0% found this document useful (0 votes)

47 views118 pages

How To See Hidden Files in Windows

Uploaded by

Bobbi Bach-Oachs

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOC, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

47 views118 pages

How To See Hidden Files in Windows

Uploaded by

Bobbi Bach-Oachs

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as DOC, PDF, TXT or read online on Scribd

You are on page 1/ 118

How to see hidden files in Windows

Lawrence Abrams
 April 21, 2004

 04:53 PM

 Read 3,084,665 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

1. Introduction
2. Windows 95
3. Windows 98
4. Windows ME
5. Windows NT
6. Windows 2000
7. Windows XP and 2003
8. Windows Vista
9. Windows 7
10. Windows 8
11. Conclusion

Introduction

By default Windows hides certain files from being seen with Windows Explorer or My Computer. This is done to protect these files,
which are usually system files, from accidentally being modified or deleted by the user. Unfortunately viruses, spyware, and hijackers
often hide there files in this way making it hard to find them and then delete them.

By following the steps below for each version of Windows you will be able to change the operating systems behavior so that you can
see hidden and protected files. In this way you will be able to delete or replaces files for troubleshooting purposes.

Windows 95

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

2. Double-click on the My Computer icon.
3. Select the View menu and then click Options.
4. After the new window appears select the View tab.
5. Scroll down until you see the Show all files radio button and select it.
6. Press the OK button and close the My Computer window.
7. Now your computer is configured to show all hidden files.
Windows 98

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

2. Double-click on the My Computer icon.
3. Select the View menu and then click Folder Options.
4. After the new window appears select the View tab.
5. Scroll down until you see the Show all files radio button and select it.
6. Press the Apply button and then the OK button and close the My Computer window.
7. Now your computer is configured to show all hidden files.

Windows ME

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

2. Double-click on the My Computer icon.
3. Select the Tools menu and click Folder Options.
4. After the new window appears select the View tab.
5. Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
6. Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
7. Remove the checkmark from the checkbox labeled Hide protected operating system files.
8. Press the Apply button and then the OK button and shutdown My Computer.
9. Now your computer is configured to show all hidden files.

Windows NT

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

2. Double-click on the My Computer icon.
3. Select the View menu and then click Options.
4. After the new window appears select the View tab.
5. Scroll down until you see the Show all files radio button and select it.
6. Press the OK button and shutdown My Computer.
7. Now your computer is configured to show all hidden files.

Windows 2000

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

Windows XP and Windows 2003

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

2. Double-click on the My Computer icon.
3. Select the Tools menu and click Folder Options.
4. After the new window appears select the View tab.
5. Put a checkmark in the checkbox labeled Display the contents of system folders.
6. Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
7. Remove the checkmark from the checkbox labeled Hide file extensions for known file types.
8. Remove the checkmark from the checkbox labeled Hide protected operating system files.
9. Press the Apply button and then the OK button and shutdown My Computer.
10. Now your computer is configured to show all hidden files.

Windows Vista

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

2. Click on the Start button. This is the small round button with the Windows flag in the lower left corner.
3. Click on the Control Panel menu option.
4. When the control panel opens you can either be in Classic View or Control Panel Home view:

If you are in the Classic View do the following:

1. Double-click on the Folder Options icon.

2. Click on the View tab.
3. Go to step 5.

If you are in the Control Panel Home view do the following:

1. Click on the Appearance and Personalization link .

2. Click on Show Hidden Files or Folders.
3. Go to step 5.

1. Under the Hidden files and folders section select the radio button labeled Show hidden files and folders.
2. Remove the checkmark from the checkbox labeled Hide extensions for known file types.
3. Remove the checkmark from the checkbox labeled Hide protected operating system files.
4. Press the Apply button and then the OK button.
5. Now Windows Vista is configured to show all hidden files.

Windows 7

To enable the viewing of Hidden files follow these steps. Please note a guide with images that shows the same steps can be found
here:
How to show hidden files in Windows 7
1. Close all programs so that you are at your desktop.
2. Click on the Start button. This is the small round button with the Windows flag in the lower left corner.
3. Click on the Control Panel menu option.
4. When the control panel opens click on the Appearance and Personalization link.
5. Under the Folder Options category, click on Show Hidden Files or Folders.
6. Under the Hidden files and folders section select the radio button labeled Show hidden files, folders, or drives.
7. Remove the checkmark from the checkbox labeled Hide extensions for known file types.
8. Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
9. Press the Apply button and then the OK button..
10. Now Windows 7 is configured to show all hidden files.

Windows 8

To enable the viewing of Hidden files follow these steps. Please note a guide with images that shows the same steps can be found
here:

How to see hidden files in Windows 8

1. From the Windows 8 Start Screen, click on the Control Panel app.
2. When the Control Panel opens scroll down to the bottom and click on the More Settings option.
3. The traditional Windows 8 Control Panel will now open. When it is open, click on the Appearance and
Personalization link.
4. Under the Folder Options category, click on Show Hidden Files or Folders.
5. Under the Hidden files and folders section select the radio button labeled Show hidden files, folders, or drives.
6. Remove the checkmark from the checkbox labeled Hide extensions for known file types.
7. Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
8. Press the Apply button and then the OK button..
9. Now Windows 8 is configured to show all hidden files.

Please note that you will now see icons that were not previously visible. One of the most common concerns is that you will see a file
called desktop.ini throughout your computer. These are legitimate hidden files and can be ignored.

Conclusion

Now that you know how to see all hidden files on your computer, malicious programs such as viruses, spyware, and hijackers will no
longer be able to hide their presence from you or people helping you.

If you have any questions please feel free to post them in our computer help forums.

--
Lawrence Abrams
Bleeping Computer Windows Basic Concept Tutorials
BleepingComputer.com: Computer Support & Tutorials for the beginning computer user.

Users who read this also read:




HOW TO REMOVE A TROJAN, VIRUS, WORM, OR OTHER MALWARE



If you use a computer, read the newspaper, or watch the news, you will know about computer viruses or other malware.
These are those malicious programs that once they infect your machine will start causing havoc on your computer. What
many people do not know is that there are many different types of infections that are categorized in the general category of
Malware.




HOW TO SHOW HIDDEN FILES IN WINDOWS 7







HOW TO START WINDOWS IN SAFE MODE


Windows Safe Mode is a way of booting up your Windows operating system in order to run administrative and diagnostic
tasks on your installation. When you boot into Safe Mode the operating system only loads the bare minimum of software
that is required for the operating system to work. This mode of operating is designed to let you troubleshoot and run
diagnostics on your computer. Windows Safe Mode ...

How to create a Windows System Repair Disc

Lawrence Abrams
 October 24, 2012

 05:15 PM

 Read 71,094 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Windows comes with a built-in repair environment called the Recovery Environment. Unfortunately, it is possible for the recovery
environment to become inaccessible. The same tools can be accessed by using the Windows DVD that came with your computer, but
unfortunately not many computer manufacturers actually provide the Windows media anymore. Therefore, it is suggested that you
create the bootable Windows System Repair disc, which you can boot off of to access these troubleshooting and recovery tools when
you need them.

Note: Windows 8.1 no longer includes the Recdisc utility. If you are using Windows 8.1 or wish to create a bootable USDB Recovery
Drive, you should follow the steps in this guide instead:

How to create a bootable USB Flash Recovery Drive in Windows 8

The first step is to insert a blank DVD or CD into the DVD drive you wish to create the disc with.

Then, if you use Windows 7, click on the Start button and type recdisc. At the top of the start menu you should see
therecdisc filename appear and should then double-click on it.

Otherwise, if you are using Windows 8, type recdisc at the Windows Start Screen and then click on the recdisc search result when it
appears.

The Create a system repair disc screen should now be open.

Select the drive that has the blank media inserted into and then click on the Create disc button.

Windows will start to create the repair disc, and when finished, display one of these dialogs depending on the version of Windows you
are using.
You can now click on the Close button and then remove the disc from your drive. Please label the disc and store it in a safe location.
When you are ready to use it, simply insert it into your computer and reboot. Your computer should detect it as bootable media and
ask if you wish to boot off of it. Follow the instructions it gives in order to boot your computer with the repair CD. Once the recovery
environment is loaded, you can then access the recovery options that are available.

For more information about the various tools that you can use in the Windows Recovery Environment, please see these tutorials for
your particular operating system.

Windows XP

 Guide to Windows XP Recovery Features

 How to install and use the Windows XP Recovery Console

Windows Vista

 How to use the Command Prompt in the Vista Windows Recovery Environment
 Using System Restore from the Vista Windows Recovery Environment
 How to automatically repair Windows Vista using Startup Repair
 How to use the Vista Windows Memory Diagnostics Tool
 Using Windows Vista Complete PC Restore to restore your computer

Windows 7

 How to start the Windows 7 Recovery Environment

 How to use System Image Recovery in the Windows 7 and Windows 8 Recovery
Environment
 How to use the Windows 7 System Recovery Environment Command Prompt
 How to create a Windows system image in Windows 7 and Windows 8

Windows 8

 How to use System Image Recovery in the Windows 7 and Windows 8 Recovery
Environment
 How to use System Restore from the Windows 8 Recovery Environment
 How to use the Windows 8 System Recovery Environment Command Prompt
 How to automatically repair Windows 8 using Automatic Repair
 How to create a Windows system image in Windows 7 and Windows 8

Users who read this also read:



HOW TO CREATE A WINDOWS SYSTEM IMAGE IN WINDOWS 7 AND WINDOWS 8



Windows 7 and Windows 8 include the ability to create a system image that can be used to restore your computer's hard
drives back to the exact state they were in when you created the backup. This backup is an exact replica of your drive
including your personal data and Windows files. This allows you to setup your computer exactly as you want it and then
restore it back to that state when it ...





HOW TO START THE WINDOWS 7 RECOVERY ENVIRONMENT



The Windows 7 Recovery Environment is a way to boot your computer into an offline mode where you can run various
recovery and diagnostic tools that can be used to try and resolve problems with Windows. This environment is particularly
helpful in resolving issues when Windows crashes, does not start, or when you have malware that cannot be removed while
Windows is running. Using this environment ...




HOW TO CREATE A BOOTABLE USB FLASH RECOVERY DRIVE IN WINDOWS 8



Windows 8 has the ability to create a bootable USB flash recovery drive that can be used to troubleshoot a Windows 8
computer that is unable to start. A recovery drive is the same as a startup repair disk, but instead of being on a CD/DVD it
is on a bootable USB drive. Once you boot up a Windows 8 computer with a Recovery Drive you will have access to a
variety of diagnostic and troubleshooting ...





GUIDE TO WINDOWS XP RECOVERY FEATURES


Computers over time tend to start displaying problems. Whether that be the operating system not booting, programs not
working, or random errors and crashes. To help alleviate these problems Windows XP comes with 6 methods that enable us
to recover from these situations. These do not work in all cases, but a lot of headaches can be avoided by learning how
these methods work. In this tutorial we ...

HOW TO USE SYSTEM IMAGE RECOVERY IN THE WINDOWS 7 AND WINDOWS 8

RECOVERY ENVIRONMENT


In the event that you are unable to start Windows or wish to restore your hard drives to a previous backup you can use the
System Image Recovery program from the Windows 7 or Windows 8 Recovery Environment. This process will overwrite
the entire contents of your hard drives with the contents of a previously created system image. It is important to note that
all of your data will be removed and ...

How to start Windows in Safe Mode

Lawrence Abrams
 April 21, 2004

 04:06 PM

 Read 5,579,570 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

1. Introduction
2. Windows 95
3. Windows 98/ME
4. Windows 2000
5. Windows XP
6. Windows Vista
7. Windows 7
8. Windows 8
9. Problems that can occur by forcing Safe Mode using the System Configuration Utility
10. Conclusion

Introduction

Windows Safe Mode is a way of booting up your Windows operating system in order to run administrative and diagnostic tasks on
your installation. When you boot into Safe Mode the operating system only loads the bare minimum of software that is required for the
operating system to work. This mode of operating is designed to let you troubleshoot and run diagnostics on your computer. Windows
Safe Mode loads a basic video drivers so your programs may look different than normal.

For Win98/ME, XP, Vista and Windows 7 there are two methods of booting into Safe Mode, while 95 and 2000 only have one. We
will describe these methods below:

F8 - By pressing the F8 key right when Windows starts, usually right after you hear your computer beep when you reboot it, you will
be brought to a menu where you can choose to boot into safe mode. If it does not work on the first try, reboot and try again as you
have to be quick when you press it. I have found that during boot up right after the computer shows you all the equipment , memory,
etc installed on your computer, if you start lightly tapping the F8 key you will usually be able to get to the desired menu.

System Configuration Utility - You can use the System Configuration Utility, or MSCONFIG, found in Windows 98, ME, XP,
Windows Vista, and Windows 7 to make Windows boot into Safe Mode on the next reboot. We will go into specific details in the
sections below. Please note, that you should not force your computer to boot into Safe Mode using the System Configuration Utility if
you suspect you are infected with malware as the malware may corrupt keys required to boot into Safe Mode. You can read more
about this here.

Windows 95

Windows 95 can only boot into Safe Mode using the F8 method as it does not have a System Configuration Utility.

Using the F8 Method:

1. Restart your computer.

2. When the machine first starts it will generally list some equipment that is installed in your machine, amount of memory,
hard drives installed etc. When it is finished with that it will say "Starting Windows 95". Immediately after seeing "Starting
Windows 95" press the F8 key.
3. You will now be presented with a menu. Select the option for Safe Mode using the arrow keys.
4. Then press enter on your keyboard to boot into Safe Mode.
5. Do whatever tasks you require and when you are done reboot to boot back into normal mode.

Windows 98/ME

NOTE: Windows ME may look slightly different than what is shown in the images below. You should still have no problem
following along.

Using the F8 Method:

1. Restart your computer.
2. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of
memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a
menu.
3. When you have the menu on the screen. Select the option for Safe Mode using the arrow keys.
4. Then press enter on your keyboard to boot into Safe Mode.
5. Do whatever tasks you require and when you are done reboot to boot back into normal mode.

Using the System Configuration Tool Method:

Step 1: Close all programs so that you have nothing open and are at the desktop.

Step 2: Click on the Start button then click on Run.

Step 3: In the Run field type msconfig as shown in the image below.

Figure 1. Starting Msconfig

Step 4: Press the OK button and the System Configuration Utility will start up. You will then see a screen similar to Figure 2 below.
Figure 2. SCU Startup Screen

Step 5: You should now press the Advanced button designated by the red box in the figure above and you will see a screen similar to
figure 3 below.
Figure 3. Advanced Options

Step 6: Place a check mark in the checkbox labeled "Enable Startup Menu" designated by the red box in Figure 3 above. Then press
the OK button and then the OK button again. Windows 98/ME will now prompt if you would like to reboot as shown in Figure 4
below.

Figure 4. Confirm Reboot

Step 7: Press the Yes button and your computer will restart into Safe Mode.

Step 8: When the computer boots up perform what diagnostic or troubleshooting tasks you require.

Step 9. When you are finished with these tasks, complete steps 1-7 again, but in Step 6 this time uncheck the checkbox labeled
"Enable Startup Menu".

Step 10: Reboot the computer back into normal mode.

Windows 2000

Windows 2000 can only boot into Safe Mode using the F8 method as it does not have a System Configuration Utility.

Using the F8 Method:

1. Restart your computer.

2. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of
memory, hard drives installed etc. When that is completed it will start loading Windows.
3. When you see the screen that has a black and white bar at the bottom stating "Starting Windows", tap the F8 key repeatedly
until you get to the Windows 2000 Advanced Options Menu
4. At this menu use the arrow keys to select the Safe Mode option, which is usually the first in the list.
5. Press the enter key.
6. Your computer will continue booting, but now will boot into Safe Mode.
7. Do whatever tasks you require and when you are done reboot to boot back into normal mode.

Windows XP

Using the F8 Method:

1. Restart your computer.

2. When the machine first starts again it will generally list some equipment that is installed in your machine, amount of
memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a
Windows XP Advanced Options menu.
3. Select the option for Safe Mode using the arrow keys.
4. Then press enter on your keyboard to boot into Safe Mode.
5. Do whatever tasks you require and when you are done reboot to boot back into normal mode.

Using the System Configuration Tool Method:

Note: If you are having trouble entering Safe Mode via the F8 method, you should not use this method to force it to startup into safe
mode. For reasons why, you should read this.

