Tuesday, April 23, 2013

HAKERS EXPLAIN

Net-Devil backdoor

net-devil-backdoor (15462)High RiskDescription:Net-Devil, also known as Backdoor.Net Devil, NetDevil, BackDoor.RP, BDS.NetDev, Win32.NetDevil, and Troj.NetDevil, is a backdoor Trojan written in Delphi affecting Microsoft Windows operating systems. The backdoor uses a client/server relationship, where the server component is installed in the victim's system and the remote attacker has control of the client. The server attempts to open a port, typically TCP ports 901, 902, 903, and 6667, to allow the client system to connect. Net-Devil could allow a remote attacker to gain unauthorized access to the system.Consequences:Gain AccessRemedy:Use an up-to-date antivirus program to determine if the target computer is host to a backdoor program. If the program detects a backdoor, follow its instructions to disinfect and repair the computer.References:Simovits Web site: Net-Devil.Platforms Affected:Microsoft Windows 2000Microsoft Windows NT 4.0Microsoft Windows XPReported:Aug 01, 2001The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.For corrections or additions please email xforce@us.ibm.comReturn to the main pageSite Map | Privacy Policy | Terms of Use | Trademarks © Copyright IBM Corporation 1994 - 2009. All rights reserved worldwide.


Net-Devil 1.5 Faq            1. What is net-devil?2. Options3. Edit Server4. Links_______________________________________________________ 1. What is net-devil? Net-Devil is a client + server program, to make it short, it is a hacking program more or less. The way is works is when you edit the server to send the Trojan, (you will learn about that later) you send it to your victim, and it opens A specific port so that you can connect to the victim. The default port is 901. If you�re wondering if it is illegal, yes it can be, but it depends. If the victim accepts the file (Trojan) from you, no then it is not illegal, which that is basically the only way your going to hack them.______________________________________________________________________2. Options On this part, I will explain what options there are, and what they do. Server Options - With this option, you have the choice of uninstalling the server, closing it, restarting the server and getting the server's information. What this option basically lets you do is, it closes the victim's internet server, which means it will disconnect them from the internet, but be careful, if you uninstall there server, they will have to reinstall it, I do not know if this option works very well or not, but if you wish to try it, go ahead. File Manager - This is one of my favorite options because you can download, upload, and of course my favorite delete! This is probably one of the most dangerous options there is because it is like being in there windows explorer, you can delete anything on there pc, or download there personal files! It's your choice, but just be very careful when using this feature. Passwords - With this option, you can get the victim's personal passwords, and it really rocks! So if you get there passwords to maybe AOL (America Online) there you have it! You have an AOL account that you may run freely on :). Process Control - This option allows you to end any hidden process running in there back ground, which really isn�t all that great. But hey, it works! Windows Control - This option is one of my other favorites, it's more for making your victim wanna go crazy! With this feature, you can change the name of the window box that they have open, all you have to do is click on the window that you want to change the name of, and click change title, A box will appear, and you type what you want it to say, you may also close the windows of your choice or you can really get evil by disabling there "x" in the top right corner where they push to close the window, pretty funky eh >:)? Chat With Victim - This is really scary, what you can do is when you click this option A box will appear on the victims monitor, they cannot close it until you deactivate it. You can also put what you want there name to be when they type to you, the default settings are master and slave. Webcam Spy - Ok, this is the king of all options, if the victim has a webcam, you can watch them and see every move they make, the cool part is, if you get a girl on a cam, you can threaten her to do whatever you want  >:) (jeez I�m evil, lol). Screen Capture - This option is pretty simple, you can capture a image of there whole desktop to see what they have, or you can press "Start Preview" to do a constant scan of there desktop each time it changes. Key logger - This is another simple option, this allows you to view whatever the victim types, so if like they are logging into a chat client such as yahoo messenger or any other client, you can watch them type there name and password :). Registry Editor - This is pretty much the most boring option there is, it allows you to delete there registry files. Do not ask me what registry files are, because I do not feel like explaining it :P. Funny Stuff - Here are the options inside of the "Funny Stuff" window, I shouldn't have to explain them, they actually speak for themselves...   Taskbar - This option lets you hide or show there task bar, when you hide it, they have no way of getting to there start menu :P.   Monitor - This option just allows you to turn there monitor on or off :).   Taskbar Clock - All this does is allows you to hide there clock.   Desktop Icons - This will probably make your victim cry! You can either hide or show all there desktop icons >:).   Mouse - This have a couple options, you can hide there mouse pointer, or show it after you get done hiding it, or you can swap there mouse buttons, so another words right click would be left and vise versa.   Start Button - This will allow you to make your victims start button disappear, or you can disable it, so that when they try to click it, it does not respond!   CD Rom - This is freaky, you can open or close there cd player :).   Num Lock - You can enable or disable there num lock option there keyboard.   Caps Lock - Same as above   Scroll Lock - Same as above Batch Scripting - This is another dangerous option, but I have not got it to work, but it is supposed to delete every thing they have, pretty scary thought if it were to happen to you, but like I said it never did work for me. More - I will now explain what the options do in the "More" section...   Misc - In this section you have the option to change there resolution, you can exit windows, and you can make there printer print! You can also flip there screen, run programs (if you know the path name) and open up web pages!   Redirect DOS - This is another dangerous option, if you know really good DOS commands you can run the commands on the victims pc through DOS, you can run them visible or invisible.   Client Chat - This is a nifty option, it allows you to chat with any other person or person's connected to your victims PC.   System Files - This allows you to view your victims system files, you can upload them, or search for a specific type of system file :).   Messages - This allows you to pop up a box on the victims screen saying whatever you want it to say.   Start Button - This option never worked for me, but it is supposed to replace the image of the start button with one of the selected images of your choice.   PC Info - This brings up info about there whole computer, from there processor speed to there windows key number.______________________________________________________________________ 3. Edit Server Ok, this is the most important part you need to know! without this info, you will not be able to proceed into hacking someone... Here is how you edit the server... Step 1. First open edit-server. Step 2. Then you want to click on the little folder at the top of the window, it will now open a box to load a file that you choose. You want to select the file that says "Server", it should be located in your net-devil folder. Step 3. After you load the server in, you want to click on "cgi notify" then you want to check the box that says "Enable cgi notify", after that, you want to select every thing in the box that says "Attacked Data" and you want to copy it and paste it in the box that says "Path to cgi script" Step 4. After you have completed step 3, you want to stop where you are, and go download ICQ, after you download ICQ and get it up and running, you will want to check the box that says "enable ICQ notify" then after you check it, look at the top of your ICQ for a long number, and you want to type that number in the box that says "UIN to notify". Step 5. Now you want to click "Fake Error" and you want to check the box that says "Enable fake error" then you want to select a sign of your choice, it doesn�t really matter which one. In the title box, type a really good error that you would most likely get, do not give yourself away by typing something stupid :P. The title is what the error will be called, in the text box, you type what the error is goin to say. Step 6. After step 5 you want to click on the box that says "miscellaneous" and you want to check these boxes....Kill AV/FirewallOnly Open Port When OnlineLog Pressed Keys (offline key logger).These are the only boxes you should have checked. You do not have to worry about any other things on that column. Step 7. Now this is where you get to select an icon you wish to use, this will show a little picture as the icon, make the icon something that wont scare the victim, just fool them into opening the Trojan >:). After you choose your icon, click the button that says "Save And Compress". Step 8. After you have finished step 7, go to your net-devil folder, and your brand new Trojan will be waiting for you to send to your victim's. Step 9. Now that you have your new Trojan made, send it to your victim, and before you send it, make sure that you have ICQ open, now when you send it to them, wait until they click on it, you will know, when they do click it, your ICQ will make A ringing noise, click on your ICQ and click on the message it sent you. You will then see a number in the message box, that will be there IP address, you take that number, and you type it in the ox of your net-devil program at the top, after that, click connect and bang! There you have it! You should now be connected to your victim and able to do anything you want to do to them!_______________________________________________________ http://www.hackers-black-book.com/nuke/Forums/viewforum/f=1.html http://www.hackers-black-book.com/nuke/Net_Devil_FAQs.html

Monday, April 22, 2013

SCRIPT ASP Advapi on my Dell


http://www.motobit.com/help/scptutl/cm124.htm

Advapi - Logon and impersonate user

Set Advapi = CreateObject("ScriptUtils.Advapi") Response.Write Advapi.UserName Advapi.ImpersonateLoggedOnUser (Advapi.LogonUser("aa", "")) Response.Write Advapi.UserName Advapi.RevertToSelf Response.Write Advapi.UserName

Other links for ImpersonateLoggedOnUser

Methods of Advapi class

ImpersonateLoggedOnUser, LogonUser, RevertToSelf

Properties of Advapi class

UserName

ScriptUtils.Advapi

COM API for logon, impersonate and logoff user.

ScriptUtils

Huge ASP upload is easy to use, hi-performance ASP file upload component with progress bar indicator. This component lets you upload multiple files with size up to 4GB to a disk or a database along with another form fields. Huge ASP file upload is a most featured upload component on a market with competitive price and a great performance . The software has also a free version of asp upload with progress, called Pure asp upload , written in plain VBS, without components (so you do not need to install anything on server). This installation package contains also ScriptUtilities library. Script Utilities lets you create hi-performance log files , works with binary data , you can download multiple files with zip/arj compression, work with INI files and much more with the ASP utility.© 1996 - 2011 Anton


http://www.motobit.com/help/asp-dictionary-object/default.htm


Description of Multi Dictionary

Free-threaded (multithreaded) dictionary object. Lets you work with unique/non-unique keys in VBScript and JScript envinronment (share application/session variables in ASP) or any other programming language. You can share dictionary variables between processes or computers, you can save or restore dictionary variables to a disk, work with keys using regular expression and more.

Download

Current version 1.2

EXE setup - All Win32 versions - NT, Win XP, Vista, Win 7, Win 2003, Win 2008

Download Windows 32 EXE installer

ZIP package - All Win32/Win64/X64 (IA64,Amd64) - Win XP, Vista, Win 7, Win 2003, Win 2008

Download ZIP package (with installer inside)

License

Shareware About prices and registration

Features and functionality of Multi.Dictionary class

Main ideasFree-threaded hi-speed dictionary algorithm (better than Scripting.Dictionary, which is apartment threaded)Share dictionary values over processes/remote computers (from VBSCript in ASP to WSH, ..)Extended dictionary functionalityFeaturesUnique/nonunique keys (UniqueKeys, map/multimap).Connect to another dictionary object in the same process (Connect method).Extended Lock and Unlock methods to synchronize multithreaded tasks.Items and Keys enumerators.Bulk remove dictionary elements (using RemoveAll method).Bulk Save and Load dictionary data to/from a disk.Other functionalityShare Application/Session variables in ASP (see ASP - Share application variables sample)Share dictionary values over processes/remote computers (from VBSCript in ASP to WSH, ..)Works with keys collection using regular expression (Remove, Save …)Case sensitive or case insensitive keys

Using Dictionary class

How to use Dictionary class in VBA (VB5, VB6, Word, Excel, VBNet, …), VBS / JS (ASP, WSH).

Multi Dictionary, Scripting Dictionary and ASP application Dictionary - Performance comparison

Multi dictionary is designed also as a hi-speed dictionary working with large number of keys . This article provides test comparison between the Multi Dictionary and the two base object used in ASP - ASP global application object and Scripting.Dictionary.

Multi Dictionary classes

Dictionary Free threaded dictionary object. Lets you work with unique/non-unique keys, any VARIANT values and connect to other dictionary in the same process.

Multi Dictionary enums

CompareMethod Compare method for Dictionary keys.

Examples

Application scope dictionary in PHP

Enumerate Multi.Dictionary keys and items

Dim D As New Multi.Dictionary D.UniqueKeys = False 'Fill dictionary with some data D("Peter") = 12 D.Add "Alex", 2534 D.Add "Alex", 2535 D.Add "Alex", 14 Dim I As Long, Keys() 'Get dictionary Keys Keys = D.Keys 'Loop through Keys array For I = 0 To UBound(Keys) Debug.Print "Key", I, Keys(I) Next Dim Items() 'Get dictionary Items Items = D.Items 'Loop through Items array For I = 0 To UBound(Items) Debug.Print "Item", I, Items(I) Next ' output: Key 0 Alex Key 1 Peter Item 0 2534 Item 1 2535 Item 2 14 Item 3 12XML/PAD | All samples | Other libraries© 1996 - 2009 Antonin Foller, Motobit Software | About, Contacts | e-mail: info@pstruh.cz

NETDEVIL.12WORM!

Trying to find info on Advapi løg on to Dell shows

up Programs Database > Advapi.exe Information  This is an undesirable program.This file has been identified as a program that is undesirable to have running on your computer. This consists of programs that are misleading, harmful, or undesirable.If the description states that it is a piece of malware, you should immediately run an antivirus and antispyware program. If that does not help, feel free to ask us for assistance in the forums.Name:AdvapiFilename:Advapi.exeCommand:Unknown at this time.Description:Added by the NETDEVIL.12WORM!File Location:UnknownStartup Type:Currently being identified.Removal Instructions:How to remove a Trojan, Virus, Worm, or other Malware


When I try the
NETDEVIL.12WORM!  (link below ) I get a popup
asking me for logpn password  to sign in as "%1$3,%2$s"


The link
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=BKDR_NETDEVIL.12


Sunday, April 21, 2013

PHONE Møre details

/system/etc/vpl/ATTSmartWi-FiVPL_aligned.apk
/system/etc/vpl/ATT_code_scanner_vpl_1.2_aligned.apk
/system/etc/vpl/FBAndroid.apk
/system/etc/vpl/Kindle-OEM-0.9.6-STUB.apk
/system/etc/vpl/SamsungApps-signed_1.0.005.apk
/system/etc/vpl/androidlauncher_Generic_android2.1-72x72_build_1_2D2011_06_15t17_52.apk
/system/etc/vpl/attMessages.apk
/system/etc/vpl/attMovies.apk
/system/etc/vpl/com.mobitv.client.tv.apk
/system/etc/vpl/myATT_VPL_v5.apk
/system/etc/vpl/qik-preload-1.30-release-lite.apk


DeviceID = 0
DeviceSoftwareVersion = 04
Line1Number =
NetworkCountryIso =
NetworkOperator =
NetworkOperatorName =
NetworkType = NETROWK_TYPE_UNKNOWN(0)
PhoneType = PHONE_TYPE_GSM
SimCountryIso =
SimOperator =
SimOperatorName =
SimSerialNumber = null
SimState = SIM_STATE_UNKNOWN
SubscriberId =
VoiceMailAlphaTag = Voicemail
VoiceMailNumber = null
HasIccCard = false
NetworkRoaming = false


Settings.System.VOLUME_BLUETOOTH_SCO = 7
Settings.System.MODE_RINGER_STREAMS_AFFECTED = 166
Settings.System.MUTE_STREAMS_AFFECTED = 46
Settings.System.DIM_SCREEN = 1
Settings.System.STAY_ON_WHILE_PLUGGED_IN = 0
Settings.System.EMERGENCY_TONE = 0
Settings.System.CALL_AUTO_RETRY = 0
Settings.System.DTMF_TONE_TYPE_WHEN_DIALING = 0
Settings.System.HEARING_AID = 0
Settings.System.TTY_MODE = 0
Settings.System.AIRPLANE_MODE_RADIOS = cell,bluetooth,wifi,nfc,wimax
Settings.System.AIRPLANE_MODE_TOGGLEABLE_RADIOS = bluetooth,wifi,nfc
Settings.System.UART_APCP_MODE = 0
Settings.System.USB_APCP_MODE = 1
Settings.System.BUTTON_KEY_LIGHT = 6000
Settings.System.UNA_SETTING = 1
Settings.System.CRADLE_CONNECT = 0
Settings.System.CRADLE_ENABLE = 0
Settings.System.CRADLE_LAUNCH = 1
Settings.System.NOTIFICATION_LIGHT_PULSE = 1
set_install_location = 0
default_install_location = 0
Settings.System.POWER_SOUNDS_ENABLED = 1
Settings.System.LOW_BATTERY_SOUND = /system/media/audio/ui/LowBattery.ogg
Settings.System.SOUND_EFFECTS_ENABLED = 0
Settings.System.DOCK_SOUNDS_ENABLED = 0
Settings.System.DESK_DOCK_SOUND = /system/media/audio/ui/Dock.ogg
Settings.System.DESK_UNDOCK_SOUND = /system/media/audio/ui/Undock.ogg
Settings.System.CAR_DOCK_SOUND = /system/media/audio/ui/Dock.ogg
Settings.System.CAR_UNDOCK_SOUND = /system/media/audio/ui/Undock.ogg
Settings.System.LOCK_SOUND = /system/media/audio/ui/Lock.ogg
Settings.System.UNLOCK_SOUND = /system/media/audio/ui/Unlock.ogg
Settings.System.GPS_NOTIFICATION_SOUND_ENABLED = 0
Settings.System.DRIVING_MODE_UNLOCK_SCREEN_CONTENTS = 0
Settings.System.DRIVING_MODE_MESSAGE_CONTENTS = 1
Settings.System.SPLITEVIEW_MODE_PHONE = 1
Settings.System.SPLITEVIEW_MODE_MESSAGE = 1
Settings.System.SPLITEVIEW_MODE_CALENDAR = 1
Settings.System.SPLITEVIEW_MODE_MEMO = 1
Settings.System.SPLITEVIEW_MODE_MUSIC = 1
Settings.System.SPLITEVIEW_MODE_MYFILES = 1
Settings.System.SPLITEVIEW_MODE_IM = 1
Settings.System.SPLITEVIEW_MODE_SOCIALHUB = 0
Settings.System.CLOCK_POSITION = 0
Settings.System.HIGH_CONTRAST = 0
Settings.System.SCREEN_ZOOM = 0
Settings.System.FONT_SIZE = 2
Settings.System.SHOPDEMO = 0
Settings.System.LOCK_SCREEN_FACE_WITH_VOICE = 0
Settings.System.ONEHAND_DIALER = 0
Settings.System.ONEHAND_SAMSUNGKEYPAD = 0
Settings.System.ONEHAND_CALCULATOR = 0
Settings.System.TORCH_WIDGET = 0
psm_brightness = 1
Settings.System.MOTION_SHAKE = 0
Settings.System.MOTION_PICK_UP = 0
Settings.System.LGT_RAD_AUTO_DIAL_ENABLE = 12
Settings.System.LGT_RAD_COUNTRY_ID = 108
Settings.System.LGT_RAD_COUNTRY_CODE = 82
Settings.System.LGT_RAD_CONTURY_NAME_KOR = 한국
Settings.System.LGT_RAD_CONTURY_NAME_ENG = Korea
MmsRecipientLimit = 10
Settings.System.TIME_12_24 = 12
Settings.System.DATE_FORMAT = MM-dd-yyyy
autoreject_maxcount = 100
call_end_tone = 1
call_conn_tone = 1
min_minder = 0
alertoncall_mode = 1
wbamr_mode = 0
first_boot = 1
mtp_usb_connection_status = 0
media_player_mode = 0
mtp_usb_conditions_met = 0
mtp_running_status = 0
media_mount_count = 0
mtp_sync_alive = 0
sdcard_launch = 0
boot_time_connected = 1
Settings.System.ALARM_ALERT = content://media/internal/audio/media/8
DEBUG_RINGTONE_MEDIASCANNER_LASTMODIFIED = Current:  1340451202   /system/media/audio/ringtones/ATT_Firefly_Default.ogg
DEBUG_RINGTONE_MEDIASCANNER = MediaScanner : content://media/internal/audio/media/46
double_tab_launch = 1
Settings.System.POWER_SAVING_MODE = 0
proximity_sensor = 0
Settings.System.WIFI_SLEEP_POLICY = 0
screen_off_timeout_rollback = 600000
Settings.System.DISPLAY_BATTERY_PERCENTAGE = 1
volume_waiting_tone_last_audible = 7
Settings.System.DTMF_TONE_WHEN_DIALING = 0
autoreject_mode = 0
Settings.System.VIB_FEEDBACK_MAGNITUDE = 0
Settings.System.HAPTIC_FEEDBACK_ENABLED = 0
Settings.System.TEXT_SHOW_PASSWORD = 0
Settings.System.ALWAYS_FINISH_ACTIVITIES = 0
SNS_DISCLAIMER_AGREE = 1
android.contacts.SORT_ORDER = 2
android.contacts.DISPLAY_ORDER = 2
Settings.System.AUTO_TIME = 0
Settings.System.AUTO_TIME_ZONE = 0
Settings.System.USER_ROTATION = 0
Settings.System.SHOW_TOUCHES = 0
Settings.System.LOCK_PCW_ENABLED = 10
Settings.System.LOCK_PCW_PASSWORD =
radio.data.stall.recovery.action = 0
unknown_mode = 0
volume_notification_last_audible = 6
volume_system_last_audible = 6
Settings.System.VIB_RECVCALL_MAGNITUDE = 5
Settings.System.VIB_NOTIFICATION_MAGNITUDE = 5
Settings.System.RINGTONE = content://media/internal/audio/media/51
Settings.System.NOTIFICATION_SOUND = content://media/internal/audio/media/22
Settings.System.VIBRATE_ON = 5
Settings.System.LOCKSCREEN_SOUNDS_ENABLED = 1
lockscreen_wallpaper = 1
Settings.System.VOLUME_VOICE = 5
volume_voice_last_audible = 5
Settings.System.MAXIMUM_POWER_SAVING_MODE = 0
VALUE_OF_CURRENT_EF_CSP = 1
Settings.System.SCREEN_BRIGHTNESS_MODE = 0
Settings.System.ACCELEROMETER_ROTATION = 1
aw_daemon_service_key_app_service_status = 0
Settings.System.ONEHAND_PATTERN = 1
Settings.System.VOLUME_ALARM = 7
volume_alarm_last_audible = 7
Settings.System.AIRPLANE_MODE_ON = 1
Settings.System.DRIVING_MODE_ALARM_NOTIFICATION = 1
Settings.System.DRIVING_MODE_MESSAGE_NOTIFICATION = 1
Settings.System.DRIVING_MODE_INCOMING_CALL_NOTIFICATION = 1
Settings.System.DRIVING_MODE_EMAIL_NOTIFICATION = 1
Settings.System.DRIVING_MODE_SCHEDULE_NOTIFICATION = 1
Settings.System.DRIVING_MODE_VOICE_MAIL_NOTIFICATION = 1
Settings.System.POINTER_SPEED = -2
new_power_saving_mode = 1
psm_battery_level = 10
psm_brightness_level = 30
psm_screen_timeout = 60000
psm_wifi = 0
psm_bluetooth = 0
psm_gps = 0
psm_sync = 0
Settings.System.TRANSITION_ANIMATION_SCALE = 0.0
Settings.System.WINDOW_ANIMATION_SCALE = 0.0
Settings.System.SHOW_PROCESSES = 0
Settings.System.POWER_KEY_HOLD = 1
Settings.System.MOTION_ZOOMING_SENSITIVITY = 0
Settings.System.MOTION_ZOOMING = 0
Settings.System.MOTION_PANNING_SENSITIVITY = 0
Settings.System.MOTION_PANNING = 0
Settings.System.MOTION_DOUBLE_TAP = 0
Settings.System.MOTION_OVERTURN = 0
Settings.System.MOTION_ENGINE = 0
Settings.System.DB_KEY_DRIVING_MODE_ON = 0
mono_audio_db = 1
show_clock = 0
unlock_text = 1
Settings.System.VOLUME_WAITING_TONE = 0
Settings.System.VOLUME_NOTIFICATION = 0
Settings.System.VOLUME_SYSTEM = 0
volume_ring_last_audible = 0
Settings.System.VOLUME_RING = 0
Settings.System.TORCH_LIGHT = 0
Settings.System.SCREEN_BRIGHTNESS = 86
Settings.System.SCREEN_OFF_TIMEOUT = 60000
Settings.System.MEDIA_BUTTON_RECEIVER = com.sec.android.app.music/com.sec.android.app.music.MediaButtonIntentReceiver
Settings.System.NEXT_ALARM_FORMATTED =
Settings.System.VOLUME_MUSIC = 9
volume_music_last_audible = 9
Settings.System.VIBRATE_IN_SILENT = 0
Settings.System.MODE_RINGER = 0

ANDROID_SOCKET_zygote = 9
ANDROID_BOOTLOGO = 1
EXTERNAL_STORAGE = /mnt/sdcard
ANDROID_ASSETS = /system/app
ASEC_MOUNTPOINT = /mnt/asec
PATH = /sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin
LOOP_MOUNTPOINT = /mnt/obb
BOOTCLASSPATH = /system/framework/core.jar:/system/framework/core-junit.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/framework2.jar:/system/framework/android.policy.jar:/system/framework/services.jar:/system/framework/apache-xml.jar:/system/framework/filterfw.jar
USBHOST_STORAGE = /mnt/sdcard/usbStorage
ANDROID_DATA = /data
ANDROID_PROPERTY_WORKSPACE = 8,66560
ANDROID_ROOT = /system
LD_LIBRARY_PATH = /vendor/lib:/system/lib
EXTERNAL_STORAGE2 = /mnt/sdcard/external_sd
VIBE_PIPE_PATH = /dev/pipes

com.android.providers.settings.SettingsProvider = Syncable(false)
URI(content://settings)
com.sec.android.app.myfiles.provider.FileInfoProvider = Syncable(false)
URI(content://com.sec.android.app.myfiles.provider)
com.android.browser.provider.BrowserProvider2 = Syncable(false)
URI(content://com.android.browser;browser)
com.google.android.apps.uploader.UploadsContentProvider = Syncable(false)
URI(content://com.google.android.apps.uploader)
com.android.bluetooth.opp.BluetoothOppProvider = Syncable(false)
URI(content://com.android.bluetooth.opp)
com.sec.android.widgetapp.dualclock.DataContentProvider = Syncable(false)
URI(content://com.sec.android.widgetapp.dualclock)
com.samsung.dmc.ux.db.HistoryContenProvider = Syncable(false)
URI(content://com.samsung.shareshot.history)
com.android.providers.telephony.TelephonyProvider = Syncable(false)
URI(content://telephony)
com.android.providers.downloads.DownloadProvider = Syncable(false)
URI(content://downloads)
com.sec.android.app.sns.SnsContentProvider = Syncable(false)
URI(content://com.sec.android.app.provider.sns)
com.yellowpages.android.ypmobile.instant_rating.InstantRatingProvider = Syncable(false)
URI(content://com.yellowpages.android.ypmobile.instant_rating.InstantRatingProvider)
com.android.browser.homepages.HomeProvider = Syncable(false)
URI(content://com.android.browser.home)
com.yellowpages.android.ypmobile.autocomplete.HistoryProvider = Syncable(false)
URI(content://com.yellowpages.android.ypmobile.autocomplete.HistoryProvider)
com.android.providers.drm.DrmProvider = Syncable(false)
URI(content://drm)
com.sec.android.providers.downloads.SecDownloadProvider = Syncable(false)
URI(content://sisodownloads)
com.sec.android.app.snsaccounttw.SnsAccountTwContentProvider = Syncable(false)
URI(content://com.sec.android.app.provider.snsaccounttw)
com.sec.android.app.clockpackage.worldclock.common.DataContentProvider = Syncable(false)
URI(content://com.sec.android.provider.stri_s1_worldclock)
com.sec.android.app.clockpackage.alarm.AlarmProvider = Syncable(false)
URI(content://com.samsung.sec.android.clockpackage)
com.sec.android.app.minidiary.MiniDiaryProvider = Syncable(false)
URI(content://com.sec.android.providers.minidiary.MiniDiaryData)
com.android.browser.provider.SnapshotProvider = Syncable(false)
URI(content://com.android.browser.snapshots)
com.sec.android.app.twlauncher.LauncherProvider = Syncable(false)
URI(content://com.sec.android.app.twlauncher.settings)
com.google.android.voicesearch.AudioProvider = Syncable(false)
URI(content://com.google.android.voicesearch)
com.ghostsq.commander.FileProvider = Syncable(false)
URI(content://com.ghostsq.commander.FileProvider)
com.sec.android.app.snsimagecache.SnsImageCacheContentProvider = Syncable(false)
URI(content://com.sec.android.app.provider.snsimagecache)
com.android.providers.telephony.SmsProvider = Syncable(false)
URI(content://sms)
com.google.android.inputmethod.latin.dictionarypack.DictionaryProvider = Syncable(false)
URI(content://com.android.inputmethod.latin.dictionarypack)
com.android.htmlviewer.FileContentProvider = Syncable(false)
URI(content://com.android.htmlfileprovider)
com.metago.astro.network.smb.SMBProvider = Syncable(false)
URI(content://com.metago.astro.network.smb)
com.google.googlenav.provider.SearchHistoryProvider = Syncable(false)
URI(content://com.google.android.maps.SearchHistoryProvider)
com.samsung.avrcp.AudioProvider = Syncable(false)
URI(content://com.samsung.avrcp)
org.projectvoodoo.report.report.ReportProvider = Syncable(false)
URI(content://org.projectvoodoo.report)
com.android.providers.telephony.MmsSmsProvider = Syncable(false)
URI(content://mms-sms)
com.android.settings.mt.MTContentProvider = Syncable(false)
URI(content://com.android.settings.mt.provider.MTContentProvider)
com.sec.android.app.snsaccountfb.SnsAccountFbContentProvider = Syncable(false)
URI(content://com.sec.android.app.provider.snsaccountfb)
com.sec.android.app.myfiles.provider.MxPreviewContentProvider = Syncable(true)
URI(content://com.sec.android.app.myfiles.provider.preview)
com.android.providers.security.SecurityPoliciesProvider = Syncable(false)
URI(content://com.android.security)
com.google.googlenav.layer.LayerInfoProvider = Syncable(false)
URI(content://com.google.android.maps.LayerInfoProvider)
com.sec.android.app.yp.utils.AutoContentProvider = Syncable(false)
URI(content://com.sec.yp.data.AutoContentProvider)
com.google.googlenav.appwidget.traffic.TrafficAppWidgetProvider = Syncable(false)
URI(content://com.google.android.maps.TrafficAppWidgetProvider)
com.android.providers.media.MediaProvider = Syncable(false)
URI(content://media)
com.google.android.apps.genie.geniewidget.providers.WeatherProvider = Syncable(false)
URI(content://com.google.android.apps.genie.geniewidget.weather)
com.google.googlenav.suggest.android.SuggestProvider = Syncable(false)
URI(content://com.google.android.maps.SuggestionProvider)
com.google.googlenav.provider.LocalActivePlacesProvider = Syncable(false)
URI(content://com.google.android.maps.LocalActivePlacesProvider)
com.android.providers.telephony.NwkInfoProvider = Syncable(false)
URI(content://nwkinfo)
com.cooliris.picasa.PicasaContentProvider = Syncable(true)
URI(content://com.cooliris.picasa.contentprovider)
com.android.phone.IccProvider = Syncable(false)
URI(content://icc)
com.google.googlenav.provider.StarredItemProvider = Syncable(false)
URI(content://com.google.android.maps.StarredItemProvider)
com.samsung.dmc.ux.db.UserContenProvider = Syncable(false)
URI(content://com.samsung.shareshot.userdb)
com.samsung.dmc.ux.db.GeneralSettingContenProvider = Syncable(false)
URI(content://com.samsung.shareshot.setting)
com.google.googlenav.provider.LocalSuggestionProvider = Syncable(false)
URI(content://com.google.android.maps.LocalSuggestionProvider)
com.google.android.apps.genie.geniewidget.providers.NewsImageProvider = Syncable(false)
URI(content://com.google.android.apps.genie.geniewidget.newsimage)
com.android.providers.applications.ApplicationsProvider = Syncable(false)
URI(content://applications)
com.android.providers.telephony.ChannelsProvider = Syncable(false)
URI(content://channels)
com.android.providers.telephony.MmsProvider = Syncable(false)
URI(content://mms)
com.sec.android.app.snsaccountli.SnsAccountLiContentProvider = Syncable(false)
URI(content://com.sec.android.app.provider.snsaccountli)
com.wsomacp.database.wssCPdbSqlProvider = Syncable(false)
URI(content://com.wsomacp.messagelist)
com.google.googlenav.provider.NavigationAvailabilityProvider = Syncable(false)
URI(content://com.google.android.maps.NavigationAvailabilityProvider)
com.yellowpages.android.ypmobile.autocomplete.AutocompleteProvider = Syncable(false)
URI(content://com.yellowpages.android.ypmobile.autocomplete.AutocompleteProvider)
com.yellowpages.android.ypmobile.mystuff.MyStuffProvider = Syncable(false)
URI(content://com.yellowpages.android.ypmobile.mystuff.MyStuffProvider)
com.google.android.apps.uploader.clients.picasa.AlbumProvider = Syncable(false)
URI(content://com.google.photos.provider.Album)
com.sec.android.app.callsetting.allcalls.AllCallsProvider = Syncable(false)
URI(content://com.sec.android.app.callsetting.allcalls)
Settings.Secure.DATA_ROAMING = 0
Settings.Secure.INSTALL_NON_MARKET_APPS = 0
Settings.Secure.NETWORK_PREFERENCE = 1
Settings.Secure.USB_MASS_STORAGE_ENABLED = 1
Settings.Secure.PREFERRED_NETWORK_MODE = 0
Settings.Secure.CDMA_CELL_BROADCAST_SMS = 1
Settings.Secure.PREFERRED_CDMA_SUBSCRIPTION = 1
Settings.Secure.ALLOW_MOCK_LOCATION = 0
Settings.Secure.BACKUP_ENABLED = 0
Settings.Secure.BACKUP_TRANSPORT = com.google.android.backup/.BackupTransportService
Settings.Secure.MOUNT_PLAY_NOTIFICATION_SND = 1
Settings.Secure.MOUNT_UMS_AUTOSTART = 0
Settings.Secure.MOUNT_UMS_PROMPT = 1
Settings.Secure.MOUNT_UMS_NOTIFY_ENABLED = 1
Settings.Secure.ACCESSIBILITY_SCRIPT_INJECTION = 0
Settings.Secure.ACCESSIBILITY_WEB_CONTENT_KEY_BINDINGS = 0x13=0x01000100; 0x14=0x01010100; 0x15=0x02000001; 0x16=0x02010001; 0x200000013=0x02000601; 0x200000014=0x02010601; 0x200000015=0x03020101; 0x200000016=0x03010201; 0x200000023=0x02000301; 0x200000024=0x02010301; 0x200000037=0x03070201; 0x200000038=0x03000701:0x03010701:0x03020701;
Settings.Secure.LONG_PRESS_TIMEOUT = 500
Settings.Secure.TOUCH_EXPLORATION_ENABLED = 0
lockscreen.options = enable_facelock
Settings.Secure.LOCK_SCREEN_LOCK_AFTER_TIMEOUT = 300000
Settings.Secure.LOCK_SIGNATURE_VISIBLE = 1
Settings.Secure.ANDROID_ID = 13a746e854025a8c
Settings.Secure.SELECTED_SPELL_CHECKER = com.google.android.inputmethod.latin/com.android.inputmethod.latin.spellcheck.AndroidSpellCheckerService
Settings.Secure.SELECTED_SPELL_CHECKER_SUBTYPE = 0
Settings.Secure.ADB_ENABLED = 0
Settings.Secure.THROTTLE_RESET_DAY = 5
Settings.Secure.DATA_NATIONAL_ROAMING_MODE = 0
Settings.Secure.ASSISTED_GPS_ENABLED = 0
Settings.Secure.DEVICE_PROVISIONED = 1
Settings.Secure.LAST_SETUP_SHOWN = eclair_1
Settings.Secure.WIFI_NETWORKS_AVAILABLE_NOTIFICATION_ON = 0
Settings.Secure.WIFI_ATT_HOTSPOT_NOTIFICATION_ON = 0
dropbox:data_app_wtf = disabled
ssl_session_cache = file
facelock_detection_threshold = 0.0
dropbox:data_app_crash = disabled
Settings.Secure.SEND_ACTION_APP_ERROR = 1
Settings.Secure.WEB_AUTOFILL_QUERY_URL = http://android.clients.google.com/proxy/webautofill
dropbox:data_app_anr = disabled
Settings.Secure.TTS_DEFAULT_RATE = 80
Settings.Secure.USB_SETTING_MODE = 0
Settings.Secure.VOICE_RECOGNITION_SERVICE = com.google.android.voicesearch/.GoogleRecognitionService
Settings.Secure.WIFI_AUTO_CONNECT = 0
Settings.Secure.SELECTED_INPUT_METHOD_SUBTYPE = -1
Settings.Secure.LOCK_PATTERN_ENABLED = 0
lockscreen.patterneverchosen = 1
lockscreen.password_type = 65536
lockscreen.password_type_alternate = 0
lockscreen.disabled = 1
Settings.Secure.ALLOWED_GEOLOCATION_ORIGINS =
Settings.Secure.WIFI_FREQUENCY_BAND = 0
Settings.Secure.WIFI_AP_SHOW_PASSWORD = 1
Settings.Secure.WIFI_COUNTRY_CODE = us
Settings.Secure.MOBILE_DATA = 0
Settings.Secure.WIFI_P2P_SSID = MyNeighborIsAFatWhore
Settings.Secure.INPUT_METHODS_SUBTYPE_HISTORY = com.google.android.inputmethod.latin/com.android.inputmethod.latin.LatinIME;-1337596075:com.samsung.sec.android.inputmethod.axt9/.AxT9IME;-1
Settings.Secure.DEFAULT_INPUT_METHOD = com.samsung.sec.android.inputmethod.axt9/.AxT9IME
Settings.Secure.TTS_DEFAULT_SYNTH = com.samsung.SMT
Settings.Secure.TTS_DEFAULT_LOCALE = com.samsung.SMT:deu-DEU
Settings.Secure.ACCESSIBILITY_SPEAK_PASSWORD = 1
Settings.Secure.ENABLED_INPUT_METHODS = com.swype.android.inputmethod/.SwypeInputMethod:com.samsung.sec.android.inputmethod.axt9/.AxT9IME:com.google.android.inputmethod.latin/com.android.inputmethod.latin.LatinIME;-1337596075:com.google.android.voicesearch/.ime.VoiceInputMethodService
Settings.Secure.LOCATION_PROVIDERS_ALLOWED =
Settings.Secure.BLUETOOTH_ON = 0
Settings.Secure.WIFI_ON = 0

.



.

CERTIFICATES Hacked In Samsung Note.via Dalvick


-----BEGIN CERTIFICATE-----
MIIE1DCCA7ygAwIBAgIJAOXv8Kj2bZKzMA0GCSqGSIb3DQEBBQUAMIGiMQswCQYD
VQQGEwJLUjEUMBIGA1UECBMLU291dGggS29yZWExEzARBgNVBAcTClN1d29uIENp
dHkxHDAaBgNVBAoTE1NhbXN1bmcgQ29ycG9yYXRpb24xDDAKBgNVBAsTA0RNQzEV
MBMGA1UEAxMMU2Ftc3VuZyBDZXJ0MSUwIwYJKoZIhvcNAQkBFhZhbmRyb2lkLm9z
QHNhbXN1bmcuY29tMB4XDTExMDYyMjEyMjUxM1oXDTM4MTEwNzEyMjUxM1owgaIx
CzAJBgNVBAYTAktSMRQwEgYDVQQIEwtTb3V0aCBLb3JlYTETMBEGA1UEBxMKU3V3
b24gQ2l0eTEcMBoGA1UEChMTU2Ftc3VuZyBDb3Jwb3JhdGlvbjEMMAoGA1UECxMD
RE1DMRUwEwYDVQQDEwxTYW1zdW5nIENlcnQxJTAjBgkqhkiG9w0BCQEWFmFuZHJv
aWQub3NAc2Ftc3VuZy5jb20wggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAwggEIAoIB
AQDp8e20JCMgHc5i5o8hWe2Op2a0OkPTSHVIQbculnjOawPQbTFTLYjy7y1bo5oC
jeCFeYPNMh9bd4bC02md9MC0DI2FbxR8XcVLnR1nHRpRtcU2TaNvxbD+glr7UT7H
otuGLEimBGxDw7caHidRVfbDCu0qaDJqwyf2AWDUJ89VthcjCQeoTtv/IcwlbGKK
FvFdVdSROM3yYGUE4VkRlu0L3CW3zE9nsz+ynsTbsT2+bzRnoIcaSeYgBndV5vCV
w72E+LfR5mqMbR5RUPf6nZVHXccGGjIar5xoawm+I8zFmzUBHGgj/9WHTY+ioeXS
du5ao4EYfiYRLH1VYnA7NiELAgEDo4IBCzCCAQcwHQYDVR0OBBYEFFsRWyPbNWVf
n3f3h1aWEAbuvjqeMIHXBgNVHSMEgc8wgcyAFFsRWyPbNWVfn3f3h1aWEAbuvjqe
oYGopIGlMIGiMQswCQYDVQQGEwJLUjEUMBIGA1UECBMLU291dGggS29yZWExEzAR
BgNVBAcTClN1d29uIENpdHkxHDAaBgNVBAoTE1NhbXN1bmcgQ29ycG9yYXRpb24x
DDAKBgNVBAsTA0RNQzEVMBMGA1UEAxMMU2Ftc3VuZyBDZXJ0MSUwIwYJKoZIhvcN
AQkBFhZhbmRyb2lkLm9zQHNhbXN1bmcuY29tggkA5e/wqPZtkrMwDAYDVR0TBAUw
AwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAOckYd+sJwshERUQ2c8d6EhnFwC5lUvov
utDXNrxatuuvA3XlIP6XmUA+y3FlmyOv2hR1o070suH/y6jX/zhcIctkglQLzjg3
5iNP1PfdV21/z+nPqSVQn3csSU4Vaf5E5vzUEi5IPCyqLGOVZtvP6F7XgY1UMecx
VK1FMon7VrYHZDkZz1NPvu+9wgCcf8tfmx+pdJBGI2P6S+3F4LnRV+RI5tDnz6Mf
Gi+qk3jQPI0RY9OAO8ab8k7HfOfVWavK+NNFSUq/DjJ28OvSqgjk9Pb1qupLxSPY
zI4skgC6VR3T1OFdWSEwPKkzP0L5kt23DClY53bBLX47e9dCIutceg==
-----END CERTIFICATE----- the


-----BEGIN CERTIFICATE-----
MIIEdDCCA1ygAwIBAgIQRL4Mi1AAJLQR0zYq/mUK/TANBgkqhkiG9w0BAQUFADCB
lzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2Ug
Q2l0eTEeMBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExho
dHRwOi8vd3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3Qt
SGFyZHdhcmUwHhcNOTkwNzA5MTgxMDQyWhcNMTkwNzA5MTgxOTIyWjCBlzELMAkG
A1UEBhMCVVMxCzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEe
MBwGA1UEChMVVGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8v
d3d3LnVzZXJ0cnVzdC5jb20xHzAdBgNVBAMTFlVUTi1VU0VSRmlyc3QtSGFyZHdh
cmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx98M4P7Sof885glFn
0G2f0v9Y8+efK+wNiVSZuTiZFvfgIXlIwrthdBKWHTxqctU8EGc6Oe0rE81m65UJ
M6Rsl7HoxuzBdXmcRl6Nq9Bq/bkqVRcQVLMZ8Jr28bFdtqdt++BxF2uiiPsA3/4a
MXcMmgF6sTLjKwEHOG7DpV4jvEWbe1DByTCP2+UretNb+zNAHqDVmBe8i4fDidNd
oI6yqqr2jmmIBsX6iSHzCJ1pLgkzmykNRg+MzEk0sGlRvfkGzWitZky8PqxhvQqI
DsjfPe58BEydCl5rkdbux+0ojatNh4lz0G6k0B4WixThdkQDf2Os5M1JnMWS9Ksy
oUhbAgMBAAGjgbkwgbYwCwYDVR0PBAQDAgHGMA8GA1UdEwEB/wQFMAMBAf8wHQYD
VR0OBBYEFKFyXyYbKJhDlV0HN9WFlp1L0sNFMEQGA1UdHwQ9MDswOaA3oDWGM2h0
dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9VVE4tVVNFUkZpcnN0LUhhcmR3YXJlLmNy
bDAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEF
BQcDBzANBgkqhkiG9w0BAQUFAAOCAQEARxkP3nTGmZev/K0oXnWO6y1n7k57K9cM
//bey1WiCuFMVGWTYGufEpytXoMs61quwOQt9ABjHbjAbPLPSbtNk28Gpgoiskli
CE7/yMgUsogWXecB5BKV5UU0s4tpvc+0hY91UZ59Ojg6FEgSxvunOxqNDYJAB+gE
CJChicsZUN/KHAG8HQQZexB2lzvukJDKxA4fFm517zP4029bHpbj4HR3dHuKom4t
3XbWOTCC8KucUvIqx69JXn7HaOWCgchqJ/kniCrVWFCVH/A7HFe7fRQ5YiuayZSS
KqMiDP+JJn1fIytH1xUdqWqeUQ0qUZ6B+dQ7XnASfxAynB67nfhmqA==
-----END CERTIFICATE-----
Certificate:
   Data:
       Version: 3 (0x2)
       Serial Number:
           44:be:0c:8b:50:00:24:b4:11:d3:36:2a:fe:65:0a:fd
       Signature Algorithm: sha1WithRSAEncryption
       Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
       Validity
           Not Before: Jul  9 18:10:42 1999 GMT
           Not After : Jul  9 18:19:22 2019 GMT
       Subject: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
       Subject Public Key Info:
           Public Key Algorithm: rsaEncryption
           RSA Public Key: (2048 bit)
               Modulus (2048 bit):
                   00:b1:f7:c3:38:3f:b4:a8:7f:cf:39:82:51:67:d0:
                   6d:9f:d2:ff:58:f3:e7:9f:2b:ec:0d:89:54:99:b9:
                   38:99:16:f7:e0:21:79:48:c2:bb:61:74:12:96:1d:
                   3c:6a:72:d5:3c:10:67:3a:39:ed:2b:13:cd:66:eb:
                   95:09:33:a4:6c:97:b1:e8:c6:ec:c1:75:79:9c:46:
                   5e:8d:ab:d0:6a:fd:b9:2a:55:17:10:54:b3:19:f0:
                   9a:f6:f1:b1:5d:b6:a7:6d:fb:e0:71:17:6b:a2:88:
                   fb:00:df:fe:1a:31:77:0c:9a:01:7a:b1:32:e3:2b:
                   01:07:38:6e:c3:a5:5e:23:bc:45:9b:7b:50:c1:c9:
                   30:8f:db:e5:2b:7a:d3:5b:fb:33:40:1e:a0:d5:98:
                   17:bc:8b:87:c3:89:d3:5d:a0:8e:b2:aa:aa:f6:8e:
                   69:88:06:c5:fa:89:21:f3:08:9d:69:2e:09:33:9b:
                   29:0d:46:0f:8c:cc:49:34:b0:69:51:bd:f9:06:cd:
                   68:ad:66:4c:bc:3e:ac:61:bd:0a:88:0e:c8:df:3d:
                   ee:7c:04:4c:9d:0a:5e:6b:91:d6:ee:c7:ed:28:8d:
                   ab:4d:87:89:73:d0:6e:a4:d0:1e:16:8b:14:e1:76:
                   44:03:7f:63:ac:e4:cd:49:9c:c5:92:f4:ab:32:a1:
                   48:5b
               Exponent: 65537 (0x10001)
       X509v3 extensions:
           X509v3 Key Usage:
               Digital Signature, Non Repudiation, Certificate Sign, CRL Sign
           X509v3 Basic Constraints: critical
               CA:TRUE
           X509v3 Subject Key Identifier:
               A1:72:5F:26:1B:28:98:43:95:5D:07:37:D5:85:96:9D:4B:D2:C3:45
           X509v3 CRL Distribution Points:
               URI:http://crl.usertrust.com/UTN-USERFirst-Hardware.crl

           X509v3 Extended Key Usage:
               TLS Web Server Authentication, IPSec End System, IPSec Tunnel, IPSec User
   Signature Algorithm: sha1WithRSAEncryption
       47:19:0f:de:74:c6:99:97:af:fc:ad:28:5e:75:8e:eb:2d:67:
       ee:4e:7b:2b:d7:0c:ff:f6:de:cb:55:a2:0a:e1:4c:54:65:93:
       60:6b:9f:12:9c:ad:5e:83:2c:eb:5a:ae:c0:e4:2d:f4:00:63:
       1d:b8:c0:6c:f2:cf:49:bb:4d:93:6f:06:a6:0a:22:b2:49:62:
       08:4e:ff:c8:c8:14:b2:88:16:5d:e7:01:e4:12:95:e5:45:34:
       b3:8b:69:bd:cf:b4:85:8f:75:51:9e:7d:3a:38:3a:14:48:12:
       c6:fb:a7:3b:1a:8d:0d:82:40:07:e8:04:08:90:a1:89:cb:19:
       50:df:ca:1c:01:bc:1d:04:19:7b:10:76:97:3b:ee:90:90:ca:
       c4:0e:1f:16:6e:75:ef:33:f8:d3:6f:5b:1e:96:e3:e0:74:77:
       74:7b:8a:a2:6e:2d:dd:76:d6:39:30:82:f0:ab:9c:52:f2:2a:
       c7:af:49:5e:7e:c7:68:e5:82:81:c8:6a:27:f9:27:88:2a:d5:
       58:50:95:1f:f0:3b:1c:57:bb:7d:14:39:62:2b:9a:c9:94:92:
       2a:a3:22:0c:ff:89:26:7d:5f:23:2b:47:d7:15:1d:a9:6a:9e:
       51:0d:2a:51:9e:81:f9:d4:3b:5e:70:12:7f:10:32:9c:1e:bb:
       9d:f8:66:a8
SHA1 Fingerprint=04:83:ED:33:99:AC:36:08:05:87:22:ED:BC:5E:46:00:E3:BE:F9:D7



zI4skgC6VR3T1OFdWSEwPKkzP0L5kt23DClY53bBLX47e9dCIutceg zI4skgC6VR3T1OFdWSEwPKkzP0L5kt23DClY53bBLX47e9dCIutceg




zI4skgC6VR3T1OFdWSEwPKkzP0L5kt23DClY53bBLX47e9dCIutceg

Saturday, April 13, 2013

LIST of WINDOWS Reserved Words for user and computer names

When the OU at the domain root level has the same name as a future child domain, you might encounter database problems.To illustrate this, consider a scenario where you delete an OU named "marketing" to create a child domain with the same name, e.g. marketing.contoso.com (leftmost label of the child domain FQDN name has the same name).The OU is deleted and during the tombstone lifetime of the OU you create a child domain that has the same name is created, deleted, and created again. In this scenario, a duplicate record name in the ESE database causes a phantom-phantom name collision when the child domain is re-created. This problem prevents the configuration container from replicating.Note a similar name conflict might also happen with other RDN name types under certain conditions, not restricted to DC and OU name types:951323  Error message when you add a group as a member of another group from a different domain in Windows Server 2003 Active Directory: "Directory Service is too busy"http://support.microsoft.com/default.aspx?scid=kb;EN-US;951323

Table of reserved words

Reserved words for namesWindows NT 4.0Windows 2000Windows Server 2003ANONYMOUSXXXAUTHENTICATED USERXXBATCHXXXBUILTINXXXCREATOR GROUPXXXCREATOR GROUP SERVERXXXCREATOR OWNERXXXCREATOR OWNER SERVERXXXDIALUPXXXDIGEST AUTHXINTERACTIVEXXXINTERNETXXLOCALXXXLOCAL SYSTEMXNETWORKXXXNETWORK SERVICEXNT AUTHORITYXXXNT DOMAINXXXNTLM AUTHXNULLXXXPROXYXXREMOTE INTERACTIVEXRESTRICTEDXXSCHANNEL AUTHXSELFXXSERVERXXSERVICEXXXSYSTEMXXXTERMINAL SERVERXXTHIS ORGANIZATIONXUSERSXWORLD


The OU is deleted and during the tombstone lifetime of the OU you create a child domain that has the same name is created, deleted, and created again. In this scenario, a duplicate record name in the ESE database causes a phantom-phantom name collision when the child domain is re-created. This problem prevents the configuration container from replicating

LIST of WINDOWS CLSID Key (GUID) SHORTCUTS

http://www.sevenforums.com/tutorials/110919-clsid-key-list-windows-7-a.html

CLSID Key (GUID) Shortcuts List for Windows 7   InformationA CLSID is a globally unique identifier that identifies a COM class object. For more information about a CLSID key and the function of it's subkeys in the registry, then see CLSID Key (COM).This is a list of GUIDs from the CLSID key in the registry that can be used to create shortcuts to open items with in Windows 7.If you know of a GUID that is not in the list, then please feel free to share and post it as a reply.   NoteFor example, you could use either command below to create a shortcut with the CLSID key (GUID) for what it opens. You would right click on the desktop and click on New, Shortcut, use the full command you want below for the location, then type in a name for the shortcut.explorer.exe shell:::{CLSID key number below}ORexplorer.exe /e,::{CLSID key number below}OpensCLSID Key "GUID"Action Center{BB64F8A7-BEE7-4E1A-AB8D-7D8273F7FDB6}Add Network Location{D4480A50-BA28-11d1-8E75-00C04FA31A86}Administrative Tools{D20EA4E1-3957-11d2-A40B-0C5020524153}Advanced User Accounts{7A9D77BD-5403-11d2-8785-2E0420524153}AutoPlay{9C60DE1E-E5FC-40f4-A487-460851A8D915}Backup and Restore{B98A2BEA-7D42-4558-8BD1-832F41BAC6FD}Biometric Devices{0142e4d0-fb7a-11dc-ba4a-000ffe7ab428}BitLocker Drive Encryption{D9EF8727-CAC2-4e60-809E-86F80A666C91}Bluetooth Devices{28803F59-3A75-4058-995F-4EE5503B023C}Briefcase{85BBD920-42AO-1069-A2E4-08002B30309D}Color Management{B2C761C6-29BC-4f19-9251-E6195265BAF1}Command Folder{437ff9c0-a07f-4fa0-af80-84b6c6440a16}Common Places FS Folder{d34a6ca6-62c2-4c34-8a7c-14709c1ad938}Computer{20d04fe0-3aea-1069-a2d8-08002b30309d}Connect To{38A98528-6CBF-4CA9-8DC0-B1E1D10F7B1B}Control Panel (Icons view){21EC2020-3AEA-1069-A2DD-08002B30309D}Control Panel (All Tasks){ED7BA470-8E54-465E-825C-99712043E01C}Control Panel (Category view){26EE0668-A00A-44D7-9371-BEB064C98683}Credential Manager{1206F5F1-0569-412C-8FEC-3204630DFB70}Date and Time{E2E7934B-DCE5-43C4-9576-7FE4F75E7480}Default Location{00C6D95F-329C-409a-81D7-C46C66EA7F33}Default Programs{17cd9488-1228-4b2f-88ce-4298e93e0966} or {E44E5D18-0652-4508-A4E2-8A090067BCB0}delegate folder that appears in Computer{b155bdf8-02f0-451e-9a26-ae317cfd7779}Desktop Gadgets{37efd44d-ef8d-41b1-940d-96973a50e9e0}Desktop in Favorites{04731B67-D933-450a-90E6-4ACD2E9408FE}Device Manager{74246bfc-4c96-11d0-abef-0020af6b0b7a}Devices and Printers{A8A91A66-3A7D-4424-8D24-04E180695C7A}Display (DPI){C555438B-3C23-4769-A71F-B6D3D9B6053A}Ease of Access Center{D555645E-D4F8-4c29-A827-D93C859C4F2A}E-mail (default program){2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}Favorites{323CA680-C24D-4099-B94D-446DD2D7249E}Flip 3D{3080F90E-D7AD-11D9-BD98-0000947B0257}Folder Options{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF}Font Settings{93412589-74D4-4E4E-AD0E-E0CB621440FD}Fonts{BD84B380-8CA2-1069-AB1D-08000948534}Gadgets{37efd44d-ef8d-41b1-940d-96973a50e9e0}Game Controllers{259EF4B1-E6C9-4176-B574-481532C9BCE8}Games Explorer{ED228FDF-9EA8-4870-83b1-96b02CFE0D52}Get Programs{15eae92e-f17a-4431-9f28-805e482dafd4}Getting Started{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1}Help and Support{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}HomeGroup{67CA7650-96E6-4FDD-BB43-A8E774F73A57}Indexing Options{87D66A43-7B11-4A28-9811-C86EE395ACF7}Infared{A0275511-0E86-4ECA-97C2-ECD8F1221D08}Installed Updates{d450a8a1-9568-45c7-9c0e-b4f9fb4537bd}Internet Explorer{871C5380-42A0-1069-A2EA-08002B30309D}Internet Options{A3DD4F92-658A-410F-84FD-6FBBBEF2FFFE}iSCCI Initiator{A304259D-52B8-4526-8B1A-A1D6CECC8243}Keyboard Properties{725BE8F7-668E-4C7B-8F90-46BDB0936430}Libraries{031E4825-7B94-4dc3-B131-E946B44C8DD5}Location{00C6D95F-329C-409a-81D7-C46C66EA7F33}Location and Other Sensors{E9950154-C418-419e-A90A-20C5287AE24B}Manage Wireless Networks{1fa9085f-25a2-489b-85d4-86326eedcd87}Mobility Center{5ea4f148-308c-46d7-98a9-49041b1dd468}Mouse Properties{6C8EEC18-8D75-41B2-A177-8831D59D2D50}My Documents{450d8fba-ad25-11d0-98a8-0800361b1103}Network{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}Network and Sharing Center8E908FC9-BECC-40f6-915B-F4CA0E70D03D}Network Center Notification area pop-up{38A98528-6CBF-4CA9-8DC0-B1E1D10F7B1B}Network Connections{7007ACC7-3202-11D1-AAD2-00805FC1270E} or {992CFFA0-F557-101A-88EC-00DD010CCC48}Network Map{E7DE9B1A-7533-4556-9484-B26FB486475E}Network Neighborhood{208D2C60-3AEA-1069-A2D7-O8002B30309D}Network (WorkGroup) Places{208D2C60-3AEA-1069-A2D7-08002B30309D}Notification Area Icons{05d7b0f4-2121-4eff-bf6b-ed3f69b894d9}NVIDIA Control Panel (if driver installed){0bbca823-e77d-419e-9a44-5adec2c8eeb0}Offline Files Folder{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}Parental Controls{96AE8D84-A250-4520-95A5-A47A7E3C548B}Pen and Touch{F82DF8F7-8B9F-442E-A48C-818EA735FF9B}People Near Me{5224F545-A443-4859-BA23-7B5A95BDC8EF}Performance Information and Tools{78F3955E-3B90-4184-BD14-5397C15F1EFC}Personalization{ED834ED6-4B5A-4bfe-8F11-A626DCB6A921}Phone & Modem Location Information{40419485-C444-4567-851A-2DD7BFA1684D}Portable Devices{35786D3C-B075-49b9-88DD-029876E11C01}Power Options{025A5937-A6BE-4686-A844-36FE4BEC8B6D}Previous Versions Results Folder{f8c2ab3b-17bc-41da-9758-339d7dbf2d88}printhood delegate folder{ed50fc29-b964-48a9-afb3-15ebb9b97f36}Printers{2227A280-3AEA-1069-A2DE-08002B30309D} or {863aa9fd-42df-457b-8e4d-0de1b8015c60}Programs and Features{7b81be6a-ce2b-4676-a29e-eb907a5126c5}Public folder{4336a54d-038b-4685-ab02-99bb52d3fb8b}Recent Places{22877a6d-37a1-461a-91b0-dbda5aaebc99}Recovery (System Restore){9FE63AFD-59CF-4419-9775-ABCC3849F861}Recycle Bin{645FF040-5081-101B-9F08-00AA002F954E}Region and Language{62d8ed13-c9d0-4ce8-a914-47dd628fb1b0}RemoteApp and Desktop Connections{241D7C96-F8BF-4F85-B01F-E2B043341A4B}Run{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}Search{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}Search Results{9343812e-1c37-4a49-a12e-4b2d810d956b}Set Program Access and Defaults{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}Show Desktop{3080F90D-D7AD-11D9-BD98-0000947B0257}Sound{F2DDFC82-8F12-4CDD-B7DC-D4FE1425AA4D}Speech Recognition{58E3C745-D971-4081-9034-86E34B30836A}Sync Center{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF}Sync Setup Folder{2E9E59C0-B437-4981-A647-9C34B9B90891}System{BB06C0E4-D293-4f75-8A90-CB05B6477EEE}System Icons{05d7b0f4-2121-4eff-bf6b-ed3f69b894d9} \SystemIconsTablet PC Settings{80F3F1D5-FECA-45F3-BC32-752C152E456E}Taskbar and Start Menu{0DF44EAA-FF21-4412-828E-260A8728E7F1}Text to Speech{D17D1D6D-CC3F-4815-8FE3-607E7D5D10B3}Time and Date{E2E7934B-DCE5-43C4-9576-7FE4F75E7480}Troubleshooting{C58C4893-3BE0-4B45-ABB5-A63E4B8C8651}User Accounts{60632754-c523-4b62-b45c-4172da012619}User Folder{59031a47-3f72-44a7-89c5-5595fe6b30ee}User Pinned{1f3427c8-5c10-4210-aa03-2ee45287d668}Web Browser (default){871C5380-42A0-1069-A2EA-08002B30309D}Windows Anytime Upgrade{BE122A0E-4503-11DA-8BDE-F66BAD1E3F3A}Windows Cardspace{78CB147A-98EA-4AA6-B0DF-C8681F69341C}Windows Defender{D8559EB9-20C0-410E-BEDA-7ED416AECC2A}Windows Features{67718415-c450-4f3c-bf8a-b487642dc39b}WEI{78F3955E-3B90-4184-BD14-5397C15F1EFC}Windows Firewall{4026492F-2F69-46B8-B9BF-5654FC07E423}Windows Mobility Center{5ea4f148-308c-46d7-98a9-49041b1dd468}Windows SideShow{E95A4861-D57A-4be1-AD0F-35267E261739}Windows Update{36eef7db-88ad-4e81-ad49-0e313f0c35f8}

LIST of WINDOWS Run Commands

http://www.sevenforums.com/tutorials/5966-run-commands-windows-7-a.html

Windows logo key + RAdministrative ToolsAdministrative Tools = control admintoolsAuthorization Manager = azman.mscComponent Services = dcomcnfgCertificate Manager = certmgr.mscDirect X Troubleshooter = dxdiag Display Languages = lpksetupODBC Data Source Administrator = odbcad32File Signature Verification Tool = sigverifGroup Policy Editor = gpedit.mscAdd Hardware Wizard = hdwwiz.cpliSCSI Initiator = iscsicplIexpress Wizard = iexpressLocal Security Settings = secpol.mscMicrosoft Support Diagnostic Tool = msdtMicrosoft Management Console = mmcPrint management = printmanagement.mscPrinter User Interface = printuiProblems Steps Recorder = psrPeople Near Me = p2phost Registry Editor = regedit or regedt32Resoure Monitor = resmonSystem Configuration Utility = msconfigResultant Set of Policy = rsop.mscSQL Server Client Configuration = cliconfgTask Manager = taskmgrTrusted Platform Module = tpm.mscTPM Security Hardware = TpmInit Windows Remote Assistance = msraWindows Share Folder Creation Wizard = shrpubwWindows Standalong Update Manager = wusaWindows System Security Tool = syskeyWindows Script Host Settings = wscriptWindows Version = winverWindows Firewall with Advanced Security = wf.mscWindows Memory Diagnostic = MdSchedWindows Malicious Removal Tool = mrtComputer ManagementComputer Management = compmgmt.msc or CompMgmtLauncherTask Scheduler = control schedtasksEvent Viewer = eventvwr.mscShared Folders/MMC = fsmgmt.mscLocal Users and Groups = lusrmgr.mscPerformance Monitor = perfmon.mscDevice Manager = devmgmt.mscDisk Management = diskmgmt.mscServices = services.mscWindows Management Infrastructure = wmimgmt.mscConrtol PanelControl Panel = controlAction Center= wscui.cpl Autoplay = control.exe /name Microsoft.autoplayBackup and Restore = sdcltCreate a System Repair disc = recdiscBDE Administrator = bdeadmin.cplColor Management = colorcpl Credential Manager = control.exe /name Microsoft.CredentialManagerCredential Manager Stored User Names and Passwords = credwizDate and Time Properties = timedate.cplDefault Programs = control.exe /name Microsoft.DefaultProgramsSet Program Access and Computer Defaults = control appwiz.cpl,,3 or ComputerDefaultsDevices and Printers = control printersDevices and Printers Add a Device = DevicePairingWizardDisplay = dpiscaling Screen Resolution = desk.cplDisplay Color Calibration = dccw Cleartype Text Tuner = cttune Folders Options = control foldersFonts = control fontsGetting Started = GettingStartedHomeGroup = control.exe /name Microsoft.HomeGroupIndexing Options = control.exe /name Microsoft.IndexingOptionsInternet Properties = inetcpl.cplKeyboard = control keyboardLocation and Other Sensors = control.exe /name Microsoft.LocationandOtherSensors Location Notifications = LocationNotificationsMouse = control mouse or main.cplNetwork and Sharing Center = control.exe /name Microsoft.NetworkandSharingCenterNetwork Connections = control netconnections or ncpa.cplNotification Area Icons = control.exe /name Microsoft.NotificationAreaIconsParental Controls = control.exe /name Microsoft.ParentalControlsPerformance Information = control.exe /name Microsoft.PerformanceInformationandToolsPersonalization = control desktopWindows Color and Appearance = control colorPhone and Modem Options = telephon.cplPower Configuration = powercfg.cplPrograms and Features = appwiz.cpl or control appwiz.cplOptional Features Manager = optionalfeatures or control appwiz.cpl,,2Recovery = control.exe /name Microsoft.RecoveryRegional and Language = intl.cplRemoteApp = control.exe /name Microsoft.RemoteAppandDesktopConnectionsSound = mmsys.cplVolume Mixer = sndvolSystem Properties = sysdm.cpl or Windows logo key + Pause/BreakSP ComputerName Tab = SystemPropertiesComputerNameSP Hardware Tab = SystemPropertiesHardwareSP Advanced Tab = SystemPropertiesAdvancedSP Performance = SystemPropertiesPerformanceSP Data Execution Prevention = SystemPropertiesDataExecutionPreventionSP Protection Tab = SystemPropertiesProtectionSP Remote Tab = SystemPropertiesRemoteWindows Activation = sluiWindows Activation Phone Numbers = slui 4Taskbar and Start Menu = control.exe /name Microsoft.TaskbarandStartMenuTroubleshooting = control.exe /name Microsoft.TroubleshootingUser Accounts = control.exe /name Microsoft.UserAccountsUser Account Control Settings = UserAccountControlSettingsUser Accounts Windows 2000/domain version = netplwiz or control userpasswords2Encryption File System = rekeywizWindows Anytime Upgrade = WindowsAnytimeUpgradeuiWindows Anytime Upgrade Results = WindowsAnytimeUpgradeResultsWindows CardSpace = control.exe /name Microsoft.cardspaceWindows Firewall = firewall.cplWindowsSideshow = control.exe /name Microsoft.WindowsSideshowWindows Update App Manager = wuappAccessoriesCalculator = calcCommand Prompt = cmdConnect to a Network Projector = NetProjPresentation Settings = PresentationSettingsConnect to a Projector = displayswitch or Windows logo key + PNotepad = notepadMicrosoft Paint = mspaint.exeRemote Desktop Connection = mstscRun = Windows logo key + RSnipping Tool = snippingtool Sound Recorder = soundrecorder Sticky Note = StikyNot Sync Center = mobsyncWindows Mobility Center (Only on Laptops) = mblctr or Windows logo key + XWindows Explorer = explorer or Windows logo key + E Wordpad = writeEase of Access Center = utilman or Windows logo key + UMagnifier = magnifyNarrator = NarratorOn Screen Keyboard = oskPrivate Character Editor = eudceditCharacter Map = charmapDitilizer Calibration Tool = tabcalDisk Cleanup Utility = cleanmgrDefragment User Interface = dfrguiInternet Explorer = iexploreRating System = ticrfInternet Explorer (No Add-ons) = iexplore -extoffInternet Explorer (No Home) = iexplore about:blankPhone Dialer = dialerPrinter Migration = PrintBrmUiSystem Information = msinfo32System Restore = rstruiWindows Easy Transfer = migwizWindows Media Player = wmplayerWindows Media Player DVD Player = dvdplayWindows Fax and Scan Cover Page Editor = fxscoverWindows Fax and Scan = wfsWindows Image Acquisition = wiaacmgrWindows PowerShell ISE = powershell_iseWindows PowerShell = powershellXPS Viewer = xpsrchvwOpen Documents folder = documentsOpen Pictures folder = picturesOpen Music folder = musicOpen Videos folder = videosOpen Downloads folder = downloadsOpen Favorites folder = favoritesOpen Recent folder = recentLogs out of Windows = logoffLocks User Account = Windows logo Key + L 


LIST of WINDOWS Shell Views & Comma.ds


Shell Command

How to Use and See All Windows 7 Shell CommandsPublished 07 Mar 2009Published byBrinkHow to See and Use a List of All Windows 7 Shell Commands   InformationThis will show you a list of Windows 7 Shell commands that can be used to open certain special folders directly from the Start menu or Run dialog window.   TipYou can find the shell commands listed at this registry location:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\FolderDescriptions   NoteThe Shell commands that are new in Windows 7 from Vista are bolded in red.You can use the shell commands with either format below:shell:commandORexplorer shell:commandHere's How:1. Open the Start menu and type in the shell command in bold below for the folder that you want to open, then press Enter. (See screenshot below)OR2. Open the Run dialog window, and type in the shell command in bold below for the folder that you want to open, then press Enter. (See screenshot


Shell CommandPath of Folder it Opensshell:AddNewProgramsFolderControl Panel\All Control Panel Items\Get Programsshell:Administrative Toolshidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Toolsshell:AppDatahidden C:\Users\(User-Name)\AppData\Roamingshell:AppUpdatesFolderInstalled Updatesshell:Cachehidden C:\Users\User-Name\AppData\Local\Microsoft\Windows\Temporary Internet Filesshell:CD Burninghidden C:\Users\User-Name\AppData\Local\Microsoft\Windows\Burn\Burnshell:ChangeRemoveProgramsFolderControl Panel\All Control Panel Items\Programs and Featuresshell:Common Administrative Toolshidden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Toolsshell:Common AppDatahidden C:\ProgramDatashell:Common DesktopC:\Users\Public\Desktopshell:Common DocumentsC:\Users\Public\Documentsshell:CommonDownloadsC:\Users\Public\Downloadsshell:CommonMusicC:\Users\Public\Musicshell:CommonPicturesC:\Users\Public\Picturesshell:Common Programshidden C:\ProgramData\Microsoft\Windows\Start Menu\Programsshell:CommonRingtoneshidden C:\ProgramData\Microsoft\Windows\Ringtonesshell:Common Start Menuhidden C:\ProgramData\Microsoft\Windows\Start Menushell:Common Startuphidden C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startupshell:Common Templateshidden C:\ProgramData\Microsoft\Windows\Templatesshell:CommonVideoC:\Users\Public\Videosshell:ConflictFolderControl Panel\All Control Panel Items\Sync Center\Conflictsshell:ConnectionsFolderControl Panel\All Control Panel Items\Network Connectionsshell:ContactsC:\Users\User-Name\Contactsshell:ControlPanelFolderControl Panel\All Control Panel Itemsshell:Cookieshidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Cookiesshell:Cookies\Lowhidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Cookies\Lowshell:CredentialManagerhidden C:\Users\User-Name\AppData\Roaming\Microsoft\Credentialsshell:CryptoKeyshidden C:\Users\User-Name\AppData\Roaming\Microsoft\Cryptoshell:default GadgetsC:\Program Files\Windows Sidebar\Gadgetsshell:desktopC:\Users\User-Name\Desktopshell:device Metadata Storehidden C:\ProgramData\Microsoft\Windows\DeviceMetadataStoreshell:documentsLibraryLibraries\Documentsshell:downloadsC:\Users\User-Name\Downloadsshell:dpapiKeyshidden C:\Users\User-Name\AppData\Roaming\Microsoft\Protectshell:FavoritesC:\Users\User-Name\Favoritesshell:FontsC:\Windows\Fontsshell:Gadgetshidden C:\Users\User-Name\AppData\Local\Microsoft\Windows Sidebar\Gadgetsshell:GamesGamesshell:GameTaskshidden C:\Users\User-Name\AppData\Local\Microsoft\Windows\GameExplorershell:Historyhidden C:\Users\User-Name\AppData\Local\Microsoft\Windows\HistoryShell:HomeGroupFolderHomegroupshell:ImplicitAppShortcutshidden C:\Users\User-Name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcutsshell:InternetFolder32-bit Internet Explorer.shell:LinksC:\Users\User-Name\Linksshell:LibrariesLibrariesshell:Local AppDatahidden C:\Users\User-Name\AppData\Localshell:LocalAppDataLowhidden C:\Users\User-Name\AppData\LocalLowshell:MusicLibraryLibraries\Musicshell:My MusicC:\Users\User-Name\Musicshell:My PicturesC:\Users\User-Name\Picturesshell:My VideoC:\Users\User-Name\Videosshell:MyComputerFolderComputershell:NetHoodhidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Network Shortcutsshell:NetworkPlacesFolderNetworkshell:PersonalC:\Users\User-Name\Documentsshell:PicturesLibraryLibraries\Picturesshell:PrintersFolderAll Control Panel Items\Printersshell:PrintHoodhidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Printer Shortcutsshell:ProfileC:\Users\User-Nameshell:ProgramFilesC:\Program Filesshell:ProgramFilesCommonC:\Program Files\Common Filesshell:ProgramFilesCommonX64C:\Program Files\Common Files (in 64-bit Windows only)shell:ProgramFilesCommonX86C:\Program Files (x86)\Common Files (in 64-bit Windows only)shell:ProgramFilesX64C:\Program Files (in 64-bit Windows only)shell:ProgramFilesX86C:\Program Files (x86) (in 64-bit Windows only)shell:Programshidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programsshell:PublicC:\Publicshell:PublicGameTaskshidden C:\ProgramData\Microsoft\Windows\GameExplorerShell:PublicLibrariesC:\Users\Public\Librariesshell:PublicSuggestedLocationsC:\Users\Public\Library\PublicSuggestedLocationsshell:Quick Launchhidden C:\Users\User-Name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launchshell:Recenthidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Recentshell:RecycleBinFolderRecycle Binshell:ResourceDirC:\Windows\Resourcesshell:Ringtoneshidden C:\ProgramData\Microsoft\Windows\Ringtonesshell:SampleMusicC:\Users\Public\Music\Sample Musicshell:SamplePicturesC:\Users\Public\Pictures\Sample Picturesshell:SampleVideosC:\Users\Public\Videos\Sample Videosshell:SavedGamesC:\Users\User-Name\Saved Gamesshell:SearchesC:\Users\User-Name\Searchesshell:SearchHomeFoldersearch-ms:shell:SendTohidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\SendToshell:Start Menuhidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Start Menushell:Startuphidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startupshell:SyncCenterFolderControl Panel\All Control Panel Items\Sync Centershell:SyncResultsFolderControl Panel\All Control Panel Items\Sync Center\Sync Resultsshell:SyncSetupFolderControl Panel\All Control Panel Items\Sync Center\Sync Setupshell:SystemC:\Windows\System32shell:SystemCertificateshidden C:\Users\User-Name\AppData\Roaming\Microsoft\SystemCertificatesshell:SystemX86C:\Windows\SysWOW64shell:Templateshidden C:\Users\User-Name\AppData\Roaming\Microsoft\Windows\Templatesshell:User Pinnedhidden C:\Users\User-Name\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinnedshell:UserProfilesC:\Usersshell:UsersFilesFolderC:\Users\User-Nameshell:UsersLibrariesFolderLibrariesshell:VideosLibraryLibraries\Videosshell:WindowsC:\Windows



LIST of WINDOWS cmd

Commands in Windows 7   NoteIf you like to work with Command Prompt commands here some new or Modified commands uses in Windows 7.For a more detailed explanation of all commands in Windows, see also: Windows Command Reference ASSOC Displays or modifies file extension associations.ATTRIB Displays or changes file attributes.BREAK Sets or clears extended CTRL+C checking.BCDBOOT* Used to copy critical files to the system partition and to create a new system BCD store.BCDEDIT Sets properties in boot database to control boot loading.CACLS Displays or modifies access control lists (ACLs) of files.CALL Calls one batch program from another.CD Displays the name of or changes the current directory.CHCP Displays or sets the active code page number.CHDIR Displays the name of or changes the current directory.CHKDSK Checks a disk and displays a status report.CHKNTFS Displays or modifies the checking of disk at boot time.CHOICE Batch file command that allows users to select from a set of options. CIPHER Displays or alters the encryption of directories [files] on NTFS partitions.CLIP Redirects output of another command to the Windows clipboard.CLS Clears the screen.CMD Starts a new instance of the Windows command interpreter.CMDKEY Creates, lists and deletes stored user names and passwords or credentials.COLOR Sets the default console foreground and background colors.COMP Compares the contents of two files or sets of files byte-by-byteCOMPACT Displays or alters the compression of files on NTFS partitions.CONVERT Converts FAT volumes to NTFS. You cannot convert the current drive.COPY Copies one or more files to another location.DATE Displays or sets the date.DEFRAG Disk defragmenter accessory. DEL Deletes one or more files.DIR Displays a list of files and subdirectories in a directory.DISKCOMP Compares the contents of two floppy disks.DISKCOPY Copies the contents of one floppy disk to another.DISKPART Displays or configures Disk Partition properties. A separte command interpreter with a sub-set of commands.DOSKEY Edits command lines, recalls Windows commands, and creates macros.DRIVERQUERY Displays current device driver status and properties.ECHO Displays messages, or turns command echoing on or off.ENDLOCAL Ends localization of environment changes in a batch file.ERASE Deletes one or more files.EXIT Quits and closes the command shell.EXPAND Expands one or more compressed files.FC Compares two files or sets of files, and displays the differences between them.FIND Searches for a text string in a file or files.FINDSTR Searches for strings in files.FOR Runs a specified command for each item in a set.FORFILES Selects files in a folder for batch processing. FORMAT Formats a disk for use with Windows.FSUTIL Displays or configures the file system properties.FTYPE Displays or modifies file types used in file extension associations.GOTO Directs the Windows command interpreter to a labeled line in a batch program.GPRESULT Displays Group Policy information for machine or user.GRAFTABL Enables Windows to display an extended character set in graphics mode.HELP Provides Help information for Windows commands.ICACLS Display, modify, backup, or restore ACLs for files and directoriesIF Performs conditional processing in batch programs.IPCONFIG Displays all current TCP/IP network configuration values LABEL Creates, changes, or deletes the volume label of a disk.MD Creates a directory.MKDIR Creates a directory.MKLINK Creates Symbolic Links and Hard LinksMODE Configures a system device.MORE Displays output one screen at a time.MOVE Moves one or more files from one directory to another directory.OPENFILES Queries, displays, or disconnects open files or files opened by network users.PATH Displays or sets a search path for executable files.PAUSE Suspends processing of a batch file and displays a message.POPD Restores the previous value of the current directory saved by PUSHD.PRINT Prints a text file.PROMPT Changes the Windows command prompt.PUSHD Saves the current directory then changes it.RD Removes a directory.RECOVER Recovers readable information from a bad or defective disk.REM Designates comments (remarks) in batch filesREN Renames a file or files.RENAME Renames a file or files.REPLACE Replaces files.RMDIR Removes a directory.ROBOCOPY Advanced utility to copy files and directory treesSET Displays, sets, or removes environment variables for current session.SETLOCAL Begins localization of environment changes in a batch file.SETX Sets environment variables.SC Displays or configures services (background processes).SCHTASKS Schedules commands and programs to run on a computer.SHIFT Shifts the position of replaceable parameters in batch files.SHUTDOWN Allows proper local or remote shutdown of machine.SORT Sorts input.START Starts a separate window to run a specified program or command.SUBST Associates a path with a drive letter.SYSTEMINFO Displays machine specific properties and configuration.TAKEOWN Allows an administrator to take ownership of a file.TASKLIST Displays all currently running tasks including services.TASKKILL Kill or stop a running process or application.TIME Displays or sets the system time.TIMEOUT Pauses the command processor for the specified number of seconds.TITLE Sets the window title for a CMD.EXE session.TREE Graphically displays the directory structure of a drive or path.TYPE Displays the contents of a text file.VER Displays the Windows version.VERIFY Tells Windows whether to verify that your files are written correctly to a disk.VOL Displays a disk volume label and serial number.VSSADMIN Volume Shadow Copy Service administration toolWHERE Displays the location of files that match a search pattern. XCOPY Copies files and directory trees.WMIC Displays WMI information inside interactive command shell. 

ENCRYPTION R Click to encrypt or decrypt





Manually Using the Registry Editor1. Open the Start Menu, the type regedit in the search box and press Enter.2. If prompted by UAC, then click on Yes.3. In regedit, go to: (see screenshot below)HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced 4. To Add Encrypt and Decrypt to the Context MenuA) In the right pane of Advanced, right click on a empty space and click on New and DWORD (32-bit) Value and type EncryptionContextMenu and press Enter. (see screenshot below)B) In the right pane, right click on EncryptionContextMenu and click on Modify. (see screenshot above) C) Type 1 and click on OK. (see screenshot below

LIST of WINDOWS User & Group SIDs




Well-known security identifiers in Windows operating systems

Article ID: 243330 - View products that this article applies to.This article was previously published under Q243330Expand all | Collapse all

SUMMARY

A security identifier (SID) is a unique value of variable length that is used to identify a security principal or security group in Windows operating systems. Well-known SIDs are a group of SIDs that identify generic users or generic groups. Their values remain constant across all operating systems.This information is useful for troubleshooting issues involving security. It is also useful for potential display problems that may be seen in the ACL editor. A SID may be displayed in the ACL editor instead of the user or group name.

MORE INFORMATION

Well-known SIDs:SID: S-1-0Name: Null AuthorityDescription: An identifier authority.SID: S-1-0-0Name: NobodyDescription: No security principal.SID: S-1-1Name: World AuthorityDescription: An identifier authority.SID: S-1-1-0Name: EveryoneDescription: A group that includes all users, even anonymous users and guests. Membership is controlled by the operating system.Note By default, the Everyone group no longer includes anonymous users on a computer that is running Windows XP Service Pack 2 (SP2).SID: S-1-2Name: Local AuthorityDescription: An identifier authority.SID: S-1-2-0 Name: Local Description: A group that includes all users who have logged on locally.SID: S-1-2-1 Name: Console Logon Description: A group that includes users who are logged on to the physical console. Note Added in Windows 7 and Windows Server 2008 R2SID: S-1-3Name: Creator AuthorityDescription: An identifier authority.SID: S-1-3-0Name: Creator OwnerDescription: A placeholder in an inheritable access control entry (ACE). When the ACE is inherited, the system replaces this SID with the SID for the object's creator.SID: S-1-3-1Name: Creator GroupDescription: A placeholder in an inheritable ACE. When the ACE is inherited, the system replaces this SID with the SID for the primary group of the object's creator. The primary group is used only by the POSIX subsystem.SID: S-1-3-2Name: Creator Owner ServerDescription: This SID is not used in Windows 2000.SID: S-1-3-3Name: Creator Group ServerDescription: This SID is not used in Windows 2000.SID: S-1-3-4 Name: Owner Rights Description: A group that represents the current owner of the object. When an ACE that carries this SID is applied to an object, the system ignores the implicit READ_CONTROL and WRITE_DAC permissions for the object owner.SID: S-1-5-80-0 Name: All Services Description: A group that includes all service processes configured on the system. Membership is controlled by the operating system. Note Added in Windows Vista and Windows Server 2008SID: S-1-4Name: Non-unique AuthorityDescription: An identifier authority.SID: S-1-5Name: NT AuthorityDescription: An identifier authority.SID: S-1-5-1Name: DialupDescription: A group that includes all users who have logged on through a dial-up connection. Membership is controlled by the operating system.SID: S-1-5-2Name: NetworkDescription: A group that includes all users that have logged on through a network connection. Membership is controlled by the operating system.SID: S-1-5-3Name: BatchDescription: A group that includes all users that have logged on through a batch queue facility. Membership is controlled by the operating system.SID: S-1-5-4Name: InteractiveDescription: A group that includes all users that have logged on interactively. Membership is controlled by the operating system.SID: S-1-5-5-X-YName: Logon SessionDescription: A logon session. The X and Y values for these SIDs are different for each session.SID: S-1-5-6Name: ServiceDescription: A group that includes all security principals that have logged on as a service. Membership is controlled by the operating system.SID: S-1-5-7Name: AnonymousDescription: A group that includes all users that have logged on anonymously. Membership is controlled by the operating system.SID: S-1-5-8Name: ProxyDescription: This SID is not used in Windows 2000.SID: S-1-5-9Name: Enterprise Domain ControllersDescription: A group that includes all domain controllers in a forest that uses an Active Directory directory service. Membership is controlled by the operating system.SID: S-1-5-10Name: Principal SelfDescription: A placeholder in an inheritable ACE on an account object or group object in Active Directory. When the ACE is inherited, the system replaces this SID with the SID for the security principal who holds the account.SID: S-1-5-11Name: Authenticated UsersDescription: A group that includes all users whose identities were authenticated when they logged on. Membership is controlled by the operating system.SID: S-1-5-12Name: Restricted CodeDescription: This SID is reserved for future use.SID: S-1-5-13Name: Terminal Server UsersDescription: A group that includes all users that have logged on to a Terminal Services server. Membership is controlled by the operating system.SID: S-1-5-14 Name: Remote Interactive Logon Description: A group that includes all users who have logged on through a terminal services logon.SID: S-1-5-15 Name: This Organization Description: A group that includes all users from the same organization. Only included with AD accounts and only added by a Windows Server 2003 or later domain controller.SID: S-1-5-17Name: This Organization Description: An account that is used by the default Internet Information Services (IIS) user.SID: S-1-5-18Name: Local SystemDescription: A service account that is used by the operating system.SID: S-1-5-19Name: NT AuthorityDescription: Local ServiceSID: S-1-5-20Name: NT AuthorityDescription: Network ServiceSID: S-1-5-21domain-500Name: AdministratorDescription: A user account for the system administrator. By default, it is the only user account that is given full control over the system.SID: S-1-5-21domain-501Name: GuestDescription: A user account for people who do not have individual accounts. This user account does not require a password. By default, the Guest account is disabled.SID: S-1-5-21domain-502Name: KRBTGTDescription: A service account that is used by the Key Distribution Center (KDC) service.SID: S-1-5-21domain-512Name: Domain AdminsDescription: A global group whose members are authorized to administer the domain. By default, the Domain Admins group is a member of the Administrators group on all computers that have joined a domain, including the domain controllers. Domain Admins is the default owner of any object that is created by any member of the group.SID: S-1-5-21domain-513Name: Domain UsersDescription: A global group that, by default, includes all user accounts in a domain. When you create a user account in a domain, it is added to this group by default.SID: S-1-5-21domain-514Name: Domain GuestsDescription: A global group that, by default, has only one member, the domain's built-in Guest account.SID: S-1-5-21domain-515Name: Domain ComputersDescription: A global group that includes all clients and servers that have joined the domain.SID: S-1-5-21domain-516Name: Domain ControllersDescription: A global group that includes all domain controllers in the domain. New domain controllers are added to this group by default.SID: S-1-5-21domain-517Name: Cert PublishersDescription: A global group that includes all computers that are running an enterprise certification authority. Cert Publishers are authorized to publish certificates for User objects in Active Directory.SID: S-1-5-21root domain-518Name: Schema AdminsDescription: A universal group in a native-mode domain; a global group in a mixed-mode domain. The group is authorized to make schema changes in Active Directory. By default, the only member of the group is the Administrator account for the forest root domain.SID: S-1-5-21root domain-519Name: Enterprise AdminsDescription: A universal group in a native-mode domain; a global group in a mixed-mode domain. The group is authorized to make forest-wide changes in Active Directory, such as adding child domains. By default, the only member of the group is the Administrator account for the forest root domain.SID: S-1-5-21domain-520Name: Group Policy Creator OwnersDescription: A global group that is authorized to create new Group Policy objects in Active Directory. By default, the only member of the group is Administrator.SID: S-1-5-21domain-553Name: RAS and IAS ServersDescription: A domain local group. By default, this group has no members. Servers in this group have Read Account Restrictions and Read Logon Information access to User objects in the Active Directory domain local group.SID: S-1-5-32-544Name: AdministratorsDescription: A built-in group. After the initial installation of the operating system, the only member of the group is the Administrator account. When a computer joins a domain, the Domain Admins group is added to the Administrators group. When a server becomes a domain controller, the Enterprise Admins group also is added to the Administrators group.SID: S-1-5-32-545Name: UsersDescription: A built-in group. After the initial installation of the operating system, the only member is the Authenticated Users group. When a computer joins a domain, the Domain Users group is added to the Users group on the computer.SID: S-1-5-32-546Name: GuestsDescription: A built-in group. By default, the only member is the Guest account. The Guests group allows occasional or one-time users to log on with limited privileges to a computer's built-in Guest account.SID: S-1-5-32-547Name: Power UsersDescription: A built-in group. By default, the group has no members. Power users can create local users and groups; modify and delete accounts that they have created; and remove users from the Power Users, Users, and Guests groups. Power users also can install programs; create, manage, and delete local printers; and create and delete file shares.SID: S-1-5-32-548Name: Account OperatorsDescription: A built-in group that exists only on domain controllers. By default, the group has no members. By default, Account Operators have permission to create, modify, and delete accounts for users, groups, and computers in all containers and organizational units of Active Directory except the Builtin container and the Domain Controllers OU. Account Operators do not have permission to modify the Administrators and Domain Admins groups, nor do they have permission to modify the accounts for members of those groups.SID: S-1-5-32-549Name: Server OperatorsDescription: A built-in group that exists only on domain controllers. By default, the group has no members. Server Operators can log on to a server interactively; create and delete network shares; start and stop services; back up and restore files; format the hard disk of the computer; and shut down the computer.SID: S-1-5-32-550Name: Print OperatorsDescription: A built-in group that exists only on domain controllers. By default, the only member is the Domain Users group. Print Operators can manage printers and document queues.SID: S-1-5-32-551Name: Backup OperatorsDescription: A built-in group. By default, the group has no members. Backup Operators can back up and restore all files on a computer, regardless of the permissions that protect those files. Backup Operators also can log on to the computer and shut it down.SID: S-1-5-32-552Name: ReplicatorsDescription: A built-in group that is used by the File Replication service on domain controllers. By default, the group has no members. Do not add users to this group.SID: S-1-5-64-10 Name: NTLM Authentication Description: A SID that is used when the NTLM authentication package authenticated the clientSID: S-1-5-64-14 Name: SChannel Authentication Description: A SID that is used when the SChannel authentication package authenticated the client.SID: S-1-5-64-21 Name: Digest Authentication Description: A SID that is used when the Digest authentication package authenticated the client.SID: S-1-5-80 Name: NT Service Description: An NT Service account prefixSID: S-1-16-0 Name: Untrusted Mandatory Level Description: An untrusted integrity level. Note Added in Windows Vista and Windows Server 2008 Note Added in Windows Vista and Windows Server 2008SID: S-1-16-4096 Name: Low Mandatory Level Description: A low integrity level. Note Added in Windows Vista and Windows Server 2008SID: S-1-16-8192 Name: Medium Mandatory Level Description: A medium integrity level. Note Added in Windows Vista and Windows Server 2008SID: S-1-16-8448 Name: Medium Plus Mandatory Level Description: A medium plus integrity level. Note Added in Windows Vista and Windows Server 2008SID: S-1-16-12288 Name: High Mandatory Level Description: A high integrity level. Note Added in Windows Vista and Windows Server 2008SID: S-1-16-16384 Name: System Mandatory Level Description: A system integrity level. Note Added in Windows Vista and Windows Server 2008SID: S-1-16-20480 Name: Protected Process Mandatory Level Description: A protected-process integrity level. Note Added in Windows Vista and Windows Server 2008SID: S-1-16-28672 Name: Secure Process Mandatory Level Description: A secure process integrity level. Note Added in Windows Vista and Windows Server 2008SID: S-1-5-80-0SID S-1-5-80-0 = NT SERVICES\ALL SERVICESName: All Services Description: A group that includes all service processes that are configured on the system. Membership is controlled by the operating system.Note Added in Windows Server 2008 R2The following groups will show as SIDs until a Windows Server 2003 domain controller is made the primary domain controller (PDC) operations master role holder. The "operations master" is also known as flexible single master operations or FSMO. Additional new built-in groups that are created when a Windows Server 2003 domain controller is added to the domain are:  SID: S-1-5-32-554Name: BUILTIN\Pre-Windows 2000 Compatible AccessDescription: An alias added by Windows 2000. A backward compatibility group which allows read access on all users and groups in the domain.SID: S-1-5-32-555Name: BUILTIN\Remote Desktop UsersDescription: An alias. Members in this group are granted the right to logon remotely.SID: S-1-5-32-556Name: BUILTIN\Network Configuration OperatorsDescription: An alias. Members in this group can have some administrative privileges to manage configuration of networking features.SID: S-1-5-32-557Name: BUILTIN\Incoming Forest Trust BuildersDescription: An alias. Members of this group can create incoming, one-way trusts to this forest.SID: S-1-5-32-558Name: BUILTIN\Performance Monitor UsersDescription: An alias. Members of this group have remote access to monitor this computer.SID: S-1-5-32-559Name: BUILTIN\Performance Log UsersDescription: An alias. Members of this group have remote access to schedule logging of performance counters on this computer.SID: S-1-5-32-560Name: BUILTIN\Windows Authorization Access GroupDescription: An alias. Members of this group have access to the computed tokenGroupsGlobalAndUniversal attribute on User objects.SID: S-1-5-32-561Name: BUILTIN\Terminal Server License ServersDescription: An alias. A group for Terminal Server License Servers. When Windows Server 2003 Service Pack 1 is installed, a new local group is created.SID: S-1-5-32-562Name: BUILTIN\Distributed COM UsersDescription: An alias. A group for COM to provide computerwide access controls that govern access to all call, activation, or launch requests on the computer.The following groups will show as SIDs until a Windows Server 2008 or Windows Server 2008 R2 domain controller is made the primary domain controller (PDC) operations master role holder. The "operations master" is also known as flexible single master operations or FSMO. Additional new built-in groups that are created when a Windows Server 2008 or Windows Server 2008 R2 domain controller is added to the domain are: SID: S-1-5- 21domain -498 Name: Enterprise Read-only Domain Controllers Description: A Universal group. Members of this group are Read-Only Domain Controllers in the enterpriseSID: S-1-5- 21domain -521 Name: Read-only Domain ControllersDescription: A Global group. Members of this group are Read-Only Domain Controllers in the domainSID: S-1-5-32-569Name: BUILTIN\Cryptographic OperatorsDescription: A Builtin Local group. Members are authorized to perform cryptographic operations.SID: S-1-5-21 domain -571 Name: Allowed RODC Password Replication Group Description: A Domain Local group. Members in this group can have their passwords replicated to all read-only domain controllers in the domain.SID: S-1-5- 21 domain -572 Name: Denied RODC Password Replication Group Description: A Domain Local group. Members in this group cannot have their passwords replicated to any read-only domain controllers in the domainSID: S-1-5-32-573 Name: BUILTIN\Event Log Readers Description: A Builtin Local group. Members of this group can read event logs from local machine.SID: S-1-5-32-574Name: BUILTIN\Certificate Service DCOM Access Description: A Builtin Local group. Members of this group are allowed to connect to Certification Authorities in the enterprise.The following groups will show as SIDs until a Windows Server "8" Beta domain controller is made the primary domain controller (PDC) operations master role holder. The "operations master" is also known as flexible single master operations or FSMO. Additional new built-in groups that are created when a Windows Server "8" Beta domain controller is added to the domain are:SID: S-1-5-21-domain-522Name: Cloneable Domain ControllersDescription: A Global group. Members of this group that are domain controllers may be cloned.SID: S-1-5-32-575 Name: BUILTIN\RDS Remote Access ServersDescription: A Builtin Local group. Servers in this group enable users of RemoteApp programs and personal virtual desktops access to these resources. In Internet-facing deployments, these servers are typically deployed in an edge network. This group needs to be populated on servers running RD Connection Broker. RD Gateway servers and RD Web Access servers used in the deployment need to be in this group.SID: S-1-5-32-576 Name: BUILTIN\RDS Endpoint ServersDescription: A Builtin Local group. Servers in this group run virtual machines and host sessions where users RemoteApp programs and personal virtual desktops run. This group needs to be populated on servers running RD Connection Broker. RD Session Host servers and RD Virtualization Host servers used in the deployment need to be in this group.SID: S-1-5-32-577 Name: BUILTIN\RDS Management ServersDescription: A Builtin Local group. Servers in this group can perform routine administrative actions on servers running Remote Desktop Services. This group needs to be populated on all servers in a Remote Desktop Services deployment. The servers running the RDS Central Management service must be included in this group.SID: S-1-5-32-578 Name: BUILTIN\Hyper-V AdministratorsDescription: A Builtin Local group. Members of this group have complete and unrestricted access to all features of Hyper-V.SID: S-1-5-32-579 Name: BUILTIN\Access Control Assistance OperatorsDescription: A Builtin Local group. Members of this group can remotely query authorization attributes and permissions for resources on this computer.SID: S-1-5-32-580Name: BUILTIN\Remote Management UsersDescription: A Builtin Local group. Members of this group can access WMI resources over management protocols (such as WS-Management via the Windows Remote Management service). This applies only to WMI namespaces that grant access to the user

LIST of WINDOWS User Groups


 

Windows Built-in Users and Default Groups

Items in italics are implicit placeholders, these items don't appear in "Active Directory Users and Computers" but are available when applying permissions – membership is automatically calculated by the OS.GroupUser/ SessionDescriptionAccount Operators A built-in group that exists only on domain controllers. By default, the group has no members. By default, Account Operators have permission to create, modify, and delete accounts for users, groups, and computers in all containers and organizational units (OUs) of Active Directory except the Builtin container and the Domain Controllers OU. Account Operators do not have permission to modify the Administrators and Domain Admins groups, nor do they have permission to modify the accounts for members of those groups. AdministratorA user account for the system administrator. This account is the first account created during operating system installation. The account cannot be deleted or locked out. It is a member of the Administrators group and cannot be removed from that group.Administrators A built-in group . After the initial installation of the operating system, the only member of the group is the Administrator account. When a computer joins a domain, the Domain Admins group is added to the Administrators group. When a server becomes a domain controller, the Enterprise Admins group also is added to the Administrators group. The Administrators group has built-in capabilities that give its members full control over the system. The group is the default owner of any object that is created by a member of the group. AnonymousA user who has logged on anonymously.Authenticated Users A group that includes all users whose identities were authenticated when they logged on. Membership is controlled by the operating system.Backup Operators A built-in group. By default, the group has no members. Backup Operators can back up and restore all files on a computer, regardless of the permissions that protect those files. Backup Operators also can log on to the computer and shut it down.Batch A group that implicitly includes all users who have logged on through a batch queue facility such as task scheduler jobs. Membership is controlled by the operating system.Cert Publishers A global group that includes all computers that are running an enterprise certificate authority. Cert Publishers are authorized to publish certificates for User objects in Active Directory.Cert Server Admins Certificate Authority Administrators - authorized to administer certificates for User objects in Active Directory. (Domain Local)Cert Requesters Members can request certificates (Domain Local)Creator Group A placeholder in an inheritable ACE. When the ACE is inherited, the system replaces this SID with the SID for the primary group of the object's current owner. The primary group is used only by the POSIX subsystem. Creator OwnerA placeholder in an inheritable access control entry (ACE). When the ACE is inherited, the system replaces this SID with the SID for the object's current owner.Dialup A group that implicitly includes all users who are logged on to the system through a dial-up connection. Membership is controlled by the operating system.Domain Admins A global group whose members are authorized to administer the domain. By default, the Domain Admins group is a member of the Administrators group on all computers that have joined a domain, including the domain controllers. Domain Admins is the default owner of any object that is created in the domain's Active Directory by any member of the group. If members of the group create other objects, such as files, the default owner is the Administrators group.Domain Computers A global group that includes all computers that have joined the domain, excluding domain controllers.Domain Controllers A global group that includes all domain controllers in the domain. New domain controllers are added to this group automatically.Domain Guests A global group that, by default, has only one member, the domain's built-in Guest account.Domain Users A global group that, by default, includes all user accounts in a domain. When you create a user account in a domain, it is added to this group automatically.Enterprise Admins A group that exists only in the root domain of an Active Directory forest of domains. It is a universal group if the domain is in native mode, a global group if the domain is in mixed mode. The group is authorized to make forest-wide changes in Active Directory, such as adding child domains. By default, the only member of the group is the Administrator account for the forest root domain.Enterprise Controllers A group that includes all domain controllers an Active Directory directory service forest of domains. Membership is controlled by the operating system.Everyone A group that includes all users, even guests. Membership is controlled by the operating system. In Windows XP and later, the Anonymous Logon security group has been removed from the Everyonesecurity group: see Q278259 and the group policy Let Everyone permissions apply to anonymous usersGroup Policy Creators Owners A global group that is authorized to create new Group Policy objects in Active Directory. By default, the only member of the group is Administrator. The default owner of a new Group Policy object is usually the user who created it. If the user is a member of Administrators or Domain Admins, all objects that are created by the user are owned by the group. Owners have full control of the objects they own. GuestA user account for people who do not have individual accounts. This user account does not require a password. By default, the Guest account is disabled.Guests A built-in group. By default, the only member is the Guest account. The Guests group allows occasional or one-time users to log on with limited privileges to a computer's built-in Guest account.HelpServicesGroup XP - Group for the Help and Support CenterInteractive A group that includes all users who have logged on interactively. Membership is controlled by the operating system. KRBTGTA service account that is used by the Key Distribution Center (KDC) service. Local SystemA service account that is used by the operating system.Network A group that implicitly includes all users who are logged on through a network connection. Membership is controlled by the operating system.Network Configuration Operators XP - Some admin privileges to manage configuration of networking features NobodyNo security principal.Power Users A built-in group. By default, the group has no members. This group does not exist on domain controllers. Power Users can create local users and groups; modify and delete accounts that they have created; and remove users from the Power Users, Users, and Guests groups. Power Users also can install most applications; create, manage, and delete local printers; and create and delete file shares.Pre-Windows 2000 Compatible Access A backward compatibility group which allows read access on all users and groups in the domainPrincipal Selfor SelfPrincipal Selfor SelfA placeholder in an ACE on a user, group, or computer object in Active Directory. When you grant permissions to Principal Self, you grant them to the security principal represented by the object. During an access check, the operating system replaces the SID for Principal Self with the SID for the security principal represented by the object.Print Operators A built-in group that exists only on domain controllers. By default, the only member is the Domain Users group. Print Operators can manage printers and document queues.RAS and IAS Servers A domain local group . By default, this group has no members. Computers that are running the Routing and Remote Access service are added to the group automatically. Members of this group have access to certain properties of User objects, such as Read Account Restrictions, Read Logon Information, and Read Remote Access Information.Remote Desktop Users XP - Members in this group are granted the right to logon remotelyReplicator Windows NT domains, this group is called Replicators and is used by the directory replication service. In 2K/XP the group is present but is not used.Schema Admins A group that exists only in the root domain of an Active Directory forest of domains. It is a universal group if the domain is in native mode , a global group if the domain is in mixed mode . The group is authorized to make schema  changes in Active Directory. By default, the only member of the group is the Administrator account for the forest root domain.Server Operators A built-in group that exists only on domain controllers. By default, the group has no members. Server Operators can log on to a server interactively; create and delete network shares; start and stop services; back up and restore files; format the hard disk of the computer; and shut down the computer.Service A group that includes all security principals that have logged on as a service. Membership is controlled by the operating system.Terminal Server Users A group that includes all users who have logged on to a Terminal Services server. Membership is controlled by the operating system.Users A built-in group. After the initial installation of the operating system, the only member is the Authenticated Users group. When a computer joins a domain, the Domain Users group is added to the Users group on the computer. Users can perform tasks such as running applications, using local and network printers, shutting down the computer, and locking the computer. Users can install applications that only they are allowed to use if the installation program of the application supports per-user installation.

Default Admin Users and Groups:

Related:Groups - Local Domain groups, Global and Universal groupsQ271876 - Large Numbers of ACEs in ACLs Impair Directory Service PerformanceQ243330 - Well-known security identifiers (sids) in Windows operating systemsQ277752 - Security Identifiers for built-in groups are unresolved when modifying group policy



.