De-crypt Encrypted files on Windows XP

1. Login as Administrator

2. Go to Start/Run and type in cmd and click OK.

At the prompt type cipher /r:Eagent and press enter

This prompt will then display:

Please type in the password to protect your .PFX file:

Type in your Administrator password
Re-confirm your Administrator password

The prompt will then display

Your .CER file was created successfully.
Your .PFX file was created successfully.

The Eagent.cer and Eagent.pfx files will be saved in the current directory that is shown at the command prompt. Example: The command prompt displays C:\Documents and Settings\admin> the two files are saved in the admin folder. (For security concerns, you should house the two files in your Administrator folder or on a floppy disk).

3. Go to Start/Run and type in certmgr.msc and click OK. This will launch the Certificates Manager. Navigate to Personal and right click on the folder and select All Tasks/Import. The Certificate Import Wizard will appear. Click Next. Browse to the C:\Documents and Settings\admin folder. In the Open dialog box, change the Files of Type (at the bottom) to personal Information Exchange (*.pfx,*.P12). Select the file Eagent.pfx and click Open. Click Next. Type in your Administrator password (leave the two checkboxes blank) and click Next. Make sure the Radio button is active for the first option (Automatically select the certificate store based on the type of certifcate). Click Next. Click Finish. (You’ll receive a message that the import was successful). To confirm the import, close Certificates Manager and re-open it. Expand the Personal folder and you will see a new subfolder labeled Certificates. Expand that folder and you will see the new entry in the right side column. Close Certificate Manager.

4. Go to Start/Run and type in secpol.msc and click OK. This will launch the Local Security Policy. Expand the Public Key Policies folder and then right click on the Encrypted File System subfolder and select Add Data Recovery Agent… The Wizard will then display. Click Next. Click the Browse Folders… button. Browse to the C:\Documents and Settings\admin folder. Select the Eagent.cer file and click Open. (The wizard will display the status User_Unknown. That’s ok). Click Next. Click Finish. You will see a new entry in the right side column. Close the Local Security Policy.

You, the Administrator are now configured as the default Recovery Agent for All Encrypted files on the Local Machine.

To Recover Encrypted files:

Scenario #1

If you have completed the above steps BEFORE an existing user encrypted his/her files, you can log in to your Administrator account and navigate to the encrypted file(s). Double click on the file(s) to view the contents.

Scenario #2

If you have completed the above steps AFTER an existing user has already encrypted his/her files, you must login to the applicable User’s User Account and then immediately logout. Next, login to your Administrator account and navigate to the encrypted file(s). Double click on the file(s) to view the contents.

*Warning

Do not Delete or Rename a User’s account from which will want to Recover the Encrypted Files. You will not be able to de-crypt the files using the steps outlined above.

Taking Ownership of Access Denied Folder

after  reinstalling Windows XP, sometimes you can get an error of Access Denied when trying to open a previous user’s files / directory. Use the below steps to take ownership of that :

Log on to Administrator OR user with admin rights
Right click on specific folder and select Properties
Goto Security tab and click the Advanced button
Click on Owner tab and in the list of Names, click on your name
Then, click on Replace owner on subcontainers and objects and press OK and Yes

How To Access The Data Inside Crashed HDD?

Many of my friends when their Operating System (OS) crash, they just format the PC because they thought that they cannot access the data inside the Hard Disk. But even, if our OS crash, we can still access our data inside the crashed HDD. I hope most of you have seen the blue screen of death when your Operating System crash.

We can access the data by using Portable LiveCD like Portable XP / Linux Live CD. My preference is SLAX Linux Live CD.

Just boot your computer with newly burned bootcd (SLAX). After successful boot you can be able to see your hard drive contents from the folder view. No need to mount the partitions, because it is already mounted. Just use a pendrive to backup your importat data.

Otherwise, use the below method :

Just remove your crashed HDD from the your PC and connect that with other Xp based PC’s secondary slot, check with bios for HDD detection and boot it. After booting you can see your HDD in My Computer view as D: or E:

How to Login as Administrator in Win XP Pro. ?

The Administrator account is hidden on XP Pro Welcome Screen.

Just press ctrl + alt + del twice at the Welcome Screen to get login prompt window. Then, just type user name as Administrator and your admin password to login as administrator.

Note : In Windows XP Home Edition built-in Administrator will work only in Safe Mode.

