Can USBCrypt encrypt the C: drive?

Go to secure (https) version of this page...

Although the primary function of USBCrypt is to protect the external and removable drives from unauthorized access, it’s possible to encrypt the main system C: drive with it as well. Yes, you can use USBCrypt software to create a Virtual Encrypted Disk hosted on the C: drive, and use it to store your sensitive files and folders in the Virtual Encrypted Disk. The only difference when using the C: drive as the host for the Virtual Encrypted Disk is that the C: drive is always plugged in to the computer.

If you want to create a Virtual Encrypted Disk on the C: drive, the only thing you need to do when running USBCrypt is enable the “Include the system drive in the list” option:

The option to include the system drive in the USBCrypt list

After that, you can proceed as usual: select the desired size for the Virtual Encrypted Disk, the encryption algorithm, the password and so on. Before starting, however, it’s a good idea to create a full backup of your system drive, to be able to start over if something goes not as expected.

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

When deciding on the size of the Virtual Encrypted Disk to create, do not make it take all available free space: leave plenty of room on the host disk for use by Windows.

After the Virtual Encrypted Disk has been created, you can start it as usual (it will have a separate drive letter, other than C:), and move the files and documents you want to be private to the encrypted drive. Be careful NOT TO MOVE the Windows folder and other folders you might see on the C: drive (such as Program Files, ProgramData, Documents and Settings, Users, etc.) These are system folders that must remain where they are, or Windows may start doing weird things. Only move the files and documents that need to be protected, leave everything else where it is.

Happy encrypting!

More information

Make it easier to return your lost encrypted drive

Go to secure (https) version of this page...

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

If you’ve lost a removable drive encrypted with USBCrypt, you know your files are safe – no one will be able to get to them without knowing your encryption password, and the only loss you suffer in such a case is the cost of the physical drive itself. Still, wouldn’t it be nice to get the drive back?

Sure, you can increase the chance of getting your drive back by putting a message on it to be seen by the person who finds the drive. USBCrypt makes it easy to create such a message: just enter the appropriate text as the host disk name when encrypting the drive:

The message to the founder as the host disk name

(If you’ve already encrypted the drive, you can change the host disk name with the Rename host disk command). The host disk name is the first thing the person sees after plugging the drive in the computer:

The message appears when someone plugs the drive in the computer

Even if the computer happens to have the autoplay function disabled, the person would see the message when s/he opens the Computer folder:

The message is shown as the label of the drive

Yet another place to catch attention of the person who found the drive is the screen that appears when s/he runs the file USBCrypt.exe off the encrypted drive:

The built-in message when unlocking the encrypted drive

You don’t have to do anything to make such a message to appear, it appears automatically, and the name that is included in the message is the registered name that your copy of the software was licensed to (that is, presumably, your name). If the person clicks on the Not you? link, s/he will be presented with the following message:

The built-in message when unlocking the encrypted drive

This message gives the person an opportunity to contact us with the details of the drive found, and we in turn would attempt to locate your email address in our records and let you know that someone has found your lost drive. Note that what happens after that is entirely up to you, whether you want to reward the person who found the drive or not, etc. would be entirely your decision, we would just offer you our help with getting in touch with that person.

Of course, the best solution to any such problem would be not to lose the drive in the first place. However, it’s a good idea to be prepared for such a misfortune before it might happen.

Happy encrypting!

More information

USBCrypt for users of Microsoft® Office

Go to secure (https) version of this page...

If you use an external drive to keep copies of your Microsoft® Office documents, you don’t want them to get into the wrong hands. Losing sensitive sales records or client data can spell disaster for your business!

To be able to securely transport the files between different locations, or to take your documents on a trip with you, use our encryption software USBCrypt, specifically designed to create secure areas on the removable drives to protect your sensitive documents with passwords.

Once an encrypted area is created on a removable drive, you can copy, move, or save any Office document directly to it, without the need to do any special encryption or preparation: USBCrypt takes care of all such details for you. You can open the documents right off the encrypted area, too, and save them back, as usual. In fact, you may not notice that you are working with the encrypted documents at all!

