows Components > AutoPlay Policies
AutoRun
Step 3: Double-click the Turn off Autoplay option to edit its settings, select Enabled, and then select All drives in the options panel below. Hit Apply when done.
Disable-AutoRun
Step 4: Restart your computer.
That’s it; the AutoRun feature has been completely disabled for all users, and for all drives that connect to your machine.
Disable AutoRun / AutoPlay Using Registry Editor
Should you have a version of Windows that doesn’t ship with Local Group Policy Editor, follow these instructions.
Step 1: In the Run dialog, type regedit to launch the Registry Editor.
Step 2: Depending on whether you want to disable AutoRun for all users or just for the current one, navigate to either of these registry keys (the first one is for all users):
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\
Step 3: Within this subkey, locate the setting labeled “NoDriveTypeAutoRun”. If it doesn’t exist, create a new 32-bit DWORD with this name and assign it the hexadecimal value 000000FF(Decimal 255).
RegEdit-Disable-AutoRun
The DWORD defined above will disable AutoRun for all drives and devices, and will have the same effect that you would’ve gotten through Local Group Policy Editor.
Should you want to restore AutoPlay ever again, just reverse the changes that you made in these steps, and you should be good to go.

I am sharing this tech update from :

Tuesday, April 23, 2013

FastCompany.com: What A Dead Squirrel Taught Me About Value Pricing

Sent by rarunraj040488@gmail.com:

What A Dead Squirrel Taught Me About Value Pricing

By Neil Baron
Many companies worry about the commoditization of their offerings and their inability to justify premium pricing--but if you figure out how to take care of your customers' "dead squirrels," you're golden.

Or, copy and paste this URL into your browser: http://www.fastcompany.com/3000999/what-dead-squirrel-taught-me-about-value-pricing

(c) Fast Company | 7 World Trade Center New York NY 10007

Monday, September 24, 2012

Wipe your Deleted Data Away: Using cipher.exe

Administrators can use Cipher.exe to encrypt and decrypt data on drives that use the NTFS file system and to view the encryption status of files and folders from a command prompt. An updated version of the Cipher tool has been released for Windows 2000, and is included with Windows XP. The updated version adds another security option. This new option is the ability to overwrite data that you have deleted so that it cannot be recovered and accessed.

When you delete files or folders, the data is not initially removed from the hard disk. Instead, the space on the disk that was occupied by the deleted data is "deallocated." After it is deallocated, the space is available for use when new data is written to the disk. Until the space is overwritten, it is possible to recover the deleted data by using a low-level disk editor or data-recovery software.

If you create files in plain text and then encrypt them, Encrypting File System (EFS) makes a backup copy of the file so that, if an error occurs during the encryption process, the data is not lost. After the encryption is complete, the backup copy is deleted. As with other deleted files, the data is not completely removed until it has been overwritten. The new version of the Cipher utility is designed to prevent unauthorized recovery of such data.

Most Windows 2000 and XP Professional users are aware of the ability to encrypt data at the file level, using the Encrypting File System (EFS). It’s easy to do through the graphical interface—as easy as checking a checkbox on the Advanced File Attributes property sheet. However, many IT pros aren’t aware that encryption can also be performed at the command line.

The cipher.exe utility is included with Microsoft’s most recent NT-based operating systems. It allows you to do the same tasks—encrypt and decrypt—that you can do through the GUI, but also allows you to do much more—all through the command line. Administrators and power users can take advantage of the cipher tool’s power to gather encryption information and more quickly perform encryption tasks.

This Daily Drill Down will introduce you to the cipher tool and walk you through the steps of using its various switches.

Why a command line encryption tool?
What’s the need for a command line encryption tool if it’s so easy to encrypt and decrypt files using the GUI (other than the fact that some of us just like the character-based interface)? While encryption and decryption are easy attributes to set through a file or folder’s property sheet, there are other encryption-related tasks that are difficult (or impossible) to accomplish through the GUI.