How to Increase your PC’s Booting Speed / RAM Cleaner

In Notepad, type :

FreeMem=Space(6400000)

Save it as ramcleaner.vbs and run it whenever your pc became slow. If you have a bigger RAM, you can change value from 6400000 to more.

One more option is, remove your ram and clean the metal portion (which part is going inside slot) with normal pencil rubber and install it again.

How to increase the processor power of your computer?

Follow the given steps to end the idle tasks:

*

To enable this feature, you will need to be logged into your computer with administrative rights.
*

Click Start button and click on Run option.
*

In the Run box, type the command Rundll32.exe advapi32.dll,ProcessIdleTasks command and press Ok button.

Here system will take some time to end the background idle tasks

How to prevent users from writing to USB drives?

A common security issue at organizations is how to prevent their workers to write data onto USB drives using their PCs, because a user can easily move confidential data for other location.

If you have windows XP with SP2, then you can disable the writing option to USB drives.

Follow the given steps to disable the USB writing option:

To edit the computer registry, first you should log onto your computer with administrative rights.

First click on Start button and type “Regedit” in Run option.

Here locate the location to:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control

Here in right side panel, click right to create a key with the name “StorageDevicePolicies”.

Now in left side panel, select “StorageDevicePolicies” key, again right click to create new DWORD value then label it “WriteProtect”.

Set its value to “1″. But again enable this option set its values “0″.

Now close the registry editor and restart your computer after any changes to go into effect

How can I delete the Recovery Console?

To delete the Recovery Console follow these steps:

1. Open My Computer.

2. Double-click the hard drive on which you installed the Recovery Console.

3. On the Tools menu, click Folder Options.

4. Click the View tab.

5. Click Show hidden files and folders, clear the Hide protected operating system files check box, and then click OK.

6. At the root directory, delete the \Cmdcons folder.

7. At the root directory, delete the file Cmldr.

8. At the root directory, right-click the Boot.ini file and then click Properties.

9. Clear the Read-only check box, and then click OK.

10. Open Boot.ini in Notepad, and remove the entry for the Recovery Console. It will look similar to this:

C:\cmdcons\bootsect.dat=”Microsoft Windows Recovery Console” /cmdcons

1. Save the file and close it.

Can I configure the Windows XP/2000/2003 Recovery Console to auto-logon whenever I run it?

By doing this, any user can gain access to your computer by using the Recovery Console and without being prompted for an administrative password.

To set an automatic administrator logon for the Recovery Console, complete the following steps while you are logged on with administrative privileges:

1. Double-click Administrative Tools in Control Panel, and then double-click Local Security Policy.

2. Expand Security Settings , expand Local Policies, and then click Security Options . Locate the “Recovery Console: Allow automatic administrative logon” policy. Double-click this policy, and then set it to “Enable”.

3. Close the snap-in. The policy is effective immediately. Be sure to go back into the Local Security Policy snap-in to make sure that the effective setting for the policy is “Enabled”.

The next time you boot to the Recovery Console, you won’t be prompted for a password.

How does Ntdsutil.exe know it’s in Directory Restore mode

NTDSUTIL is a tool used for many Active Directory database maintenance tasks, such as defragmenting the DB, moving the DB and/or log files to a different place, cleaning the DB and more.

NTDSUTIL will allow you to perform many of it’s functions while the DC is up and running. However some of the maintenance tasks (such as performing an offline defragmentation of the DB and moving the files to a different location, along with the Authoritive restore commands) require that you start the DC in Directory Restore mode, found when you access the boot menu by pressing F8 before the server starts it’s startup sequence.

When you start the domain controller in Directory Restore mode, the DC sets the environment variable safeboot_option to “dsrepair.”

If, for some reason, you want to access the “protected” features of NTDSUTIL while it is NOT in the Directory Restore mode, you will receive an error similar to this:

C:\WINDOWS>ntdsutil ntdsutil: files *** Error: Operation only allowed when booted in DS restore mode “set SAFEBOOT_OPTION=DSREPAIR” to override – NOT RECOMMENDED! ntdsutil:

If you want to check something in NTDSUTIL that is allowed only in Directory Restore mode, you can “trick” the program by typing the following statement at a command prompt:

set SAFEBOOT_OPTION=DSREPAIR

C:\WINDOWS>ntdsutil
ntdsutil: files
*** Error: Operation only allowed when booted in DS restore mode
“set SAFEBOOT_OPTION=DSREPAIR” to override – NOT RECOMMENDED!
ntdsutil: