introduction to dos

1. Introduction

DOS provides the most popular operating environment on IBM PCs and IBM PC-compatible microcomputer systems. This document describes the most useful DOS commands. The word DOS is used for convenience to cover Microsoft MS-DOS, IBM PC-DOS and Novell DOS.

Most of the information in this document is applicable to MS-DOS versions 3.3, 5 and 6, with exceptions noted in the text (there was a version 4, but it was quickly superseded). The main new facilities found in MS-DOS versions 5 and 6 are summarised in Sections 8 and 9. If you are not sure which version of DOS you are running, type

VER

at the DOS prompt.

2. The DOS File System

In order to understand how files are referred to on a PC, you need to know the meaning of the following terms:

File Name

This is a name you choose to give to a file.

File Name Extension

This is added on to the end of a file to indicate what sort of information the file contains, e.g. TXT for text or DAT for data.

Disk Drive Letter

This identifies the physical location of the file, e.g. C: for a hard or fixed disk inside the PC, or A: for a 3.5" disk that you can remove (often called a floppy disk or diskette).

Directory

A name for a related set of files stored together. You can use directories to organise the files stored on your disk.

These are described in more detail below.

2.1. File Names and Extensions

A file is identified by a filename, optionally followed by a dot and a filename extension, e.g.

EXEC.BAT

THESIS.DOC

MYPROG3.FOR

The filename may contain up to eight characters, and the extension may contain up to three characters. Filenames and extensions may contain any of the following letters and symbols:

A-Z  a-z  0-9  !  #  $  %  ^  &  (  )  _  -  {  }  @  ~  #

However, it is common practice to use only letters and numbers for most purposes. It is possible to create files that have no filename extension, but you are recommended to always include one that is appropriate to the content of the file. Some programs expect files to have a particular file extension. For example, files stored by the Microsoft Word word-processing program normally have file extension DOC. Some common filename extensions are listed below:

.BAK

Previous generation of a file saved by an editor or word processor

.BAS

Basic source program

.BAT

Batch file containing a sequence of commands

.BMP

Bitmap image file

.COM

External command file

.DBF

Database file

.DLL

Dynamic link library

.DOC

Microsoft Word word processor document file

.DOT

Microsoft Word word processor document template

.EXE

Executable program file

.FOR

Fortran source program

.HLP

Help file

.INI

Program initialisation file

.LST

Listing file from a compiler

.PAS

Pascal source program

.SYS

System driver file

.WKS

Lotus 1-2-3 spreadsheet file

.TMP

Temporary file

.TXT

Plain text file

.XLS

Microsoft Excel spreadsheet file

.ZIP

Compressed file

2.2. Disk Drive Letters

Disk drive letters are usually followed by a colon (:). A single diskette drive has drive letter A: and a hard disk has drive letter C:. If the PC has a second diskette drive then this is B:. Diskettes are often referred to as floppy disks. If a PC is connected to a network, then the network directories will be identified by one or more other drive letters such as F:, N: or Q:.

When using a command, you may need to type a drive letter before the filename to tell DOS where to find the disk that contains a file. If the drive letter is omitted when you type a filename, DOS automatically searches for the file on the disk in the default drive, i.e. the disk currently being used.

To let you know that it is ready to receive a command, DOS displays a prompt that starts with the current drive letter and ends with a greater-than sign (>). To switch to another drive, type the new drive letter followed by a colon. For example, if the original DOS prompt is

C:>

then type

A:

to specify that you want to work from the floppy disk. This will produce a new prompt:

A:>

This indicates that the A: drive is now the default drive. DOS will search this drive first to find any filenames that you type, unless you specify another drive. The DOS prompt usually includes the current directory, and if it does not it can be modified to do so, e.g.

C:JULY>

where JULY is the directory name. The command to set this prompt is:

PROMPT=$P$G

If there is no current directory then a backslash is shown before the > sign.

2.3. Directories

Each disk contains a file directory, which is a table of contents for the disk. It contains the names of the files stored on the disk, their sizes, and the date they were last modified. As the number of files in a directory grows, it is usual to organise the files into categories. You can use directories to group associated files together. A directory can contain files and other directories (referred to as subdirectories), which in turn may contain further subdirectories. Keeping related files in directories makes it easier to locate a particular file.

When a disk is formatted by DOS (see Section 6) a root directory or first-level directory is created. There is a limit to the number of entries in the root directory of a disk, but subdirectories may contain any number of entries, limited only by the amount of available space on the disk. The root directory is represented by a backslash ().

Each disk drive has a current directory. DOS will remember which directory is current on each of your drives, even when you are not accessing them.

A parent directory is any directory that contains subdirectories. The parent directory entry and the current directory entry are automatically created by DOS whenever a directory is created. DOS uses the shorthand names '.' to indicate the current directory, and '..' to represent the parent directory (i.e. one level up). Some examples of specifying directories are shown below:

represents the root directory.

PROJA

refers to a directory called PROJA under the root directory.

PROJAJIM

refers to subdirectory JIM in parent directory PROJA.

.

refers to the current directory.

..

refers to the parent directory. This might or might not be the root directory.

2.4. Identifying Files

In order to refer to a particular file on a disk, at least a filename must be given. Depending on the circumstances it may also be necessary to give a disk drive letter, a directory name and a filename extension. For example, a file called LETTER.DOC in a directory called JULY on disk C: may be identified in any of the following ways:

LETTER

filename only

LETTER.DOC

filename and file extension

JULYLETTER.DOC

directory name, filename and filename extension

C:JULYLETTER.DOC

disk drive letter, directory name, filename and extension

Note that it is possible to have subdirectories within directories, in which case two or more directory names may have to be given in order to uniquely identify a file.

2.5. Global Filename Characters

You can use the following global filename characters in some DOS commands (COPY, DEL, REN and DIR) to refer to a group of files by a general name, rather than specifying each file individually:

?

stands for any single character

*

stands for any sequence of characters

These are often known as wild-card characters. They may be used in the filename or the filename extension or both. For example:

A:*.DOC

refers to all files with extension DOC in the current directory of drive A:

C:TEST.*

refers to all files with filename TEST in the root directory of drive C:

C:*.*

refers to all files in the current directory of drive C:

THES?.*

refers to any files in the current directory of the default drive that have a filename of four or five characters beginningTHES

You should take great care when using wild-card characters and any filename extension with DEL or REN, as several files can easily be deleted or renamed with a single command.

2.6. Paths and Pathnames

When DOS is required to locate a program or batch file, and a directory is not specified, DOS searches only the current directory of the default drive. To refer to a file in a directory other than the current directory, DOS must be given the name of the directory and the filename, i.e. DOS is given the pathname to the file. A pathname is a sequence of directory names followed by a filename. Each directory name in a pathname is separated from the previous one by a backslash (). The sequence of directory names is referred to as the path. A pathname may contain any number of directory names up to a total length of 63 characters. If a pathname begins with a backslash, DOS searches for the file beginning at the root directory. For example, the pathname

EXAMPLESWORD5MEMO.DOC

refers to the file MEMO.DOC in the subdirectory WORD5 which is in the directory EXAMPLES.

The PATH command is used to set a command search path, i.e. to tell DOS which directories to search after searching the current directory. For example, the command

PATH C:USERPETE

tells DOS to search the subdirectory PETE in the directory USER on the C: drive for any commands (that are not internal DOS commands) which it can not find in the current directory. This path will remain active until you switch the machine off or set another path. Note that it is possible to give several directories in a single PATH command, by including a semicolon between pathnames, e.g.

PATH C:DOS;D:WINDOWS;C:MYPROG

The paths will be searched in the order given in the PATH command. It is advisable to always include the drive letter in a path.

It is possible to set a prompt and a search path every time a system is used, by including a PATH command in a file called C:AUTOEXEC.BAT. Any commands included in AUTOEXEC.BAT will be carried out each time the PC is switched on. For more details of the use of paths and AUTOEXEC.BAT, see User Note 510, Getting the Best from Your PC.

3. Entering DOS Commands

DOS commands may be typed in upper-case or lower-case letters (or a combination) in response to the DOS prompt. To submit a command, type it and press the Enter key. For example, to enter the command DIR, type

DIR

and press Enter. There are two types of DOS command: internal commands and external commands.

3.1. Internal Commands

The most commonly used DOS commands are internal commands, e.g. DIR, COPY, DEL, REN, CD, MD, RD and TYPE. These commands are loaded into memory when a PC is switched on and are carried out immediately they are typed.

3.2. External Commands

Any filename with an extension of COM, EXE or BAT is considered an external command. For example, files such as FORMAT.EXE and DISKCOPY.EXE are external commands. Before DOS can run an external command, it must read the command into memory from disk. When you give an external command, DOS immediately checks your current directory to find that command. If it is not found, you must tell DOS which directory the external command is in by typing the pathname before the command, e.g.

C:DOSFORMAT A:

where the FORMAT command is in the directory DOS on drive C:.

3.3. Repeating Commands

If you make a mistake when typing a DOS command you will get an error message such as:

Bad command or file name

You can then simply retype the command correctly, but for long commands this can be irritating. An easier method is to press the right arrow key or F1 key. Each time you do this a letter of the previous command will be displayed. When you get to the incorrect letter you can simply type the correct letter instead of pressing the right arrow key. You can also use the Insert and Delete key to make changes to the command. When the correct command is displayed, press Enter as usual to submit it.

In DOS 5 and later versions there is a command called DOSKEY that allows you to see and repeat several earlier commands by pressing the up arrow and down arrow keys. DOSKEY may already be available on your system. If not, you can type the command DOSKEY to make it available, then press up arrow to recall commands.

4. Handling Files

This section gives examples of some commonly used DOS commands for controlling files. Most commands have a number of possible parameters. Details of the full format of commands are given by the HELP command (in DOS 5 and later versions).

4.1. Displaying a List of Files

The DIR command is used to list all the files in a directory or a specified group of files. You can use the wild-card characters ? and * in the filename and extension with the DIR command. If either the filename or filename extension are omitted, the default is *. The /P parameter is very useful as it makes the directory display stop scrolling when the screen is full. For example:

DIR

displays all the directory entries for the current directory of the default drive.

DIR C:

displays all the directory entries for the current directory on drive C:.

DIR /P

lists all the directory entries in the current directory on the default drive, one screenful at a time. Press any key to resume scrolling the display, or Ctrl and C to interrupt it.

DIR A:FILE1.* /S

lists the directory entries for all files named FILE1 in the current directory and its subdirectories on drive A: (regardless of their filename extension).

The information provided in the directory listing includes the disk identification and the amount of free space left on the disk. The display line for each file includes its size in bytes (characters) and the date and time that the file was last updated. Entries that name other directories are clearly identified by

instead of the size of the file. You can display a large number of directory entries on the screen at one time by using the /W parameter, e.g.

DIR /W

In this case the file names and extensions are listed across the screen, but the file size and date are not included, and directories are shown in square brackets.

4.2. Displaying the Contents of a File

The TYPE command may be used to display the contents of a file on the screen. Wild-card characters are not allowed in the filename or extension. To stop the display disappearing off the screen, press the Ctrl and S keys together or use MORE as shown below. For example:

TYPE D:MYFILE.BAT

displays the file MYFILE.BAT, which is held in the current directory on drive D:.

TYPE SUBDPROG.FOR

displays the file PROG.FOR, which is held in the directory SUBD on the default drive.

TYPE HOLIDAY.DAT | MORE

displays the file HOLIDAY.DAT in the current directory one screenful at a time. To see the next screenful, press any key. To interrupt the display, press Ctrl and C.

The MORE command may be used as an alternative to TYPE with MORE, e.g.

MORE < HOLIDAY.DAT

Note that MORE is an external DOS command and so the MORE command or pipe will only work if the file MORE.COM is in a directory on the current path.

Only text files are displayed by TYPE or MORE in a legible format. Other files, such as word processor files or program files, appear unreadable due to the presence of non-alphabetic and non-numeric characters.

4.3. Renaming Files

The REN or RENAME command is used to change the name of a file. The name of the first file specified is changed to the second one. A path can be specified only with the first file name; the file will remain in the same directory after its name has been changed. The wild-card characters ? and * may be used with this command. For example:

RENAME A:LETTER.TXT MEMO.TXT

changes the name of the file LETTER.TXT on drive A: to MEMO.TXT.

REN *.TXT *.DOC

changes the filename extension of all files with an extension of TXT in the current directory from TXT to DOC.

4.4. Deleting Files

The DEL or ERASE command is used to delete a file or group of files from a disk. You should take great care when using the wild-card characters ? and * with this command, as several files can easily be erased with a single command. For example:

DEL *.TXT

deletes all files with filename extension TXT in the current directory.

DEL A:FILE1.DAT

deletes the file FILE1.DAT from the disk in drive A:.

ERASE C:LEVEL1

deletes all files from the directory LEVEL1 on drive C:.

ERASE *.*

deletes all files in the current directory. The following message is displayed as a precaution:

Are you sure (Y/N)?

Type Y if you really do want to erase all the files.

DEL FILE1 /P

prompts before it deletes the file. This parameter was not available in DOS version 3.3.

4.5. Copying Files

DOS provides three main commands for copying files:

COPY

is used to copy one or more files to a specified disk or directory. This is described below.

XCOPY

is used to copy complete directories, including any subdirectories. This is described in Section 5.5.

DISKCOPY

is used to copy entire disks. This is described in Section 7.

The COPY command is used to copy a file or group of files from one disk to another or from one directory to another. The wild-card characters ? and * may be used with this command. The file to be copied (the source file) is named first. If the second parameter is a directory, files are copied into that directory without changing their names. For example:

COPY ACCOUNTS.WKS C:OCTACC.WKS

copies the file ACCOUNTS.WKS from the current drive and directory to the file ACC.WKS in the directory OCT on drive C:.

COPY B:MYPROG.FOR A:

copies the file MYPROG.FOR from drive B to drive A: with no change in the filename or extension.

COPY A:*.* C:

copies all files in the current directory on drive A: to drive C, with no change in the filename or extension. The names of the files will be displayed as they are copied.

4.6. Moving Files

In MS-DOS version 6 the MOVE command was introduced, to allow you to move files from one directory to another, instead of having to copy and delete them. Its usage is very similar to COPY. For example,

MOVE *.DOC C:DOCS

would move all DOC files from the current directory to the DOCS directory on drive C:. In earlier versions of DOS, files can be moved by using COPY to copy a file, then DEL remove the original one.

4.7. Printing Files

There are a number of ways of printing information on paper if you have a printer connected to a PC:

• Use the PRINT command (not recommended).
• Use a DOS command such as COPY, TYPE or DIR with the output directed to a printer, as described below.
• Press the Print Screen key to print the current screen display.
• Use the printing option of an application program such as a word processor or spreadsheet.

The PRINT command is not recommended as it is actually a 'terminate-and-stay-resident' program (TSR), which means that there is less memory available in a machine after using it. PRINT can also cause problems when using a PC connected to a network, and so should generally be avoided from networked PCs.

DOS uses the keywords PRN, LPT1, LPT2 and LPT3 to refer to a printer connected to the PC. If there is only one printer this may be referred to as either PRN or LPT1. If there are two printers available they are usually referred to as LPT1 and LPT2. These keywords may be used as parameters to DOS commands to direct output to a specified printer. For example:

COPY A:READY.TXT LPT1

prints the contents of the file READY.TXT from the disk in drive A:.

DIR PRICES >PRN

prints a list of all entries in the directory PRICES.

TYPE C:AUTOEXEC.BAT >LPT2

prints the contents of the file AUTOEXEC.BAT on the printer connected to the second parallel port.

4.8. Creating and Changing Files

There are several ways in which files may be created under DOS, for example:

• By copying the contents of an existing file to a new one.
• By using an editor such as DOS EDIT (DOS 5 or later) or EDLIN (earlier versions).
• By transferring a file from another computer system.
• By running a program which generates an output file.
• By entering information into an application program such as a word processor, spreadsheet or database program, and saving a file from within the program.

