Keyboard Shortcuts for Windows 7

Keyboard shortcuts are combinations of two or more keys that, when pressed, can be used to perform a task that would typically require a mouse or other pointing device. Keyboard shortcuts can make it easier to interact with your computer, saving you time and effort as you work with Windows and other programs.

Most programs also provide accelerator keys that can make it easier to work with menus and other commands. Check the menus of programs for accelerator keys. If a letter is underlined in a menu, that usually means that pressing the Alt key in combination with the underlined key will have the same effect as clicking that menu item.

Pressing the Alt key in some programs, such as Paint and WordPad, shows commands that are labeled with additional keys that you can press to use them.

Ease of Access keyboard shortcuts
Press this key To do this
Right Shift for eight seconds Turn Filter Keys on and off
Left Alt+Left Shift+PrtScn (or PrtScn) Turn High Contrast on or off
Left Alt+Left Shift+Num Lock Turn Mouse Keys on or off
Shift five times Turn Sticky Keys on or off
Num Lock for five seconds Turn Toggle Keys on or off
Windows logo key  +U Open the Ease of Access Center

General keyboard shortcuts

Press this key To do this
F1 Display Help
Ctrl+C (or Ctrl+Insert) Copy the selected item
Ctrl+X Cut the selected item
Ctrl+V (or Shift+Insert) Paste the selected item
Ctrl+Z Undo an action
Ctrl+Y Redo an action
Delete (or Ctrl+D) Delete the selected item and move it to the Recycle Bin
Shift+Delete Delete the selected item without moving it to the Recycle Bin first
F2 Rename the selected item
Ctrl+Right Arrow Move the cursor to the beginning of the next word
Ctrl+Left Arrow Move the cursor to the beginning of the previous word
Ctrl+Down Arrow Move the cursor to the beginning of the next paragraph
Ctrl+Up Arrow Move the cursor to the beginning of the previous paragraph
Ctrl+Shift with an arrow key Select a block of text
Shift with any arrow key Select more than one item in a window or on the desktop, or select text within a document
Ctrl with any arrow key+Spacebar Select multiple individual items in a window or on the desktop
Ctrl+A Select all items in a document or window
F3 Search for a file or folder
Alt+Enter Display properties for the selected item
Alt+F4 Close the active item, or exit the active program
Alt+Spacebar Open the shortcut menu for the active window
Ctrl+F4 Close the active document (in programs that allow you to have multiple documents open simultaneously)
Alt+Tab Switch between open items
Ctrl+Alt+Tab Use the arrow keys to switch between open items
Ctrl+Mouse scroll wheel Change the size of icons on the desktop
Windows logo key  +Tab Cycle through programs on the taskbar by using Aero Flip 3-D
Ctrl+Windows logo key  +Tab Use the arrow keys to cycle through programs on the taskbar by using Aero Flip 3-D
Alt+Esc Cycle through items in the order in which they were opened
F6 Cycle through screen elements in a window or on the desktop
F4 Display the address bar list in Windows Explorer
Shift+F10 Display the shortcut menu for the selected item
Ctrl+Esc Open the Start menu
Alt+underlined letter Display the corresponding menu
Alt+underlined letter Perform the menu command (or other underlined command)
F10 Activate the menu bar in the active program
Right Arrow Open the next menu to the right, or open a submenu
Left Arrow Open the next menu to the left, or close a submenu
F5 (or Ctrl+R) Refresh the active window
Alt+Up Arrow View the folder one level up in Windows Explorer
Esc Cancel the current task
Ctrl+Shift+Esc Open Task Manager
Shift when you insert a CD Prevent the CD from automatically playing
Left Alt+Shift Switch the input language when multiple input languages are enabled
Ctrl+Shift Switch the keyboard layout when multiple keyboard layouts are enabled
Right or Left Ctrl+Shift Change the reading direction of text in right-to-left reading languages
Dialog box keyboard shortcuts
Press this key To do this
Ctrl+Tab Move forward through tabs
Ctrl+Shift+Tab Move back through tabs
Tab Move forward through options
Shift+Tab Move back through options
Alt+underlined letter Perform the command (or select the option) that goes with that letter
Enter Replaces clicking the mouse for many selected commands
Spacebar Select or clear the check box if the active option is a check box
Arrow keys Select a button if the active option is a group of option buttons
F1 Display Help
F4 Display the items in the active list
Backspace Open a folder one level up if a folder is selected in the Save As or Open dialog box
Windows logo key keyboard shortcuts
Press this key To do this
Windows logo key Open or close the Start menu.
Windows logo key +Pause Display the System Properties dialog box.
Windows logo key +D Display the desktop.
Windows logo key +M Minimize all windows.
Windows logo key +Shift+M Restore minimized windows to the desktop.
Windows logo key +E Open Computer.
Windows logo key +F Search for a file or folder.
Ctrl+Windows logo key  +F Search for computers (if you’re on a network).
Windows logo key +L Lock your computer or switch users.
