Lock Desktop

People use Windows key + L to lock the desktop window. It should be a practice, and if you are working in a company, you must do it. If you allow others to access your Desktop, they can do anything - things that you won’t imagine even in the wildest of your dreams.

Many people do not even know about the Windows + L key combination. It is possible to create a shortcut on Desktop, to lock your system. Simply create a shortcut and set its target to rundll.exe user32.dll,LockWorkStation. Double click on this shortcut and it should work similar to Windows + L.

"Copy To..." and "Move To..." options in Explorer context menu

For copying and moving files, we need to go to the target folder to paste the selected item. This tweak allows you to right click on any file or folder in Windows Explorer and use the Browse for Folder dialog to choose the destination folder. Check the screenshot given below.

Warning: If you don't know exactly what you are doing, registry editing is dangerous. Always take the backup of your registry before editing.

As the first step, we need to add the Copy To and Move To options to the Explorer context menu, for all Files.

Click on Start -> Run, type Regedit and click OK to open up the registry editor. Select the hive that is given below.

HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers

Right click the ContextMenuHandlers key and choose New -> Key. Name the new key as Copy To. Also, create one more key named Move To. Now select the Copy To key and in the right hand pane, double click on Default. Enter the CLSID that is given as the value data.

{C2FBB630-2971-11d1-A18C-00C04FD75D13}

Next, select the Move To key and in the right hand pane set the Default value to:

{C2FBB631-2971-11d1-A18C-00C04FD75D13}

This now takes care of the copy and move options for the right click context menu of all your files. If you do little bit of digging, you can see that the CLSID {C2FBB630-2971-11d1-A18C-00C04FD75D13} represents Microsoft CopyTo Service and the CLISD {C2FBB631-2971-11d1-A18C-00C04FD75D13} represents Microsoft MoveTo Service. We just created the context menu handlers for these services.

The next step is to add Copy To and Move To to directories. The procedure is same as that for the files, but at a different key. In the registry editor, move to the following hive.

HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers

Right click ContextMenuHandlers and create two new keys: Copy To and Move To. Left click on Copy To and set {C2FBB630-2971-11d1-A18C-00C04FD75D13} as the value for Default. Similarly, click on Move To and set {C2FBB631-2971-11d1-A18C-00C04FD75D13} as value for Default. This is similar to what we have done for files. Exit the registry and it is done.

Now, whenever you click on a file or folder, the Copy To... and Move To... options should appear, as shown in the above screenshot.

Clipboard hack problem

We all have bad habits - like copying sensitive information such as passwords, credit card numbers etc. and pasting it in the required location in browser window. If you are an Internet Explorer user, with default security settings, IT IS VERY RISKY. The text in clipboard can be stolen easily when you visit web sites, using JavaScript. It can be stored easily in a database or used for some other purpose. To see the real issue, try the following steps.

1. Copy some text to the clipboard (select text somewhere and press CTRL + C).

2. Visit the web site http://www.sourcecodesworld.com/special/clipboard.asp

The text that is copied should be displayed in the web page. If not, you are safe. Let us see how it is done. JavaScript allows access to the clipboard using the function window.clipboardData.getData(). The returned value can be easily stored in a database or used for some malicious purpose.

Now how to avoid this clipboard hack problem? First of all, the above function works in Internet Explorer only. If you are a FireFox user, you are safe because FF does not allow access to clipboard due to security reasons. Personally, I found that FireFox is much better in many situations, and there are millions of people with the same opinion. In the case of IE, this problem can be solved by altering the security settings. The steps are given below.

1. In IE, Go to Tools -> Internet Options -> Security tab

2. Click on the Custom Level button.

3. Under settings for Scripting, select Disable for Allow paste operations via script. Check the screenshot that is given below.

Click OK and you should be safe now. Visit the same same web site again to verify the results.

Just for fun

Try the following tricks. Some of them are interesting. If you can explain the results, its fine. Else, send me a mail.

Trick 1:
1. Open Notepad

2. Type .LOG and do not press Enter. It should be in upper case.

3. Save the file giving any name.

4. Open the file by double clicking on Explorer. What exactly is the content of the document?

Trick 2:
1. Open Notepad

2. Type bush hid the facts Do not press Enter. Use lower case.

3. Save the file giving any name.

4. Open the file by double clicking on Explorer. Are you getting the same content?

Trick 3:
1. Open Word

2. Type =RAND(200, 9) Can you explain what happened?

Windows folder creation issue

Have you ever tried to create a folder named CON, PRN, NUL, COM1, COM2, COM3, LPT1, LPT2, LPT3 etc. in any of the Windows operating system? It should not be possible directly. The result will be the same, even if you try from the Windows explorer or the DOS command prompt.

Why is it not possible? These are reserved words in DOS. For example; CON represents the console and PRN represents the printer. (For example, in the command for creating files: COPY CON , what happens is; whatever you type in console is stored in the specified file. Similarly, TYPE filename > PRN is the command for redirecting the output to a printer, instead of screen).

In Windows, all devices are stored as files, like in the *NX family systems. In Linux, Unix etc. we can see the file location. But in Windows we cant. Its a system device file and so, we can't use the same name again. Windows has a policy which prevents the user from manipulating these entries. Each time the system is booted, these files and all the information about these devices and ports are loaded to the memory. You can see the details by executing the following command at the DOS prompt (Start -> Run -> Cmd)

MEM /D ¦ MORE

The ¦ symbol (pipe) is used to prevent the output from scrolling. The command gives a clear idea about the items loaded. You can see CON, PRN, COM1 etc. loaded as device drivers. This is the reason why we are not able to use these names as filenames.

But then, is it really possible to name files using these keywords? The answer is yes. There are two different methods for doing it. One is a silly method and the other one is a standard method. The silly method is just a trick. Right click to create a new folder and while naming it, type 'CON' and then 255 in numpad holding the ALT button. ie. 'CON' + (hold ALT + 255). You need to make sure that the number lock is ON. This creates a folder with name CON and a space in the end. (ALT + 255 is blank character. You can use this to generate any valid ASCII character. For example, to get'A', type ALT + 65. For 'a', type ALT + 97. Remember; digits in the number pad must be used, with number lock on). Use any reserved word instead of 'CON' to create the required folder. But, as I said, it is just a simple trick because you are creating a folder with an extra character at the end of filename, and NOT using the reserved word as such.

The second method is a standard one. In this case, we will use a syntax that bypasses the normal reserved-word checks altogether. For this, we need to specify the absolute path with the \\.\ characters. For example, to create the folder CON in the E: drive, use the following command.

MD \\.\E:\CON

Similarly, to remove the same folder, you can use RD \\.\E:\CON. Like I mentioned, you need to specify the full path with these commands. Once created, these folders/files cannot be deleted or renamed using the Windows explorer. You need to use the RD or DEL commands for this purpose.