Step 1: Close all programs so that you have nothing open and are at the desktop.

Step 2: Click on the Start button then click on Run.

Step 3: In the Run field type msconfig as shown in the image below.

Figure 4. Starting Msconfig

Step 4: Press the OK button and the System Configuration Utility will start up. You will then see a screen similar to Figure 5 below.

Figure 5. Starting the System Configuration Utility

Step 5: Click on the tab labeled "BOOT.INI" which is designated by the red box in Figure 5 above. You will then be presented with a
screen similar to Figure 6 below.
Figure 6. BOOT.INI Tab

Step 6: Put a check mark in the checkbox labeled "/SAFEBOOT" designated by the red box in Figure 6 above. Then press the OK
button. After pressing the button you will be presented with a confirmation box as shown in Figure 7 below.

Figure 7. Confirm Reboot

Step 7: Press the Restart button and let the computer reboot. It will now boot up into Safe Mode.

Step 8: When the computer boots up do what diagnostic or troubleshooting tasks that you need to do.

Step 9. When are finished with your tasks, complete steps 1-7 again, but in Step 6 this time uncheck the checkbox labeled
"/SAFEBOOT". Then click on the General tab and set it for Normal startup.

Step 10: Reboot the computer back into normal mode.

Windows Vista

Using the F8 Method:

1. Restart your computer.

2. When the computer starts you will see your computer's hardware being listed. When you see this information start to gently
tap the F8 key repeatedly until you are presented with the Windows Vista Advanced Boot Options.
3. Select the Safe Mode option using the arrow keys.
4. Then press the enter key on your keyboard to boot into Vista Safe Mode.
5. When Windows starts you will be at a typical logon screen. Logon to your computer and Vista will enter Safe mode.
6. Do whatever tasks you require, and when you are done, reboot to go back into normal mode.

Using the System Configuration Tool Method:

Note: If you are having trouble entering Safe Mode via the F8 method, you should not use this method to force it to startup into safe
mode. For reasons why, you should read this.

1. Close any running programs and open Windows so you are back at the desktop.

2. Click on the Start ( ) button.

3. In the Start Menu Search Box ( ) type msconfig and press enter on your keyboard.

4. The System Configuration utility will open and you will see a screen similar to the one below.

Figure 8. Vista System Configuration Utility

5.
Click on the Boot tab.
6. You will now be at the Boot options screen as shown below.

Figure 9. Vista Boot tab in the System Configuration utility

Put a check mark in the checkbox labeled Safe boot

8. Press the Apply button and then press the OK button.

9. You will now be presented with a prompt stating that you need to reboot the computer to apply the change.
Figure 10. Restart Prompt

10.

Click on the Restart button to reboot your computer.

11. Your computer will now restart directly into Safe Mode. When you get to the Vista logon screen, log on to the computer
and perform any necessary tasks.

12. When done with your tasks, from within Safe Mode, start msconfig.

13. When the program is open, and you are on the General tab, select the option labeled Normal Startup.

14. Then press the Apply button and then the OK button.

15. When the programs prompts you to reboot, allow it to do so, and you will boot back into Windows Vista in normal mode.

Windows 7

Using the F8 Method:

1. Restart your computer.

2. When the computer starts you will see your computer's hardware being listed. When you see this information start to gently
tap the F8 key on your keyboard repeatedly until you are presented with the Windows 7 Advanced Boot Optionsscreen as
shown in the image below.
Figure 11. Windows 7 Advanced Boot Options screen

3.
4. Using the arrow keys, select the Safe Mode option you want.
5. Then press the enter key on your keyboard to boot into Windows 7 Safe Mode.
6. When Windows starts you will be at a typical logon screen. Logon to your computer and Windows 7 will enter Safe mode.
7. Do whatever tasks you require, and when you are done, reboot to go back into normal mode.

Using the System Configuration Tool Method:

Note: If you are having trouble entering Safe Mode via the F8 method, you should not use this method to force it to startup into safe
mode. For reasons why, you should read this.

1. Close any running programs and open Windows so you are back at the desktop.

2. Click on the Start ( ) button.

3. In the Start Menu Search Box type msconfig as shown in Figure 12 below.
Figure 12. Windows 7 Search box

Then press enter on your keyboard.

5. The System Configuration utility will open and you will see a screen similar to the one below.
Figure 13. Windows 7 System Configuration Utility

Click on the Boot tab.

7. You will now be at the Boot screen as shown below.

Figure 14. Windows 7 Boot tab in the System Configuration utility

Put a check mark in the checkbox labeled Safe boot

9. Press the Apply button and then press the OK button.

10. You will now be presented with a prompt stating that you need to reboot the computer to apply the change.

Figure 15. Restart Prompt

11.

Click on the Restart button to reboot your computer.

12. Your computer will now restart directly into Safe Mode. When you get to the Windows 7 logon screen, log on to the
computer and perform any necessary tasks.

13. When done with your tasks, from within Safe Mode, start msconfig.

14. When the program is open, and you are on the General tab, select the option labeled Normal Startup.

15. Then press the Apply button and then the OK button.

16. When the programs prompts you to reboot, allow it to do so, and you will boot back into Windows 7 in normal mode.

Windows 8

For a detailed tutorial on how to boot Windows 8 into Safe Mode, please see this tutorial:

How to start Windows 8 in Safe Mode

Using the Advanced startup options method:

1. From the Windows Start screen, type Advanced startup and when the search results appear, click on the Settingscategory
and then click on the Advanced startup options search option.

2. When the Settings screen opens, scroll down and click on the Restart now button under the Advanced Startup category
and your computer will restart.

3. When the Advance startup menu appears, click on the Troubleshoot option.

4. Then click on the Advanced Options button.

5. Finally click on the Startup Settings option and then click on the Restart button. Your computer will now restart again.

6. When you get to the Startup Settings screen, press the number for the Safe Mode option you wish to use.

7. Do whatever tasks you require, and when you are done, reboot to go back into normal mode.

Using the System Configuration Tool Method:

Note: If you are having trouble entering Safe Mode via the Advanced Startup menu, you should not use this method to force it to
startup into safe mode. For reasons why, you should read this.

1. Go to the Windows Start screen and type msconfig. When the msconfig search results appears, click on it.

2. The System Configuration utility will open and you will see a screen similar to the one below.
3.
Click on the Boot tab.

4. You will now be at the Boot screen as shown below.

Put a check mark in the checkbox labeled Safe boot

6. Press the Apply button and then press the OK button.

7. You will now be presented with a prompt stating that you need to reboot the computer to apply the change.

Click on the Restart button to reboot your computer.

9. Your computer will now restart directly into Safe Mode. When you get to the Windows 8 logon screen, log on to the
computer and perform any necessary tasks.

10. When done with your tasks, from within Safe Mode, go back to the Start screen by pressing the Tab key on your keyboard.
Then start msconfig again by typing msconfig and then clicking on its search result.

11. When the program is open, and you are on the General tab, select the option labeled Normal Startup.

12. Then press the Apply button and then the OK button.

13. When the programs prompts you to reboot, allow it to do so, and you will boot back into Windows 8 in normal mode.

Problems that can occur by forcing Safe Mode using the System Configuration Utility

It is possible to make your computer continuously boot up into safe mode using the System Configuration utility as described above.
The program does this by changing your boot.ini file, the settings file that configures your computer's boot sequence, and adding
the /safeboot argument to your operating systems startup line. An example of this can be seen below.

[operating systems]
Original multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft
Windows XP Professional" /FASTDETECT /NOEXECUTE=OPTIN
[operating systems]
After using multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft
MsConfig.exe Windows XP Professional" /FASTDETECT
/NOEXECUTE=OPTIN /safeboot:minimal
When you are done using safe mode, you would then run the System Configuration utility again and uncheck the /Safebootoption,
thus removing the /safeboot argument from the boot.ini file, and allowing your computer to boot up normally.

On a computer that is operating properly this is normally not a problem. Unfortunately, though, a new trick that some of the more
recent malware are using is to delete certain Windows Registry keys so that your computer can not properly boot into safe mode. It is
in these situations that using the System Configuration utility to boot into safe mode can cause the computer to become inoperable for
many users.

This is because once you set the computer to boot into Safe Mode using /Safeboot, it will continuously attempt to start Safe Mode
until the /safeboot argument is removed from the boot.ini. Since the malware is not allowing us to actually boot into safe mode, you
have no way of getting to a point where you can run the System Configuration utility again to uncheck the/Safeboot option. Thus, you
are stuck with a computer constantly attempting to get into safe mode and not being able to do so.

If a situation like this has happened to you it is possible to fix this problem by renaming your boot.ini file. The first step would be to
use a boot disk to start your computer. If your computer does not have a floppy disk, then you can typically boot off the Windows CD
that came with your computer in order to access the Windows Recovery Console. More information about the Windows Recovery
Console can be found here. Once booted to a command prompt, you would simply rename your C:\Boot.ini file to another name
like C:\Boot.ini.bak. The command to rename the file at the command prompt is:

ren C:\Boot.ini Boot.ini.bak

Once the file is renamed, you can then remove the boot disk and reboot your computer to get back to normal mode. When booting up
after the rename, do not be surprised if you see an error stating that you do not have a valid Boot.ini file. When you get back to normal
Windows mode, you can then rename C:\Boot.ini.bak to C:\Boot.ini and run Msconfig again to remove the /safeboot flag.

Conclusion

It is not uncommon when people are helping you troubleshoot your computer that they tell you to enter Safe Mode. With this tutorial
you should now know how to enter Safe Mode when it is required.

If you have any questions please feel free to post them in our tech support forums.

Users who read this also read:



HOW TO REMOVE A TROJAN, VIRUS, WORM, OR OTHER MALWARE






HOW TO AUTOMATICALLY REPAIR WINDOWS VISTA USING STARTUP REPAIR


Windows Vista comes with a rich feature set of diagnostic and repair tools that you can use in the event that your computer
is not operating correctly. These tools allow you to diagnose problems and repair them without having to boot into
Windows. This provides much greater flexibility when it comes to fixing problems that you are not able to resolve
normally. This guide focuses on using the ...




HOW TO START WINDOWS 8 IN SAFE MODE



Safe Mode is a Windows mode that uses only the most basic drivers and programs that are required to start Windows. This
mode will also not launch any programs that are set to start automatically when Windows starts. This makes Safe Mode is
very useful for diagnosing hardware driver problems and computer infections in Windows 8. It can also be useful when
you want to uninstall a program or delete a ...




HOW TO SEE HIDDEN FILES IN WINDOWS



By default Windows hides certain files from being seen with Windows Explorer or My Computer. This is done to protect
these files, which are usually system files, from accidentally being modified or deleted by the user. Unfortunately viruses,
spyware, and hijackers often hide there files in this way making it hard to find them and then delete them.




HOW TO INSTALL AND USE THE WINDOWS XP RECOVERY CONSOLE



The Recovery Console is a special boot up method that can be used to help fix problems that are preventing your Windows
installation from properly booting up into Windows. This method allows you to access the files, format drives, disable and
enable services, and other tasks from a console prompt while the operating system is not loaded. It is suggested that the
Recovery Console is to only be used ...

How to remove a Trojan, Virus, Worm, or other Malware

Lawrence Abrams
 May 18, 2005

 01:41 PM

 Read 4,142,278 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

Diallers, Trojans, Viruses, Worms Oh My!

2.
3.

How these infections start

4.
5. Use an anti-virus and anti-malware program to remove the infections
6.

How to remove these infections manually

7.
8.
How to protect yourself in the future

9.
10.

Conclusion

11.

Dialers, Trojans, Viruses, and Worms Oh My!

If you use a computer, read the newspaper, or watch the news, you will know about computer viruses or other malware. These are
those malicious programs that once they infect your machine will start causing havoc on your computer. What many people do not
know is that there are many different types of infections that are categorized in the general category of Malware.

Malware - Malware is programming or files that are developed for the purpose of doing harm. Thus, malware includes computer
viruses, worms, Trojan horses, spyware, hijackers, and certain type of adware.

This article will focus on those malware that are considered viruses, trojans, worms, and viruses, though this information can be used
to remove the other types of malware as well. We will not go into specific details about any one particular infection, but rather provide
a broad overview of how these infections can be removed. For the most part these instructions should allow you to remove a good deal
of infections, but there are some that need special steps to be removed and these won't be covered under this tutorial.

Before we continue it is important to understand the generic malware terms that you will be reading about.

Adware - A program that generates pop-ups on your computer or displays advertisements. It is important to note that not all adware
programs are necessarily considered malware. There are many legitimate programs that are given for free that display ads in their
programs in order to generate revenue. As long as this information is provided up front then they are generally not considered
malware.

Backdoor - A program that allows a remote user to execute commands and tasks on your computer without your permission. These
types of programs are typically used to launch attacks on other computers, distribute copyrighted software or media, or hack other
computers.

Dialler - A program that typically dials a premium rate number that has per minute charges over and above the typical call charge.
These calls are with the intent of gaining access to pornographic material.

Hijackers - A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own start
page, redirecting search queries to a undesired search engine, or replace search results from popular search engines with their own
information.

Spyware - A program that monitors your activity or information on your computer and sends that information to a remote computer
without your knowledge.

Trojan - A program that has been designed to appear innocent but has been intentionally designed to cause some malicious activity or
to provide a backdoor to your system.

Virus - A program that when run, has the ability to self-replicate by infecting other programs and files on your computer. These
programs can have many effects ranging from wiping your hard drive, displaying a joke in a small box, or doing nothing at all except
to replicate itself. These types of infections tend to be localized to your computer and not have the ability to spread to another
computer on their own. The word virus has incorrectly become a general term that encompasses trojans, worms, and viruses.
Worm - A program that when run, has the ability to spread to other computers on its own using either mass-mailing techniques to
email addresses found on your computer or by using the Internet to infect a remote computer using known security holes.

How these infections start

Just like any program, in order for the program to work, it must be started. Malware programs are no different in this respect and must
be started in some fashion in order to do what they were designed to do. For the most part these infections run by creating a
configuration entry in the Windows Registry in order to make these programs start when your computer starts.

Unfortunately, though, in the Windows operating system there are many different ways to make a program start which can make it
difficult for the average computer user to find manually. Luckily for us, though, there are programs that allow us to cut through this
confusion and see the various programs that are automatically starting when windows boots. The program we recommend for this,
because its free and detailed, is Autoruns from Sysinternals.

When you run this program it will list all the various programs that start when your computer is booted into Windows. For the most
part, the majority of these programs are safe and should be left alone unless you know what you are doing or know you do not need
them to run at startup.

At this point, you should download Autoruns and try it out. Just run the Autoruns.exe and look at all the programs that start
automatically. Don't uncheck or delete anything at this point. Just examine the information to see an overview of the amount of
programs that are starting automatically. When you feel comfortable with what you are seeing, move on to the next section.

Use an anti-virus and anti-malware program to remove the infections

Make sure you are using an anti-virus program and that the anti-virus program is updated to use the latest definitions. If you do not
currently have an anti-virus installed, you can select one from the following list and use it to scan and clean your computer. The list
below includes both free and commercial anti-virus programs, but even the commercial ones typically have a trial period in which you
can scan and clean your computer before you have to pay for it.

 Kaspersky Anti-virus
 ESET Nod32
 AVG
 Avast
 BitDefender
 Microsoft Security Essentials
 Trend Micro
 Antivir

It is also advised that you install and scan your computer with MalwareBytes' Anti-Malware and Emsisoft Anti-Malware. Both of
these are excellent programs and have a good track record at finding newer infections that the more traditional anti-virus programs
miss. Guides on how to install and use these programs can be found below.

How to use Malwarebytes' Anti-Malware to scan and remove malware from your computer
How to use Emsisoft Anti-Malware to scan and clean malware from your computer

After performing these instructions if you still are infected, you can use the instructions below to manually remove the infection.

How to remove these infections manually

We have finally arrived at the section you came here for. You are most likely reading this tutorial because you are infected with some
sort of malware and want to remove it. With this knowledge that you are infected, it is also assumed that you examined the programs
running on your computer and found one that does not look right. You did further research by checking that program against
our Startup Database or by searching in Google and have learned that it is an infection and you now want to remove it.

If you have identified the particular program that is part of the malware, and you want to remove it, please follow these steps.

Download and extract the Autoruns program by Sysinternals to C:\Autoruns

2.
3. Reboot into Safe Mode so that the malware is not started when you are doing these steps. Many malware monitor the keys
that allow them to start and if they notice they have been removed, will automatically replace that startup key. For this
reason booting into safe mode allows us to get past that defense in most cases.