Windows logo key +R Open the Run dialog box.
Windows logo key +T Cycle through programs on the taskbar.
Windows logo key +number Start the program pinned to the taskbar in the position indicated by the number. If the program is already running, switch to that program.
Shift+Windows logo key +number Start a new instance of the program pinned to the taskbar in the position indicated by the number.
Ctrl+Windows logo key +number Switch to the last active window of the program pinned to the taskbar in the position indicated by the number.
Alt+Windows logo key+number Open the Jump List for the program pinned to the taskbar in the position indicated by the number.
Windows logo key +Tab Cycle through programs on the taskbar by using Aero Flip 3-D.
Ctrl+Windows logo key  +Tab Use the arrow keys to cycle through programs on the taskbar by using Aero Flip 3-D.
Ctrl+Windows logo key  +B Switch to the program that displayed a message in the notification area.
Windows logo key +Spacebar Preview the desktop.
Windows logo key +Up Arrow Maximize the window.
Windows logo key +Left Arrow Maximize the window to the left side of the screen.
Windows logo key +Right Arrow Maximize the window to the right side of the screen.
Windows logo key +Down Arrow Minimize the window.
Windows logo key +Home Minimize all but the active window.
Windows logo key +Shift+Up Arrow Stretch the window to the top and bottom of the screen.
Windows logo key +Shift+Left Arrow or Right Arrow Move a window from one monitor to another.
Windows logo key +P Choose a presentation display mode.
Windows logo key +G Cycle through gadgets.
Windows logo key +U Open Ease of Access Center.
Windows logo key +X Open Windows Mobility Center.
Windows Explorer keyboard shortcuts
Press this key To do this
Ctrl+N Open a new window
Ctrl+W Close the current window
Ctrl+Shift+N Create a new folder
End Display the bottom of the active window
Home Display the top of the active window
F11 Maximize or minimize the active window
Ctrl+Period (.) Rotate a picture clockwise
Ctrl+Comma (,) Rotate a picture counter-clockwise
Num Lock+Asterisk (*) on numeric keypad Display all subfolders under the selected folder
Num Lock+Plus Sign (+) on numeric keypad Display the contents of the selected folder
Num Lock+Minus Sign (-) on numeric keypad Collapse the selected folder
Left Arrow Collapse the current selection (if it’s expanded), or select the parent folder
Alt+Enter Open the Properties dialog box for the selected item
Alt+P Display the preview pane
Alt+Left Arrow View the previous folder
Backspace View the previous folder
Right Arrow Display the current selection (if it’s collapsed), or select the first subfolder
Alt+Right Arrow View the next folder
Alt+Up Arrow View the parent folder
Ctrl+Shift+E Display all folders above the selected folder
Ctrl+Mouse scroll wheel Change the size and appearance of file and folder icons
Alt+D Select the address bar
Ctrl+E Select the search box
Ctrl+F Select the search box
Taskbar keyboard shortcuts
Press this key To do this
Shift+Click on a taskbar button Open a program or quickly open another instance of a program
Ctrl+Shift+Click on a taskbar button Open a program as an administrator
Shift+Right-click on a taskbar button Show the window menu for the program
Shift+Right-click on a grouped taskbar button Show the window menu for the group
Ctrl+Click on a grouped taskbar button Cycle through the windows of the group
Magnifier keyboard shortcuts
Press this key To do this
Windows logo key + Plus Sign (+) or Minus Sign (-) Zoom in or out
Ctrl+Alt+Spacebar Preview the desktop in full-screen mode
Ctrl+Alt+F Switch to full-screen mode
Ctrl+Alt+L Switch to lens mode
Ctrl+Alt+D Switch to docked mode
Ctrl+Alt+I Invert colors
Ctrl+Alt+arrow keys Pan in the direction of the arrow keys
Ctrl+Alt+R Resize the lens
Windows logo key + Esc Exit Magnifier

Remote Desktop Connection keyboard shortcuts

Press this key To do this
Alt+Page Up Move between programs from left to right.
Alt+Page Down Move between programs from right to left.
Alt+Insert Cycle through programs in the order that they were started in.
Alt+Home Display the Start menu.
Ctrl+Alt+Break Switch between a window and full screen.
Ctrl+Alt+End Display the Windows Security dialog box.
Alt+Delete Display the system menu.
Ctrl+Alt+Minus Sign (-) on the numeric keypad Place a copy of the active window, within the client, on the Terminal server clipboard (provides the same functionality as pressing Alt+PrtScn on a local computer).
Ctrl+Alt+Plus Sign (+) on the numeric keypad Place a copy of the entire client window area on the Terminal server clipboard (provides the same functionality as pressing PrtScn on a local computer).
Ctrl+Alt+Right Arrow “Tab” out of the Remote Desktop controls to a control in the host program (for example, a button or a text box). Useful when the Remote Desktop controls are embedded in another (host) program.
Ctrl+Alt+Left Arrow “Tab” out of the Remote Desktop controls to a control in the host program (for example, a button or a text box). Useful when the Remote Desktop controls are embedded in another (host) program.

Note

Ctrl+Alt+Break and Ctrl+Alt+End are available in all Remote Desktop sessions, even when you’ve set up the remote computer to recognizeWindows keyboard shortcuts.

Paint keyboard shortcuts

The following table contains keyboard shortcuts for working with Paint.

Press this key To do this
Ctrl+N Create a new picture
Ctrl+O Open an existing picture
Ctrl+S Save changes to a picture
F12 Save the picture as a new file
Ctrl+P Print a picture
Alt+F4 Close a picture and its Paint window
Ctrl+Z Undo a change
Ctrl+Y Redo a change
Ctrl+A Select the entire picture
Ctrl+X Cut a selection
Ctrl+C Copy a selection to the Clipboard
Ctrl+V Paste a selection from the Clipboard
Right Arrow Move the selection or active shape right by one pixel
Left Arrow Move the selection or active shape left by one pixel
Down Arrow Move the selection or active shape down by one pixel
Up Arrow Move the selection or active shape up by one pixel
Esc Cancel a selection
Delete Delete a selection
Ctrl+B Bold selected text
Ctrl++ Increase the width of a brush, line, or shape outline by one pixel
Ctrl+- Decrease the width of a brush, line, or shape outline by one pixel
Ctrl+I Italicize selected text
Ctrl+U Underline selected text
Ctrl+E Open the Properties dialog box
Ctrl+W Open the Resize and Skew dialog box
Ctrl+Page Up Zoom in
Ctrl+Page Down Zoom out
F11 View a picture in full-screen mode
Ctrl+R Show or hide the ruler
Ctrl+G Show or hide gridlines
F10 or Alt Display keytips
Shift+F10 Show the current shortcut menu
F1 Open Paint Help
WordPad keyboards shortcuts
Press this key To do this
Ctrl+N Create a new document
Ctrl+O Open an existing document
Ctrl+S Save changes to a document
F12 Save the document as a new file
Ctrl+P Print a document
Alt+F4 Close WordPad
Ctrl+Z Undo a change
Ctrl+Y Redo a change
Ctrl+A Select the entire document
Ctrl+X Cut a selection
Ctrl+C Copy a selection to the Clipboard
Ctrl+V Paste a selection from the Clipboard
Ctrl+B Make selected text bold
Ctrl+I Italicize selected text
Ctrl+U Underline selected text
Ctrl+= Make selected text subscript
Ctrl+Shift+= Make selected text superscript
Ctrl+L Align text left
Ctrl+E Align text center
Ctrl+R Align text right
Ctrl+J Justify text
Ctrl+1 Set single line spacing
Ctrl+2 Set double line spacing
Ctrl+5 Set line spacing to 1.5
Ctrl+Shift+> Increase the font size
Ctrl+Shift+< Decrease the font size
Ctrl+Shift+A Change characters to all capitals
Ctrl+Shift+L Change the bullet style
Ctrl+D Insert a Microsoft Paint drawing
Ctrl+F Find text in a document
F3 Find the next instance of the text in the Find dialog box
Ctrl+H Replace text in a document
Ctrl+Left Arrow Move the cursor one word to the left
Ctrl+Right Arrow Move the cursor one word to the right
Ctrl+Up Arrow Move the cursor to the line above
Ctrl+Down Arrow Move the cursor to the line below
Ctrl+Home Move to the beginning of the document
Ctrl+End Move to the end of the document
Ctrl+Page Up Move up one page
Ctrl+Page Down Move down one page
Ctrl+Delete Delete the next word
F10 Display keytips
Shift+F10 Show the current shortcut menu
F1 Open WordPad Help
Calculator keyboard shortcuts
Press this key To do this
Alt+1 Switch to Standard mode
Alt+2 Switch to Scientific mode
Alt+3 Switch to Programmer mode
Alt+4 Switch to Statistics mode
Ctrl+E Open date calculations
Ctrl+H Turn calculation history on or off
Ctrl+U Open unit conversion
Alt+C Calculate or solve date calculations and worksheets
F1 Open Calculator Help
Ctrl+Q Press the M- button
Ctrl+P Press the M+ button
Ctrl+M Press the MS button
Ctrl+R Press the MR button
Ctrl+L Press the MC button
% Press the % button
F9 Press the +/– button
/ Press the / button
* Press the * button
+ Press the + button
Press the  button
R Press the 1/× button
@ Press the square root button
0-9 Press the number buttons (0-9)
= Press the = button
. Press the . (decimal point) button
Backspace Press the backspace button
Esc Press the C button
Del Press the CE button
Ctrl+Shift+D Clear the calculation history
F2 Edit the calculation history
Up Arrow key Navigate up in the calculation history
Down Arrow key Navigate down in the calculation history
Esc Cancel editing the calculation history
Enter Recalculate the calculation history after editing
F3 Select Degrees in Scientific mode
F4 Select Radians in Scientific mode
F5 Select Grads in Scientific mode
I Press the Inv button in Scientific mode
D Press the Mod button in Scientific mode
Ctrl+S Press the sinh button in Scientific mode
Ctrl+O Press the cosh button in Scientific mode
Ctrl+T Press the tanh button in Scientific mode
( Press the ( button in Scientific mode
) Press the ) button in Scientific mode
N Press the ln button in Scientific mode
; Press the Int button in Scientific mode
S Press the sin button in Scientific mode
O Press the cos button in Scientific mode
T Press the tan button in Scientific mode
M Press the dms button in Scientific mode
P Press the pi button in Scientific mode
V Press the F-E button in Scientific mode
X Press the Exp button in Scientific mode
Q Press the x^2 button in Scientific mode
Y Press the x^y button in Scientific mode
# Press the x^3 button in Scientific mode
L Press the log button in Scientific mode
! Press the n! button in Scientific mode
Ctrl+Y Press the y√x button in Scientific mode
Ctrl+B Press the 3√x button in Scientific mode
Ctrl+G Press the 10x button in Scientific mode
F5 Select Hex in Programmer mode
F6 Select Dec in Programmer mode
F7 Select Oct in Programmer mode
F8 Select Bin in Programmer mode
F12 Select Qword in Programmer mode
F2 Select Dword in Programmer mode
F3 Select Word in Programmer mode
F4 Select Byte in Programmer mode
K Press the RoR button in Programmer mode
J Press the RoL button in Programmer mode
< Press the Lsh button in Programmer mode
> Press the Rsh button in Programmer mode
% Press the Mod button in Programmer mode
( Press the ( button in Programmer mode
) Press the ) button in Programmer mode
| Press the Or button in Programmer mode
^ Press the Xor button in Programmer mode
~ Press the Not button in Programmer mode
& Press the And button in Programmer mode
A-F Press the A-F buttons in Programmer mode
Spacebar Toggles the bit value in Programmer mode
A Press the Average button in Statistics mode
Ctrl+A Press the Average Sq button in Statistics mode
S Press the Sum button in Statistics mode
Ctrl+S Press the Sum Sq button in Statistics mode
T Press the S.D. button in Statistics mode
Ctrl+T Press the Inv S.D. button in Statistics mode
D Press the CAD button in Statistics mode
Windows Journal keyboard shortcuts
Press this key To do this
Ctrl+N Start a new note
Ctrl+O Open a recently used note
Ctrl+S Save changes to a note
Ctrl+Shift+V Move a note to a specific folder
Ctrl+P Print a note
Alt+F4 Close a note and its Journal window
Ctrl+Z Undo a change
Ctrl+Y Redo a change
Ctrl+A Select all items on a page
Ctrl+X Cut a selection
Ctrl+C Copy a selection to the Clipboard
Ctrl+V Paste a selection from the Clipboard
Esc Cancel a selection
Delete Delete a selection
Ctrl+F Start a basic find
Ctrl+G Go to a page
F5 Refresh find results
F5 Refresh the note list
F6 Toggle between a note list and a note
Ctrl+Shift+C Display a shortcut menu for column headings in a note list
F11 View a note in full-screen mode
F1 Open Journal Help
Windows Help viewer keyboard shortcuts
Press this key To do this
Alt+C Display the Table of Contents
Alt+N Display the Connection Settings menu
F10 Display the Options menu
Alt+Left Arrow Move back to the previously viewed topic
Alt+Right Arrow Move forward to the next (previously viewed) topic
Alt+A Display the customer support page
Alt+Home Display the Help and Support home page
Home Move to the beginning of a topic
End Move to the end of a topic
Ctrl+F Search the current topic
Ctrl+P Print a topic
F3 Move the cursor to the search box
Advertisements