The procedure for copying files is described in Section 4.5.

If you use a word processor such as Microsoft Word to create and amend files, you should be aware that the files created will be stored in a format specific to that program. This presents no problems for files containing text, but it is not normally appropriate for files containing data, commands or programs. For creating or amending these types of files there are two main options:

• Use a word processor such as Word, but make sure that the file contents are arranged as required and that the file is saved in a 'text-only-with-line-breaks' format rather than in the program's usual internal format.
• If you have DOS version 5 or later, you can use the EDIT command to run the full-screen text editor. This command includes on-line help. For example, to create or change a file called EXPT.DAT, type:

   EDIT EXPT.DAT

You can then type or amend the contents as you would expect, using the cursor and backspace keys to move around the file. To quit the editor, press Alt and F then X. You will be prompted whether or not you wish to save the file.

If you have an earlier version of DOS, the EDIT command is not available. There is a line editor called EDLIN but this is awkward to use. There are other alternatives, such as MicroEMACS or PC-Write, which are not part of DOS but are freely available and run under DOS 3. Contact Computing Service Advisory for details.

5. Handling Directories

The use of directories for storing files makes it easy to organise large quantities of information in a meaningful way. DOS always looks in the current directory to find any files whose names are entered without specifying a path.

5.1. Moving Between Directories

The CD command (short for CHDIR) is used to change the current directory. For example:

CD

changes the current directory of the default drive to its root directory.

CD ..

changes the current directory from a subdirectory to its parent directory.

CD TUFNELL

changes to the subdirectory TUFNELL within current directory.

CD C:LEVEL1LEVEL2

changes the current directory of drive C:to the path LEVEL1LEVEL2. The backslash () tells DOS to start at the root directory.

CD

displays the current directory path of the default drive.

5.2. Displaying the Contents and Structure of Directories

To display the contents of a directory, use the DIR command as described in Section 4.1. For example, to display the files in the directory EXAMPLES, you could first type

CD EXAMPLES

to change to the EXAMPLES directory, then type

DIR

to display the list of files in that directory. Alternatively, you could display all the files in EXAMPLES from within the root directory, one screenful at a time, by typing:

DIR EXAMPLES /P

Once you have a significant number of directories and subdirectories, it is easy to forget where a file is located. In this case you can use DIR with the /S option as well, e.g.

DIR /S /P

would display all files in all subdirectories of the current directory. Note that the /S option is not available in DOS version 3.

It is possible to change the default operation of the DIR command by setting a variable in your AUTOEXEC.BAT file. For example, if you added the line

SET DIRCMD=/O:-D-G/P

to AUTOEXEC.BAT, then whenever you just typed DIR files would be listed in date order one screen at a time, with the most recently created or changed file shown first.

5.3. Making Directories

The MD command (short for MKDIR) is used to create a directory or subdirectory on a specified disk. DOS automatically makes the '.' and '..' entries in a new directory, representing the current directory and the parent directory respectively. Directory names may contain up to eight characters, including any of the same symbols as filenames (see Section 2.1). For example:

MKDIR REPORTS

creates the subdirectory REPORTS under the root directory of the current drive.

MD LEVEL42

creates the subdirectory LEVEL42 within the current directory or subdirectory. The absence of a leading backslash causes DOS to begin at the current directory.

Note that directory names can include extensions. For example,

MD N:WIN4WG-3.11

creates the directory WIN4WG-3.11 on drive N.

5.4. Removing Directories

The RD command (short for RMDIR) is used to remove a directory from a disk. A directory can be removed only if it is empty, i.e. if the special entries '.' and '..' are the only two entries displayed when the DIR command is issued. The root directory and the current directory cannot be removed. For example:

RMDIR BRAIN

removes the directory BRAIN from the current directory.

RD C:SEP94DATA

removes the subdirectory DATA from the directory SEP94 on the C: disk.

If you have DOS version 6.0 or later, a new command, DELTREE, allows deletion of a directory and all of its files and subdirectories. Note, however, that this command could potentially delete most of the files on the disk, so it should be used with great care.

5.5. Copying Directories

The XCOPY command may be used to copy files and directories, including the contents of any subdirectories that exist. There are a number of optional parameters to the command, but the most useful ones are /S and /P. For example:

XCOPY A: B: /S

copies all the files and subdirectories on the disk in drive A: to the disk in drive B.

XCOPY C: A: /S /P

copies files and subdirectories from the current directory on drive C:to the disk in drive A, but prompts with (Y/N)? before each file, allowing you to confirm whether you want the file to be copied.

6. Formatting Disks

The FORMAT command is used to prepare a disk for use. FORMAT initialises the disk in the designated drive, analyses the entire disk for any defective tracks, and prepares the disk to accept DOS files by initialising the directory. When a disk is new, it must be formatted before you can use it. If you format a disk that contains information, the information is destroyed. Because of this you should be very careful before you decide to format any disk.

Most models of PC have disk drives that use high-density 3.5" disks, which can store 1.44 Mb. Some new models have disk drives that handle disks which can store 2.88 Mb. Older models of PC have disk drives that use 5.25" disks storing either 360 Kb or 1.2 Mb, or standard-density 3.5" disks which can store 720 Kb of information. Some models have two or three different types of disk drive. A disk drive will try to format a disk to its maximum design capacity unless told otherwise. For example, if you type

FORMAT A:

to format a 3.5" disk, DOS will attempt to format the disk for either 720 Kb or 1.44 Mb, depending on whether drive A: is a standard-capacity (720 Kb) or high-capacity drive (1.44 Mb). This can cause a problem if you want to format a standard-density disk in a high-capacity drive (e.g. in order to transfer information to a PC that is only equipped with standard-capacity disk drives). If you are sure that you want to format a standard-density disk in a high-capacity drive, use one of the following commands, depending on the size of disk:

For a 3.5" disk, use the command:

FORMAT A: /N:9 /T:80

This command limits the number of sectors and tracks on the disk to values suitable for a standard-density 720 Kb disk. A standard-density disk formatted to 720Kb in a high-capacity disk drive should be perfectly reliable.

For a 5.25" disk, use the command:

FORMAT A: /4

This may work but is not guaranteed; the IBM DOS manual states 'this parameter is intended to allow use of double-sided diskettes in high capacity drives. However, the diskettes formatted with the /4 parameter specified may not be read reliably or written in a double-sided drive'.

You should ensure that you do not under any circumstances attempt to format a standard-density disk as high-density, or vice versa. If you do this you will risk losing all the data subsequently written to the disk, and will encounter problems when trying to use the disk on different machines.

When a FORMAT command is issued, the system displays the message:

Insert new diskette for drive A:

and strike ENTER when ready

The formatting process takes several seconds. When it is complete, you will get a message showing the number of bytes of space available on the disk followed by the question Format another (Y/N)?. Type N to end the FORMAT command or Y to format another disk.

7. Copying and Backing Up Disks

When you use a PC, you will normally be responsible for keeping a secure copy of all your own files on your own fixed disk or diskettes or both. Disks are susceptible to errors and damage, so any important files should be stored in duplicate (at least) with the copies on another disk. Please remember that the secure storage of your files is your own responsibility. In many cases files can not be recovered from corrupt disks, and files which have been accidentally deleted cannot necessarily be recovered.

Each time you make major changes to a file you should copy the file from the disk you are working with to another disk, so that you always have at least one back-up copy available. You may copy individual files with the COPY command or copy whole directories and subdirectories with the XCOPY command, as described in Sections 4.5 and 5.5. In addition, the DISKCOPY and BACKUP commands are particularly useful for copying complete disks. These are described below.

DISKCOPY may be used to copy the contents of one disk (the source) to another (the target), provided that the two disks have the same format. If necessary the target disk is formatted during the copy. For example, the command

DISKCOPY A: B:

will copy the entire contents of the disk in drive A: to the disk in drive B.