4. Navigate to the C:\Autoruns folder you created in Step 1 and double-click on autoruns.exe.

5. When the program starts, click on the Options menu and enable the following options by clicking on them. This will place
a checkmark next to each of these options.

1. Include empty locations

2. Verify Code Signatures

3. Hide Signed Microsoft Entries

1. Then press the F5 key on your keyboard to refresh the startups list using these new settings.

2. The program shows information about your startup entries in 8 different tabs. For the most part, the filename you are
looking for will be found under the Logon or the Services tabs, but you should check all the other tabs to make sure they
are not loading elsewhere as well. Click on each tab and look through the list for the filename that you want to remove. The
filename will be found under the Image Path column. There may be more than one entry associated with the same file as it
is common for malware to create multiple startup entries. It is important to note that many malware programs disguise
themselves by using the same filenames as valid Microsoft files. it is therefore important to know exactly which file, and
the folder they are in, that you want to remove. You can check our Startup Database for that information or ask for help in
our computer help forums.

3. Once you find the entry that is associated with the malware, you want to delete that entry so it will not start again on the
next reboot. To do that right click on the entry and select delete. This startup entry will now be removed from the Registry.

4. Now that we made it so it will not start on boot up, you should delete the file using My Computer or Windows Explorer. If
you can not see the file, it may be hidden. To allow you to see hidden files you can follow the steps for your operating
system found in this tutorial:

How to see hidden files in Windows

5. When you are finished removing the malware entries from the Registry and deleting the files, reboot into normal mode as
you will now be clean from the infection.
How to protect yourself in the future

In order to protect yourself from this happening again it is important that take proper care and precautions when using your computer.
Make sure you have updated antivirus and spyware removal software running, all the latest updates to your operating system, a
firewall, and only open attachments or click on pop-ups that you know are safe. These precautions can be a tutorial unto itself, and
luckily, we have one created already:

Simple and easy ways to keep your computer safe and secure on the Internet

Please read this tutorial and follow the steps listed in order to be safe on the Internet. Other tutorials that are important to read in order
to protect your computer are listed below.

Understanding Spyware, Browser Hijackers, and Dialers

Understanding and Using a Firewall

Safely Connecting a Computer to the Internet

Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware

Using IE-Spyad to enhance your privacy and Security

Conclusion

Now that you know how to remove a generic malware from your computer, it should help you stay relatively clean from infection.
Unfortunately there are a lot of malware that makes it very difficult to remove and these steps will not help you with those particular
infections. In situations like that where you need extra help, do not hesitate to ask for help in ourcomputer help forums. We also have a
self-help section that contains detailed fixes on some of the more common infections that may be able to help. This self-help section
can be found here:

Virus, Spyware, Malware Removal Guides

How to see hidden files in Windows

Lawrence Abrams
 April 21, 2004

 04:53 PM

 Read 3,084,668 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

1. Introduction
2. Windows 95
3. Windows 98
4. Windows ME
5. Windows NT
6. Windows 2000
7. Windows XP and 2003
8. Windows Vista
9. Windows 7
10. Windows 8
11. Conclusion

Introduction

Windows 95

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

Windows 98

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

Windows ME

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

Windows NT

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

2. Double-click on the My Computer icon.
3. Select the View menu and then click Options.
4. After the new window appears select the View tab.
5. Scroll down until you see the Show all files radio button and select it.
6. Press the OK button and shutdown My Computer.
7. Now your computer is configured to show all hidden files.

Windows 2000

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

Windows XP and Windows 2003

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

To enable the viewing of Hidden files follow these steps:

1. Close all programs so that you are at your desktop.

If you are in the Classic View do the following:

1. Double-click on the Folder Options icon.

2. Click on the View tab.
3. Go to step 5.

If you are in the Control Panel Home view do the following:

1. Click on the Appearance and Personalization link .

2. Click on Show Hidden Files or Folders.
3. Go to step 5.

Windows 7

To enable the viewing of Hidden files follow these steps. Please note a guide with images that shows the same steps can be found
here:

How to show hidden files in Windows 7

1. Close all programs so that you are at your desktop.
2. Click on the Start button. This is the small round button with the Windows flag in the lower left corner.
3. Click on the Control Panel menu option.
4. When the control panel opens click on the Appearance and Personalization link.
5. Under the Folder Options category, click on Show Hidden Files or Folders.
6. Under the Hidden files and folders section select the radio button labeled Show hidden files, folders, or drives.
7. Remove the checkmark from the checkbox labeled Hide extensions for known file types.
8. Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
9. Press the Apply button and then the OK button..
10. Now Windows 7 is configured to show all hidden files.

Windows 8

To enable the viewing of Hidden files follow these steps. Please note a guide with images that shows the same steps can be found
here:
How to see hidden files in Windows 8
1. From the Windows 8 Start Screen, click on the Control Panel app.
2. When the Control Panel opens scroll down to the bottom and click on the More Settings option.
3. The traditional Windows 8 Control Panel will now open. When it is open, click on the Appearance and
Personalizationlink.
4. Under the Folder Options category, click on Show Hidden Files or Folders.
5. Under the Hidden files and folders section select the radio button labeled Show hidden files, folders, or drives.
6. Remove the checkmark from the checkbox labeled Hide extensions for known file types.
7. Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
8. Press the Apply button and then the OK button..
9. Now Windows 8 is configured to show all hidden files.

Conclusion

If you have any questions please feel free to post them in our computer help forums.

--
Lawrence Abrams
Bleeping Computer Windows Basic Concept Tutorials
BleepingComputer.com: Computer Support & Tutorials for the beginning computer user.

How to show hidden files in Windows 7

Lawrence Abrams
 February 1, 2009

 12:35 PM

 Read 3,037,287 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Windows 7 hides certain files so that they are not able to be seen when you exploring the files on your computer. The files it hides are
typically Windows 7 System files that if tampered with could cause problems with the proper operation of the computer. It is possible,
though, for a user or piece of software to set make a file hidden by enabling the hidden attribute in a particular file or folder's
properties. Due to this it can be beneficial at times to be able to see any hidden files that may be on your computer. This tutorial will
explain how to show all hidden files in Windows 7.

To enable the viewing of hidden and protected system files in Windows 7 please follow these steps:
1. Close all programs so that you are at your desktop.

2. Click on the Start button. This is the small round button ( ) in the lower left corner of
your screen that has a Windows flag on it.

3. Click on the Control Panel menu option.

4. When the control panel opens you will see a screen similar to Figure 1 below.

Figure 1. Windows 7 Control Panel

5.
6. Click on the Appearance and Personalization link.

7. You will now be in the Appearance and Personalization control panel as shown in Figure 2 below.

Figure 2. Windows 7 Appearance and Personalization screen

Now click on the Show hidden files and folders option as shown by the red arrow in Figure 2 above.

9. Under the Hidden files and folders section select the radio button labeled Show hidden files, folders, and drives.

10. Remove the checkmark from the checkbox labeled Hide extensions for known file types.

11. Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).

Once this is done, your Folder Options screen should look similar to the following image.
Figure 3. Folder Options screen

12.

13. Press the Apply button and then the OK button.

You will now be at your desktop and Windows 7 will be configured to show all hidden files.

If you have any questions about this tutorial please feel free to post them in our Windows 7 forums.

Users who read this also read:




HOW TO SEE HIDDEN FILES IN WINDOWS


By default Windows hides certain files from being seen with Windows Explorer or My Computer. This is done to protect
these files, which are usually system files, from accidentally being modified or deleted by the user. Unfortunately viruses,
spyware, and hijackers often hide there files in this way making it hard to find them and then delete them.




HOW TO SEE HIDDEN FILES IN WINDOWS 8



Windows 8 hides certain files so that you are not able to view them while exploring the files and folders on your computer.
Windows has two types of files that Windows will classify as hidden and hide from the user. The first type are actually
hidden files, which are ones that are given the +H attribute or specified as Hidden in a file or folder's properties. The
second type of file are System ...




HOW TO CREATE A NEW USER ACCOUNT IN WINDOWS 7 AND WINDOWS VISTA



Windows 7 allows you to have multiple users sharing the same computer under their own individual accounts. This allows
each individual user to have their own location on the computer where they can store their personal documents, pictures,
videos, saved games, and other personal data. This also allows the owner of the computer to assign certain accounts the
ability to perform administrative tasks ...




HOW TO SEE HIDDEN FILES IN WINDOWS VISTA



Windows Vista has made it a little harder to find the Folder Options settings than it had in previous versions. The easiest
way is to use the Folder Options control panel to modify how folders, and the files in them, are displayed. You can still
show the Folder Options menu item while browsing a folder, but you will need to hold the ALT key for a few seconds and
then let go to see this menu.

HOW TO REMOVE A TROJAN, VIRUS, WORM, OR OTHER MALWARE



Introduction to the Windows Command Prompt

Lawrence Abrams
 July 10, 2004
 10:19 PM

 Read 1,230,137 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

1. Introduction
2. Using the Command Prompt or Dos Window
3. Useful commands
4. Redirectors
5. Batch Files
6. Console Programs
7. Conclusion

Introduction

Before Windows was created, the most common operating system that ran on IBM PC compatibles was DOS. DOS stands for Disk
Operating System and was what you would use if you had started your computer much like you do today with Windows. The
difference was that DOS was not a graphical operating system but rather purely textual. That meant in order to run programs or
manipulate the operating system you had to manually type in commands. When Windows was first created it was actually a graphical
user interface that was created in order to make using the DOS operating system easier for a novice user. As time went on and newer
versions of Windows were developed DOS was finally phased out with Windows ME. Though the newer operating systems do not run
on DOS, they do have something called the command prompt, which has a similar appearance to DOS. In this tutorial we will cover
the basic commands and usage of the command prompt so that you feel comfortable in using this resource.

Using the Command Prompt or Dos Window

When people refer to the command prompt they may we refer to it in different ways. They may refer to it as a shell, console window, a
command prompt, a cmd prompt, or even dos. In order to enter the command prompt you need to run a program that is dependent on
your operating system. Below we list the programs that you need to run to enter a command prompt based on the version of Windows
you are running.

Operating
Command Notes
System
Windows
This program when run will open up a command
3.1,.3.11, 95, command.com
prompt window providing a DOS shell.
98, ME
Windows NT, This program will provide the native command
cmd.exe
2000, XP, 2003 prompt. What we call the command prompt.
This program will open up a emulated DOS
Windows NT,
command.comshell for backwards compatibility. Only use
2000, XP, 2003
if you must.
To run these programs and start a command prompt you would do the following steps:

Step 1: Click on the Start Menu

Step 2: Click on the Run option

Step 3: Type the appropriate command in the Open: field. For example if we are using Windows XP we would type cmd.exe.

Step 4: Click on the OK button

After following these steps you will be presented with a window that look similar to Figure 1 below.

Figure 1. Windows Command Prompt

The command prompt is simply a window that by default displays the current directory, or in windows term a folder, that you are in
and has a blinking cursor ready for you to type your commands. For example in Figure 1 above you can see that it says C:\
WINDOWS>. The C:\WINDOWS> is the prompt and it tells me that I am currently in the c:\windows directory. If I was in the
directory c:\program files\directory the prompt would instead look like this: C:\PROGRAM FILES\DIRECTORY>.

To use the command prompt you would type in the commands and instructions you want and then press enter. In the next section we
will discuss some useful commands and how to see all available built in commands for the command prompt.

Useful commands

The command.com or cmd.exe programs have built in commands that are very useful. Below I have outlined some of the more
important commands and further instruction on how to find information on all the available commands.
The Help command - This command will list all the commands built into the command prompt. If you would like further information
about a particular command you can type help commandname. For example help cd will give you more detailed information on a
command. For all commands you can also type the command name followed by a /? to see help on the command. For example, cd /?

The Exit command - This command will close the command prompt. Simply type exit and press enter and the command prompt will
close.

The CD command - This command allows you to change your current directory or see what directory you are currently in. To use the
CD command you would type cd directoryname and press enter. This would then change the directory you are currently in to the one
specified. When using the cd command you must remember how paths work in Windows. A path to a file is always the root directory,
which is symbolized by the \ symbol, followed by the directories underneath it. For example the file notepad.exe which is located in
c:\windows\system32 would have a path as follows \windows\system32\notepad.exe. If you want to change to a directory that is
currently in your current directory you do not need the full path, but can just type cd directoryname and press enter. For example if
you are in a directory called c:\test, and there were three directories in that the test directory called A, B, and C, you could just type cd
a and press enter. You would then be in the c:\test\a. If on the other hand you wanted to change your directory to the c:\windows\
system32 directory, you would have to type cd \windows\system and press enter.

The DIR command - This command will list the files and directories contained in your current directory, if used without an argument,
or the directory you specify as an argument. To use the command you would just type dir and press enter and you will see a listing of
the current files in the directory you are in, including information about their file sizes, date and time they were last written to. The
command will also show how much space the files in the directory are using and the total amount of free disk space available on the
current hard drive. If I typed dir \test I would see the contents of the c:\test directory as shown in Figure 2 below.

Figure 2. DIR of c:\test

If you examine the screen above you will see a listing of the directory. The first 2 columns are the date and time of the last write to
that file. Followed by whether or not the particular entry is a directory or a file, then the size of the file, and finally the name of the
file. You may have noticed that there are two directories named . and .., which have special meaning in operating systems. The . stands
for the current directory and the .. stands for the previous directory in the path. In the example above, .. stands for c:\windows.

Also note for many commands you can use the * symbol which stands for wildcard. With this in mind, typing dir *.txt will only list
those files that end with .txt.

The Copy command - This command allows you to copy files from one location to another. To use this command you would type
copy filetocopy copiedfile. For example if you have the file c:\test\test.txt and would like to copy it to c:\windows\test.txt you would
type
copy c:\test\test.txt c:\windows\test.txt and press enter. If the copy is successful it will tell you so and give you back the prompt. If
you are copying within the same directory you do not have to use the path. Here are some examples and what they would do:

copy
Copies the test.txt file to a new file called test.bak in
test.txt
the same directory
test.bak
copy
test.txt \ Copies the test.txt file to the \windows directory.
windows
copy * \ Copies all the files in the current directory to the \
windows windows directory.
The Move command - This command allows you to move a file from one location to another. Examples are below:

move
Moves the test.txt file to a new file renaming it to
test.txt
test.bak in the same directory.
test.bak
move
test.txt \ Moves the test.txt file to the \windows directory.
windows
move * \ Moves all the files in the current directory to the \
windows windows directory.
At this point you should use the help command to learn about the other available commands.

Redirectors

Redirectors are an important part to using the command prompt as they allow you to manipulate how the output or input of a program
is displayed or used. Redirectors are used by appending them to the end of a command followed by what you are redirecting to. For
example: dir > dir.txt. There are four redirectors that are used in a command prompt and they are discussed below:

This redirector will take the output of a program and store it in a

file. If the file exists, it will be overwritten. If it does not
exist it will create a new file. For example the command dir >
>
dir.txt will take the output of the dir command and place it in the
dir.txt file. If dir.txt exists, it will overwrite it, otherwise it
will create it.
>> This redirector will take the output of a program and store it in a
file. If the file exists, the data will be appended to the current
data in the file rather than overwriting it. If it does not exist it
will create a new file. For example the commanddir >> dir.txt will
take the output of the dir command and appends it to the existing
data in the dir.txt file if the file exists. If dir.txt does not
exist, it will create the file first.
This redirector will take the input for a program from a specified
file. For example the date command expects input from a user. So if
<
we had the command date < date.txt, it would take the input for the
date program from the information contained in the date.txt file.
This redirector is called a pipe. It will take the output of a
program and pipe it into another program. For example dir |
|
sort would take the output of the dir command and use it as input to
the sort command.

Batch Files

Batch files are files that have an extension ending in .bat. They are simply scripts that contain command prompt commands that will
be executed in the order they are listed. To create a batch file, just make a file that ends in .bat, such as test.bat, and inside the file have
the commands you would like. Each command should be on its own line and in the order you would like them to execute.

Below is example batch file. It has no real use but will give you an example of how a batch files works. This test batch file contains
the following lines of text:

cd
cd \test
dir
cd \

If I was to run the test.bat file I created I would have output that looks like the following:
Figure 3: Example of a batch file running.