Recover Your Lost IM Passwords

I am writing this post for those people who have lost their passwords and want to recover them. You can recover your password with a nifty tool MessenPass It is a password recovery tool that reveals the passwords of the following instant messenger applications:

  • MSN Messenger
  • Windows Messenger (In Windows XP)
  • Windows Live Messenger (In Windows XP And Vista)
  • Yahoo Messenger (Versions 5.x and 6.x)
  • Google Talk
  • ICQ Lite 4.x/5.x/2003
  • AOL Instant Messenger v4.6 or below, AIM 6.x, and AIM Pro.
  • Trillian
  • Trillian Astra
  • Miranda
  • GAIM/Pidgin
  • MySpace IM
  • PaltalkScene
  • Digsby



MessenPass can only be used to recover the passwords for the current logged-on user on your local computer, and it only works if you chose the remember your password in one of the above programs. You cannot use this utility for grabbing the passwords of other users. So all those GEEKS who were thinking that it is a Cracking tool I am sorry for broking your heart, but Hey! you can use it as don’t you?



You can also use MessenPass
in Command Line mode without displaying any user interface.

Hope it would help you out, if you have any problem leave a comment.

Disclaimer: This information is provided by the author as it is from the application source. The author will not be liable for any special, incidental, consequential or indirect damages due to loss of data or any other reason.

All About SAM Files

What is SAM?

SAM is short for Security Accounts Manager, which is located on the PDC and has information on all user accounts and passwords. Most of the time while the PDC is running, it is being accessed or used.

What do I do with a copy of SAM?


You get passwords. First use a copy of SAMDUMP.EXE to extract the user info out of it. You do not need to import this data into the Registry of your home machine to play with it. You can simply load it up into one of the many applications for cracking passwords, such as L0phtCrack, which is available from: http://www.L0phtCrack.com


Of interest to hackers is the fact that all access control and assorted parameters are located in the Registry. The Registry contains thousands of individual items of data, and is grouped together into “keys” or some type of optional value. These keys are grouped together into subtrees — placing like keys together and making copies of others into separate trees for more convenient system access.

The Registry is divided into four separate subtrees. These subtrees are called

  • HKEY_CLASSES_ROOT
  • HKEY_CURRENT_USER
  • HKEY_LOCAL_MACHINE
  • HKEY_USERS

We’ll go through them from most important to the hacker to least important to the hacker.

First and foremost is the HKEY_LOCAL_MACHINE subtree. It contains five different keys. These keys are as follows:

  • SAM and SECURITY – These keys contain the info such as user rights, user and group info for the domain (or workgroup if there is no domain), and passwords. In the NT hacker game of capture the flag, this is the flag. Bag this and all bets are off.

The keys are binary data only (for security reasons) and are typically not accessible unless you are an Administrator or in the Administrators group. It is easier to copy the data and play with it offline than to work on directly.

  • HARDWARE – this is a storage database of throw-away data that describes the hardware components of the computer. Device drivers and applications build this database during boot and update it during runtime (although most of the database is updated during the boot process). When the computer is rebooted, the data is built again from scratch. It is not recommended to directly edit this particular database unless you can read hex easily.

There are three subkeys under HARDWARE, these are the Description key, the DeviceMap key, and the ResourceMap key. The Description key has describes each hardware resource, the DeviceMap key has data in it specific to individual groups of drivers, and the ResourceMap key tells which driver goes with which resource.

  • SYSTEM – This key contains basic operating stuff like what happens at startup, what device drivers are loaded, what services are in use, etc. These are split into ControlSets which have unique system configurations (some bootable, some not), with each ControlSet containing service data and OS components for that ControlSet. Ever had to boot from the “Last Known Good” configuration because something got hosed? That is a ControlSet stored here.
  • SOFTWARE – This key has info on software loaded locally. File associations, OLE info, and some miscellaneous configuration data is located here.


The second most important main key is HKEY_USERS. It contains a subkey for each local user who accesses the system, either locally or remotely. If the server is a part of a domain and logs in across the network, their subkey is not stored here, but on a Domain Controller. Things such as Desktop settings and user profiles are stored here.

The third and fourth main keys, HKEY_CURRENT_USER and HKEY_CLASSES_ROOT, contain copies of portions of HKEY_USERS and HKEY_LOCAL_MACHINE respectively. HKEY_CURRENT_USER contains exactly would you would expect a copy of the subkey from HKEY_USERS of the currently logged in user. HKEY_CLASSES_ROOT contains a part of HKEY_LOCAL_MACHINE, specifically from the SOFTWARE subkey. File associations, OLE configuration and dependency information.

What are hives?

Hives are the major subdivisions of all of these subtrees, keys, subkeys, and values that make up the Registry. They contain “related” data.



All hives are stored in %systemroot%\SYSTEM32\CONFIG. The major hives and their files are as follows:

Hive

File

Backup File

HKEY_LOCAL_MACHINE\SOFTWARE

SOFTWARE

SOFTWARE.LOG

HKEY_LOCAL_MACHINE\SECURITY

SECURITY

SECURITY.LOG

HKEY_LOCAL_MACHINE\SYSTEM

SYSTEM

SYSTEM.LOG

HKEY_LOCAL_MACHINE\SAM

SAM

SAM.LOG

HKEY_CURRENT_USER

USERxxx

ADMINxxx

USERxxx.LOG

ADMINxxx.LOG

HKEY_USERS\.DEFAULT

DEFAULT

DEFAULT.LOG

Hackers should look for the SAM file, with the SAM.LOG file as a secondary target. This contains the password info.