If you specify the same drive, a one-drive copy operation will be performed and you will be prompted to insert different disks at the appropriate times. In this case remember that 'SOURCE' means the original disk, and 'TARGET' means the copy you are creating. Before beginning the operation, you should always make sure that the source disk is write-protected (which means that you can not store any new information on it), and so if you do make a mistake and insert the wrong diskette you will get a warning message but will not lose any information. (To write-protect a 3.5" disk, slide the black tab in the corner so that so you can see through a hole in the disk; to write-protect a 5.25" disk, cover the notch near the corner with a small sticky label.)

The procedure for one-drive copying is summarised below:

1. Obtain the DOS prompt, showing that DOS is ready for a command, and type:

   DISKCOPY A: A:

The system displays the message:

Insert SOURCE diskette in drive A:

Press any key when ready

2. Make sure the disk to be copied (the source) is write-protected, then insert it in drive A: and press Enter to start the disk copying process. The contents of the disk are read into memory, and the system then displays the message:

Insert TARGET diskette in drive A:

Press any key when ready

3. Remove the source disk from drive A, insert the disk that will become the copy (the target), and press any key to continue. Depending on the amount of memory available in the computer, you may have to switch the disks in this way several times.
4. Keep switching disks when prompted until the system displays the message:

Copy another diskette (Y/N)?

5. Type N to end the DISKCOPY command, remove the copy from drive A, label it and store the original disk in a safe place.

In DOS 3 and 5, the BACKUP command may be used to make a complete security copy of a fixed disk to a series of diskettes. For example, the command

BACKUP C: A: /S

will copy all files in all directories and subdirectories from the C:disk to the diskettes in drive A:. You should have plenty of formatted diskettes before using this command, as in some versions of DOS the BACKUP command does not allow you to format diskettes. In MS-DOS version 6, the equivalent command is MSBACKUP.

8. MS-DOS Version 5

New features in MS-DOS version 5 include:

• Online help for all commands, accessed by typing HELP followed by the command name, e.g. HELP DIR. The Help screen can be operated via keyboard or mouse (if a mouse is available). To close a help screen, press Alt F X or, if a mouse is available, select File then Exit. Useful examples are given for all commands, and the information can be printed.
• MS-DOS Editor, providing a full-screen text editor, which is much easier to use than the EDLIN line editor. It is accessed by typing the command EDIT, and includes online help.
• Two new commands, UNFORMAT and UNDELETE, allow you to restore a newly formatted disk to its original state, and to recover a deleted file.
• The DIR command has been improved by the addition of parameters to allow sorting and display of subdirectories. Details are provided by typing HELP DIR.
• A new program called DOSKEY has been added, which allows you to access commands typed in earlier. To activate this program, type DOSKEY. You can then use the up and down arrow keys to access previously typed commands. Type HELP DOSKEY for details of further facilities offered by this command.
• MS-DOS Shell, which is a colour graphical representation of all files and directories on the disk, designed to simplify tasks such as moving between directories and performing commands. Despite this, it has not proved particularly popular. It does have an additional useful command, SEARCH, which allows a search over the entire disk for a particular file. It is accessed by typing the command DOSSHELL, and has full online help available.

9. MS-DOS Version 6

New features in MS-DOS version 6 include:

• A particularly useful new command, MOVE, has been introduced. This has a similar syntax to the COPY command described in Section 4.5, but deletes the source file from the disk and moves it to the new location. It can also be used to rename directories. For more information, type HELP MOVE.
• A new DELTREE command, which allows you to delete a directory and all of its files and subdirectories. Used carefully, this is a time-saving way of deleting a large number of files and directories. Consequently, however, a mistake in the execution of the command could have drastic results, so it should be used with due regard for the consequences which could ensue.
• The ability to have more than one configuration in your CONFIG.SYS file. This may be useful if you share your computer with other users or wish to test a new system setup. See the manual or type HELP MULTI-CONFIG for details of this new facility.
• Microsoft DoubleSpace, which increases the available disk space by compressing files. Note, however, that there has been some dispute about the reliability and legality of using this program, particularly since corrupted files can result, and it is therefore recommended that you free space by ensuring that you delete any files you do not need rather than by using DoubleSpace. MS-DOS version 6.2 is reported to overcome these problems, while MS-DOS 6.22 replaces it entirely with a different facility called DriveSpace.
• Microsoft Anti-Virus, which identifies over 1000 known viruses. However, note that the Computing Service recommends using Dr Solomon's Anti-Virus Toolkit, for which the University has access to the latest version of the software. It is necessary to register and pay for updates of Microsoft Anti-Virus; details are given in the MS-DOS 6 User Guide.
• Improved memory optimisation, disk reorganisation and performance tuning. Full details are provided in the manual, but technical assistance may be required to implement the necessary commands. Contact Computing Service Advisory if you have any doubts about the performance of your system.
• A new program called INTERLNK which is useful if you regularly need to swap files with another computer, for example a laptop system. INTERLNK allows you to transfer files from one computer to another without the need for floppy disks. Note that you do require a special cable, and that changes need to be made to your CONFIG.SYS file. The manual gives full details, but contact Computing Service Advisory for assistance if in doubt.

10. Using DOS from Windows

Almost all new PCs are now supplied with Microsoft Windows. The use of Windows, and File Manager in particular, can save you typing DOS commands. However, for some tasks, some people find it simpler and quicker to escape to DOS. To use DOS from Windows, select the icon:

You will then normally get a full-screen DOS display and can type DOS commands as usual, though there will be less memory available for running programs. To put the DOS screen in a Window, press Alt and Enter. To return from DOS to Windows, type:

EXIT

Telnet 101

::Don't use this for illegal stuff::


Introduction:

Telnet is used to connect to remote machines through emulation. This means that
it can connect to a server, any server instantly because of it's ability to emulate (copy)
remote computers.

Lets Start:

In Windows, Telnet can be found by going to Start -> Run and then typing telnet.
The application should then pop up. If you don't have Windows, there are many Telnet alternatives for mac, linux etc. Since I don't know any,search the internet for Telnet for Linux or Telnet for Mac and you should find something instantly.


If you have a PC and are using Windows 98/95, 2000, Me, or XP continue...


As you can see, Telnet has 4 menu options. These are Connect, Edit, Terminal, and Help.

If you click Connect, you should see more options. Here they are.


Connect:

Remote System..
Disconnect

Exit

Names of servers you have been on.


To connect to a server, click Remote System...

This will then take you to a dialog box that has these fields:

Hostname:
Port:
TermType:

There should also be a Connect button and a Cancel Button.


Lets go over these & what you should put in them.





-Hostname-


The Hostname can be the address of the website your going to be connecting to:

http://www.oreos.com

or it can be the IP address. Keep in mind that you can only connect to servers and not to clients (other PCs)

an IP Address looks like this:

210.111.23.45




-Port-

Port can bb either the port number you wanna connect to on the server (Port 80 is the Internet, Port 23 is Simple Mail Protocol then there are some more ports for different things..)

or you can keep it Telnet and see what happens.




-TermType-

TermType is the type of Terminal telnet will be acting like.
This doesn't matter most of the time, so you can keep it to default or try other ones if you want.


When you have all this set up, you can Click Connect & see what happens.


Note: Sometimes many servers don't like anon people just logging on, so be careful when logging onto servers, because sometimes it might be some big company that likes bullying people or just SOMEONE who likes bullying people and then they might want to find you or trace you or something and I know for a fact you don't need that happening.

Another Note: When you go to a server and type something, such as a login name or a password, you might not see anything even though you are typing. this is a feature that telnet or the other server uses. It's for some kind of safety measure.

Ok that's all for the Connect Menu, lets go over the Terminal menu.

The terminal menu should have 3 options:

Prefernces
Start Logging
Stop Logging.

-Prefernces-

If you go to this, a dialog box will come up with various options. Here, you can change the
text color & background color of the program, and you can enable Local Echo, which shows
you everything you've typed, Blinking cursor if you want the cursor to blink check it, if not uncheck, Block cursor if you want the cursor to be shown as a block, VT100 Arrows, don't worry about these they are useless, Buffer Size, this allows you to set the number of lines of text you want to be shown before the screen starts to scroll, The Terminal emualtion type, always have this set on the default unless you know what the second one is and you know what your doing.