USBCrypt is very easy to use. It offers the wizard-style interface that guides you through the steps of selecting a password and encrypting your external drive. USBCrypt uses the strong encryption algorithms such as AES (Advanced Encryption Standard), using the key lengths 128 or 256 bits, to ensure absolute confidentiality of your files. The documents you save to the encrypted area can only be opened if you enter a valid password. Because USBCrypt stores your password in an encoded form using the Secure Hash Algorithm, no one would be able to discover your password, even if all computers on earth were forced to do nothing else but crack the encryption of your USB drive!

The drives protected with USBCrypt can be used with other Windows computers, without USBCrypt software installed on them (with the administrator's permission, of course). USBCrypt also offers the option of creating a “spare key” file on your main computer, for use if you forget your encryption password. System administrators can find this option especially useful to make sure the encrypted files can be opened even if the employee is not available.

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more...

USBCrypt fully supports all versions of Microsoft Office that are compatible with Microsoft Windows 10, Microsoft Windows 8, 7, or Microsoft Windows XP (both 32-bit and x64 editions are supported). It can protect not only external USB drives, but also other types of external drives, such as FireWire drives, Zip drives, and other types of rewritable drives.

USBCrypt User's Guide

Browse the User's Guide online

Support

Contact customer support

Pricing

The pricing starts from $99.95 for a business license to install USBCrypt on up to 3 computers at the same location. Site licenses and quantity discounts are also available.

System requirements

Microsoft Windows 10 / 8 / 7 / XP.

"Microsoft and the Office logo are trademarks or registered trademarks of Microsoft Corporation in the United States and/or other countries."

More information

USBCrypt updated to v.10.9

Go to secure (https) version of this page...

We’ve just released yet another update to our encryption product USBCrypt. This is a maintenance release that includes several fixes and improvements, such as:

  • In some usage scenarios, the Optimize for performance option could cause 100% of the available RAM to be consumed. We have corrected that.
  • When encrypting a drive, the size of the Virtual Encrypted Disk can now be selected using units other than MB.
  • The size of the Virtual Encrypted Disk is now displayed when choosing the Properties command from the taskbar icon right-click menu.

If you are already using a previous version of USBCrypt, you don’t need to remove it: just download and run the new version, and it should update the previous version while keeping your settings and customizations intact.

Happy encrypting!

Start programs elevated from a batch file

Go to secure (https) version of this page...

If you use batch files to automate tasks on a Windows 10, 8, 7 or Vista computer, you have probably encountered situations when you needed to start a program elevated (a.k.a. as administrator). For example, if you want to share a folder automatically from a batch file, you would use the net share command. However, unlike many other programs that ask for the administrator’s approval, net share does not do that and simply returns the error code 5 (“access denied”) if it was started by a standard user. How to force that program to start elevated from a batch file?

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

That’s the purpose of the Elevate utility that we’ve created to solve such a problem. Download the Zip file, uncompress it, and inside you should find two files: Elevate.exe and Elevate64.exe. (The latter is a native 64-bit compilation, if you require that, although the regular 32-bit version, Elevate.exe, should work fine with both the 32- and 64-bit versions of Windows).

Copy the file Elevate.exe into a folder where Windows can always find it (such as C:/Windows). To use it in a batch file, just prepend the command you want to execute as administrator with the elevate command, like this:

  elevate net share ...

and it should run the command net share as administrator. Of course, it does not relieve the administrator from the duty to approve the request (unless you have enabled the quiet mode of UAC or disabled the UAC altogether).

The syntax of the Elevate command is as follows:

  elevate [-opt1] [-opt2...] [path\]file[.exe] [param1 [param2...]]

Where -optN can be one of the following:

  -?         - Display the help screen and exit
  -info      - Open the web page with more information (the web page you are reading now!) and exit
  -wait4idle - Wait for the target process to initialize before returning
  -wait4exit - Wait for the target process to finish before returning
  -noui      - Don't display any messages, even if an error occurs

After the options, the following arguments should be entered:

  file       - The file name of the program to launch elevated
  paramN     - Optional parameters (as expected by the program being launched)

For example, if for some reason you want to run Notepad as administrator, and continue only after you exit Notepad, you would use a command like this:
  elevate   -wait4exit   notepad

If you use the elevate command while being logged in to Windows as a user that does not have a split token, that is as a non-administrator or a guest user, it will ask for the administrator’s password to continue. If you use it as the true administrator (that is, if UAC is disabled, or it you’ve launched the batch file itself as administrator), then no administrator’s approval would be required and it would launch the program as usual.

Take control of your files and folders with AB Commander file manager for Windows 10,8,7,Vista, and XP.
User rating: 4.8/5
Purchase or download a free trial. Read more…

Can Elevate.exe be used on a Windows XP or Windows 2000 computer, even though they do not have UAC or users with the split tokens? Yes, it can! In such a case, if the batch file is executed by the administrator, then Elevate.exe runs the program as usual, without requiring any additional approval. If run by a restricted user, Elevate.exe has the same effect as the Run As command of Windows XP/2000: it gives the user an option to enter a different user’s credentials to lunch the program.

The return code of the elevate command depends on the result of its execution and whether you have specified the -wait4exit option or not. If the -wait4exit option is NOT specified, then elevate returns code 0 if it started the target process successfully, or an error code as reported by Windows. For example, if Windows could not find the target file, it usually returns code 2. If the file was found, but the administrator did not approve the request to start the program elevated, the return code is 5. And so on.

However, if you have specified the -wait4exit option on the command line, then if the target process was started successfully, the elevate command would wait for it to finish and return the exit code from that process. The returned value in such a case depends on the program being launched be the elevate command. As with other commands, you can access the return code in a batch file via the ERRORLEVEL variable.

It’s FREE. For Windows 2000 and later. License…

Download Elevate.zip

NOTE: There is a known Windows problem: you cannot start a batch file elevated while passing arguments with quotes to it. A possible workaround is not to use elevate.exe to run a batch file elevated. Instead, run the batch file itself as the standard user, and put the elevate.exe command inside of the batch file to run whatever program you need to run elevated.

If you want to link to this article, you can use this HTML code: <a href=”http://www.winability.com/elevate/”>How to start programs elevated from a batch file</a>

Read more

How to make elevated programs recognize network drives

Go to secure (https) version of this page...

Password-protect and hide personal files and folders with Folder Guard for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

One of the useful tools that Windows offers is the ability to assign drive letters to the network locations. You can use the Map Network Drive command of Windows Explorer or AB Commander to create the network drives. After a network drive has been created, you can use it just like any other drive: browse its contents, copy file to or from it, and so on.

A problem may occur, however, if you use Windows Vista or Windows 7 and need to access the network drive from an application that runs elevated (a.k.a. as administrator). For example, when you run AB Commander as usual, it runs as the standard user, and displays any network drive that you might have created, for example:

AB Commander shows a network drive in the Computer folder
enlarge the image

However, unlike Windows Explorer that always runs as a standard user, AB Commander offers you an option to run it as administrator. (You can do it by using the Restart as Administrator command on the Tools menu.) If you restart AB Commander as administrator, you might be surprised to see no network drive in its window:

Why is the network drive missing?
enlarge the image

(You can recognize that AB Commander is running as administrator by the presence of the Administrator label in its title bar).

To understand why the network drive is not visible to the programs running as administrator, we have to consider how Windows handles the standard and administrator user access internally. In simple terms, when UAC (User Account Control) is enabled, Windows creates a split personality for your user account: one with the standard user’s access rights to do the the regular tasks, and another one with the full administrative access to the system. When you log in to the computer, Windows tries hard to create the impression that these two personalities are the same: they share the login name and password, the desktop and documents, settings and preferences, and so on. However, when it comes to mapping the network drives, Windows prefers to treat them as separate accounts (for security reasons). That’s why the network drives created when you wear the hat of the standard user do not automatically become available when you put the administrator’s hat on. This Microsoft article explains it all in detail.

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

Such behavior is rather counter-productive: after all, the administrator account is supposed have more access to the system, it’s supposed to be able to see and do all things that are available to the standard user, plus some more. Why can’t it see the network drive created by the standard user?

In any case, there is a way to force Windows to make the network drives available to both the standard and administrator accounts automatically. All you need to do is run Registry Editor (regedit.exe), locate the following key:

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Policies/System

and create a new DWORD entry with the name EnableLinkedConnections and value 1:

The value EnableLinkedConnections in the registry
enlarge the image

Caution: If you are not very experienced with Registry Editor, please be extra careful: it’s a powerful tool that can do a lot of damage to your system if used carelessly.