Hive

File

Backup File

HKEY_LOCAL_MACHINE\SOFTWARE

SOFTWARE

SOFTWARE.LOG

HKEY_LOCAL_MACHINE\SECURITY

SECURITY

SECURITY.LOG

HKEY_LOCAL_MACHINE\SYSTEM

SYSTEM

SYSTEM.LOG

HKEY_LOCAL_MACHINE\SAM

SAM

SAM.LOG

HKEY_CURRENT_USER

USERxxx

ADMINxxx

USERxxx.LOG

ADMINxxx.LOG

HKEY_USERS\.DEFAULT

DEFAULT

DEFAULT.LOG

Hackers should look for the SAM file, with the SAM.LOG file as a secondary target. This contains the password info.

For ease of use, the Registry is divided into five separate structures that represent the Registry database in its entirety. These five groups are known as Keys, and are discussed below:

HKEY_CURRENT_USER

This registry key contains the configuration information for the user that is currently logged in. The users folders, screen colors, and control panel settings are stored here. This information is known as a User Profile.

HKEY_USERS

In windowsNT 3.5x, user profiles were stored locally (by default) in the systemroot\system32\config directory. In NT4.0, they are stored in the systemroot\profiles directory. User-Specific information is kept there, as well as common, system wide user information.

This change in storage location has been brought about to parallel the way in which Windows95 handles its user profiles. In earlier releases of NT, the user profile was stored as a single file – either locally in the \config directory or centrally on a server. In windowsNT 4, the single user profile has been broken up into a number of subdirectories located below the \profiles directory. The reason for this is mainly due to the way in which the Win95 and WinNT4 operating systems use the underlying directory structure to form part of their new user interface.

HKEY_LOCAL_MACHINE

This key contains configuration information particular to the computer. This information is stored in the systemroot\system32\config directory as persistent operating system files, with the exception of the volatile hardware key.

The information gleaned from this configuration data is used by applications, device drivers, and the WindowsNT 4 operating system. The latter usage determines what system configuration data to use, without respect to the user currently logged on. For this reason the HKEY_LOCAL_MACHINE regsitry key is of specific importance to administrators who want to support and troubleshoot NT 4.

HKEY_LOCAL_MACHINE is probably the most important key in the registry and it contains five subkeys:

  • Hardware: Database that describes the physical hardware in the computer, the way device drivers use that hardware, and mappings and related data that link kernel-mode drivers with various user-mode code. All data in this sub-tree is re-created everytime the system is started.
  • SAM: The security accounts manager. Security information for user and group accounts and for the domains in NT 4 server.
  • Security: Database that contains the local security policy, such as specific user rights. This key is used only by the NT 4 security subsystem.
  • Software: Pre-computer software database. This key contains data about software installed on the local computer, as well as configuration information.
  • System: Database that controls system start-up, device driver loading, NT 4 services and OS behavior.

Information about the HKEY_LOCAL_MACHINE\SAM Key

This subtree contains the user and group accounts in the SAM database for the local computer. For a computer that is running NT 4, this subtree also contains security information for the domain. The information contained within the SAM registry key is what appears in the user interface of the User Manager utility, as well as in the lists of users and groups that appear when you make use of the Security menu commands in NT4 explorer.

Information about the HKEY_LOCAL_MACHINE\Security key

This subtree contains security information for the local computer. This includes aspects such as assigning user rights, establishing password policies, and the membership of local groups, which are configurable in User Manager.

HKEY_CLASSES_ROOT

The information stored here is used to open the correct application when a file is opened by using Explorer and for Object Linking and Embedding. It is actually a window that reflects information from the HKEY_LOCAL_MACHINE\Software subkey.

HKEY_CURRENT_CONFIG

The information contained in this key is to configure settings such as the software and device drivers to load or the display resolution to use. This key has a software and system subkeys, which keep track of configuration information.

Understanding Hives

The registry is divided into parts called hives. These hives are mapped to a single file and a .LOG file. These files are in the systemroot\system32\config directory.

Registry Hive

File Name

HKEY_LOCAL_MACHINE\SAM

SAM and SAM.LOG

HKEY_LOCAL_MACHINE\SECURITY

Security and Security.LOG

HKEY_LOCAL_MACHINE\SOFTWARE

Software and Software.LOG

HKEY_LOCAL_MACHINE\SYSTEM

System and System.ALT

Command Prompt Codes

Some BASIC Commands:

