harvey
10-03-2013, 01:19 PM
NOTE
It is highly recommended that you reformat your computer and have a fresh install of Windows before following this tutorial. (Read the Windows Installation tutorial (http://adf.ly/WPaXT) for help reformatting.)
The reason for this is because, some tracks/logs from the past may still be present on your computer even after this tutorial.
It is also recommended that, if using a fresh install of Windows, to allow Windows to install ALL automatic updates, and do all the restarts nessessary before proceeding.
The reason for this is because, sometimes the automatic updates will revert system settings changes, back to their defaults.
Also, after following this tutorial, that does not mean tracks/logs will never appear again.
It is recommended that you run BleachBit/CCleaner every day, before shutting down your computer.
Check out all other program settings for any track/log settings you can disable.
It is recommended that you watch this video on forensic attacks and mitigating techniques.
BLEACHBIT (DOWNLOAD (http://adf.ly/UtphR))
Download and install Bleachbit, and then run it. Click "Edit", and then click "Preferences".
Under the "General" tab, change your settings to look exactly like the image below :
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/bleachbit%201.png
Next, in the main BleachBit window, you will see a list of programs, track/log names, and checkboxes.
Make sure every check box is checked, except "Free disk space", under the "System" category.
Next, locate the BleachBit EXE file. (C:\Program Files\BleachBit\bleachbit.exe)
Right click the file, and click "Properties".
Go to the "Compatibility" tab, and check "Run this program as an administrator" in the "Priveldge Level" box.
Click the "Change settings for all users" button, and do the same thing.
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/bleachbit%202.png
Lastly, close all active programs, open BleachBit, and click the "Clean" button on the top toolbar.
Note: Because your BleachBit gets cleaner updates from the community, as set in the programs preferences, it is smart to always check that all checkboxes are checked, as new cleaners may have been added.
CCleaner (DOWNLOAD (http://adf.ly/Utpl7))
Download and install CCleaner, and then run it. Click the "Options" button on the left.
Under the "Settings" category, change your settings look exactly like the image below :
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/ccleaner%201.png
Under the "Advanced" category, change your settings look exactly like the image below :
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/ccleaner%202.png
Next, click the "Cleaner" button on the left.
Under the "Windows" tab, check everything, except the "Custom Files and Folders" and "Wipe Free Space" in the "Advanced" category.
Under the "Applications" tab, check everything.
Click the "Registry" button on the left, and check everything.
Next, locate the CCleaner EXE file. (C:\Program Files\CCleaner\CCleaner.exe")
Right click the file, and click "Properties".
Go to the "Compatibility" tab, and check "Run this program as an administrator" in the "Priveldge Level" box.
Click the "Change settings for all users" button, and do the same thing.
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/ccleaner%203.png
Lastly, close all active programs, open CCleaner, and click the "Run Cleaner" button. (This may take a while.)
Next, click the "Registry" button on the left, and click the "Scan for Issues" button. Once finished, click the "Fix selected issues..." button.
CCEnhancer (DOWNLOAD (http://adf.ly/Utpnu))
Download CCEnhancer, and copy it to CCleaner program directoy. (C:\Program Files\CCleaner\")
Run CCEnhancer, and click "Settings" on the bottom.
Under the "Options" tab, have "Update on Windows startup" checked, and "Run CCleaner silently" unchecked.
Click the "Save and Close" button.
Note: CCleaner now gets cleaner updates from the community, it is smart to always check that all checkboxes are checked, as new cleaners may have been added. This also makes you wait a few seconds before clicking the "Clean" button.
DBAN (DOWNLOAD (http://adf.ly/Utppw))
This program you can install to a disk and shred a computers hard drive entirely.
Download and burn DBAN to a blank disk, and insert the disk. Restart your computer, and press the F number key to access to boot menu, and select your CD drive.
Once DBAN has started, you will be at a blue screen with some help text. You can type F3 to see a list of commands.
The most secure method, would be to use the "gutmann" command, but if you just want a simple shred, fast shred, you can use the "quick" command.
NOTE: The "gutmann" command will take a very long time, depending on your hard drive size. Unless you are a terrorist, this is really not necessary.
Firefox (DOWNLOAD (http://adf.ly/UtoDf))
Read the Firefox tutorial (http://adf.ly/WPaCI).
File Shredder (DOWNLOAD (http://adf.ly/UtptH))
Download and install File Shredder, and run it. Click "Shredder Settings" on the left.
Under the "Algorithms" tab, change your settings to look exactly like the image below:
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/shredder%201.png
Locate a file/folder you want to securely delete, right click it, and in "File Shredder", click "Secure delete files".
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/shredder%202.png
TimeStomp (DOWNLOAD (http://adf.ly/VdE20))
This is a program for Windows that can be used to modify a files created, last accessed, and last modified times.
Now, when a forensics specialist is analyzing your hard drives files, these times can be used to determine which files are interacted with frequently or recently.
Say, for exmaple, every single file was modified to have been all created, last access, and last modified in 1970.
Now it is very hard to determine files recently used or accurate time information from any file.
A guide on how to use this correctly can be found here (http://adf.ly/VdDwS).
Windows
Press the Windows Key + R to open a "Run" dialog, and type "cleanmgr", then press enter.
Under the "Disk Cleanup" tab, checkbox every checkbox, then click the "Ok" button.
Press the Windows Key + R to open a "Run" dialog, and type "regedit", then press enter.
Navigate to the key "HKEY_Current_User\Software\Microsoft\Windows\Curre ntversion\Explorer\Userassist".
Delete the 2 subkeys, if present, called "Count".
Right click the "UserAssist" key, and create a new key named "Settings".
Create a DWORD key inside the "Settings" subkey, named "NoLog", with the value set to 1.
Run command prompt as an administrator and type "fsutil behavior set disablelastaccess 1" and press enter.
Go to your Control Panel, and click "Flash Player".
Under the "Storage" tab, ensure "Block all sites from storing information on this computer" is selected. (Delete all)
Go to your Control Panel, and click "Internet Options".
Under the "General" tab, click the "Settings" button.
Change "Check for newer versions of stored pages" to "Never".
Change "Disk space to use" to 8.
Change "Days to keep pages in history" to 0.
Go to your Control Panel and click "System".
Click "System protection" on the left.
Under the "System Protection" tab, click the "Configure..." button.
Ensure "Turn off system protection" is selected.
Change "Max Usage" to 0 bytes, then click the "Delete" button.
Click the "Ok" button.
Under the "Advanced" tab, click the "Startup and Recovery" "Settings" button.
Ensure your settings look exactly like the image below:
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/windows.png
Right click your taskbar, and click "Properties".
Under the "Start Menu" tab, in the "Privacy" box, un-check the 2 check boxes.
--
This tutorial can also be viewed on my DropBox here (http://adf.ly/WPYNn).
I wrote all of these guides to help people understand how to do a number of things on the internet correctly.
Please do not rip or take credit for my guides, you may share them, but share the Dropbox or this thread.
Enjoy.
It is highly recommended that you reformat your computer and have a fresh install of Windows before following this tutorial. (Read the Windows Installation tutorial (http://adf.ly/WPaXT) for help reformatting.)
The reason for this is because, some tracks/logs from the past may still be present on your computer even after this tutorial.
It is also recommended that, if using a fresh install of Windows, to allow Windows to install ALL automatic updates, and do all the restarts nessessary before proceeding.
The reason for this is because, sometimes the automatic updates will revert system settings changes, back to their defaults.
Also, after following this tutorial, that does not mean tracks/logs will never appear again.
It is recommended that you run BleachBit/CCleaner every day, before shutting down your computer.
Check out all other program settings for any track/log settings you can disable.
It is recommended that you watch this video on forensic attacks and mitigating techniques.
BLEACHBIT (DOWNLOAD (http://adf.ly/UtphR))
Download and install Bleachbit, and then run it. Click "Edit", and then click "Preferences".
Under the "General" tab, change your settings to look exactly like the image below :
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/bleachbit%201.png
Next, in the main BleachBit window, you will see a list of programs, track/log names, and checkboxes.
Make sure every check box is checked, except "Free disk space", under the "System" category.
Next, locate the BleachBit EXE file. (C:\Program Files\BleachBit\bleachbit.exe)
Right click the file, and click "Properties".
Go to the "Compatibility" tab, and check "Run this program as an administrator" in the "Priveldge Level" box.
Click the "Change settings for all users" button, and do the same thing.
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/bleachbit%202.png
Lastly, close all active programs, open BleachBit, and click the "Clean" button on the top toolbar.
Note: Because your BleachBit gets cleaner updates from the community, as set in the programs preferences, it is smart to always check that all checkboxes are checked, as new cleaners may have been added.
CCleaner (DOWNLOAD (http://adf.ly/Utpl7))
Download and install CCleaner, and then run it. Click the "Options" button on the left.
Under the "Settings" category, change your settings look exactly like the image below :
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/ccleaner%201.png
Under the "Advanced" category, change your settings look exactly like the image below :
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/ccleaner%202.png
Next, click the "Cleaner" button on the left.
Under the "Windows" tab, check everything, except the "Custom Files and Folders" and "Wipe Free Space" in the "Advanced" category.
Under the "Applications" tab, check everything.
Click the "Registry" button on the left, and check everything.
Next, locate the CCleaner EXE file. (C:\Program Files\CCleaner\CCleaner.exe")
Right click the file, and click "Properties".
Go to the "Compatibility" tab, and check "Run this program as an administrator" in the "Priveldge Level" box.
Click the "Change settings for all users" button, and do the same thing.
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/ccleaner%203.png
Lastly, close all active programs, open CCleaner, and click the "Run Cleaner" button. (This may take a while.)
Next, click the "Registry" button on the left, and click the "Scan for Issues" button. Once finished, click the "Fix selected issues..." button.
CCEnhancer (DOWNLOAD (http://adf.ly/Utpnu))
Download CCEnhancer, and copy it to CCleaner program directoy. (C:\Program Files\CCleaner\")
Run CCEnhancer, and click "Settings" on the bottom.
Under the "Options" tab, have "Update on Windows startup" checked, and "Run CCleaner silently" unchecked.
Click the "Save and Close" button.
Note: CCleaner now gets cleaner updates from the community, it is smart to always check that all checkboxes are checked, as new cleaners may have been added. This also makes you wait a few seconds before clicking the "Clean" button.
DBAN (DOWNLOAD (http://adf.ly/Utppw))
This program you can install to a disk and shred a computers hard drive entirely.
Download and burn DBAN to a blank disk, and insert the disk. Restart your computer, and press the F number key to access to boot menu, and select your CD drive.
Once DBAN has started, you will be at a blue screen with some help text. You can type F3 to see a list of commands.
The most secure method, would be to use the "gutmann" command, but if you just want a simple shred, fast shred, you can use the "quick" command.
NOTE: The "gutmann" command will take a very long time, depending on your hard drive size. Unless you are a terrorist, this is really not necessary.
Firefox (DOWNLOAD (http://adf.ly/UtoDf))
Read the Firefox tutorial (http://adf.ly/WPaCI).
File Shredder (DOWNLOAD (http://adf.ly/UtptH))
Download and install File Shredder, and run it. Click "Shredder Settings" on the left.
Under the "Algorithms" tab, change your settings to look exactly like the image below:
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/shredder%201.png
Locate a file/folder you want to securely delete, right click it, and in "File Shredder", click "Secure delete files".
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/shredder%202.png
TimeStomp (DOWNLOAD (http://adf.ly/VdE20))
This is a program for Windows that can be used to modify a files created, last accessed, and last modified times.
Now, when a forensics specialist is analyzing your hard drives files, these times can be used to determine which files are interacted with frequently or recently.
Say, for exmaple, every single file was modified to have been all created, last access, and last modified in 1970.
Now it is very hard to determine files recently used or accurate time information from any file.
A guide on how to use this correctly can be found here (http://adf.ly/VdDwS).
Windows
Press the Windows Key + R to open a "Run" dialog, and type "cleanmgr", then press enter.
Under the "Disk Cleanup" tab, checkbox every checkbox, then click the "Ok" button.
Press the Windows Key + R to open a "Run" dialog, and type "regedit", then press enter.
Navigate to the key "HKEY_Current_User\Software\Microsoft\Windows\Curre ntversion\Explorer\Userassist".
Delete the 2 subkeys, if present, called "Count".
Right click the "UserAssist" key, and create a new key named "Settings".
Create a DWORD key inside the "Settings" subkey, named "NoLog", with the value set to 1.
Run command prompt as an administrator and type "fsutil behavior set disablelastaccess 1" and press enter.
Go to your Control Panel, and click "Flash Player".
Under the "Storage" tab, ensure "Block all sites from storing information on this computer" is selected. (Delete all)
Go to your Control Panel, and click "Internet Options".
Under the "General" tab, click the "Settings" button.
Change "Check for newer versions of stored pages" to "Never".
Change "Disk space to use" to 8.
Change "Days to keep pages in history" to 0.
Go to your Control Panel and click "System".
Click "System protection" on the left.
Under the "System Protection" tab, click the "Configure..." button.
Ensure "Turn off system protection" is selected.
Change "Max Usage" to 0 bytes, then click the "Delete" button.
Click the "Ok" button.
Under the "Advanced" tab, click the "Startup and Recovery" "Settings" button.
Ensure your settings look exactly like the image below:
https://dl.dropboxusercontent.com/u/10621288/supasekret/image/forensics/windows.png
Right click your taskbar, and click "Properties".
Under the "Start Menu" tab, in the "Privacy" box, un-check the 2 check boxes.
--
This tutorial can also be viewed on my DropBox here (http://adf.ly/WPYNn).
I wrote all of these guides to help people understand how to do a number of things on the internet correctly.
Please do not rip or take credit for my guides, you may share them, but share the Dropbox or this thread.
Enjoy.