-Start Logging-

This logs everything you do on Telnet in a log file on your computer.


-Stop Logging-


This will stop logging processes.



Well that's it for this tutorial. Thanks for reading.

spyware and addware programs

Spy ware

The following programs are known spyware: detects: Adware, Alexa 1.0-5.0, Attune, Aureate v1.0,2.0 + 3.0, Comet Cursor v1.0 and v2.0, Cydoor, Doubleclick, DSSAgent, EverAd, EzUla, Expedioware, Flyswat, Gator, Hotbar 1+2, OnFlow, TimeSink v1.0,v2.0 and v5.0, Web3000, Webhancer, Transponder, Wnad, ZapSpot, SurfPlus, AdvertBar, NetPal, CashBar, BonziBuddy, WurldMedia, Lop.com, TopMoxie, BDE Projector, MessageMates, EWA, CommonNameIEBar.

About: Spyware are unwanted programs that are commonly used to steal userinformation for monetary gain.

securing ntfs files and directories

How to protect NTFS files and directories

NTFS is the secure file system used by NT. Note that the program here can undermine NTFS security.

A. When you right click on a file in Explorer and select properties (or select Properties from the File menu) you are presented with a dialog box telling you information such as size, ownership etc. If the file/directory is on a NTFS partition there will be a security tab, and within that dialog, a permissions button. If you press that button you can grant access to users/groups on the resource at various levels.

There are six basic permissions

• R - Read
• W - Write
• D - Delete
• X - Execute
• P - Change Permissions
• O - Take Ownership

These can be assigned to a resource, however they are grouped for ease of use

• No Access - User has no access to the resource
• List - R User can view directory and filenames in directory
• Read - RX User can read files in directory and execute programs
• Add - WX User can add files to the directory, but cannot read or change the contents of the directory
• Add & Read - RWX User has read and add permissions
• Change - RWXD User has read, add, change contents and delete files
• All - RWXDPO User can do anything she wants!

The permissions above can all be set on a directory, however this list is limited for a file, and permissions that can be set are only No Access, Read, Change and Full Control.

Another permission exists called "Special Access" (on a directory there will be two, one for files, one for directories), and from this you can set which of the basic permissions should be assigned.

The Information Microsoft Hides on Your Computer

here are folders on your computer that Microsoft has tried hard to keep secret. Within these folders you will find two (major) things: Microsoft Internet Explorer has been logging all of the sites you have ever visited -- even after you've cleared your cache, and Microsoft's Outlook and Outlook Express has been logging ALL of your e-mail correspondence -- even after you've erased them from your trashbin. (This also includes all incoming and outgoing e-mail attachments.) And believe me, that's not even the half of it.
When I say that these files are hidden well, I really mean it. If you don't have any knowledge of DOS, then don't plan on finding these files on your own. I say this because some of these files will only be found in DOS while some of these folders can only be found in Windows Explorer. Additionally, there are some folders that will not be displayed by neither DOS nor Explorer -- but can only be found using a workaround. Basically what I am saying is if you didn't know these files existed then the chances of you running across them is slim to slimmer.
To give you an example of how sneaky this is, there are three hidden folders that may contain your name, address, phone, all the sites you've visited, every single e-mail you've sent/received, every attachment you've ever sent/received, everything you've searched for in a search engine, every filename you've downloaded, names of documents containing "sensitive" information, copies of all your cookies, full readable e-mail from your hotmail account, your PGP keys, and more.
Funny that Microsoft would make no mention of this on microsoft.com.
FORWARD:
I know there are some people out there that are already aware of some of the things I mention. I also know that most people are not. The purpose of this tutorial is teach people what is really going on with Microsoft's products and how to take control of their privacy again.
Thanks for reading.
INDEX
1. DEFINITIONS AND ACRONYMS
2. WHY YOU SHOULD ERASE THESE FILES
3. HOW TO ERASE THE FILES ASAP (Recommended for the non-savvy.)
3.1) If You Own Microsoft Internet Explorer
3.2) Clearing Your Registry
3.3) If You Own Outlook Express
3.4) Slack files
3.5) Keeping Microsoft Internet Explorer (Not recommended at all.)
4. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES (For the savvy.)
5. A LOOK AT OUTLOOK
6. HOW MICROSOFT DOES IT
7. +S MEANS [S]ECRET NOT [S]YSTEM
8. THE TRUTH ABOUT FIND FAST
8.1) Removing Find Fast
9. HOW HARD MICROSOFT TRIED TO KEEP PEOPLE FROM FINDING ABOUT IT
10. FINAL NOTE AND CONTACT INFORMATION
10.1) Recommended reading
11. SPECIAL THANKS
12. REFERENCES
Coming Very Soon:
mailbox.pst
pstores
Related Windows Tricks.
Reflection of why they use alphanumeric folders (9J3X7QZF4.)
Everything you didn't want to know about Find Fast.
The NSA-Key.
The [Microsoft Update] button.
Why the temp folders aren't intended to be temporary at all.
What's in those .dbx files?

--------------------------------------------------------------------------------
1. DEFINITIONS AND ACRONYMS
Well, the best definition I have been able to come up with is the following:
I) A "really hidden" file/folder is one that cannot be seen in Windows Explorer after enabling it to view all files, cannot be seen in MS-DOS after receiving a directory listing, and cannot be searched through using the "Find" utility.
a) There is at least one workaround to enabling Explorer to see them.
b) There is at least one workaround to enabling MS-DOS to see them.
c) There is at least one workaround to enabling the "Find" utility to search through them.
d) They are hidden intentionally.
II) Distinguishes "really hidden" file/folders from just plain +h[idden] ones, such as your "MSDOS.SYS" or "Sysbckup" folder.
III) Distinguishes from certain "other" intended hidden files, such as a file with a name of "šŸëœx¥."
DOS = Disk Operating System
MSIE = Microsoft Internet Explorer
TIF = Temporary Internet Files (folder)
HD = Hard Drive
OS = Operating System


--------------------------------------------------------------------------------
2. WHY SHOULD I ERASE THESE FILES?
1) Besides the glaring privacy risks.
2) Besides the fact that Microsoft is keeping these logs intentionally. (For reasons I can only imagine.)
3) These files can take up huge amounts of disk space. I've personally inspected a computer with almost 200 megs of this stuff, so you can imagine how much this can slow your computer down. After following these instructions you will probably notice a great improvement in performance.


--------------------------------------------------------------------------------
3. HOW TO ERASE THE FILES ASAP
Step by step information on how to erase these files as soon as possible. This section is recommended for the non-savvy. Further explanation can be found in Section 4.0. Please note that following these next steps will erase all your cache files, all your cookie files, and all of your e-mail correspondence. If you use the offline content feature with MSIE, following these next steps will remove this as well.


--------------------------------------------------------------------------------
3.1. IF YOU OWN A COPY OF MICROSOFT INTERNET EXPLORER
1) Shut your computer down, and turn it back on.
2) While your computer is booting keep pressing the [F8] key until you are given an option screen.
3) Choose "Command Prompt Only" (This will take you to true DOS mode.)
4) When your computer is done booting, you will have a C:> followed by a blinking cursor. Type in this hitting enter after each line.

CDWINDOWSTEMPOR~1
DELTREE/Y CONTENT.IE5
(If that didn't work then type this:)

CDWINDOWSAPPLIC~1TEMPOR~1
DELTREE/Y CONTENT.IE5
(If that didn't work then type this:)

CDWINDOWSLOCALS~1TEMPOR~1
DELTREE/Y CONTENT.IE5
(If this still does not work, and you are sure you are using MSIE5, then please e-mail me. Finding the location of these is a mission, and I'd certainly like to know where else MSIE likes to hide its cache. I believe older versions of MSIE keep them under "c:windowscontent".)
5) This will take a ridiculous amount of time to process. The longer it takes, the more records Microsoft had stored about you. When it gets done erasing that folder, then type this:

CD
DELTREE/Y TEMP
DELTREE/Y WIN386.SWP
CD WINDOWS
DELTREE/Y COOKIES
DELTREE/Y TEMP
DELTRE/Y WIN386.SWP
DELTREE/Y HISTORY


--------------------------------------------------------------------------------
3.2. CLEARING YOUR REGISTRY
Reboot your computer and wait for Windows to load back up.
1) Drop to DOS ("Start" > "Program Files" > "MS-DOS Prompt") and type this at prompt:

regedit
2) Your Registry Editor will pop up. Go to "Edit" > "Find"
3) Type in "TypedURLs" and then hit [Find Next]. You will be taken to all the places you've typed in URLs manually. 4) Erase any URLs that you find. Do not erase the folders. (They will be called "01," "02," "03," etc...) Double click on them to make sure they are URLs. I found mine here:

HKEY_USERS/Default/Software/Microsoft/Internet Explorer/TypedURLs/
HKEY_CURRENT_USER/Software/Microsoft/Internet Explorer/TypedURLs/
5) and while you're in here you might as well go here:

HKEY_LOCAL_MACHINE/Software/Microsoft/Windows/Current
Version/Explorer/RemoteComputer/NameSpace/
{d6277990-4c6a-11cf-8d87-00aa0060f5b5}
6) Delete the {d6277990-4c6a-11cf-8d87-00aa0060f5b5} key. This will make the "Find: Files or Folders" utility perform searches much faster.


--------------------------------------------------------------------------------
3.3. IF YOU HAVE OUTLOOK OR OUTLOOK EXPRESS INSTALLED
1) Install another e-mail program like Eudora, or Pegasus Mail. Make sure everything is setup correctly.
2) Backup any e-mail that you wish to save. (Print them out, or forward them to another box.)
3) Uninstall Outlook.
Warning, this conveniently does not erase any e-mail correspondence. To double check drop back to your DOS prompt and type this:

dir *.mbx /s/p
dir *.mbx /s/p/ah
The files you are looking for are:
INBOX.MBX
OUTBOX.MBX
SENTIT~1.MBX
DELETE~1.MBX
DRAFTS.MBX
If these files come up they will be listed in either of these folders:

C:WindowsApplication DataMicrosoftOutlook ExpressMail
C:Program Filesinternet mail and news%USER%mail
(If the .mbx files are located anywhere else then you probably don't want to delete them since they aren't from outlook. If they are from outlook, however, then please e-mail me.)
Now type either of the following (depending on the location of your .mbx files). Remember, this will erase all your e-mail correspondence so backup what you want to keep by printing them out or forwarding them to another box. Hopefully by now you have already set up Eudora or Pegasus Mail.

CDWINDOWSAPPLIC~1MICROS~1OUTLOO~1
DELTREE/Y MAIL
or

CDPROGRA~1INTERN~1%USER%
(replace "%user%" with the proper name.)

DELTREE/Y MAIL

--------------------------------------------------------------------------------
3.4. SLACK FILES
As you may already know, deleting files only deletes the references to them. They are in fact still sitting there on your HD and can be easily recovered by anyone.

BCWipe is a nice program that will clear these files.
For you DOS buffs, there's a program called FileDust that got a 5 star rating on ZDNET, if that matters.
If you are using PGP then there is a "Freespace Wipe" option under PGPtools.
Norton Utilities has a nice filewiping utility.
You might want to check out Evidence Eliminator's 30 day trial. This is probably the best program as far as your privacy goes.

--------------------------------------------------------------------------------
3.5. KEEPING MICROSOFT INTERNET EXPLORER
If you insist on using Microsoft Internet Explorer then I strongly recommend that you check out at least one of these programs:

PurgeIE
Anonymizer Window Washer
Cache and Cookie Washer for IE
I have already tried and tested some other programs and you'd be surprised on how many of them DON'T pass the tests. For example, HistoryKiller 2001 claims it erases all the files, but don't count on it.


--------------------------------------------------------------------------------
4. STEP-BY-STEP GUIDE THROUGH YOUR HIDDEN FILES
This next section is for those of you who are more interested in learning the ins and outs of your computer. This section is intended for the savvy user.
1) First, drop to DOS and type this at prompt (in all lower-case):

c:windowsexplorer /e,c:windowstempor~1content.ie5
You see all those alphanumeric names listed under "content.ie5?" (left-hand side) That's Microsoft's idea of making this project as hard as possible. (Earlier versions of Internet Explorer simply called them "cache#.") These are your alphanumeric folders that MSIE has created to keep your cookies and cache. Write these names down. (They should look something like this: 6YQ2GSWF, QRMTKLWF, U7YHQKI4, 7YMZ516U, WQK6Z9UV, etc...) If you click on any of these folders then nothing will be displayed. Not because there aren't any files here, but because Windows Explorer has lied to you. If you want to view the contents of these alphanumeric folders you will have to do so in DOS. (Actually, there is a workaround that Skywalker taught me, but it's a little bit harder to explain. I promise to cover this tip in the next version.)
2) Restart in MS-DOS mode. (You must restart because windows has "locked" down some of the files.)
3) Type this in at prompt:

CDWINDOWSTEMPOR~1CONTENT.IE5
CD %alphanumeric%
(replace the "%alphanumeric%" with the first name that you just wrote down.)

DIR/P
Note: Not only are you in a folder that DOS claims does not exist, but you are now looking at cache/cookies that Windows Explorer claims do not exist.
These folders are directly responsible for the mysterious erosion of hard drive space you may have been noticing. Just a couple interesting things you can find in here:

Pictures from all those porn sites you've visited.
Other internet cache files completely wasting your disk space.
If you use Hotmail (or any webmail service) you can probably see some of your old messages laying around here. To see them for yourself, copy them into another directory and open them with your browser.
Retrieving your personal information from these cookies is a snap. For example if you've ever shopped at Amazon.com then there's access to your name and e-mail. If you're a user on Hollywood.com then there's your city, state, and zip. MP3.com keeps some goodies as well.
Feel free to check out all your alphanumeric folders, before going on to the next step.
5) Type this in:

CDWINDOWSTEMPOR~1CONTENT.IE5
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
You will be brought to a blue screen with a bunch of binary.
6) Press and hold the [Page Down] button until you start seeing lists of URLs. These are all the sites that you've ever visited as well as a brief description of each. You'll notice it records everything you've searched for in a search engine in plain text, in addition to the URL.
7) When you get done searching around you can go to "File" > "Exit."
8) Next you'll probably want to erase these files by typing this:

DELTREE/Y C:WINDOWSTEMPOR~1
(replace "c:windowstempor~1" with the location of your TIF folder if different.)
This will take a seriously long time to process. Then go check out your History.
9) Type this:

CDWINDOWSHISTORYHISTORY.IE5
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
You will be brought to a blue screen with more binary.
10) Press and hold the [Page Down] button until you start seeing lists of URLS again.
This is another recording of the sites you've visited. There also may be some other things in here. E-mail me if you find anything interesting. I will share with you a snippet of what I found in my index.dat file.

Client UrlCache
MMF Ver 5.2@
@ 3 yiâ
€
àOÐ ê:+0
0
'
}*Á 5.t
xt
59

MS6C:%

\DAVE'S
HD.TXT
MSIE5.
C:
Did you note the "C:" and "\DAVE'S HDMSIE5.TXT"?
"Dave" is the fictitious name that I use on my computer. "Dave's HD" is the name of my root folder on my LAN. "MSIE5.TXT" is the name of a text file that I've been saving on my computer. It contains research from THIS project that I've been working on. Mostly URLs and notes.
Do you see anything wrong with this picture? It took notice on a file on my HD, folks. MY HARD DRIVE. Not only that, but it is saving it in a folder that cannot be seen by neither DOS nor Windows Explorer. Is it a coincidence that this file was related to the research of this tutorial?
Obviously, my first suspicion was that Microsoft was scanning my HD and logging any "sensitive" information. In this case, my msie5.txt probably had something in it that Microsoft didn't like. To read more about my findings read "THE TRUTH ABOUT FIND FAST" in section 8.0.
1) If you're still with me, type this:
CDWINDOWSHISTORY
2) check out the mmXXX.dat files (and delete them), then type:

CDWINDOWSHISTORYHISTORY.IE5
CD MSHIST~1
EDIT /75 INDEX.DAT (or "EDIT /16 index.dat")
More URLs from your internet history. Note there are probably other mshist~x folders here. 3) You can repeat these steps for every occurrence of the mshistxxxxxxxx file.
4) By now you'll probably want to type in this:

CD WINDOWS
DELTREE/Y HISTORY
This is about it as far as I know. You may also want to take a look at your *.mbx files if you own Outlook. (dir *.mbx/s) More detailed information is covered in the next chapter.


--------------------------------------------------------------------------------
5. A LOOK AT OUTLOOK EXPRESS
Would you think twice about what you said if you knew it was being recorded? E-mail correspondence leaves a permanent record of everything you've said -- even after you've told Outlook to erase it. You are given a false sense of security sense you've erased it twice, so surely it must be gone. The first time Outlook simply moves it to your "Deleted Items" folder. The second time you erase it Outlook simply "pretends" it is gone. The truth is your messages are still being retained in a "really hidden folder."
Furthermore, as if that wasn't disturbing enough, Outlook Express also keeps records of EVERY SINGLE file attachment in an ENCRYPTED database. Can you believe this, folks?
For example, I attached this zip file and sent it to myself.

PK '…Ž*}™ P AAA­À€ Öø)-8³PK +…Ž*8øM3 P
BBB­À€ ×ø%-8³PK .…Ž*ÄÖ. P CCC­À€ Øø!-8³PK
2…Ž*² å` P DDD­À€ Ùø -8³PK '…Ž*}™ P
AAAPK +…Ž*8øM3 P 1BBBPK
.…Ž*ÄÖ. P bCCCPK 2…Ž*² å` P
"DDDPK ÄÄ
And it recorded this in both my inbox.mbx file and outbox.mbx file:

UEsDBBQAAAAIACeFjip9jZkaEAAAAFAAAAADAAAAQUFBrcCBAAAAAIAg1vgpljizAFBLAwQUAAAA
CAArhY4qOPhNMxAAAABQAAAAAwAAAEJCQq3AgQAAAACAINf4JZY4swBQSwMEFAAAAAgALoWOKsTW
Lp0QAAAAUAAAAAMAAABDQ0OtwIEAAAAAgCDY+CGWOLMAUEsDBBQAAAAIADKFjiqyEuVgEAAAAFAA
AAADAAAARERErcCBAAAAAIAg2fgdljizAFBLAQIUABQAAAAIACeFjip9jZkaEAAAAFAAAAADAAAA
AAAAAAEAIAAAAAAAAABBQUFQSwECFAAUAAAACAArhY4qOPhNMxAAAABQAAAAAwAAAAAAAAABACAA
AAAxAAAAQkJCUEsBAhQAFAAAAAgALoWOKsTWLp0QAAAAUAAAAAMAAAAAAAAAAQAgAAAAYgAAAEND
Q1BLAQIUABQAAAAIADKFjiqyEuVgEAAAAFAAAAADAAAAAAAAAAEAIAAAAJMAAABERERQSwUGAAAA
AAQABADEAAAAxAAAAAAA
Cheers to the first person to discover the algorithm.
Anyway, by now you are probably wishing you knew where these records were kept. Don't worry they're right here:

c:program filesinternet mail and news%user%mail*.mbx
(replace %user% with the name you use.)
Or, if you're lucky:

c:windowsapplication datamicrosoftoutlookmail*.mbx
I found it odd that the first time I installed outlook, my e-mail data was saved automatically into "internet mail and news." After I uninstalled and reinstalled, it changed its mind and put it into my "application data."
To erase these files simply type: (of course if you do this you will kill all of your e-mail messages, so backup what you want to keep.)

Deltree c:windowsintern~1%user%mail
or

Deltree c:windowsapplic~1micros~1outloo~1mail

--------------------------------------------------------------------------------
6. HOW MICROSOFT DOES IT
Ever wonder how Microsoft makes these folders invisible to both DOS and Windows Explorer? I was completely baffled by how Microsoft was accomplishing this since even using a DOS 6.2 boot disk wouldn't work for me. I was honestly pretty upset that the answer escaped me for so long, but after wondering around in the folders I finally figured it out.
The "desktop.ini" is a standard text file that can be added to any folder to customize certain aspects of the folder's behavior. In these cases, Microsoft utilized the desktop.ini file to make these files invisible. Invisible to Windows Explorer, invisible to DOS, and even invisible to the "Find" Utility (so you wouldn't be able to perform searches in these folders!)
Here are a couple examples:
Found in the c:windowstemporary internet filesdesktop.ini and the c:windowstemporary internet filescontent.ie5desktop.ini contains this text:

[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}
Found in the c:windowshistorydesktop.ini and the c:windowshistoryhistory.ie5desktop.ini contains this text:

[.ShellClassInfo]
UICLSID={7BD29E00-76C1-11CF-9DD0-00A0C9034933}
CLSID={FF393560-C2A7-11CF-BFF4-444553540000}
The UICLSID line cloaks the folder in both DOS and Explorer. The CLSID line disables the "FIND" utility from searching through the folder. Additionally, it gives a folder the appearance of the "History" folder. (You'll know what I mean if you fiddle with them enough.)
Erasing these desktop.ini files will give DOS and Windows Explorer proper viewing functionality once again. The problem with erasing them is windows will reconstruct them on your next bootup. The workaround is to edit the desktop.ini files and remove everything except for the [.ShellClassInfo]. This will trick windows into thinking they have still covered their tracks, so they won't think to reconstruct them again.
By the way, if you erase these keys from your Registry it will not un-hide these folders. Still, I'm sure somebody could play with this enough to figure out a way to completely disable Microsoft from ever hiding files on your computer again.


--------------------------------------------------------------------------------
7. +S MEANS [S]ECRET NOT [S]YSTEM
Here are three easy true or false questions regarding DOS. Play along like you needed to know the answers to get your A+ certification.
1) True or false: Executing the dir/s command in root will display all the "normal" files and directories on your hard drive.
The correct answer is 'true.'
2) True or false: Executing the dir/s/ah command in root will display all the "hidden" files and directories on your hard drive.
Again, the correct answer is 'true.'
3) True or false: Executing the dir/s/as command in root will display all the "system" files and directores on your hard drive.
The correct answer is 'you wish.'
When DOS tries to get a list of the subdirectories of any +s[ystem] folder it hits a brick wall. Not only does this mean Microsoft has taken extra precautions to keep people from finding these files, but it defeats the whole purpose of the "/s" switch in the first place. Nice one.
In case you didn't understand, here's a small experiment that will show you what I mean.
Since the content.ie5 and history.ie5 subfolders are both located within a +s[ystem] folder, we will run the experinment with them. The proper command to locate them should be this:

CD
DIR *.IE5 /s/as
The problem is that you will receive a "No files found" error message.
This proves that all subfolders/files that are located within a system folder will not be listed. But believe me, it's there.
Now, the really interesting thing is that you (luckily) can get around this brick wall. That is, once you are in the system folder, then the brick wall no longer has an effect on the directory listings. For example:

CDWINDOWSTEMPOR~1
DIR *.IE5 /as
1 folder(s) found.
Oh good, now you can see them. (But only after you knew the exact location.) In other words, if you didn't know the folders existed then finding them would be almost impossible.


--------------------------------------------------------------------------------
8. THE TRUTH ABOUT FIND FAST
Have you ever wondered what that "Find Fast" program was under your control panel? I've spent about an hour on microsoft.com reading help files and I STILL have no clue of what it's good for. Here's the most informative snippet I found on microsoft.com.
"The Find Fast Indexer is a utility that builds indexes to speed finding documents using the Open and Open Office Documents commands in Microsoft Office programs, including Microsoft Outlook."
So what does that mean? Well, if you read it carefully you'll see that Microsoft never mentions that it will speed up your searches. In fact it has nothing to do with the "Find: Files or Programs" utility. I think what Microsoft is really trying to say is that when you go to "File" > "Open" under Microsoft Word, then your list of documents will be displayed quicker.
If that is what they are saying then it is a lie. I hope you don't think I am taking Microsoft's quote out of context here. I'm only trying to show you all the methods that Microsoft went through to make it appear that the Find Fast utility speeds up searches.
For example if you go to "Edit" (under Microsoft Word), you will notice there is a "Fast Find" icon next to it. (Binoculars icon.) This is usally a clear indication that it is related to the Find Fast program. However, if you re-read that quote, it doesn't mention anything about finding words "within" a document, but only the document itself. Here are some more quotes from Microsoft:
"The Find Fast Indexer tool tracks the location on the hard disk of all Microsoft Word for Windows documents by default. When one of these files is moved, the Find Faster Indexer tool updates its index."
"Indexes are used to make file searches faster in Office programs."
"The Find Fast Indexer is installed on your computer when you install Microsoft Office 97. Find Fast builds an index to speed up finding documents from the Open dialog box in Microsoft Office programs."
I wasn't able to find one single shred of evidence that it helped you "search" faster. Yet, Microsoft insisted on calling the program "Find Fast." THEN they decided to add the Find Fast icon next to the [Search Document], as if Find Fast had anything to do with searching the document.
So now do you think you know the truth?
What would you say if I told you that Find Fast was scanning and indexing every single file on your hard drive? Did you know that in Office 95, the Find Fast Indexer had an "exclusion" list comprised of .exe, .swp, .dll and other extensions, but the feature was eliminated? If you were a programmer, would you program Find Fast to index every single file, or just the ones with Office extensions?
Here are some other interesting facts:
Find Fast automatically loads on every boot (because it added to your Startup folder.)
If you have ever had problems with scandisk (restarting due to "disk writes."), it is because Find Fast was indexing your hard drive in the background.
Now here is a good example of the lengths Microsoft has gone through to keep people from finding out Find Fast indexes their hard drives. (Always good to have an alibi.) And I quote:
"When you specify the type of documents to index in the Create Index dialog box, Find Fast includes the document types that are listed in the following table.
Doc Type File Name Extension
Microsoft Office files All the Microsoft Excel, Microsoft Web documents PowerPoint, Microsoft Project, and Microsoft Word document types listed in this table. Microsoft Binder (.odb, .obt) and Microsoft Access (.mdb) files. Note that in .mdb files, only document properties are indexed.
Microsoft Excel workbooks .xl* files
Microsoft PowerPoint files .ppt (presentation), .pot (template), .pps (auto-running presentation) files
Microsoft Project files .mpp, .mpw, .mpt, .mpx, .mpd files
Microsoft Word documents .doc (document), .dot (template), .ht* (Hypertext Markup Language document), .txt (text file), .rtf (Rich Text Format) files
All files *.* files

Did you get that last part? If you were a wealthy man and you decided to buy every single car in the car lot, would you
a) Say, "I'll take the red ones, the blue ones, the silver ones, the white ones, the champagne ones, and all of them," or
b) "I'll take them all sir."
As you can see, they don't want people to realize that Find Fast is keeping an index of your entire hard drive. They walk around the car lot saying "I'll take the red ones, the blue ones, the silver ones,..."
I personally witnessed the Find Fast Indexer "creep" its way back into my Startup folder after I removed it. There's no possible way I could have done this on purpose. In fact the only way I could have done it is if I created a shortcut to Find Fast and then moved the shortcut into Startup manually. There's no option on the Find Fast program to add it to Startup.
Am I making this up? Did I imagine it? Well, even if I am, then that doesn't change the overwhelming amount of inconsistencies. For example:
1) Drop to DOS
2) CD
3) DIR FF*.* /AH (This will bring up a listing of ffast-related files.)
4) edit /75 %ff% (insert %ff% with any of the names that were listed.)
Notice the incredible amount of disk accesses to your "really hidden" "Temporary Internet Files" folder? What is the obsession that Find Fast has with these hidden folders, anyway?


--------------------------------------------------------------------------------
8.1. REMOVING THE FIND FAST PROGRAM
1) Reboot your computer in MS-DOS Mode.
2) Delete the FindFast.CPL file from c:windowssystem
3) Delete the shortcut under c:windowsstart menuprogramsstartup
4) Delete the FindFast.EXE file from c:progra~1micros~1office
Other related files that are safe to erase:
5) FFNT.exe, FFSetup.dll, FFService.dll, FFast_bb.dll, "c:>ff*.*"
Notice you will loose no functionality after erasing these files? Actually, you will gain functionality.


--------------------------------------------------------------------------------
9. HOW HARD MICROSOFT TRIED TO KEEP PEOPLE FROM FINDING ABOUT IT
In case the desktop.ini file wasn't enough proof. ("Whoops, we didn't know the desktop.ini file would turn folders invisible?") And in case you thought disabling DOS's "/s" switch for system folders was just a "bug." And in case you thought Microsoft disabled the Find utility from searching through the folders just to save you time (uh huh) -- then feel free to check out this thread on the Hackers.com BBS.


--------------------------------------------------------------------------------
10. FINAL NOTE AND CONTACT INFO
This tutorial is being updated ALL THE TIME. If you have any input then please e-mail me so I can compile it into future versions. You may have noticed many requests to contact me throughout this tutorial. This is because I am very eager to find out everything there is to know about this. But just so I am not swamped with old updates, please make sure you are reading the most current version.
My e-mail address is located below. Although it may not be done in a timely fasion, I always reply to all of my e-mail. By the way, I deleted my PGP due to security reasons. So if you want to contact me privately, then I'm sure we can work out something else.
Thanks for reading, -- The Riddler
e-mail: mailto:ther1ddler@fuckmicrosoft.com?Subject=Feedback from fuckMicrosoft.com Article
hangout: http://www.hackers.com/bulletin/


--------------------------------------------------------------------------------
10.1. RECOMMENDED READING
And if you aren't already paranoid enough here's some sites/articles that I definitely reccomend:
http://www.theregister.co.uk/content/4/18002.html
http://www.findarticles.com/m0CGN/3741/55695355/p1/article.jhtml
http://www.mobtown.org/news/archive/msg00492.html
http://194.159.40.109/05069801.htm
http://www.yarbles.demon.co.uk/mssniff.html
http://www.macintouch.com/o98security.html
http://www.theregister.co.uk/content/archive/3079.html
http://www.fsm.nl/ward/
http://slashdot.org/
http://www.peacefire.org/
http://stopcarnivore.org/
http://nomorefakenews.com/
http://grc.com/steve.htm#project-x


--------------------------------------------------------------------------------
11. SPECIAL THANKS
Thank you Skywalker, for being in the right place at the right time. You were the only one who seemed interested in helping me further my research.
Thank you to everybody who has e-mailed me specifically just to thank me. The kind words mean a lot to me and played a big motivator to get this text finished.
And thank you to Hackers.com, for developing a fantatsic site with a great community feel, without which, this tutorial would never have existed.


--------------------------------------------------------------------------------
12. REFERENCES
http://support.microsoft.com/support/kb/articles/Q137/1/13.asp
http://support.microsoft.com/support/kb/articles/Q136/3/86.asp
http://support.microsoft.com/support/kb/articles/Q169/5/31.ASP
http://support.microsoft.com/support/kb/articles/Q141/0/12.asp
http://support.microsoft.com/support/kb/articles/Q205/2/89.ASP
http://support.microsoft.com/support/kb/articles/Q166/3/02.ASP
http://www.insecure.org/sploits/Internet.explorer.web.usage.logs.html
http://www.parascope.com/cgi-bin/psforum.pl/topic=matrix&disc=514&mmark=all
http://www.hackers.com/bulletin/
http://slashdot.org/articles/00/05/11/173257.shtml
http://peacefire.org/