1. Accessibility Controls – access.cpl
2. Accessibility Wizard – accwiz
3. Add Hardware Wizard – hdwwiz.cpl
4. Add/Remove Programs – appwiz.cpl
5. Administrative Tools – control admintools
6. Automatic Updates – wuaucpl.cpl
7. Bluetooth Transfer Wizard – fsquirt
8. Calculator – calc
9. Certificate Manager – certmgr.msc
10. Character Map – charmap
11. Check Disk Utility – chkdsk
12. Clipboard Viewer – clipbrd
13. Command Prompt – cmd
14. Component Services – dcomcnfg
15. Computer Management – compmgmt.msc
16. Control Panel – control
17. Date and Time Properties – timedate.cpl
18. DDE Shares – ddeshare
19. Device Manager – devmgmt.msc
20. Direct X Troubleshooter – dxdiag
21. Disk Cleanup Utility – cleanmgr
22. Disk Defragment – dfrg.msc
23. Disk Management – diskmgmt.msc
24. Disk Partition Manager – diskpart
25. Display Properties – control desktop
26. Display Properties – desk.cpl
27. Dr. Watson System Troubleshooting Utility – drwtsn32
28. Driver Verifier Utility – verifier
29. Event Viewer – eventvwr.msc
30. Files and Settings Transfer Tool – migwiz
31. File Signature Verification Tool – sigverif
32. Findfast – findfast.cpl
33. Firefox – firefox
34. Folders Properties – control folders
35. Fonts – control fonts
36. Fonts Folder – fonts
37. Free Cell Card Game – freecell
38. Game Controllers – joy.cpl
39. Group Policy Editor (for xp professional) – gpedit.msc
40. Hearts Card Game – mshearts
41. Help and Support – helpctr
42. HyperTerminal – hypertrm
43. Iexpress Wizard – iexpress
44. Indexing Service – ciadv.msc
45. Internet Connection Wizard – icwconn1
46. Internet Explorer – iexplore
47. Internet Properties – inetcpl.cpl
48. Keyboard Properties – control keyboard
49. Local Security Settings – secpol.msc
50. Local Users and Groups – lusrmgr.msc
51. Logs You Out Of Windows – logoff
52. Malicious Software Removal Tool – mrt
53. Microsoft Chat – winchat
54. Microsoft Movie Maker – moviemk
55. Microsoft Paint – mspaint
56. Microsoft Syncronization Tool – mobsync
57. Minesweeper Game – winmine
58. Mouse Properties – control mouse
59. Mouse Properties – main.cpl
60. Netmeeting – conf
61. Network Connections – control netconnections
62. Network Connections – ncpa.cpl
63. Network Setup Wizard – netsetup.cpl
64. Notepad – notepad
65. Object Packager – packager
66. ODBC Data Source Administrator – odbccp32.cpl
67. On Screen Keyboard – osk
68. Outlook Express – msimn
69. Paint – pbrush
70. Password Properties – password.cpl
71. Performance Monitor – perfmon.msc
72. Performance Monitor – perfmon
73. Phone and Modem Options – telephon.cpl
74. Phone Dialer – dialer
75. Pinball Game – pinball
76. Power Configuration – powercfg.cpl
77. Printers and Faxes – control printers
78. Printers Folder – printers
79. Regional Settings – intl.cpl
80. Registry Editor – regedit
81. Registry Editor – regedit32
82. Remote Access Phonebook – rasphone
83. Remote Desktop – mstsc
84. Removable Storage – ntmsmgr.msc
85. Removable Storage Operator Requests – ntmsoprq.msc
86. Resultant Set of Policy (for xp professional) – rsop.msc
87. Scanners and Cameras – sticpl.cpl
88. Scheduled Tasks – control schedtasks
89. Security Center – wscui.cpl
90. Services – services.msc
91. Shared Folders – fsmgmt.msc
92. Shuts Down Windows – shutdown
93. Sounds and Audio – mmsys.cpl
94. Spider Solitare Card Game – spider
95. SQL Client Configuration – cliconfg
96. System Configuration Editor – sysedit
97. System Configuration Utility – msconfig
98. System Information – msinfo32
99. System Properties – sysdm.cpl
100. Task Manager – taskmgr
101. TCP Tester – tcptest
102. Telnet Client – telnet
103. User Account Management – nusrmgr.cpl
104. Utility Manager – utilman
105. Windows Address Book – wab
106. Windows Address Book Import Utility – wabmig
107. Windows Explorer – explorer

Command Prompt Basics

For use in command prompt on you own computer or network:

CMD or command.com = use whichever works best or whichever one is available ( to open command prompt in the run command.
EXIT = exit the command prompt
PATH = displays the places that if will look for if not in the name first
CLS = clears up everything on command prompt page
TIME = displays time and you can change it if you want
HELP = displays help, more commands
DIR OR DIR /? = Shows a lot of information
CD\PROGRA~1 ENTER THEN DIR = Programs installed (1)
CD\ ENTER THEN DIR = shows installations of programs
(DEL OR COPY OR DIR) *.* C:\TARGET = you can either delete, copy or dir a program
NET = you get options to use it
SHUTDOWN –LETTER OR SHUTDOWN/? = you can shutdown

Your computer or another computer

NETSTAT = view the stats of the computers one feature is
to get people’s I.P. for more type netstat/?