As you can see from the figure above, my batch file executed each command in my batch file in the sequence they were written in the
batch file.

Console Programs

If a program is created for express purpose of running within a command prompt, or console window, that program is called a console
program. These are programs that are not graphical and can only be run properly from within a command prompt window.

Below is a list of sites that contain console programs that may be useful to you:

http://unxutils.sourceforge.net/

There are many more sites that have tools available. Just do a Google search on windows console programs.

Conclusion

The command prompt can be a very powerful and versatile tool for a computer user. Hopefully this brief introduction into the
command prompt will enable you to use your computer more efficiently. If you have any questions on how to use the command
prompt, please do not hesitate to ask us in the computer help forums.

--
Lawrence Abrams
Bleeping Computer Microsoft Basic Concepts Tutorial
BleepingComputer.com: Computer Support & Tutorials for the beginning computer user.
How to connect an iPad to a Wireless or Wi-Fi network
Lawrence Abrams
 April 6, 2010

 08:15 PM

 Read 1,065,869 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

1. Introduction
2. How to connect to a Wi-Fi or Wireless Network
3. How to connect to a Wi-Fi or Wireless network that is not broadcasting its name or SSID
4. How to configure your iPad Wi-Fi connection to use a static IP address
5. How to configure your iPad to use a Proxy Server
6. Deleting a Wi-Fi connection profile so the iPad wont automatically join it
7. Troubleshooting
8. Conclusion

Introduction

The iPad is ultimately a device create to allow you consume content in an easy and portable manner. As there is no better location for
consumable content than the Internet, being able to connect to a Wi-Fi network so you can access the Internet is a necessity. This
guide will walk you through all of the steps required to connect to a Wi-Fi network using your iPad. We have also outlined steps that
will allow you to access almost all types of Wi-Fi networks as well as using proxy servers if your particular scenario requires it.

How to connect to a Wi-Fi or Wireless Network

This section will explain how to connect to a Wi-Fi or Wireless network that is broadcasting its name or SSID. For most public, and
many private, Wi-Fi networks the name, or SSID, of the network is broadcast so that anyone who tries to connect to it will be able to
do so. This guide will walk you through the steps of connecting to a Wi-Fi network that is broadcasting its name. If you wish to
connect to a wireless network that is not broadcasting its name, then please see the steps here.

Start the iPad

2.
3. Tap on the Settings app. The Settings icon looks like the following:
Settings Icon

Once in the settings application, you will be at the General Settings screen as shown below.

General Settings screen

6. Tap on the Wi-Fi category to get to the screen where you will connect to a wireless network as shown below.
Choose an available wireless network screen

7.
When you reach this screen, the iPad will start searching for Wi-Fi networks that are in range and that are broadcasting
their names. As it discovers available networks it will list them under the Choose a Network... label. Please note that it
may take some time for the iPad to see all of the available networks, so please be patient while it searches. You can tell that
it is searching as there will be an animated symbol next to the Choose a Network... label while it is searching. If it does
not find anything, it will pause for about a minute and then attempt to search again.

When you see the Wi-Fi network that you would like to connect to, simply tap on it to attempt to join it. If it has a lock next
to the name, then it will require you to enter a wireless encryption password in order to connect to it as discussed in the
next step.

8. Once you Tap on a network name, it will try to connect to it. If the network is not using encryption, then you can just skip
to this step. If the network is using wireless encryption, though, you will be presented with a screen asking you to enter the
wireless encryption password as shown below.
Enter wireless security password screen

In the password field, enter the wireless encryption password that is required to join this network. This password was
originally set on your wireless router, and if you do not remember this password anymore, you can logon to the router and
change the password to a new one. Please note that if you change the password on the router, then any other devices that
connect to this device wirelessly will also need to have their settings changed to use the new password.

10. The iPad will now attempt to connect to the network, and when finished, will display the Wi-Fi settings screen again, but
this time with the joined network listed and with a checkmark next to it as shown below.
Screen showing the iPad connected to a wireless network

11.

This checkmark designates that your iPad is connected to the network. You can also see that your iPad is connected to a
wireless network as in the upper left-hand corner you will see the word iPad with the Wi-Fi symbol ( )next to
it. You can now go back to your home screen and use any apps that require Wi-Fi connectivity.

How to connect to a Wi-Fi or Wireless network that is not broadcasting its name or SSID

There are many networks that do not advertise their network name, or SSID, for extra security. Due to this, the only way for an iPad to
connect to these types of networks is to manually enter the network information that is required to make a connection. This section
will explain how to manually connect your iPad to a wireless network.

In order to accomplish this please follow these steps:

Start the iPad

2.
3. Tap on the Settings app. The app icon looks like the following:

Settings Icon

Once in the settings application, you will be at the General Settings screen as shown below.

General Settings screen

6. Tap on the Wi-Fi category to get to the screen where you will connect to a wireless network as shown below.
Wi-Fi Settings screen

8. Determine the correct Name, or SSID, that you will be connecting to and Tap on the Other... button. You will now be at the
Other Network screen where the iPad will ask you to enter the settings required to connect to the network.
Enter SSID screen

In the Name field, enter the network name or SSID.

10. Then tap on the Security button and you will be at the screen show below.
Select Security Encryption Type screen

11.
At this screen you need to select the wireless encryption that the network that network you wish to connect to is using. It is
important that you select the correct encryption type, as if you do not, you will not be able to connect to the wireless
network. After selecting the encryption type, tap on the Other Network button.

12. You will now be back at the Other Network screen where the iPad is now prompting you to enter the password as shown
below.
Enter Security Encryption Password screen

13.
In the password field, please enter the password that is required to connect to the Wi-Fi network. This password was
originally set on your wireless router, and if you do not remember this password, you can logon to the router and change
the password to a new one. Please note that if you change the password on the router, then any other devices that connect to
this device wirelessly will also need to have their settings changed to use the new password.

14. Once you have entered in all the required information, tap the Join button on the iPad keyboard. The iPad will attempt to
connect to the network, and when finished, will display the Wi-Fi settings screen again, but this time with the joined
network listed and with a checkmark next to it as shown below.
Screen showing the iPad connected to a wireless network

15.

This checkmark designates that your iPad is connected to the network. You can also see that your iPad is connected to a
wireless network as in the upper left-hand corner you will see the word iPad with the Wi-Fi symbol ( ) next to
it. You can now go back to your home screen and use any apps that require Wi-Fi connectivity.

How to configure your iPad Wi-Fi connection to use a static IP address

If the wireless network you are connecting to does not use DHCP to assign IP addresses to wireless devices, then you will need to
configure your iPad with static IP addresses and other information in order to connect to the Internet or a network. To do this first find
out the info, such as the static IP address, IP subnet mask, DNS servers, and router IP address, and proceed with the following steps.
Please note, you must first create the wireless profile that you will be assigning static information to.

Start the iPad

2.
3. Tap on the Settings app. When the Settings app loads, you will be at the General Settings category.

4. Tap on the Wi-Fi settings category and you will be at a screen as shown below.

Screen showing the iPad connected to a wireless network

5.
You should now tap on the to access the specific settings of the wireless connection.

6. You will now be at the Wi-Fi network settings screen for the connected network.
Wireless settings for a Wi-Fi network

7.
8. Now tap the Static button to enter the static settings screen as shown below.
Screen showing the iPad connected to a wireless network

9.
In this screen you can enter the IP address, IP subnet mask, router IP address, DNS server, and search domains as
necessary. At a minimum you must enter information in the IP Address, Subnet Mask, Router, and DNS fields for the
iPad to be able to properly work on the wireless network. If you do not know this information, you should ask the router
owner or administrator.

When you are done entering the information, tap on the Wi-Fi Networks button and then go back to your Home screen to
start using the iPad with these new settings.

How to configure your iPad to use a Proxy Server

Some networks require you to use a proxy server to access the Internet. A proxy server is another computer or device that acts as an
intermediary between you and the Internet by relaying your requests to a server and the servers responses back to you. Unfortunately,
this type of setup requires you to specify certain settings in order for you to use the Internet properly. This section will provide
information on how to configure your iPad to use a proxy server.

1.
Start the iPad

2.
3. Tap on the Settings app. When the Settings app loads, you will be at the General Settings category.

4. Tap on the Wi-Fi settings category and you will be at a screen as shown below.

Screen showing the iPad connected to a wireless network

5.
You should now tap on the to access the specific settings of the wireless connection.

6. You will now be at the Wi-Fi network settings screen for the connected network.
Wireless settings for a Wi-Fi network

At the bottom you will find three proxy server options that you can choose from. The first option is Off, which is the
default option and means that the iPad will not use a Proxy Server. The second setting is Manual, which means that you
will enter the specific information about proxy server in the specified fields. The last option is Auto, which allows you to
enter a URL that contains the configuration information as to what proxy settings the iPad should use.

8. If you need to specify manual settings, then simply tap on the Manual button and fill in the appropriate fields as shown
below.
Screen showing the iPad connected to a wireless network

9.
If your proxy server requires you to login to it before it allows you to use it, make sure you slide Authentication to ONand
input your login credentials.
If you have a configuration URL that contains your proxy settings, then simply tap on the Auto button and you will see a
screen similar to below.

Screen showing the iPad connected to a wireless network

10.
Simply fill in the URL field with the proxy autoconfiguration URL.
11. When you are done setting up your proxy server, tap on the Wi-Fi Networks button and then go back to your Home screen
to start using the iPad with these new settings.

Deleting a Wi-Fi connection profile so the iPad wont automatically join it

At times you may find the need to delete a Wi-Fi connection profile that has previously been configured on your iPad. Whether this is
because the profile belongs to a hotel that you are no longer staying at or you have changed your wireless password and need to re-
enter it, this section will explain how to delete the profile from your iPad.

Start the iPad

2.
3. Tap on the Settings app. When the Settings app loads, you will be at the General Settings category.

4. Tap on the Wi-Fi settings category and you will be at a screen as shown below.
Screen showing the iPad connected to a wireless network

5.
You should now tap on the next to the Wi-Fi profile that you wish to delete.

6. You will now be at the Wi-Fi network settings screen for the connected network.
Wireless settings for a Wi-Fi network

7.
8. Tap on the Forget this Network button.

9. When the iPad asks you to confirm that you wish to forget the network, tap on the Forget button.

You will no longer automatically connect to this network. Do not be concerned, though, if you go back to the Wi-Fi settings and still
see the network you just specified should be forgotten. Once you power off the iPad, and start it again, the network will no longer be
listed.
Troubleshooting

When working with computers and networking problems invariably happen. This section will offer steps that can be tried to resolve
Wi-Fi connectivity issues with your iPad.

What to do if your iPad can't access a visible network:

The first step is to make sure that the wireless connection does not require a password. You can determine this by seeing if there is a
lock symbol next to the wireless network name. If there is, then make sure you know the correct password to the network before
attempting to join it. If that still does not resolve your issue, try moving closer to the wireless router and seeing if you are able to
connect then.

What to do if you cannot access a network that is not broadcasting its network name or SSID:

Diagnosing connections to Wi-Fi networks that are not broadcasting their name or SSID can be difficult. The first suggestion, if the
wireless router is under your control, is to allow the router to broadcast the name. If you can then connect, then you may have entered
the name incorrectly, selected the wrong wireless encryption type, or entered the wrong wireless encryption password. You should
then confirm these settings by looking at the configuration of the router, and if necessary, changing those settings to new ones. Then
try connecting again.

What to do if you cannot access the Internet when connected to a wireless network:

If it shows that you are connected to a network, but you still cannot access the network, you should first make sure that your Internet
connection is actually working. Test the connection from another computer and device to confirm that it is working. If it is working,
go into the Wi-Fi settings for this particular connection on the iPad and under the DHCP settings, make sure that you have an assigned
IP Address, Subnet Mask, Router, and DNS. If you do not have these fields populated, then tap on the Renew Lease button, and then
tap on the Renew button when it asks if you with to continue. This will make the iPad request new connection settings. Once that is
done, if you now have settings in the DHCP fields, try connecting to the Internet again.

If this still does not work, then you may want to confirm that you do not need to enter a static networking configuration into the iPad.
To determine this, you should ask the owner or administrator of the wireless router.

Last, but not least, if the iPad shows its connected, but cannot access the internet, it could be because you entered the wrong wireless
encryption password or it was changed after you initially created the Wi-Fi profile. To test this, simply Forget the network profile and
try recreating it and entering the password again.

How to fix slow iPad Wi-Fi speeds or low quality wireless connections:

Unfortunately there have been a lot of reports that the iPad wireless range and sensitivity is not as good as it could, or should, be. That
means that Wi-Fi connections that work fine with other devices or computers may not work as well with the iPad. To determine the
quality of your Wi-Fi connection, you can look in the upper left-hand corner of the device. The three quality levels are shown from
best to worst as , with the lower the level being the worst connection speed.

Unless Apple releases an update, or a software hack is released to increase the power of the antenna, we will need to use other
methods to make the Wi-Fi connection quality better. To do this you can first try and use the iPad closer to the wireless router to
increase your connection quality. This, though, is a ridiculous thing to have to do considering how much you spent on the iPad.
Another option is to purchase a wireless extender that can extend the range of your wireless device so it is strong throughout your
entire house or apartment. Popular extenders are the Linksys WRE54G Wireless-G Extender, Belkin Wireless G Universal Range
Extender, or the Netgear WGXB102 Range Extender. When you add an extender to your wireless network, it will increase the range
of your wireless router so that you can connect to your network in locations that previously you could not.
Conclusion

As you can see there are many Wi-Fi configuration options available to suit your specific needs. By knowing how to connect to a
wireless network you can now connect to the Internet from locations such as a public Wi-Fi hotspot, a friends house, or a hotel. No
matter what the specific requirement of your location, hopefully the information in this guide has shown you how to work around
them. If you have any questions with the information here,s or need some help with the steps, please do not hesitate to ask in our iPad
forum.

How to partition and format a hard disk in Windows

Lawrence Abrams
 November 18, 2005

 06:15 PM

 Read 549,447 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table Of Contents

Introduction

2.
3. Creating and formatting a partition in Windows
4. Deleting a partition in Windows

Introduction

In order to use a hard drive, or a portion of a hard drive, in Windows you need to first partition it and then format it. This process will
then assign a drive letter to the partition allowing you to access it in order to use it to store and retrieve data.

If you would like more information on partitions you can read this tutorial:

Understanding Hard Disk Partitions

For this tutorial, my examples will be done from within Windows XP. These techniques will work, though, with Windows 2000, 2003,
and the upcoming Vista.

Creating and formatting a partition in Windows

Before you can partition a hard drive in Windows, you must have installed a new unused hard disk, deleted an existing partition, or
have some unpartitioned space available on an existing drive. In the example in this tutorial I will take the unused space from one of
my hard drives and partition/format it. The steps shown here will work whether you are working with a brand new hard drive, deleting
an existing partition and reusing it, or partitioning available space on an existing hard drive.
All hard disk management is done in the Disk Management Administrative Tool. Follow these steps to open this tool:

1. If you are using Windows 8, type Disk Management at the start screen, click
on Settings, and then click on the Create and format hard disk
partitions option. Then skip to step 3. Otherwise, click on the Start button
and select the Control Panel option.

2. If in Classic control panel mode, double-click on the Administrative Tools icon and then double-click on Computer
Management icon.

If your control panel is in the Category view, click on Performance and Maintenance, then click on Administrative Tools, and
finally double-click on the Computer Management icon.

3. When the Computer Management screen opens, click on the Disk Management option under the Storagecategory. This will
present you with a screen similar to the one below.

The Disk Management Screen

When you are in the disk management tool you will see a listing of your current hard drives and how they are partitioned. From the
image above you can see that I have two hard disks installed. The first disk, Disc 0, has two partitions. One partition is a 24 GB NTFS
partition that has been assigned the drive letter C:. The other partition on that drive is a 87 GB NTFS partition that has been assigned
the drive letter E:. The other drive, has only one partition, the D: partition. The rest of the space, 26 GB, shows that it is unallocated
and therefore can be used to make other partitions.

To make a partition from the unused space you would do the following.

1. Right click on the space listed as unallocated.

2. At the menu that comes up, click on the New Partition option.

3. You will now be presented with a wizard as to how you would like the partition to be created. At the first screen press Next.

4. At the following screen, determine if you need a primary or extended partition. For more information about these partitions you can
read our partition tutorial listed above. Most people will be fine selecting Primary Partition. SelectPrimary Partition and
press Next.

5. At the next screen you will be prompted to type in how much of the unallocated space you would like used for the new partition. In
my example, my unallocated space is 26.43 GB, so I can choose to make a partition of that entire amount of only use half and save the
rest for another partition. Regardless, of what you decide, you need to enter a size in the Partition size in MB: field, or stick with the
default size, and press the Next button.

6. At the next screen select the drive letter you would like assigned to it, or use the default one given. When done, press
the Next button. The drive letter that you assign here will be how you access the partition later.

7. In this step you will determine how you would like the new partition to be formatted. For the most part you are advised to use
the NTFS file system. If you need a file system that can be readable by older operating systems like DOS, Windows 95, Windows 98,
or Windows ME, then you should instead choose the FAT32 file system.

8. Type a name in the Volume Label field that will be associated with this partition or leave it blank.

9. Finally press the Next button and you will come to a summary screen. Review how the partition will be created, and if you are
satisfied, press the Finish button to complete the creation and formatting of your new hard disk partition.

When the computer finishes creating and formatting the new partition you will be presented with the Disk Management screen again
and will see that you have a new partition and drive letter on your computer. Now you can use that drive to start storing your data.

Deleting a partition in Windows

If you have existing partitions on your computer that you would like to delete in order to use its space for other purposes, then you
first need to delete this partition. It is important to note that by deleting a partition you will lose all your data on that
partition. With that warning given, let me give some examples of why you would want to delete a partition. Lets say that you have a
60 GB hard drive in your computer that was originally partitioned into a 20 GB partition and a 40 GB partition. You would like to
install another operating system on your computer, but feel that neither partition is big enough on its own, and would like to instead
create one partition using the full storage of 60 GB. The only way to do that would be to delete both of the existing partitions and
recreate a new one using all the available space.

To delete a partition please follow these steps:

1. Click on the Start button and select the Control Panel option.

2. If in Classic control panel mode, double-click on the Administrative Tools icon and then double-click on Computer
Management icon.

If your control panel is in the Category view, click on Performance and Maintenance, then click on Administrative Tools, and
finally double-click on the Computer Management icon.

3. When the Computer Management screen opens, click on the Disk Management option under the Storagecategory.

4. Right-click on the partition you would like to delete and choose the Delete Partition option.
5. A confirmation box will come up asking if you are sure you would like to continue. If you press the yes button, all data on this
partition will be deleted. If you are sure about deleting this partition, press the Yes button.

The partition will now be deleted and you can either create a new partition or exit the program.

--
Lawrence Abrams
Bleeping Computer: Hardware Tutorial
BleepingComputer.com: Computer Help & Tutorials for the beginning computer user .

ow to use the Windows 7 System Recovery Environment

Command Prompt
Lawrence Abrams
 April 1, 2010

 04:23 PM

 Read 526,701 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

The Windows 7 System Recovery Command Prompt is a text-based console that allow you to perform maintenance and recovery tasks
on your computer by typing the commands that you would like to execute. These commands allow you to perform a wide variety of
tasks such as replace infected files, delete infections, repair boot up configurations for your hard drive, resize hard drive partitions, as
well as many other tasks. Like the Windows Vista Recovery Command Prompt, the Windows 7 version also allows you to run
graphical programs such as Notepad, Regedit, and possibly some anti-malware programs. This is a huge advantage as you now have a
much larger variety of tools at your disposal to repair your computer.

In order to access the Windows 7 System Recovery Command Prompt you first need to boot your computer off of the Windows 7
DVD by inserting it into your DVD player and turning your computer on. Your computer will start and you should see the BIOS
listing the hardware on your computer as well as other information. When that information has been cleared, your computer will see
that a bootable DVD is inserted and present a prompt similar to Figure 1 below. If your computer does not boot off of the DVD, and
instead boots directly into Windows 7, then you can read this guide on how to configure your bios to boot from a CD or DVD.
Figure 1. Boot the computer from the Windows 7 DVD

As you want to boot the computer from the Windows 7 DVD, you need to press a key on your keyboard, and any key will do, when
you see the above prompt. It is possible that the DVD that came with your computer does not allow you to boot off from it. If this is
the case, then your computer manufacturer most likely installed the Windows Recovery Environment directly on to a small partition
on your hard drive. To access this partition, you would slowly tap the F8 key on your keyboard after the BIOS information clears from
your screen until you see the Windows startup menu. From this menu use your arrow keys to select the option for the Windows
System Recovery and press the Enter key on your keyboard. You should now see a black screen with a white status bar at the bottom
stating Windows is loading files.... After a while, the status bar will turn completely white and you will see a screen stating that
Windows is loading. The Windows 7 Setup environment will continue to load and when finished you will be presented with a screen
similar to Figure 2.
Figure 2. Configure language and location options in Windows 7 Setup

At this screen you should configure the Language to install, Time and currency format, and Keyboard or input methodoptions so
that they are set correctly for your location and language. When done, please press the Next button. You will now be at the main
Windows 7 setup screen where you would normally install Windows 7 on to your computer.
Figure 3. Windows 7 Install Windows screen

You should now click on the Repair your computer option, which will bring you to a new screen where the repair process will look
for all Windows 7 installations on your computer. When done you will be presented with the System Recovery Optionsdialog box as
shown in Figure 4 below.
Figure 4. System Recovery Options

Select the Windows 7 installation you would like to repair. If there are drivers that you need to load in order for Windows 7 to
recognize your hard drives, click on the Load Drivers button and load the files that are needed. When ready, press the Nextbutton to
continue.

The automatic Startup Repair screen will now start and attempt to fix any issues that it detects that could cause your computer to not
boot properly. This process may take some time, so please be patient while it runs. At one point, if it does not find anything, it will
prompt you to perform a System Restore as shown in the image below.
Figure 5. System Restore Prompt

At this prompt press the Cancel button to continue with the automatic Startup Repair process. When the repair process has finished it
will state that it cannot fix the problem and ask if you would like to submit the information to Microsoft as shown below. You should
press the Don't Send button, which will then cause a screen to be shown stating that Startup Repair could not fix the problems
automatically.
Figure 6. Startup Repair has finished

At this screen click on the menu item labeled View advanced options for system recovery and support. This will bring you to a
screen, as shown below, where you can see a list of recovery options that are available.
Figure 7. Choose a recovery tool

At this screen you should click on the Command Prompt option. Once you click on that option, the Command Prompt will open as
shown in Figure 8 below.
Figure 8. Command Prompt in the Windows Recovery Environment

If you are unfamiliar with the Windows 7 Command Prompt, the first thing you may notice is that there is no graphical user interface,
but instead there is a prompt where you will need to type in all of your commands. Though this may appear daunting, once you learn
the commands to type in, you will find that the command prompt is a powerful tool for accessing files, repairing Windows, or
removing malware. If you would like to learn more about the command prompt and the various commands that you can use, then
please read the Introduction to the Windows Command Prompt tutorial.

It should be noted that when you boot into the Windows 7 Recovery Environment the drive letter for your Windows installation may
not be the same. For example, if your Windows installation is normall on the C: drive, it may not be located at the D: drive. To
determine what drive letter your Windows installation is located on, you can type this command press enter:

bcdedit | find "osdevice"

This command will display output similar to : os device partition=D:. The drive letter after partition= is the drive that your Windows
installation is located. To change to that drive letter you can then type D:, or whatever other drive letter it shows, and press Enter on
your keyboard.

Using the command prompt is quite simple. Simply type in the command you wish to perform and then press Enter on your keyboard.
If you have entered the command properly then it will be executed and the output from the command will be displayed directly within
the command prompt. A powerful feature of the System Recovery Console Command Prompt is that not only can you run run console
programs, but you can also run certain Windows programs such as Notepad or an antivirus program. Unfortunately, not all Windows
programs will be able to run in this environment, so you will need to test them to determine which ones will operate correctly.

To help get you started with using the Command Prompt I have listed a series of console commands that work in this environment. To
get help information for each of these programs you can type the program name followed by /h and press the enter key. For example,
to see the help information for the copy command you would type copy /h and then press theenter key. As more programs and
commands are found they will be added to the lists below. Each of the console commands must be typed into the console in order to
execute them.

Console
Description
Command
attrib Change permissions on files.
You can use the Bootrec.exe tool in the Windows
Recovery Environment (Windows RE) to troubleshoot
Bootrec
and repair the master boot record (MBR), boot
sector,and Boot Configuration Data (BCD) store
Displays and allows you to change how Windows boots
bcdedit up. This command is useful for people who are
having trouble with the Windows Boot Manager
cd Changes the current directory
Checks a hard disk for errors and attempts to
chkdsk
repair them.
copy Copy a file from one location to another.
del Deletes a file
Lists the files and folders in the current
dir
directory
Load the Windows disk management program. From this
program you can create, delete, shrink, and expand
diskpart
your existing partitions as well as get information
about partitions and hard drives
Change file and folder permissions and display or
icacls
modify access control lists (ACLs)
mkdir Creates a new folder
more Displays the content of a file one page at a time
move Moves a file or a folder
reg Perform Windows Registry operations.
ren Rename a file or folder
rd Remove an empty folder
type Display the contents of a file
xcopy Copy a folder or files to another location

Windows
Program Description/Notes
Name
Opens up the Windows Notepad so you can view and
edit text files. You can also use the file
Notepad.exe
browser when click the File -> Open menus to
copy, move, rename, and delete files.
Regedit.exe The Windows Registry Editor.
rstrui.exe The System Restore console where you can restore
your computer back to earlier restore points.

When you are finished using the Command Prompt you can exit it by typing exit and then pressing the Enter key on your keyboard.
The command prompt will close and you will now be back at the list of available repair tools, where you can reboot your computer.

The Windows 7 System Recovery Command Prompt is such a powerful tool because you can perform actions on your files and data
without having to be in Windows. This means that if you are infected with malware you can use the recovery environment to clean
your computer of rootkits or malware without fear of them hindering your efforts as they will not be started.

An advanced feature of the Windows 7 Recovery Command Prompt is that you can load your Windows Registry hives and then access
them using Regedit. That way if you or a program has changed a setting in your Registry that does not allow you to boot up, you can
fix it using the command prompt. An example of this would be when an antivirus program incorrectly fixes the Userinit key and thus
you are no longer able to login to Windows. To fix this you would start the Windows Recovery Environment Command Prompt and
load the hives, fix the changes, and unload them again.

This can be done using the following commands:

Type REG LOAD HKLM\TempSoft <rd>:\Windows\System32\config\software and press Enter to load the Registry hive.

Type regedit.exe and press Enter to start the Windows Registry Editor.

Browse to HKEY_LOCAL_MACHINE\TempSoft\Microsoft\Windows NT\CurrentVersion\Winlogon key within the Registry

Editor.

Double-click on the Userinit value and change the data to read <sd>:\Windows\system32\userinit.exe,

Exit the Windows Registry Editor.

Type REG UNLOAD HKLM\TempSoft and press Enter to unload the Registry hive.

Type exit and press Enter on your keyboard and then reboot your computer.

Please note that in the above commands I have specified drive letters as <rd> and <sd>. For the purposes of this guide, <rd> stands for
the drive letter of your Windows installation while in the Windows 7 Recovery Environment and should be substituted for the proper
drive letter. You can use the info here to determine this drive letter. The <sd> drive letter denotes the drive that Windows is installed
on when booted normally. For most people, this is typically the C: drive.

As you can see the Windows 7 Recovery Command Prompt is a powerful tool in fixing problems that would normally be unsolvable.
If you find other Windows programs that work within the recovery environment, please let us know about them in the forums, so we
can add them to this tutorial.

As always if you have any questions or tips on using the Windows 7 command prompt you should let us know in theWindows 7 Help
Forums.

IP Addresses Explained
Lawrence Abrams
 March 23, 2004

聽
 11:54 PM
聽

 Read 439,879 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Introduction

Every machine on the the Internet has a unique number assigned to it, called an IP address. Without a unique IP address on your
machine, you will not be able to communicate with other devices, users, and computers on the Internet. You can look at your IP
address as if it were a telephone number, each one being unique and used to identify a way to reach you and only you.

IPv4 and IPv6 Addresses

There are two flavors of IP Addresses that can be used on a network. The first, and the version that the Internet and most routers are
currently configured for, is IPv4 or Internet Protocol version 4. This version uses 32-bit addresses, which limits the amount of
addresses to 4,294,967,296 possible unique addresses. Some of these addresses, about 290 million, are also reserved for special
purposes. Due to the popular growth of the Internet there has been concern that the pool of possible addresses would be exhausted in
the near future. With this in mind, a new version of IP addresses was developed called IPv6, or Internet Protocol version 6, that would
change the address size from 32-bit address to 128-bit addresses. This change would allow for generous IP address allocations to
networks without any foreseeable problem with the amount of addresses available. In order to use IPv6 addresses, though, existing
routers and hardware would need to be upgraded or configured to use this new version of IP addresses.

As IPv4 is still the most commonly used, this tutorial will be focusing on that version of IP addresses.

The Address Itself

An IP address always consists of 4 numbers separated by periods, with the numbers having a possible range of 0 through 255. An
example of how an IP address appears is:聽 192.168.1.10

This representation of an IP address is called decimal notation and is what is generally used by humans to refer to an IP address for
readability purposes. With the ranges for each number being between 0 and 255 there are a total 4,294,967,296 possible IP addresses.

Out of these addresses there are 3 special ranged that are reserved for special purposes. The first is the 0.0.0.0 address and refers to the
default network and the 255.255.255.255 address which is called the broadcast address. These addresses are used for routing, which
will not be covered in this tutorial. The third address, 127.0.0.1, is the loopback address, and refers to your machine. Whenever you
see, 127.0.0.1, you are actually referring to your own machine. That means if you clicked on this link,聽 http://127.0.0.1, you are
actually trying to connect to your own computer, and unless you have a web server running, you will get a connection error.

There are some guidelines to to how IP address can appear, though. The four numbers must be between 0 and 255, and the IP address
of 0.0.0.0 and 255.255.255.255 are reserved, and are not considered usable IP addresses. IP addresses must be unique for each
computer connected to a network. That means that if you have two computers on your network, each must have a different IP address
to be able to communicate with each other. If by accident the same IP address is assigned to two computers, then those computers
would have what is called an "IP Conflict" and not be able to communicate with each other.

IP address classes

These IP addresses can further be broken down into classes. These classes are A, B, C, D, E and their possible ranges can be seen in
Figure 2 below.

聽
Class Start address Finish address
A 0.0.0.0 126.255.255.255
B 128.0.0.0 191.255.255.255
C 192.0.0.0 223.255.255.255
D 224.0.0.0 239.255.255.255
E 240.0.0.0 255.255.255.255
Figure 2. IP address Classes

If you look at the table you may notice something strange. The range of IP address from Class A to Class B skips the 127.0.0.0-
127.255.255.255 range. That is because this range is reserved for the special addresses called Loopback addresses that have already
been discussed above.

The rest of classes are allocated to companies and organizations based upon the amount of IP addresses that they may need. Listed
below are descriptions of the IP classes and the organizations that will typically receive that type of allocation.

Default Network: The special network 0.0.0.0 is generally used for routing.

Class A: From the table above you see that there are 126 class A networks. These networks consist of 16,777,214 possible IP
addresses that can be assigned to devices and computers. This type of allocation is generally given to very large networks such as
multi-national companies.

Loopback: This is the special 127.0.0.0 network that is reserved as a loopback to your own computer. These addresses are used for
testing and debugging of your programs or hardware.

Class B: This class consists of 16,384 individual networks, each allocation consisting of 65,534 possible IP addresses. These blocks
are generally allocated to Internet Service Providers and large networks, like a college or major hospital.

Class C: There is a total of 2,097,152 Class C networks available, with each network consisting of 255 individual IP addresses. This
type of class is generally given to small to mid-sized companies.

Class D: The IP addresses in this class are reserved for a service called Multicast.

Class E: The IP addresses in this class are reserved for experimental use.

Broadcast: This is the special network of 255.255.255.255, and is used for broadcasting messages to the entire network that your
computer resides on.

Private Addresses

There are also blocks of IP addresses that are set aside for internal private use for computers not directly connected to the Internet.
These IP addresses are not supposed to be routed through the Internet, and most service providers will block the attempt to do so.
These IP addresses are used for internal use by company or home networks that need to use TCP/IP but do not want to be directly
visible on the Internet. These IP ranges are:

Class Private Start Address Private End Address

A 10.0.0.0 10.255.255.255
B 172.16.0.0 172.31.255.255
C 192.168.0.0 192.168.255.255
If you are on a home/office private network and want to use TCP/IP, you should assign your computers/devices IP addresses from one
of these three ranges. That way your router/firewall would be the only device with a true IP address which makes your network more
secure.

Common Problems and Resolutions

The most common problem people have is by accident assigning an IP address to a device on your network that is already assigned to
another device. When this happens, the other computers will not know which device should get the information, and you can
experience erratic behavior. On most operating systems and devices, if there are two devices on the local network that have the same
IP address, it will generally give you a "IP Conflict" warning. If you see this warning, that means that the device giving the warning,
detected another device on the network using the same address.

The best solution to avoid a problem like this is to use a service called DHCP that almost all home routers provide. DHCP, or
Dynamic Host Configuration Protocol,聽 is a service that assigns addresses to devices and computers. You tell the DHCP server what
range of IP addresses you would like it to assign, and then the DHCP server takes the responsibility of assigning those IP addresses to
the various devices and keeping track so those IP addresses are assigned only once.

Conclusion

IP addresses and their function on the Internet is an important concept to understand. Hopefully with this tutorial you will have a
firmer grasp on this concept, which should help you troubleshoot problems and bring a better understanding of how the Internet
works.

--
Lawrence Abrams
Bleeping Computer Basic Internet Concepts Tutorial Series
BleepingComputer.com: Computer Support & Tutorials for the beginning computer user.

How to Shrink and Extend NTFS Volumes in Windows

Lawrence Abrams
 December 18, 2006

 11:28 PM

 Read 417,584 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

1. Introduction
2. Shrinking Windows NTFS Partitions or Volumes
3. Extending Windows NTFS Partitions or Volumes
4. Shrinking and Extending Volumes with the Windows command line
5. Conclusion

Introduction
In the past when you needed to resize a partition in Windows you had to use a 3rd party utility such as Partition Magic, Disk Director,
or open source utilities such as Gparted and Ranish Partition Manager. These 3rd party programs, though, are no longer needed when
using Windows as it has partition, or volume, resizing functionality built directly into the Windows Disk Management utility.

You may be wondering why someone would want to resize a Windows volume. One reason would be if you want to install another
operating system such as linux, but do not have enough free space to create a new partition for it. By shrinking the Windows volume,
you can free up enough space to create a new partition that can be used to dual boot into linux. Now lets say after trying linux, you
decide its not for you. Now you are left with all this leftover space that is not being used by Windows. To reuse this space, you simply
need to expand, or extend as Vista calls it, an existing Windows volume so that it uses all the available free space that was previously
being used by linux.

When resizing volumes in Windows Vista, Windows 7, and Windows 8 you must be aware of the following criteria:

 You only have the ability to shrink or expand NTFS or RAW (unformatted) partitions using Windows Vista tools.
 When you shrink a partition, unmovable files such as a page file or a shadow copy storage area are not relocated. Therefore
you cannot decrease the size of the Windows volume beyond where these types of files are located. If you need to further
shrink the volume, you will need to remove, move, or delete the page file or shadow copy storage area first, then shrink the
volume, and then add the page file or shadow copy storage area back to the drive.
 If enough bad clusters are found on the disk the partition will not be allowed to shrink.
 You must be logged into an Administrator account in order to resize Windows Volumes in Vista.

It is important to note the terms partition and volume are used interchangeably and you will see both of these terms used throughout
the tutorial. Now that we know what we can and cannot do, lets start learning how to shrink and expand, or extend, Windows Vista
volumes!

Shrinking Windows Partitions or Volumes

This section will show you have to shrink a Windows volume, or partition. In order to do this we must open the Windows Disk
Management tool. The following steps will walk you through this process.

1. Click on the Start Menu button in the lower left of your desktop and then click on the Control Panel menu option.

2. When the Control Panel opens, click on the System and Maintenance category.

3. When the System and Maintenance category opens, scroll down and click on Administrative Tools.

4. Double-click on the Computer Management icon. The Computer Management console will now be open. Towards the
bottom you will see a category called Storage and underneath that category will be the Disk Management icon as shown
below.
5.

6. Click once on the Disk Management icon and you will now be in the Disk Management utility as shown in the figure
below. From this utility you can see all the partitions on your computer and format, delete, create, expand, or resize them.
For this tutorial, I am going to resize the 16GB E: partition so that when done, it is a 8GB partition and provides another 8
GB of free space that I can use for other purposes.
7.

8. To shrink the partition, you simply need to right click on the partition you want to work with and select the Shrinkoption.
In this example, I right click on the E: partition and in the menu that comes up I select Shrink.

9. A screen similar to the one below will appear. This screen tells you the current partition's size, how much you can shrink it
by, a field where you can enter a specific amount to shrink by, and then how big the partition will be after it shrinks. By
default Windows enters the maximum amount that you can shrink the volume, but if you want to change that amount, do so
by entering the amount in MB into the Enter the amount of space to shrink in MB: field. When you are satisfied with how
Vista will shrink the partition, click on the Shrink button.
10.

11. When Windows has completed shrinking the volume, you will be back at the Disk Management screen, but now the size of
the partition will be the size you requested as shown below.

12.

Now that you reduced the size of your Windows volume, you can close the Computer Management console.
You have now finished shrinking your partition and have the extra space available to use as necessary.

Extending Windows Partitions or Volumes

This section will show you have to extend a Windows volume. In order to do this we must open the Disk Management tool where we
can resize our volumes. The following steps will walk you through this process.

1. Click on the Start Menu button in the lower left of your desktop and then click on the Control Panel menu option.

2. When the Control Panel opens, click on the System and Maintenance category.

3. When the System and Maintenance category opens, scroll down and click on Administrative Tools.

6. Click once on the Disk Management icon and you will now be in the Disk Management utility as shown in the figure
below. From this utility you can see all the partitions on your computer and format, delete, create, expand, or resize them.
For this tutorial, I am going to expand the E: partition so that it uses up the rest of the available space on Disk 1.
7.
8. To expand the partition, you simply need to right click on the partition you want to work with and select the Extendoption.
In this example, I right click on the E: partition and in the menu that comes up I select Extend.

9. A wizard screen will appear as shown below. Press the Next button to continue.
10.

11. A new screen, shown below, will appear that allows you to select the available free space on your local drives that you can
use to extend the space of the selected partition. It is important to note that Windows allows you to extend a volume using
free space on the same drive as well as other drives. I strongly suggest that you do not extend a volume on one disk with
free space from another. This is because if one of the drives has a hardware failure, then all the data on that volume will be
deleted. Instead only use the free space on a drive that contains the volume you are extending
.
12.

As discussed in step 5, for this tutorial we are going to expand my 8 GB partition (E: drive) to the full size of Disk 1 using
all of its available space. As Disk 1 is the only available free space on my computer, Windows will automatically select it
as shown in the image above and use the maximum amount available to extend the partition. If there were other drives with
free space they would be shown under the Available selection. If you want to extend the volume by a lower amount you
can change it in the Select the amount of space in MB: field. Otherwise we press the Next button.

13. You will now be presented with a confirmation screen. If you are sure you want to extend the volume, press
the Finishbutton. Otherwise, press the Back button to make changes or the Cancel button to cancel this operation.

14. When Windows has completed extending the volume, you will be back at the Disk Management screen where you will see
the volume you extended with the new size. An example of this is shown below.
15.

At this point you can close the Computer Management window as your task is complete.

Shrinking and Extending Volumes with the Windows command line

Windows provides the ability to resize volumes directly from the command line using the Diskpart utility. The Windows Diskpart
utility is a command line program for managing the disk partitions, or volumes, on your computer. Some of the tasks you can do with
this utility include repartitioning drives, deleting partitions, creating partitions, changing drive letters, and now shrinking and
expanding volumes.

To access the diskpart utility follow these steps:

1. Click on the Start Menu button.

2. In the Run/Search field type Diskpart and press the enter key on your board.

3. Windows may ask if you want to allow this program to run and you should press the Continue button.

4. A command prompt will now open and you will be within the Diskpart console. For a list of commands that you can use
within the Diskpart console you can type help. For the help instructions for a particular command you can type the name of
the command followed by help, such as select help .
Before you can expand or shrink a volume using Diskpart you must first select the volume you would like to work with. To do this
you need to use the list volume command to find the IDs associated with each volume. When you type list volume and then
press enter, diskpart will display a list of Windows volumes on your computer. Next to each volume will also be a numbers that can
be used to identify that specific volume. An example of what the list volume command looks like can be found below.

After determining the ID of the volume that you would like to work with, you need to select that volume using the select
volume command. To use this command you would type select volume ID, where ID is the ID associated with the volume you found
using the list volume command. Now that the volume has been selected, diskpart knows that any further commands will be associated
with this particular volume until you enter another select volume command.

To shrink a selected volume you would use the shrink command. The shrink command has two arguments that you can use to define
how you want diskpart to shrink the volume. The first argument is desired= which will shrink the volume by the desired amount in
MB if possible. The second argument is minimum= which tells diskpart that it should only shrink the volume if it can shrink it by the
specified amount in MB. If you do not use either of these arguments, diskpart will shrink the partition by the maximum amount
possible. If you would like to determine the maximum amount of space that you can shrink a volume, you can type the shrink
querymax command.

Shrink examples are:

Command What it does

shrink This command will shrink the volume by 2
desired=2048 GB if possible.
This command will shrink the volume as
shrink
much as possible, but fail if there is
minimum=2048
less than 2GB available to shrink it by.
This command will shrink the volume by
shrink
the maximum it can be.
Shrinking a volume from the command line

To extend a selected volume you would use the extend command. For the extend command the most common arguments
are size and disk. The size= argument will extend the selected volume by the desired amount of MB. The disk= argument allows you
to specify the disk which has the free space you wish to extend a volume with. If no argument, or no disk=argument, is provided when
using the extend command, diskpart will use all the available space on the current disk to extend the volume. As said previously, we
strongly suggest that you do not use the disk= argument to extend a volume onto another disk as this increases your chance of losing
data if one of the two drives has a hardware failure.

Extend examples are:

Command What it does

This command will extend the
extend size=2048
volume by 2 GB using the free
disk=2
space from disk 2..
This command will extend the
extend size=2048
volume by 2GB from the same disk.
This command will extend the
extend
volume as much as it can be.
Conclusion

With the ability to extend and shrink a partition using Windows Vista, Windows 7, or Windows 8 you no longer need to worry about
installing a new drive in order to dual-boot to an alternate operating system. Now you simply find a drive that has some free space on
it, shrink it, and use it as necessary. As always if you have any questions you may have in of ourWindows forums.

Tracing a hacker
Lawrence Abrams
 March 1, 2005

 12:40 PM

 Read 352,543 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

1. Introduction
2. Using TCPView in Windows to see who is connected to your computer
3. Using our clues to track down the hacker
4. What you should do once you know you have been hacked
5. Conclusion

Introduction

Have you ever been connected to your computer when something strange happens? A CD drive opens on its own, your mouse moves
by itself, programs close without any errors, or your printer starts printing out of nowhere? When this happens, one of the first
thoughts that may pop into your head is that someone has hacked your computer and is playing around with you. Then you start
feeling anger tinged with a bit of fear, because someone is violating your personal space without your permission and potentially
accessing your private data. At these times instead of panicking, this tutorial will show what to do and how to potentially help you
track down the hacker and report them to the authorities.

When your computer is hacked, a hacker will typically install a Remote Access Trojan, or RAT, that will allow them to gain access to
it again in the future. This trojan will listen on a TCP or UDP port and wait for connections from the remote user. Once the remote
user is connected they will have full access to your computer and be able to access files, programs, screen shots, and possibly your
web cam.

While the hacker is connected, though, they are vulnerable because we can use programs that allow us to see the IP address that the
user is connected from. This IP address can be used to find their approximate geographic location, possibly login names from their
computer, and identity clues from their host names. We can then use this information to report them to the authorities or law
enforcement. The first step is to proceed to the next section where you will learn how to use a tool called TCPView to examine the
connections between your computer and a remote one.

Using TCPView in Windows to see who is connected to your computer

TCPView is a powerful tool for Windows that allows you to see all of the current TCP/IP network connections on your computer. As
almost all remote hacks are perpetrated over the Internet, you will be able to use TCPView to quickly spot any remote computers that
are connected to your computer. To use TCPView please download it from the following location and save it on your desktop:

TCPView Download Link

To find a hacker that may be connected to your computer, run TCPView and accept the license agreement. You will now be shown a
page that displays all of the active TCP/IP connections on your computer. If there is a remote user connected to your computer at this
time, then TCPView will show their connection and the IP address they are connecting from.

When using TCPView always be sure to disable the resolve address feature as we want to see the connected IP addresses. To do this,
when TCPView is open, click on the Options menu and then uncheck Resolve Addresses. Now that TCPView is setup properly, let's
see how TCPView works by looking at a screen shot of TCPView showing only legitimate connections.

Note: Please remember that there are many legitimate programs that will be legitimately connected to remote computers. For example,
when you visit a web page with a web browser, you will be downloading images, ads, javascript, and other applets from all over the
world. Therefore, when you see web browser, messaging program, or other Internet related program and you recently used it, you
should not be concerned.
As you can see from the image above, the only programs that show an ESTABLISHED connection are related to the Internet Explorer
process. If Internet Explorer was just used within the last 5-10 minutes, then these connections are legitimate connections that were
made to various web sites. The processes that are in a LISTENING state look to be legitimate Windows programs, so they can be
ignored as well. To be safe, though, you should always check the paths of all LISTENING programs by double-clicking on the
program name. This will open a small dialog that shows you the path to the executable. If the program is in the proper place then you
have confirmed that these are legitimate programs.

Now, let's say that you were using your computer and your CD drive ejected on its own. As this is a little strange you should start
TCPView and look at its connections.

Note: Please note that any IP addresses from this tutorial are totally fictitious and did not perform any harmful activity against any
computer.
Can you spot the strange connection in the screen above? We see ESTABLISHED Internet Explorer connections to a variety of hosts,
but if you recently used it then that is normal. At the very top, though, is a strange process called a.exe that has an established
connection to to the remote IP address 67.83.7.212 and is listening on the local port number 26666. If you do not recognize the
program or the remote address, then you should immediately become suspicious. The next step is to see if there is any legitimate
program that uses that port number. By looking at this Wikipedia Page we see that there is no legitimate program assigned to
the 26666 port number. If you are concerned that you are seeing a suspicious connection, you should definitely write down the name
of the program, its file location, and the remote user's IP address so that you have it available later. You may also want to take screen
shots in the event you need to show it to the authorities. Finally, we double-click on the process name to see where it is located and
find that it is stored directly in the C:\Program Files folder.
Executable programs should not be stored directly in the C:\Program Files folder, so it paints a stronger case that this is not a
legitimate program and that someone was accessing your computer without your permission. To be safe, you should end the process
so that the hacker is no longer connected to the computer. Now that you know that someone has been accessing your computer without
your permission, you should continue to the next section to learn how to use the information we just gathered to track them down.

Using our clues to track down the hacker

Now that you know the potential hackers IP address, you can use that to track them down. The first thing you want to do is get a
general geographical location for the user. This can be done using the GeoIPTool site. When you are at that site, enter the IP address
for the remote user you saw connected to your computer. GeoIPTool will then display the general location for this IP address as shown
below.
As you can see from the above image, the remote IP address that connected to your computer is supposedly located in Clifton, New
Jersey in the USA.

Unfortunately, the GeoIP information is not always accurate, so we want to use another tool called Traceroute to corroborate what the
GeoIPTool showed. Traceroute is a program that will print out the host names of all the devices between your computer and the
remote one. As ISPs typically give hosts names to their devices using geographical names, we can get further clues as to the location
of the IP address.

To use Traceroute you can go to this web site: http://www.net.princeton.edu/traceroute.html. Once there, enter the hackers IP address
and click on the Go button. A traceroute process can take a while, so you may want to do something for 5-10 minutes and then come
back and check the results. When done, you should see output similar to what is shown below.
Notice the hostname of the last device in the traceroute and the portion that I highlighted. Based upon the information we received
from GeoIPTool, this further confirms that the IP address most likely belongs to someone from Clifton, New Jersey.

In a real example, though, it will not always be as easy to figure out the location of a remote IP address. In those situations your best
bet is to contact the abuse department for the ISP that owns the remote IP address and let them know what is going on. They will
usually issue an alert to the hacker, which if nothing else, will scare them enough that maybe they wont do it again. To find out the
name of the ISP that owns the particular IP address, you can go to http://whois.arin.net and enter the IP address in the Search
Whois field in the top right of the home page. This will look up and list the Internet service provider that owns that particular IP
address and will usually contain an email you can contact. If you plan on reporting this hack to the authorities, you should avoid
contacting the ISP at this time.

Finally, someone accessing your computer without permission can be a federal crime, so if you are truly concerned, you can gather all
of this information and contact your local police department's cyber crime division. If your police department does not have this
division then you can contact the FBI Cyber Crime division.

What you should do once you know you have been hacked

Once you know you have been hacked you should immediately harden your computer's security so that it cannot happen again. To do
this please perform each of these steps:

1. Change all the passwords for all the accounts on your computer, your email accounts, and any banking accounts.

2. Install all the available Windows Updates. Information on how to do this can be found in this tutorial: How to update
Windows

3. If you use Remote Desktop, change the port it listens on by using this tutorial: How to change the Terminal Services or
Remote Desktop Port

4. Check your programs for available updates using Secunia PSI: How to detect vulnerable and out-dated programs using
Secunia Personal Software Inspector (PSI)
5. Use a firewall on your network or your computer. The best line of defense from remote attacks is a hardware firewall such
as a personal router. If you only have one computer and the Internet modem is connected directly to your computer, then
make sure you enable the Windows firewall.

Once you have completed all of these steps, your computer will be much more secure.

Conclusion

Hopefully the information in this tutorial will help you to gain control of your computer in the event someone hacks it. When
reviewing this information, though, it is important to not to jump to conclusions and assume every unknown established connection is
a hacker. In most cases, connections you see in TCPView are all legitimate and nothing to be concerned about. If you do encounter
something that looks suspicious to you, feel free ask us in the tech support forums. One of our members can help you determine if this
connection is something that you really need to worry about.

Windows Forensics: Have I been Hacked?

Lawrence Abrams
 February 17, 2004

 11:56 AM

 Read 323,175 times

Share on facebookShare on twitterShare on google_plusone_shareShare on linkedinShare on email

Table of Contents

 Introduction
 Why would someone want to hack me?
 Creating your Computer Forensics Tool belt
 How can I tell if I have been hacked?
 Looking for further suspicious activity
 What if a tool states another program is running but I cant find it!!!?!?
 Other Hacks? And are they detectable?
 Conclusion

Introduction

One of the top questions I see on forums is "How do I know if I have been hacked?". When something strange occurs on a computer
such as programs shutting down on their own, your mouse moving by itself, or your CD constantly opening and closing on its own,
the first thing that people think is that they have been hacked. In the vast majority of cases there is a non-malicious explanation for
these problems such as faulty hardware or problematic software, but it is better to be safe than sorry for not investigating deeper.
Unfortunately, the vast majority of computer users have no idea how to go about determining if their computer is hacked. It is for
these people, that I am writing this tutorial.
Before we continue, it is important to go over some basic information. In current times, the word hacker is more commonly known as
someone who breaks into other's computers, websites, or software without permission. The original definition is actually someone
who likes to understand the internal workings of software, hardware, or an electrical device in order to modify it for their own
purposes. For this article, we will continue to use the word hacker to describe someone who has broken into a computer in order to
avoid confusion.

It should also be noted that in many of the cases that people think they are hacked, they are instead infected with malware such
as Spyware, Scareware, or Trojans. Therefore, it is suggested that you first use an anti-virus program or anti-spyware program to
check for computer infections before proceeding with the rest of this tutorial. If you need help check to see if your computer is
infected, feel free to create a virus removal log and post it in our forums to be checked by a trained helper. A guide on how to do this
can be found here:

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help

In this tutorial I will show you how to determine if your Windows computer is hacked and how you can go about cleaning up the files
that may have been left behind. This tutorial will also cover the common hack methods and how to detect them. There are more
invasive hacking methods that this guide will not go over in great length due to their infrequent use. In my experience, though, most of
the hacks that are done in mass, especially by the script kiddies, will be detectable by the methods outlined below.

As this is an advanced topic, some of the information discussed in this tutorial may difficult for beginning computer users. If you are
having trouble understanding some of the points in the tutorial, feel free to ask in the forums and someone can provide answers to your
questions.

Why would someone want to hack me?

Many people think that the main reason someone is hacking their computer is to get back at them for some personal reason. In reality,
the majority of hacks are perpetrated by those who do not care who you are, but just want to use your computer's resources for illegal
purposes. These hacks are typically performed by programs or scripts that automate the process of hacking a computer for the hacker.
When these hacking programs are run they scan large portions of the Internet for computers that have a particular software or
Windows vulnerability. When the program detects a vulnerable program it will automatically exploit it and open a backdoor so that
the hacker can remotely access it.

Once the hacker has remote access to your computer he can install whatever they want, transfer files, and look at your data. From my
experience the most common reasons that a computer is hacked are:

1. Setup a FTP or Web Server to distribute copyrighted material. These types of servers are called Pubstros.

2. Setup an IRC client/bot that is used to DDOS other computers, flood IRC users, scan/hack other computers, and to
distribute copyrighted material as a File Server.

3. Use your computer to scan others or hack into other computers. This gives a hacker a greater degree of anonymity as they
will be using your computer to perform the illegal actions.

4. Install ransomware on your computer that encrypts your files and then prompts you to pay a ransom in order to decrypt
them.

Regardless of the reason, once a person starts using your computer without your permission it is imperative to find them quickly as
you will have to deal with the ramifications of their actions while they are connected to it.
Creating your Computer Forensics Tool belt

The first thing you need to do before inspecting your computer is to create a Computer Forensics Tool Belt. This tool belt consists of a
variety of freeware utilities that you can use throughout this guide to examine the activity on your computer. The tools we recommend
are:

Process Explorer - This program will list all open processes and delineate between the parent processes and the processes that are
spawned by the parent. This is a very useful program for seeing what programs are running on your computer and how they were
launched.

Process Monitor - This program provides a real time display of all process, Windows Registry, and file activity on your computer.
This is useful when you are concerned that a hacker may be currently connected to your computer and you wish to get a general idea
as to what they are doing. This program can very quickly display a lot of information. Therefore, please play around with this program
and setup filter to get a general feel on how it works.

Show Hidden - This is a tool written by BleepingComputer.com that will list all hidden folders, and files if you wish, on your
computer. As many hackers hide their tools and files in a hidden folder, this tool will make it easier to find hidden folders that appear
suspicious.

TCPView - TCPView is the real work horse for detecting if you have been hacked. This program will list all the programs on your
computer that are connected to a remote computer or are waiting for a connection. The program will also list all the IP addresses that
are connected and even perform reverse DNS on them so that you can get useful information on who is connected.

TreeSize Free - This program will scan your drive and easily show the folders on your hard drives that are using the most space. If you
are concerned that your server was hacked to distribute copyrighted programs and videos, you can use this tool to search for large
folders that you can then investigate.

Wireshark - Wireshark is a network sniffing tool that allows you to see the data that is flowing through your network. If you are
concerned you are hacked, you can install and use Wireshark to look at the raw TCP/IP packets to see if any nefarious activity is
taking place. This is an advanced tool and will not be covered by this tutorial.

Before continuing with the rest of the tutorial, I suggest that you download each of these programs and become familiar with them.
Once you play with them a little you should start to understand how they work and how best to use them.

How can I tell if I have been hacked?

When your computer is hacked and being accessed remotely, it is doing so over a TCP/IP network. This allows us to use tools such as
TCPView to quickly spot these network connections and terminate them if necessary. Further more, the hacker knows that at some
point their point-of-entry will be locked again. With this in mind, the hacker will usually install a backdoor that runs on your computer
so that they will be able to get back in even if you patch your computer's security holes. The only time a hacker does not leave
something behind, is if they are hacking your computer for specific information or an item. The vast majority of hacks, though, are
thankfully not targeted at a particular person or item and your computer was just unlucky to be connected to the Internet at the wrong
time.

When you are hacked, hackers may also install RATs, or Remote Access Trojans, and other backdoors that allow the hacker to control
your computer remotely. These programs listen on TCP or UDP connections and either connect to an IRC (Internet Relay Chat)
channel where they can then be controlled by an operator or act as a backdoor for the hacker. The good news is that these types of
programs must use your network to make connections, which opens a path that is easily noticeable using a tool like TCPView.
To see what programs are running or are listening on TCP or UDP ports on your computer, you should run TCPView. Once you start
TCPView it will display a list of all the programs on your computer that are connected to the network. This is shown in the image
below.

As you can see in the image above, TCPView will display all the programs on your computer that are currently connected to a remote
computer over the network or listening for incoming connections. The program is broken up into 5 columns that provide useful
information. These columns are:

Process: This column displays the name of the program that is connected to the remote device or is waiting for an incoming
connection.

PID: This column shows the process ID for the particular program.

Protocol: This column displays whether the particular row is using TCP or UDP.

Local Address: This column shows the hostname or IP address of the local computer's connection..

Local Port: This column will show the port number being used by the local connection. If the port number corresponds to a standard
service, it will show the service name instead.

Remote Address: This is the IP address or hostname remote device the particular program is connected to.
Remote Port: This column will show the port number being used by the remote connection. If the port number corresponds to a
standard service, it will show the service name instead.

State: This column shows the state of the program's connection. These states are:

Established - A connection that is established means that there are is an active connection between your computer and the remote
computer.
Close Wait - The remote connection has closed the connection. This entry will eventually time out and be removed from the
TCPView list.
Time Wait - Your computer has closed the connection. This entry will eventually time out and be removed from the TCPView list.
Listening - This state means that the program is listening for an incoming connection from a remote computer. The port that it is
listening on can be found in the local address column.

With the above information you can determine if a connection or a listening program is legitimate. To see if traffic is legitimate you
can look up the remote addresses at a site like http://www.dnsstuff.com/. If the remote address looks like a known company or one that
makes sense that you would be connected to, then you can reasonably be assured that the particular connection is legitimate. On the
other hand, if the IP address shows its to a location in another country that you should not be connected to, then you may have more
cause to be concerned. It should be noted that when analyzing connections from web browsers, that you may be legitimately
connected to servers all over the world.

You should also examine the programs listed in TCPView. If you see one that you are unsure of, right-click on it and selectProcess
Properties. This will open a small dialog that shows information about the program. If the company information is legitimate, then
you can move on. If not, then you may want to investigate further by scanning it withhttp://www.virustotal.com/ or seeing who it is
connected to. It should be noted that there are many programs that legitimately will be waiting for connections or are connected to
remote locations. For example, web browsers, messaging programs, and Windows system files are routinely listening or connected to
remote devices. Common Windows files that you should not be concerned about are svchost.exe, wininit.exe, services.exe, lsass.exe,
and some processes labeled as System Processes.

Let's now use a fictitious examine of a computer hacked with a Pubstro. TCPView on this type of computer may show something like:
Notice how there is a process named pubstro.exe that is listening on a strange port. If you do a search for pubstro.exe you may not
find any legitimate entries or may find information that alludes that this is not a legitimate file. In that case, you would right-click on
the file and examine its properties. Finally, if you are concerned about the legitimacy of this file you would then right-click on it and
click on the End Process option. This will then terminate the process and close the listening connection.

Once you determine that a program should not be there, you need to determine where it is starting from. To this you need to use a
program like DDS or Autoruns that shows all the programs that automatically start in Windows. Once you have determined the
launching point, you can then remove that launching point so that the program is no longer started.

Looking for further suspicious activity

Though TCPView can easily spot active connections or programs waiting for a connection, there are times when we want to dig down
deeper for suspicious non-network related activity. To do this we use tools such as Process Explorer, Process Monitor, Show
Hidden, TreeSize Free, and Wireshark. All of these tools have their different uses and can help spot different clues that may indicate
you are hacked. This section will provide a brief overview of how to use each of these tools.

Process Explorer can be used to view all the running processes on your computer. This allows you to spot processes that do not
appear legitimate and gather more information about them. To examine a process, just double-click on it and a properties screen will
open. This screen contains numerous tabs that provide a variety of information about the particular process. In particular, you want to
be concerned with the information on the Image tab and the Strings tab. The strings tab will contain a list of strings found within the
executable. These strings may provide a clue as to what the process is doing. The image tab will display information about who
created the file, what its name is, where it is located on your hard drive, and the actual commands that were used to execute the
program. An example of the type of information you can view for a process is shown below.
Process Monitor is an advanced, but a very useful, tool. If you can master this program then you can essentially watch all the activity
a particular process is performing on your computer. When run, this program will immediately start displaying an overwhelming
amount of data. In order to harness the power of Process Monitor, you will need to configure display filters that will allow you to
specify the particular processes that you wish to see information for. For example, if we wanted to see only the information related to
the pubstro.exe process, we can setup a filter like this:
This filter would then only display the information related to the pubstro.exe process.

The Show Hidden is a very basic tool that simply lists all of the folders on your computer that have the hidden attribute. If you use
the -f command line argument, then it will list all hidden files as well. When a computer is hacked, the hacker typically creates a folder
that contains a variety of tools and programs that they need to hack other computers or setup various programs. Most of the time, this
folder will be hidden so that it will not be seen during casual use. Using Show Hidden you can create a list of hidden files and folders
that can then examined to see if they should be there. Please note, that there will be MANY legitimate hidden folders, so do not delete
anything unless you know for sure it does not belong.

TreeSize Free is another useful program as it will generate a list of all the folders on a drive and how much hard drive space they take
up. When a hacker sets up a Warez distribution site on your computer, the files typically take up a great deal of space. Using this
program you can easily find folders that consume a lot of space and investigate them for suspicious files.

The last program is an advanced tool called Wireshark, which allows you to look at the data flowing over your network. This tool is
not easy to interpret, but once you master it you will quickly be able to see the exact traffic that is flowing over your network and
where it is going to.

What if a tool states another program is running but I can't find it!!!?!?

If you use a diagnostic tool and it states that a particular program is running, but you are unable to find it, you need to first make sure
you have the option set to see all hidden and system files. You can enable this setting by following the steps in this tutorial: How to
see hidden files in Windows. If you are doing a directory listing from the Windows command prompt, make sure you use the /a flag
with the dir command to see hidden files.
After making these changes, if you are still unable to see the files then it is possible that a Rootkit is installed on your computer. A
rootkit is a program that is used to hide files, Windows Services, and Windows Registry information so that they cannot be seen and
removed with normal tools. If a rootkit is involved then the removal process will become much more complicated. Don't worry
though, there are still ways to detect these rootkits and clean them up.

The first step is to scan your computer with a Rootkit detector. Our download section has numerous Rootkit scannersavailable with
some being listed below:

 Malwarebytes Anti-Rootkit
 Panda Anti-Rootkit
 Trend Micro RootkitBuster
 RootRepeal
 TDSSKiller
 GMER
 aswMBR

Pick one of the programs above, or as many as you want, and scan your computer with them. If they find any known rootkits or
unusual system hooks they will attempt to repair them for you.

If no rootkit is detected, and you are sure there is one involved, you can bypass the rootkit and see the hidden files by using a bootable
CD. When dealing with rootkits, the easiest solution is to boot your computer into the Windows Recovery Environment. This
environment gives you access to your file system and Windows Registry using a command prompt. Tutorials on how to use and access
the Windows Recovery Environment can be found below:

How to install and use the Windows XP Recovery Console

How to use the Command Prompt in the Vista Windows Recovery Environment
How to use the Windows 7 System Recovery Environment Command Prompt
How to use the Windows 8 System Recovery Environment Command Prompt

Once you are booted into the recovery environment there will be no active infections or rookits and you will be able find and remove
them easily.

Other Hacks? And are they detectable?

What I have covered so far are the more generic hacks that are used. This tutorial, though, can not cover all possible hacks and ways to
detect them. Below is a brief summary of some other types of hacks that you may encounter.

Alternate Data Streams: Alternate Data streams were introduced into NTFS volumes to support the Macintosh Hierarchical File
System and are widely undocumented. With the use of Alternate Data Streams, or ADS, a hacker can hide files, even executables, and
make them almost invisible to the operating system and therefore yourself. There are tools out there such as LADS or ADS Spy that
will enable you to see ADS files and remove them.

Kernel and Device Driver hacks: An experienced hacker may have the knowledge to actually patch system drivers, device drivers, or
system calls. This will enable them to issue commands to the OS as Ring0 or at the operating system's kernel security level. If a hack
like this occurs, usually the best situation is to backup your data and reinstall the OS. This is because if the hacker has that type of
access to the box, then you really can never be sure what else has been compromised. If it is necessary to try and detect and remove
these types of hacks, you can use the SFCcommand from the Windows Recovery Console to find patched system files.

As always, if you need help with any of these issues, feel free to ask us in the Security Forums.
Conclusion

Ultimately, if your computer is hacked you need to make the decision to try and clean it up or to backup your data and reinstall. If you
have the time and ability, then it is definitely suggested that you backup your data and reinstall as you will then know you definitely
have a clean computer. On the other hand, if you are unable to reinstall, you can use the steps above to detect any hacks and clean
them up. This will have to be a judgement call on your part.

If you have any questions regarding these procedures, please do not hesitate to ask in our Security Forums.

Microsoft Applications For Windows Mobile 6 User Guide
No ratings yet
Microsoft Applications For Windows Mobile 6 User Guide
184 pages
Linux Playbooks for Hackers - by Codelvily
No ratings yet
Linux Playbooks for Hackers - by Codelvily
31 pages
bookmarks_root_2024-04-31_18-40-46
No ratings yet
bookmarks_root_2024-04-31_18-40-46
49 pages
Unit 2.8 2.11 Mobile Hacking
No ratings yet
Unit 2.8 2.11 Mobile Hacking
30 pages
Windows 11 Features & Tips _ Microsoft Windows
No ratings yet
Windows 11 Features & Tips _ Microsoft Windows
4 pages
231512
No ratings yet
231512
36 pages
350-601-11 01 2022 PDF
No ratings yet
350-601-11 01 2022 PDF
55 pages
Minnesota Health Care Programs (Mhcp) Application for Certain Populations
No ratings yet
Minnesota Health Care Programs (Mhcp) Application for Certain Populations
30 pages
iTNC 530 Service Manual PDF
100% (1)
iTNC 530 Service Manual PDF
539 pages
Life-Cycle-Manager-Guide-v3_0
No ratings yet
Life-Cycle-Manager-Guide-v3_0
79 pages
CP R80.20.20 1500 1600 1800 Appliance Series AdminGuide Locally Managed
No ratings yet
CP R80.20.20 1500 1600 1800 Appliance Series AdminGuide Locally Managed
282 pages
Free Online Antique Price Guides & Resources _ LoveToKnow
No ratings yet
Free Online Antique Price Guides & Resources _ LoveToKnow
2 pages
Huge List of File Formats With Detailed Description
No ratings yet
Huge List of File Formats With Detailed Description
23 pages
43n8230 Manual Del Usuario - Lenovo 3000N500
No ratings yet
43n8230 Manual Del Usuario - Lenovo 3000N500
148 pages
CoreModule1 2ComputerNetworking
No ratings yet
CoreModule1 2ComputerNetworking
69 pages
Glove80 User Guide 7oct2023
No ratings yet
Glove80 User Guide 7oct2023
56 pages
A-Z List of Windows CMD Commands (PDF Download) - WinDOSPC
No ratings yet
A-Z List of Windows CMD Commands (PDF Download) - WinDOSPC
21 pages
Hidden Files
No ratings yet
Hidden Files
20 pages
ACER TravelMate 2100 2600 Service Manual
No ratings yet
ACER TravelMate 2100 2600 Service Manual
126 pages
Microsoft's Really Hidden Files, Reveled Hidden Files
100% (1)
Microsoft's Really Hidden Files, Reveled Hidden Files
19 pages
Red Team Training
No ratings yet
Red Team Training
15 pages
Show Only Specified Control Panel Applets
No ratings yet
Show Only Specified Control Panel Applets
43 pages
Week 5 - LAB 7 - Folder Options, File Extensions and Attributes
No ratings yet
Week 5 - LAB 7 - Folder Options, File Extensions and Attributes
5 pages
9-Computer Basics Setting Up A Computer
No ratings yet
9-Computer Basics Setting Up A Computer
20 pages
How To Show Hidden Files in Windows 7: Welcome Guest (Log in - Create Account) New Member? Join For Free
No ratings yet
How To Show Hidden Files in Windows 7: Welcome Guest (Log in - Create Account) New Member? Join For Free
5 pages
Eng3201 Module Ii
No ratings yet
Eng3201 Module Ii
87 pages
004 Hacking Android and IOS With a Link
No ratings yet
004 Hacking Android and IOS With a Link
5 pages
Msinfo 32
No ratings yet
Msinfo 32
88 pages
Z420, Z620, Z820 Boot Block Upgrade Guide: By: Hashsumcollision, 202 1 Rev 1.02
No ratings yet
Z420, Z620, Z820 Boot Block Upgrade Guide: By: Hashsumcollision, 202 1 Rev 1.02
43 pages
How To Open The Hidden Files in A USB Pen Drive
No ratings yet
How To Open The Hidden Files in A USB Pen Drive
13 pages
Unhiding Usb, Flashdrive, Sdcard Hidden Files
No ratings yet
Unhiding Usb, Flashdrive, Sdcard Hidden Files
12 pages
7050 Parts List - ERROR CODE
No ratings yet
7050 Parts List - ERROR CODE
68 pages
NEON Vibration Sensor - Communication Protocol v3 - DS VB XX XX - 6013 - 3 - A2
No ratings yet
NEON Vibration Sensor - Communication Protocol v3 - DS VB XX XX - 6013 - 3 - A2
46 pages
Computer Tips and Tricks
100% (1)
Computer Tips and Tricks
46 pages
Old Fashioned Easy Apple Crisp - The Chunky Chef
No ratings yet
Old Fashioned Easy Apple Crisp - The Chunky Chef
1 page
Zimsec Nov 2020 Combined Science Paper 2
82% (11)
Zimsec Nov 2020 Combined Science Paper 2
15 pages
How can I make all the files not hidden?
No ratings yet
How can I make all the files not hidden?
1 page
Bce Program 2
No ratings yet
Bce Program 2
6 pages
PresentationThe-DesktopIntro
No ratings yet
PresentationThe-DesktopIntro
17 pages
Yash Tricks and Trims
No ratings yet
Yash Tricks and Trims
9 pages
Reset System and Hidden Attributes For Files or Folders Caused by Virus
No ratings yet
Reset System and Hidden Attributes For Files or Folders Caused by Virus
7 pages
List of Cities and Towns in Minnesota - Ndangira.net-1
No ratings yet
List of Cities and Towns in Minnesota - Ndangira.net-1
2 pages
Hide, Show, Add, Remove Specified Control Panel Applets in Windows
No ratings yet
Hide, Show, Add, Remove Specified Control Panel Applets in Windows
11 pages
Make Icons Background Transparent in Windows XP (If Its Not)
No ratings yet
Make Icons Background Transparent in Windows XP (If Its Not)
6 pages
Why Urgent Need?
No ratings yet
Why Urgent Need?
2 pages
Unit-1 Introduction of Computer PDF
No ratings yet
Unit-1 Introduction of Computer PDF
25 pages
Tricks
No ratings yet
Tricks
5 pages
Trik Nih-Versi Assoy
No ratings yet
Trik Nih-Versi Assoy
6 pages
Send and Receive ICloud Mail on All Your Devices and Keep Mail Settings Up to Date - Apple Support
No ratings yet
Send and Receive ICloud Mail on All Your Devices and Keep Mail Settings Up to Date - Apple Support
1 page
Use Siri on All Your Apple Devices - Apple Support
No ratings yet
Use Siri on All Your Apple Devices - Apple Support
1 page
Use Find My to Locate People, Devices, And Items - Apple Support
No ratings yet
Use Find My to Locate People, Devices, And Items - Apple Support
1 page
DialMyCalls.com Support | Contact Us - DialMyCalls
No ratings yet
DialMyCalls.com Support | Contact Us - DialMyCalls
1 page
Skeletal System Cheat Sheet(1)
No ratings yet
Skeletal System Cheat Sheet(1)
1 page
The Ultimate Scholarship Book 2023- Billions of Dollars in Scholarships, Grants and Prizes
No ratings yet
The Ultimate Scholarship Book 2023- Billions of Dollars in Scholarships, Grants and Prizes
1 page
Lodging Policy-Template 2017
No ratings yet
Lodging Policy-Template 2017
1 page
Drivers & Downloads
No ratings yet
Drivers & Downloads
1 page
Linux Partition Naming Convention (IDE Drive Mappings)
100% (2)
Linux Partition Naming Convention (IDE Drive Mappings)
9 pages
How To Become A Stress Free Trader
No ratings yet
How To Become A Stress Free Trader
161 pages
(0045)Hidden Files for the First
No ratings yet
(0045)Hidden Files for the First
1 page
Computer Tricks of Resolving The Problems
No ratings yet
Computer Tricks of Resolving The Problems
3 pages
Computer Help: What Happens When You Start Up Your Computer?
No ratings yet
Computer Help: What Happens When You Start Up Your Computer?
18 pages
Basic 2
No ratings yet
Basic 2
14 pages
Using WMI Scripts With BitDefender Client Security
No ratings yet
Using WMI Scripts With BitDefender Client Security
17 pages
Windows Hacks - Registry Remedies
No ratings yet
Windows Hacks - Registry Remedies
10 pages
How To Make Folders Invisible and Visible On Your Computer
No ratings yet
How To Make Folders Invisible and Visible On Your Computer
2 pages
System D Manual
No ratings yet
System D Manual
11 pages
Mohawk College of Applied Arts and Technology
No ratings yet
Mohawk College of Applied Arts and Technology
7 pages
Schneider Electric Altivar Machine ATV320 DTM Library V1.3.2
No ratings yet
Schneider Electric Altivar Machine ATV320 DTM Library V1.3.2
3 pages
Format Drive
No ratings yet
Format Drive
30 pages
How To Reveal Program Data in Windows 10
No ratings yet
How To Reveal Program Data in Windows 10
1 page
Using Windows Operating System
No ratings yet
Using Windows Operating System
16 pages
XP Error
No ratings yet
XP Error
42 pages
PPBrowser for Web Video on the App Store
No ratings yet
PPBrowser for Web Video on the App Store
3 pages
Counter 19 Service Manual
No ratings yet
Counter 19 Service Manual
101 pages
Show Hidden Files Using Command Prompt - VisiHow
No ratings yet
Show Hidden Files Using Command Prompt - VisiHow
17 pages
Windows
No ratings yet
Windows
6 pages
Make Net Recovery
No ratings yet
Make Net Recovery
10 pages
How To Fix Shortcuts Virus Problem?
No ratings yet
How To Fix Shortcuts Virus Problem?
10 pages
Alexc92 Cocktails
No ratings yet
Alexc92 Cocktails
2 pages
How ICloud Keeps Information Up to Date Across All Your Devices - Apple Support
No ratings yet
How ICloud Keeps Information Up to Date Across All Your Devices - Apple Support
2 pages
Hotels and Other Lodging Establishments Guide
No ratings yet
Hotels and Other Lodging Establishments Guide
2 pages
Show Hidden Files Issue
No ratings yet
Show Hidden Files Issue
1 page
Apple Diagnostics for Self Service Repair - Apple Support
No ratings yet
Apple Diagnostics for Self Service Repair - Apple Support
1 page
Inside Windows - Print
No ratings yet
Inside Windows - Print
6 pages
Rust Removal to Protect Equipment - DST-CHEMICALS
No ratings yet
Rust Removal to Protect Equipment - DST-CHEMICALS
1 page
Windows Keyboard Shortcuts for Accessibility - Microsoft Support
No ratings yet
Windows Keyboard Shortcuts for Accessibility - Microsoft Support
1 page
Windows XP Tweaks
No ratings yet
Windows XP Tweaks
11 pages
U. S. Currency Guide
No ratings yet
U. S. Currency Guide
1 page
Using The Cypress Tools Effectively To Harness The Power of The EZ-USB FX
No ratings yet
Using The Cypress Tools Effectively To Harness The Power of The EZ-USB FX
6 pages
8 Most Valuable Indian Head Pennies & How to Spot Them _ LoveToKnow
No ratings yet
8 Most Valuable Indian Head Pennies & How to Spot Them _ LoveToKnow
1 page
Lab 2 Computer-Basics-Handout
No ratings yet
Lab 2 Computer-Basics-Handout
16 pages
DD-WRT Porting Guide: Requirements
No ratings yet
DD-WRT Porting Guide: Requirements
4 pages
How to Create a Daily Schedule
No ratings yet
How to Create a Daily Schedule
2 pages
What Is A Desktop?
No ratings yet
What Is A Desktop?
34 pages
1000 Hacking Tutorials 2008 Edition
No ratings yet
1000 Hacking Tutorials 2008 Edition
4 pages
Malshaibah@yahoo: Deep Freeze
No ratings yet
Malshaibah@yahoo: Deep Freeze
1 page
Raspberry Pi Retro Gaming System
No ratings yet
Raspberry Pi Retro Gaming System
2 pages
Income Tax Circular17 - 2014
No ratings yet
Income Tax Circular17 - 2014
1 page
Microsoft's Really Hidden Files, Reveled Hidden Files
No ratings yet
Microsoft's Really Hidden Files, Reveled Hidden Files
15 pages
Reformatting Lock - EMUI
No ratings yet
Reformatting Lock - EMUI
3 pages
Make Autorun CD'S: Lock Ur Desktop Icons
No ratings yet
Make Autorun CD'S: Lock Ur Desktop Icons
13 pages
Ghost
No ratings yet
Ghost
9 pages
Tutorial
No ratings yet
Tutorial
2 pages
Troubleshooting and Maintaining Your PC All-in-One For Dummies
From Everand
Troubleshooting and Maintaining Your PC All-in-One For Dummies
Dan Gookin
4.5/5 (9)
Windows 8 For Dummies
From Everand
Windows 8 For Dummies
Andy Rathbone
3.5/5 (13)
Windows 11 for Beginners: The Complete Step-by-Step User Guide to Learn and Take Full Use of Windows 11 (A Windows 11 Manual with Useful Tips & Tricks)
From Everand
Windows 11 for Beginners: The Complete Step-by-Step User Guide to Learn and Take Full Use of Windows 11 (A Windows 11 Manual with Useful Tips & Tricks)
Kyle A. Veltri
5/5 (1)
Windows 7 For Dummies
From Everand
Windows 7 For Dummies
Andy Rathbone
4.5/5 (11)
macOS Sequoia For Dummies
From Everand
macOS Sequoia For Dummies
Guy Hart-Davis
No ratings yet
Troubleshooting and Maintaining Your PC All-in-One Desk Reference For Dummies
From Everand
Troubleshooting and Maintaining Your PC All-in-One Desk Reference For Dummies
Dan Gookin
5/5 (1)
Mac OS X Snow Leopard For Dummies
From Everand
Mac OS X Snow Leopard For Dummies
Bob LeVitus
2.5/5 (3)
Jupiter Support: The Blog - Volume One
From Everand
Jupiter Support: The Blog - Volume One
Paul D Kennedy
No ratings yet
Windows 7 For Dummies, Enhanced Edition
From Everand
Windows 7 For Dummies, Enhanced Edition
Andy Rathbone
4.5/5 (9)
Windows 10 errors All in One First Edition
From Everand
Windows 10 errors All in One First Edition
mrabih rabo
3/5 (2)
macOS Sonoma For Dummies
From Everand
macOS Sonoma For Dummies
Guy Hart-Davis
No ratings yet
Catastrophe
From Everand
Catastrophe
Warren Beatty
No ratings yet
Using File Manager Plus for Android
From Everand
Using File Manager Plus for Android
Roger Carter
No ratings yet
Windows 7
From Everand
Windows 7
John Hales
No ratings yet
Computer for Kids: The Operating System
From Everand
Computer for Kids: The Operating System
Steven Bright
No ratings yet
How To Recover Deleted Files: Your Step-By-Step Guide To Recovering Deleted Files
From Everand
How To Recover Deleted Files: Your Step-By-Step Guide To Recovering Deleted Files
HowExpert
No ratings yet
How To Protect Your Personal Computer: Your Step-By-Step Guide To Fight Spyware, Viruses, & Malware
From Everand
How To Protect Your Personal Computer: Your Step-By-Step Guide To Fight Spyware, Viruses, & Malware
HowExpert
No ratings yet