After you’ve added the EnableLinkedConnections value to the Registry, restart the computer, and after that the network drives you create should become available to the elevated applications, as well.

Happy networking!

Update for Windows 8

It appears that the EnableLinkedConnections setting is not always working correctly on Windows 8: if a standard user has created a mapped network drive pointing to a subfolder of a shared folder (for example, drive Z: connected to //server/share/subfolder), then the elevated user will see the drive Z:, but it will be pointing to the root share, //server/share/, not to the subfolder.

Password-protect and hide personal files and folders with Folder Guard for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

If this error creates a problem for you, then it’s better not to use the EnableLinkedConnections registry fix at all. Instead, just create the mapped network drive twice: first time using a standard user’s account, and the second time using an administrator account. Sure, it’s twice the work, but it should work correctly in all situations.

Good luck!

If you want to link to this article, you can use this HTML code: <a href=”http://www.winability.com/how-to-make-elevated-programs-recognize-network-drives/”>How to make elevated programs recognize network drives</a>

More information

How to disable hibernation with AB Commander

Go to secure (https) version of this page...

Take control of your files and folders with AB Commander file manager for Windows 10,8,7,Vista, and XP.
User rating: 4.8/5
Purchase or download a free trial. Read more…

If you used Space Investigator to analyze the contents of your C: drive, you probably couldn’t help but notice a rather large file named hiberfil.sys in the root folder. This file is used by Windows to remember the state of your computer when you hibernate it.

OK, but what if you never hibernate your computer? (In most cases sleep is what it does, which is not the same as hibernate). The size of this file is about the same as the size of the RAM your computer has, it would be nice to delete the file and allow other files use that space. However, if you attempt to delete the file directly (using Space Investigator, AB Commander, or Windows Explorer), you might be surprised to discover that Windows does not let you delete it, even if you use your full powers of the administrator.

To solve this problem, you need to disable hibernation: when you do that, Windows deletes the hiberfil.sys file for you. Windows XP offers a special button in its Control Panel that you can use to disable or enable hibernation. However, Windows Vista and Windows 7 for some reason don’t offer a similar command. Fortunately, there is a way to disable or enable hibernation: by running the powercfg.exe command with the administrative privileges and the appropriate command line switches, as described in this Microsoft article.

If you have AB Commander, you might be surprised to know that it can be used to achieve the same result especially easy. To do this, you need to know three things:

  1. AB Commander lets you launch any command by entering it into its command bar (at the bottom of AB Commander window).
  2. You can start a command elevated (a.k.a “As Administrator”) by pressing the Ctrl+Shift+Enter keys.
  3. You have to know the correct command (and any parameters, if applicable) to run to perform the specific task you want.

For turning the hibernation on and off, the above mentioned Microsoft article gives us all information we need:

To disable hibernation, run this command:

powercfg.exe /hibernate off

To enable hibernation back, run this command:

powercfg.exe /hibernate on

Remember to launch these commands “As Administrator”, or they won’t work:

Press Ctrl+Shift+Enter to run a command As Administrator with AB Commander
enlarge the image

Happy computing!

More information

Using names and labels to organize USBCrypt drives

Go to secure (https) version of this page...

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

If you use USBCrypt to protect just one or two drives, it’s easy to keep track of them. However, when the number of the encrypted drives grows, it becomes more difficult to keep them organized. The fact that each physical drive can be represented by two drive letters (one for the host drive and another one for the Virtual Encrypted Disk it contains) does not make it any easier. To help you manage the encrypted drives, USBCrypt offers you the options of assigning names to them. There are several names used by USBCrypt and Windows in different places of their user interfaces. Let us discuss them in detail.

When you encrypt a drive for the first time, USBCrypt asks you to choose two names: the Virtual Encrypted Disk name and the Host Disk name:

Choosing the encrypted drive name

The first name (for the Virtual Encrypted Disk) is used when displaying the windows and menus of USBCrypt. For example, it is shown on the USBCrypt window when starting the encrypted disk:

Starting a Virtual Encrypted Disk

This name is also displayed on the USBCrypt “balloon” notifications:

An Encrypted Disk has been attached

Or, when you right-click on a USBCrypt taskbar icon, you can see the name of Virtual Encrypted Disk on the menu:

The Virtual Encrypted Disk menu

As you can see, by using different names with different Virtual Encrypted Disk, you can make it easier to recognize them in Windows.

What about the second name you are asked to enter when encrypting a drive, the Host Disk name? This name is displayed by Windows as a label next to the host disk:

The Host Disk label

You can change the default name “USBCrypt Host Disk” to something more descriptive. Keep in mind, however, than both the Host Disk and Virtual Encrypted Disk names are NOT encrypted: they can be seen even before you enter the password to start the encrypted drive.

What if later on you’ve decided that other names would describe your encrypted drive better? You can change both the Virtual Encrypted Disk and Host Disk names by clicking on the Tools button on the Start Virtual Encrypted Disk window:

Changing the Virtual Encrypted Disk and Host Disk names

If you change the Virtual Encrypted Disk name, it takes effect immediately. However, if you change the Host Disk name, you may need to restart the computer before Windows would recognize the new name.

Besides the Virtual Encrypted Disk and Host Disk names, there is a third name that Windows uses to refer to the Virtual Encrypted Disks you create: it’s the labels it shows next to the Virtual Encrypted Disks in the Explorer windows:

Virtual Encrypted Disk label

Encrypt and password-protect external drives with USBCrypt software for Windows 10,8,7, and XP.
User rating: 4.7/5
Purchase or download a free trial. Read more…

The default text for the label is “Virtual Encrypted Disk” if you have chosen the NTFS file system for it, or just “ENCRYPTED” if you have formatted it with the FAT file system (because FAT limits the number and kind of characters that can be used in a drive label). USBCrypt itself does not provide a command to change such a label, because Windows itself offers it: you can change the label of an encrypted drive in the same way as of any other drive: by right-clicking on the drive and choosing Properties from the menu:

Changing the Virtual Encrypted Disk label

Enter the desired name there, and the label will change. Unlike the Virtual Encrypted Disk and the Host Disk names we’ve discussed above, the Virtual Encrypted Disk label is encrypted, along with all other data the encrypted disk contains: this label is only displayed by Windows after you’ve entered the correct password to start the encrypted disk.

More information

USBCrypt 10.8 is out!

Go to secure (https) version of this page...

We are excited to announce that a new version 10.8 of our encryption software USBCrypt has been just released and is available now!

This version includes many improvements and fixes, such as:

  • An option to select the preferred optimization of the Virtual Encrypted Disks: you can now choose whether to optimize for performance or for quick removal of the encrypted disks.
  • An option to launch the "autorun" process "As Admininstrator" when starting or stopping the encrypted disks.
  • You can now create custom names for the host disks (other than the default USBCrypt Host disk), to make it easier to recognize different disks in the Explorer windows.
  • While the encryption process of a drive is in progress, you can now minimize the USBCrypt window to the taskbar. You may find it handly when encrypting large drives.
  • Also, you can now pause and resume the encryption process, if you need to temporarily allow other programs to use the full CPU power fo your computer.
  • The built-in backup software that comes with Windows 7 or Windows Vista can now recognize the Virtual Encrypted Disks as valid backup destinations for the documents and settings.
  • USBCrypt now warns you if you log off or shut down the computer while a disk is being encrypted.
  • And more! Please give the new USBCrypt a try.

A major update to ActiveExit released

Go to secure (https) version of this page...

A new version 10.8 of ActiveExit is available now!

This is a complete rewrite of this software. If you’ve used an older version of ActiveExit, and are considering an upgrade, you may want to review the new User’s Guide to see what ActiveExit is now. You will notice many differences: we’ve simplified the user interface and removed many secondary functions, such as the allowed use schedule, the password protection, the taskbar icon, and so on. If you were relying on ActiveExit for such functions, hold on to the previous version that you already have.

The good news is that ActiveExit now works much better performing the main function it was designed for: to automatically log off users after a period of their inactivity. Here are some of the improvements in the new version:

  • ActiveExit now works with Windows 7 and Vista
  • ActiveExit now supports Windows Servers 2008 and 2003 (including the R2 versions)
  • ActiveExit can now log off automatically even the Remote Desktop users
  • ActiveExit now supports Active Directory and Group Policy
  • ActiveExit now supports unattended installations and updates
  • ActiveExit is now FREE for personal use!

Give the new ActiveExit a try!

Useful Windows utilities and security software