FSUTIL AND FSUTIL FSINFO = shows you things like list of
all drives
BASIC OF CMD PART 2
ERASE C:\PROGRAM FILES = erases all program files or leave
just the c delete everything

NBTSTAT = GETTING INFORMATION ON YOUR COMPUTER
AND OTHERS

TREE = displays all files on program files and desktop good
for seeing if you have any keyloggers

TRACERT (IP) = to see if the I.P. exist
NET USE C: \\PCNAME\C$ /USER: PCNAME\ADMINISTRATOR
= to sign in as an administrator that’s not signed in

NSLOOKUP SET TYPE=MX EXP:HOTMAIL.COM = getting ips
from web sites

/WHOIS (SCREENAME) = only on a chat room, to find
information a that person which owns the screename an I.P.

For use in command prompt for path chanching

DISKPART = shows you stuff like the computer name and
takes you to disk part option

CD\PROGRA~1 ENTER THEN DIR = Programs installed (2)
CD \WINDOWS \SYSTEM = to look for stuff in this folders

BASIC OF CMD PART3
TELNET : remote controlling
NET START MESSENGER = start net send when it is disable
For use in command prompt only on a network or hacking

BOOTCFG = you can make changes to boot the computer ,
boot it mess it up

GPRESULT = shows all the information of a computer
DRIVERQUERY = list of drives and their properties
GETMAC = this gets the Mac (media access control) address
NETSH = good for hacking a network configuration tool
type netsh /? For more

OPENFILES = only for windows professional allows an
administrator to display or disconnect open files

REG = THE CONSOLE REGISTRY TOOL
SYSTEMINFO = info
TASKLIST AND TASKKILL = LIKE PRESING CTRL+ALT+DELETE

NTFS vs FAT

To NTFS or not to NTFS—that is the question. But unlike the deeper questions of life, this one isn’t really all that hard to answer. For most users running Windows XP, NTFS is the obvious choice. It’s more powerful and offers security advantages not found in the other file systems. But let’s go over the differences among the files systems so we’re all clear about the choice. There are essentially three different file systems available in Windows XP: FAT16, short for File Allocation Table, FAT32, and NTFS, short for NT File System.


FAT16
The FAT16 file system was introduced way back with MS–DOS in 1981, and it’s showing its age. It was designed originally to handle files on a floppy drive, and has had minor modifications over the years so it can handle hard disks, and even file names longer than the original limitation of 8.3 characters, but it’s still the lowest common denominator. The biggest advantage of FAT16 is that it is compatible across a wide variety of operating systems, including Windows 95/98/Me, OS/2, Linux, and some versions of UNIX. The biggest problem of FAT16 is that it has a fixed maximum number of clusters per partition, so as hard disks get bigger and bigger, the size of each cluster has to get larger. In a 2–GB partition, each cluster is 32 kilobytes, meaning that even the smallest file on the partition will take up 32 KB of space. FAT16 also doesn’t support compression, encryption, or advanced security using access control lists.

FAT32
The FAT32 file system, originally introduced in Windows 95 Service Pack 2, is really just an extension of the original FAT16 file system that provides for a much larger number of clusters per partition. As such, it greatly improves the overall disk utilization when compared to a FAT16 file system. However, FAT32 shares all of the other limitations of FAT16, and adds an important additional limitation—many operating systems that can recognize FAT16 will not work with FAT32—most notably Windows NT, but also Linux and UNIX as well. Now this isn’t a problem if you’re running FAT32 on a Windows XP computer and sharing your drive out to other computers on your network—they don’t need to know (and generally don’t really care) what your underlying file system is.

The Advantages of NTFS
The NTFS file system, introduced with first version of Windows NT, is a completely different file system from FAT. It provides for greatly increased security, file–by–file compression, quotas, and even encryption. It is the default file system for new installations of Windows XP, and if you’re doing an upgrade from a previous version of Windows, you’ll be asked if you want to convert your existing file systems to NTFS. Don’t worry. If you’ve already upgraded to Windows XP and didn’t do the conversion then, it’s not a problem. You can convert FAT16 or FAT32 volumes to NTFS at any point. Just remember that you can’t easily go back to FAT or FAT32 (without reformatting the drive or partition), not that I think you’ll want to.

The NTFS file system is generally not compatible with other operating systems installed on the same computer, nor is it available when you’ve booted a computer from a floppy disk. For this reason, many system administrators, myself included, used to recommend that users format at least a small partition at the beginning of their main hard disk as FAT. This partition provided a place to store emergency recovery tools or special drivers needed for reinstallation, and was a mechanism for digging yourself out of the hole you’d just dug into. But with the enhanced recovery abilities built into Windows XP (more on that in a future column), I don’t think it’s necessary or desirable to create that initial FAT partition.