For example, what if a user wants to create a new file encryption key? You might think you could generate a new key pair by requesting a new EFS certificate. You would do this by invoking the Certificate Request Wizard via the Certificates MMC (if you’re in an Active Directory domain) or via the certification authority’s Web page. But the problem with this method is that the file encryption key that is generated by EFS is wrapped with the user’s public key during the encryption process. As a workaround, the cipher tool allows you to create a new encryption key by typing cipher /k.

What if you want to encrypt files that are already encrypted? There’s no way to do that through the graphical interface; you must first decrypt the file before you’re allowed to change its attribute back to encrypted. With the cipher tool, you can force encryption on all files and folders, including those that are already encrypted.





Tip
The original version of cipher.exe that was released with Windows 2000 does not include the data overwrite function. This was added in a version of the cipher tool that Microsoft released in June 2001 (and included in Windows 2000 SP3). The drive-wiping function is included in the cipher tool that comes with Windows XP.




The cipher.exe command is an external command that is available in the below Microsoft operating systems.
Syntax
Displays or alters the encryption of directories [files] on NTFS partitions.
CIPHER [/E | /D] [/S:dir] [/A] [/I] [/F] [/Q] [/H] [/K] [pathname [...]]
CIPHER /W:directory
CIPHER /X[:efsfile] [filename]
/EEncrypts the specified directories. Directories will be marked so that files added afterward will be encrypted.
/DDecrypts the specified directories. Directories will be marked so that files added afterward will not be encrypted.
/SPerforms the specified operation on directories in the given directory and all subdirectories.
/AOperation for files as well as directories. The encrypted file could become decrypted when it is modified if the parent directory is not encrypted. It is recommended that you encrypt the file and the parent directory.
/IContinues performing the specified operation even after errors
have occurred. By default, CIPHER stops when an error is
encountered.
/FForces the encryption operation on all specified objects, even those that are already encrypted. Already-encrypted objects are skipped by default.
/QReports only the most essential information.
/HDisplays files with the hidden or system attributes. These files are omitted by default.
/KCreate new file encryption key for the user running CIPHER. If this option is chosen, all the other options will be ignored.
/WRemoves data from available unused disk space on the entire
volume. If this option is chosen, all other options are ignored.
The directory specified can be anywhere in a local volume. If it
is a mount point or points to a directory in another volume, the
data on that volume will be removed.
/XBackup EFS certificate and keys into file filename. If efsfile is provided, the current user's certificate(s) used to encrypt the file will be backed up. Otherwise, the user's current EFS certificate and keys will be backed up.
dirA directory path.
pathnameSpecifies a pattern, file or directory.
efsfileAn encrypted file path.
Used without parameters, CIPHER displays the encryption state of the current directory and any files it contains. You may use multiple directory names and wildcards. You must put spaces between multiple parameters.


To overwrite deleted data on a volume by using Cipher.exe, use the /w switch with the cipher command. Use the following steps:
  1. Quit all programs.
  2. Click Start, click Run, type cmd, and then press ENTER.
  3. Type cipher /w:driveletter:\foldername, and then press ENTER. Specify the drive and the folder that identifies the volume that contains the deleted data that you want to overwrite. Data that is not allocated to files or folders will be overwritten. This permanently removes the data. This can take a long time if you are overwriting a large space.
    The /w switch is used to overwrite data in unallocated space on the disk.
    Note With mount points in Windows 2000, you can mount a volume on any empty folder on an NTFS volume. When you do this, the mounted volume does not have a drive letter of its own. The only way to address that volume is by using the path where you created the mount point. Therefore, the /w switch requests a path of a folder, and from that, it determines the associated volume to wipe. Because of the way the file system works, the whole volume must be wiped. A file can be written anywhere on the volume at any time. A folder does not address a specific physical location on disk but is a logical container for file entries in the volume's table of contents (MFT or FAT). To make sure that there is no leftover data in unallocated space, all unallocated space on the volume must be wiped.


For more details, look into following links: