At the C:\WINDOWS prompt, type ren win.com xyz.com and press Enter. From now on, when anyone turns on your computer, instead of Windows they'll get an error message and a C> prompt. You'll know that you can load Windows by typing xyz and pressing Enter, but others trying to log on will think they broke something.
I have never really used dos, and I am looking to secure my computer from spying eyes. Is the above code a good way to do so. It’s an old windows 98 computer.
That will not damage my computer will it?
Can I enter any series of letters for the xyz?
Could you explain to me what the DOS command in the quote will do?
Thanks
When your computer starts, it loads Windows (if thats your OS of course). It does this by running a program called win.com, but it only looks ofor it by THAT name.
If it doesn’t find it, it doesn’t load. All you’re doing is manually running the ‘win.com’ executable on startup. Windoes stops caus eit can’t find “win.com”. You step in and manually run “whatever.com” and Windows goes “Oh, THAT file instead” and Windows starts.
Be aware this isn’t totally locking your system. You can still move around and copy & delete stuff in DOS.
It’s a crude way of going about it, and I’m not absolutely sure it would work properly.
However, what you have done is renamed the win.exe file (the main Windows program file) to xyz.com. Once the file is renamed, the computer can’t find it, but it is accessible through DOS commands.
A better way of securing your computer is to put a BIOS password on it. Get into the system setup (there are usually instructions when you boot – it usually requires pressing F1 or “Delete”) and you’ll see an option to add a password. Put it in there. Then, whenever you boot, the password will be required.
It’s not high security (there are ways to get around it), but it will keep general snoops away.
I believe the command renames the file “win.com” to “xyz.com” (or whatever). When windows boots, it looks for win.com, can’t find it, and gives you an error and the command prompt, then when you run the correct file, it’ll boot properly (is the theory, I don’t know if it would actually work).
Seems like it might work, especially if you named the file something innocuous. There are a few *.com files on my computer, though, so be careful you don’t make up a name and overwrite one.
Possible problems could occur if anything else (besides Windows) needs to access the file, but I don’t know enough about it to say if that’s likely.
The error message would be along the lines of “Bad Command or Filename: C:\WINDOWS\WIN.COM” . If I ran into this, I would assume that your windows install was broken, and use DOS to hunt through your directories for what I wanted. You would have more luck using
C:\STUFF I WANT TO HIDE> attrib +h .
…or even putting that in your AUTOEXEC.BAT after an ECHO OFF command. This makes all of the files in that directory “hidden,” so that a person using DOS won’t find them. The downside is that if they suspect you’re hiding something, the AUTOEXEC.BAT is where they’ll look first, and then POW! they know which directory you’re hiding things in.
A really good way to keep things obscure is to find a line in your AUTOEXEC.BAT, and replace a randomly-chosen executable with a .BAT file of the same name. You only need to refer to it by its filename – not extension – so you could move EMM386.EXE to another directory, and then write a batch file called EMM386.BAT that (1) calls the EMM386.EXE routine from the other directory, (2) echoes the normal output of EMM386.EXE, and (3) performs an obscurant task, like ATTRIB +H. Your AUTOEXEC just says “emm386”, which calls the batch file, which does exactly what EMM386.EXE should do.
If Logitech isn’t comfortable using something as basic as REN I think tinkering with autoexec is probably not a good idea. Also a renamed executable may not work, programs can tell what they’re called and can be written not to run if called something different.
As to the OP. Do what RealityChuck suggests and put a (memorable!) password on the BIOS. I think you’ll have difficulty securing Win98 itself.
Er, yeah I missed that. This is a long way from “locking your system”. Anyone moderately DOS-literate will have no trouble navigating the file system and finding stuff. For example running **C:>DIR /S *.jpg ** might turn up interesting stuff, got anything to hide Logi?
And even if you’ve used the ATTRIB +H command listed above, someone can still find all the hidden files on the system (at least with more recent versions of DOS - I’m not sure when the enhancement to DIR was added) by using
C:> dir/ah/s . >hidden.txt and opening the resulting file (hidden.txt) in a word processor or text file viewer.
Why not just use good ol’ Windows password protection? Sure, it’s not the greatest security, but it’s far and away better than any of the methods described on this thread so far. Just because you don’t know DOS, that doesn’t mean the rest of us don’t. In fact, I can probably find icky secret stuff on your computer faster using DOS than I could using Windows.
I’m only replying to this because I used to have my Win95.98 computers come up to DOS (and it’s rare that I can contribute anything to a GQ thread).
A somewhat more elgant way to get your PC to come up in DOS is to 1.) Make sure that the root directory is the first directory listed in the path and 2.) create a win.bat file (mine only had the line “@echo This isn’t windows 98!” (without the quotes)). That’s it. This works, IIRC, because batch files are higher on the order of operations than .com or .exe files, so when the OS tries to execute “win”, the batch will run instead of the com.
I believe win.com was used in Windows 9x, but not in WinNT/2000/XP, so the renaming trick won’t work in the most recent versions.
That’s true on Windows 9x (95, 98, Me), but they weren’t designed with security in mind. Windows NT on up (2000, XP) have a stronger security framework, and can be locked down so that you must know a password to log in.
If the goal is to limit a casual user from sitting down and having complete access to your system, the BIOS password is your best bet, especially if you are using Win9x. On most systems, getting past the BIOS password requires opening the case and moving a jumper. IOW, too much of a pain for the casual.
The more functional method of securing your system requires that the OS understands user-level security. In XP, you can create accounts with passwords, and use the NTFS filesystem. NTFS is a filesystem that has per-file (and more) security, so you can have multiple users on the system that can’t read each others files. It’s simple in XP to make it so you can’t do anything on the system at all without a valid username and password.
Of course, like most things security related, there’s a way around that for the determined. It takes a little know-how and a boot disk, but you can reset the passwords in NT/2000/XP and gain access to the system. It’s still much, much more secure than renaming win.com, though.
Jurph idea isn’t to rename emm386 but rather move it from it’s normal directory to another. I never needed to secure my computer but this is a great idea if you wanted to “fool” non-DOS users.
Have you considered simply diabling the keyboard and supressing all error messages in the BIOS?