uSOFT items

Top

SysInternals

Monitoring Registry Activity During the Boot Process

To use Regmon's boot logging feature simply select the "Log Boot" menu entry. Regmon will indicate that starting the next time the system boots Registry activity will be monitored and recorded to a log file named REGMON.LOG in your system root directory. When you make this selection Regmon configures itself as the very first driver to initialize in the system, enabling it to capture the Registry startup activity of all other device drivers and services, including critical boot drivers such as SCSI miniport drivers and boot file system drivers.

url

Download All Suite !

Top

Sync (remote) folders tool

Sync Toy.

Top

Ed's List of Interesting documents (ELOID)

FIPS Publications
http://csrc.nist.gov/publications/PubsFIPS.html

NIST Special Publications, including the XP configuration guide [XP configuration guide is SP 800-68]
http://csrc.nist.gov/publications/PubsFIPS.html

CERT/CC Advisories
http://www.cert.org/advisories/

Deploying Windows XP Service Pack 2 using Software Update Services
http://technet.microsoft.com/en-us/library/bb457097.aspx

Get Started Using Remote Desktop
http://www.microsoft.com/windowsxp/using/mobility/getstarted/remoteintro.mspx

The Windows XP Wireless Zero Configuration Service
http://technet.microsoft.com/en-us/library/bb878124.aspx

How to configure file sharing in Windows XP
http://support.microsoft.com/?id=304040

Universal Plug and Play in Windows XP
http://technet.microsoft.com/en-us/library/bb457049.aspx

Changes to Functionality in Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=7bd948d7-b791-40b6-8364-685b84158c78&DisplayLang=en

A detailed description of the Data Execution Prevention (DEP) feature in Windows XP
http://support.microsoft.com/kb/875352

Step-by-Step Guide to Internet Protocol Security (IPSec) [Dated Feb 17, 2000]
http://technet.microsoft.com/en-us/library/bb742429.aspx

IPSec [much newer]
http://technet.microsoft.com/en-us/network/bb531150.aspx

Basic Storage Versus Dynamic Storage in Windows XP
http://support.microsoft.com/?id=314343

SYSPREP
How to Use Sysprep: An Introduction
http://technet.microsoft.com/en-us/library/bb457073.aspx
How to use the Sysprep tool to automate successful deployment of Windows XP
http://support.microsoft.com/kb/302577
How to use Sysprep with Windows Product Activation or Volume License Media to deploy Windows XP
http://support.microsoft.com/kb/299840
How To Use the System Preparation Tool (Sysprep.exe) to Perform Disk Duplication
http://support.microsoft.com/kb/298491
Unsupported Sysprep scenarios
http://support.microsoft.com/kb/828287/
Sysprep functions and known issues
http://support.microsoft.com/kb/928386
Best Practices for Using Sysprep with NTFS Volumes
http://support.microsoft.com/kb/240126
How to Use Sysprep in Factory Mode [OLD]
http://technet.microsoft.com/en-us/library/bb457069.aspx
Updated System Preparation tool for Windows Server 2003 SP1
http://support.microsoft.com/kb/892778
Updated System Preparation tool for Windows Server 2003 SP2
http://support.microsoft.com/kb/926028
Updated System Preparation tool for Windows XP Service Pack 2, Windows Server 2003, and Windows XP Tablet PC Edition 2005
http://support.microsoft.com/kb/838080
How Sysprep Works
http://technet2.microsoft.com/WindowsVista/en/library/fd2f79c9-3049-4b8c-bcfd-4e6dc5771ace1033.mspx?mfr=true
Known issues that affect program deployment when you use Sysprep
http://support.microsoft.com/kb/814616
Sysprep Technical Reference
http://technet2.microsoft.com/WindowsVista/en/library/434e3931-a187-4940-a69c-70dd2ae657491033.mspx?mfr=true

Quick Guide to Preinstalling Windows
http://support.microsoft.com/kb/314472

Automated System Recovery overview in Windows XP
http://support.microsoft.com/kb/818903

How Windows RE Works
http://technet2.microsoft.com/WindowsVista/en/library/d807a440-90ce-4457-a23a-359ff2c9b9bf1033.mspx?mfr=true

Microsoft Windows XP Hotfix Installation and Deployment Guide
http://www.microsoft.com/windowsxp/downloads/updates/sp1/hfdeploy.mspx

How to install multiple Windows updates or hotfixes with only one reboot
http://support.microsoft.com/?id=296861

Qfecheck.exe verifies the installation of Windows 2000 and Windows XP hotfixes
http://support.microsoft.com/?id=282784

EST 2007 10 October 9 v2 Enterprise Scan Tool (standalone) [Enterprise Scan Tool for detecting if systems need hotfixes]
http://www.microsoft.com/downloads/details.aspx?FamilyId=744D6092-A928-45A2-B9AA-F5F8A628E083&displaylang=en&displaylang=en

Microsoft Baseline Security Analyzer
http://technet.microsoft.com/en-us/security/cc184924.aspx

Windows XP Security Guide
http://www.microsoft.com/downloads/details.aspx?FamilyId=2D3E25BC-F434-4CC6-A5A7-09A8A229F118&displaylang=en

Windows Vista Security Guide
http://www.microsoft.com/downloads/details.aspx?familyid=a3d1bbed-7f35-4e72-bfb5-b84a526c1565&displaylang=en

Group Policy Settings Reference
http://www.microsoft.com/downloads/details.aspx?FamilyID=7821c32f-da15-438d-8e48-45915cd2bc14&displaylang=en

Windows Server 2003 System Services Reference
http://www.microsoft.com/downloads/details.aspx?FamilyID=b38a0682-2997-4678-9d9e-a07cc66a3bba&displaylang=en

IPSec default exemptions are removed in Windows Server 2003
http://support.microsoft.com/?id=810207

Well-known Security Identifiers In windows Operating Systems
http://support.microsoft.com/kb/243330

  Xorrades XP  

remove "Bluetooth Sites" : "Start > Control Panel > Display > Desktop > Customise Desktop > Clean Desktop > Check "My Bluetooth Places" > Next > OK". System Info : "Start" + "Run" + "MSINFO32" See "Software Environment" + "Startup Programs" (altogether with Event Log), or "Components" + "Problem Devices" - see "PNP Devide ID" dxva_sig.txt file is generated after playing video. NumLock initial state : HKEY_USERS\.DEFAULT\Control Panel\Keyboard\InitialKeyboardIndicators = 0 ; HKEY_CURRENT_USER\Control Panel\Keyboard\InitialKeyboardIndicators = 0 ; Unknown device (without driver) : msinfo32 + Software Environment + Startup Programs : relate prog name to Event log error message. msinfo32 + Components + Problem Devices : see PNP Device ID \\%SystemRoot%\Setupapi.log file url Ctrl + Alt + Del not working ? Try Ctrl + Shift + Escape ! how to use CTRL + ALT + DELETE while using Windows Remote Desktop / Terminal Services : Use CTRL + ALT + END ! Create a New restore Point : Go to Start > Programs > Accessories > System Tools and click "System Restore". Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". How to use & create. You can delete all "restore points" by checking on "Turn off Restoring" ... XP Support ends on April 14, 2009 El administrador ha deshabilitado la modificación del Registro. Abrir la consola Directivas de grupo, gpedit.msc, escoger "Configuración de usuario > Plantillas administrativas > Sistema", y Deshabilitar la opción "Impedir acceso a la herramienta de edicion de Registro" How do you perform a reinstallation of Windows XP, sometimes called a repair installation? Configure your computer to start from the CD-ROM drive. Then insert your Windows XP Setup CD, and restart your computer. When the Press any key to boot from CD message is displayed on your screen, press a key to start your computer from the Windows XP CD. Press ENTER when you see the message "To setup Windows XP now", and then press ENTER displayed on the "Welcome to Setup" screen. Do not choose the option to press R to use the Recovery Console. In the Windows XP Licensing Agreement, press F8 to agree to the license agreement. Make sure that your current installation of Windows XP is selected in the box, and then press R to repair Windows XP. Follow the instructions on the screen to complete Setup. url, url TaskList and more Command Line commands C:\> tasklist /svc Image Name PID Services ========================= ====== ===================================== winlogon.exe 2036 N/A services.exe 332 Eventlog, PlugPlay lsass.exe 336 PolicyAgent, ProtectedStorage, SamSs ibmpmsvc.exe 532 IBMPMSVC svchost.exe 564 DcomLaunch, TermService RAMDISK To install the bus driver on Windows XP and later operating systems: Double-click Add Hardware in Control Panel. At the Welcome to the Add Hardware Wizard, click Next. Click Yes, I have already connected the hardware, and then click Next. Click Add a new hardware device from the list, and then click Next. Click Install the hardware that I manually select from a list(Advanced), and then click Next. Click Show All Devices, and then click Next. Click Have Disk, make sure that A:\ is in the Copy manufacturer's files from: box, and click OK. Click the desired entry, and then click Next. At The wizard is ready to install your hardware, click Next. Click Finish. url [egb] For imaging of Windows systems, I recommend the WAIK tools. They are free and reasonably easy to use. I used WinPE and the tools in the WAIK (Windows Automatic Installation Kit) which is a free Microsoft download. The way the tools works is you boot WinPE from a bootable CD that you build from the WAIK. Once you are booted you can save the system drive to another drive. Basically, you use imagex.exe /capture ... --> Creates a *.wim image to save from the old drive to the temporary drive and imagex.exe /apply ... --> Restores from the *.wim image to restore the saved image to the new drive. SP3 setup cannot copy the file ATAPI.SYS : remove Alcohol 120% & Daemon Tools. remove "Language bar" forever : regsvr32.exe /u msutb.dll ; re-register : regsvr32 msutb.dll after Blue Screen Of Death : remove "reiniciar automaticamente" from "Inicio y Recuperacion" en Propiedades del Sistema. Automatic Updates after SP2 com treure "Podria ser víctima de una falsificación de software" : url o url: Rename {c:\windows\system32} wgalogon.dll and wgatray.exe WGA = c:\windows\system32\KB905474\ ; "esta copia de office no es original" -> remove : http://www.microsoft.com/genuine + validar + reemplazar c:\win\system32\OGACheckControl.dll {v 1.6.28.0} + validar (IE only). Receta – buscar el proceso "WGATray.exe" y lo matas. Ir a la carpeta "windons32", y eliminar estos 3 archivos: OGAAddin.dll OGACheckControl.dll OGAVerify.exe (OGAEXEC.exe) Arranca el Windows Task Manager (Ctrl+Alt+Del). Mata el proceso wgatray.exe con el Task Manager. Reinicia Windows XP en Modo Seguro (Safe Mode). Borra el archivo WgaTray.exe de c:\Windows\System32. Borra el archivo WgaTray.exe de c:\Windows\System32\dllcache. Ve a Inicio->Ejecutar "RegEdit" Ir a la carpeta HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft Windows\ NT\CurrentVersion\Winlogon\Notify Borra la carpeta "WgaLogon" y todos sus contenidos Reinicia Windows XP. SlipStream : Next time you reinstall Windows with that old installation disc, you don't want to connect your fresh, unpatched and vulnerable system to the internet only to download 176 new updates from Microsoft. If your XP installation CD is older than 2004, once your system is online, you'll have to wait for hefty service packs to download, chained to your mouse while pushing the Next button, watching progress bars, and rebooting multiple times. Wouldn't it be better to start your installation, head out to run errands or grab coffee, and come back to an up-to-date system before your system gets online? It's possible, using some free software and a blank disc. After the jump, I'll show you how to create an automated, customized XP installation CD or DVD, that includes Microsoft's official-but-not-released Service Pack 3 for Windows XP. It is done using nLite Guides hot to do it : Winsupersite HelpWithWindows Qfecheck.exe proporciona a los administradores de red capacidad para comprobar los hotfixes de XP instalados. Uses HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates to remove IE from Desktop : right-click the Desktop and click Properties. click the Desktop tab. click Customize Desktop. click the General tab, and then click the icons that you want to place on the desktop. url MSDTC - Distributed Transaction Coordinator - quin nom te el seu log ? msdtc -resetlog msdtc -uninstall msdtc -install url How to remove "unread message count" at Logon HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail\ key MessageExpiryDays ( DWORD ) := 0 ; to temporarily use the classic logon screen, press Ctrl+Alt+Del twice on the Welcome logon screen. url System requirements : 128 MB RAM, 1'5 GB HD, 300 MHz CPU. Troubleshooting XP : How to know which process has locked a file (as Perflib_Perfdata_1e4.dat) The process can't acess the file 'cause it is being used by another process Win Server 2003 Resource Kit Tools - rktools.exe (12 MB) - OH.exe = Open Handles. OH {locked_filename} > {output_filename} The system global flag "maintain object type lists" is not enabled for this system. Please use oh +otl to enable it and then reboot. Can also use WhoLockMe Neither do detect Daemon Tools !?!?!? Dependency Walker Safe Mode Boot options [F8] como desactivar hibernación : Click en Inicio, Panel de Control Doble click en Opciones de Energia Click en la pestaña Hibernacion, desmarca la casilla de seleccion de "Habilitar hibernacion" y click en Aplicar, luego Aceptar. reinicia el computador; el archivo Hiberfile.sys será automaticamente eliminado url Physical Address Extension : poner /PAE en boot.ini Permite que las aplicaciones usen hast 3,5 GB de memoria. comandes RARES / comandos especiales / shortcuts : schtasks /? esentutl fsutil sfc - verifica versiones de archivos de sistema. sc is a command line program used for communicating with the NT Service Controller and services. "instsrv" sc /? {plus answer "YES" to see details !} sc query : display running services sc query type= service state= inactive : display stopped services sc query type= service state= all : display all services regsvr32 - register a DLL dumpel.exe : dump event log in text mode *.MSC : diskmgmt.msc - manage all your disks. gpedit.msc - perfmon.msc - compmgmt.msc - devmgmt.msc - eventvwr.msc - diskpart.exe - view, add, remove, resize, move ... partitions dfrg.msc - defragment a hard disk. WMIC = Windows Management Instrumentation Command-line ; url. wmic product > c:\prod.txt = productes instalats ! C:\> net start These Windows services are started: IBM MQSeries VNC Server Version 4 Temporarily stop Windows Update net stop wuauserv Restart : net start wuauserv or reboot machine. boot XP from an USB drive ! [sep07] svchosts.exe Tired of the litle red shield in their taskbar ? a) Turn on autoupdates b) Open Control Panel then Security Centre. On the left are 4 paragraphs in blue. Click on the last one "Change the way Security Centre alerts me" Untick the middle box. url Disable/enable System Restore : log in as SysAdmin select My PC, right button, Properties select System Restore tab Use this Product Key : [serial number, s/n] Sin = RHKG3-8YW4W-4RHJG-83M4Y-7X9GW (***) T42 = HCBR8-FGC2K-RY7BM-HM3KT-BKVRW Airis = RFJMD-G8FGK-W8BM4-23D8Q-YBMC6 P4(2/9) = RHKG3-8YW4W-4RHJG-83M4Y-7X9GW Kayak = RAP = RFJMD-G8FGK-W8BM4-23D8Q-YBMC6 HP = Bertran = RHKG3-8YW4W-4RHJG-83M4Y-7X9GW Pro_SP3 = V2C47-MK7JD-3R89F-D2KXW-VPK3J ; instead of FCKGW-RHQ 2-YXRKT-8TG6W-2B7Q8 How to display it or display it. How to change it 2003 [k] How to set a password hint as a precaution Log on to your computer. Click Start, and then click Control Panel. Double-click User Accounts. Click your user account, and then click Change my password. Enter your current password, enter a new password, and then enter the new password again to confirm it. Enter the password hint, and then click Change Password. The change will take effect the next time that you log on. Note If you want to keep your existing password, you must enter it as the current password, enter it again as the new password, and then enter it one more time to confirm the password. com es treu el missatge "Your computer might be at risk" ??? Download .Net Framework 1.1, 2.0, 3.0. .Net 4.0 installer : url Disk Space Requirements: 2.0 = 23 MB, 3.0 = 280 MB (x86), 4.0 = 869 KB ! How to know which one does a machine have ? dir *. at c:\WINDOWS\Microsoft.NET\Framework url ibmprc.exe Password synchronization is a feature that allows the end user to have their Windows password and their pre-desktop area password match. Each time a member of the administrator group changes the Windows password, the administrator user will be prompted to update the pre-desktop password. If this is not desirable, it can be disabled. To disable the password synchronization dialog, delete the following registry key: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IBMPRC"="C:\IBMTOOLS\UTILS\ibmprc.exe" url XP validation. unhide hidden optional components in "Add/Remove Windows Components" in Control Panel : edit \windows\inf\SYSOC.INF remove the "HIDE" option from second to last parameter. remove "Visual Effects" : Control Panel + System + Advanced Options + Rendimiento + Optimizar Rendimiento (16 settings). EULA KB 890830 - comes back again and again. Hide Users on the Welcome Screen When you add an account for certain users with Windows XP, their user names will appear on the Welcome Screen. Sometimes a user needs to be added to a Windows XP machine, because he needs access (via the network) to resources on the machine, but he will not be physically logging in on the computer. You can remove his name from the Welcome Screen, while still maintaining the user account. Start the Registry Editor. Go to HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList \ Right-click an empty space in the right pane and select New > DWORD Value Name the new value exactly as the Username : "db2admin", "mqm", etc. Leave the Value data as 0 if the user must be hidden. Close the registry editor. If you want to enable this user again on the Welcome Screen, either double-click the Username value, and change the Value data to 1, or delete the Username field. Tweak UI XP download Power Toys - as Open Command Window Here , PowerCalc, DeskMan, HTMLSlideShow, ... (XP only) go to command line from GUI : regedit HKEY_CLASSES_ROOT\Directory\shell Nueva Clave "DosHere" Información de Valor := "Ir a DOS" Nueva Clave := Command Información de Valor := 'c:\windows\system32\cmd /k cd "%1"' command list : netsh, tree, getmac, etc [C:\WINDOWS\system32\] - complete ! Com nassos s'esborra la carpeta c:\Archivos de Programa\xerox\nwwia ? chkdsk no se puede abrir el volumen para acceso directo - com mirar qui te agafat el disc ? missatge there are unused icons on your desktop Control Panel + Display + Desktop + "Customize desktop" + uncheck "run desktop cleanup wizard every 60 days" url to LogOff another user, use Ctrl+Alt+Del keysequence to get to WTM, then select the Users tab ... Disable Simple File Sharing - necessary in order to enable the creation of Access Control Lists for shared disks and folders Click Start | My Computer | Tools | Folder Options | View. Scroll to the bottom of the list of advanced settings and un-check Use Simple File Sharing (Recommended). Click OK. SendTo - it is hidden by default ... Open Tools, then Folder Options - on the View tab, click Show hidden files and folders. c:\Documents And Setting\SendTo Can use "SendTo" command to open the folder ... url Thumbs.db Para que no se cree este fichero, hay 2 opciones : Haz click en Mi PC y abre el menú Herramientas. Selecciona Opciones de Carpeta. Haz click en Ver y selecciona: No alojar en caché las vistas en miniatura. Activa esta opción. Abrimos el registro de Windows (en ejecutar escribimos regedit.exe) Navegamos por la rama HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced y en la clave DisableThumbnailCache cambiamos el valor a 1. Para borrar los ya existentes : Ejecutamos en una consola DOS el comando dir /s /ash /b /n Thumbs.db > borrar.bat Abrimos el fichero borrar.bat que acabamos de crear y reemplazamos C:\ por del /ash "c:\ (en este caso intentamos borrar los thumbs.db de la unidad C ). Después cambiamos los .db por .db" Sólo queda ejecutar el fichero borrar.bat Recent Documents To display the My Recent Documents folder on the Start menu: Right-click Start, and then click Properties. Or, if the Start menu is already displayed, right-click an empty area of the Start menu, and then click Properties. Click Customize. Click the Advanced tab. Under Recent documents, click to select the List my most recently opened documents check box, click OK, and then click OK. The next time you click Start, the My Recent Documents command is displayed on the Start menu. To Open a Recently Used Document : Click Start, point to My Recent Documents, and then click the item you want to open. To Clear the Contents of the My Recent Documents Folder : Right-click Start, and then click Properties. Or, if the Start menu is already displayed, right-click an empty area of the Start menu, and then click Properties. Click Customize. Under the Advanced tab button, there is a "Sort" button and a "Clear" one - use it ! Documentation XP re-install - URL - URL Resources for Troubleshooting Startup Problems in XP Troubleshooting STOP messages using Task Manager : right-click an empty space on the taskbar, and then click Task Manager In Windows 95/98/ME you can bring up the Task List by pressing Ctrl+Alt+Del. In Windows NT4/2000/XP/2003 you bring up the Task List by right-clicking on the Task Bar and choosing "Task Manager". Task list here or here the "mini-mode" or "small footprint mode" has no TABs - double-click on the border to get the TABs back, or Ctrl-TAB to change from one to the next. Read !!! [Tiny Footprint mode] Get this one ! Symbols are not currently configured. You must configure symbols in order to view thread start address and stack inofrmation. Install the Microsoft Debugging Tools for Windows Package and configure a symbol server address in the Options | Configure Symbols dialog for the best symbol support. Com es fà ? url ! Recovery Console - Administrator password is used at this moment ! Again Administrator password : how to log on : start XP in Safe mode or (XP Pro) press CTRL+ALT+DEL twice at the Welcome Screen and input Admin password. how to display at Welcome Screen : Regedit HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList Right-click in the right pane and select New DWORD Value. Type-in Administrator as the value. Double-click Administrator, and assign a value of 1 url when is it used : to reset a User's password to use the Recovery Console startup Hot Key : F8 After the Power On Self test (POST), press the F8 key - here STOP messages ( also known as BSOD ! ) TroubleShooting the Stop Error. Interesting : start "Last Good Known Configuration". Also : "System Restore" (All Programs, Accessoires, System Tools, System Restore). saving STOP messages to a file : select it in Control Panel + Recovery : "Write Debugging Information TO" ... %SystemRoot%\MiniDump S'hi escriuen fitxers "*.DMP" Per obrir-los : DumpChk.exe - article + KB article Q315263 Set "AutoReboot" to "OFF" at Control Panel + Recovery How to do it ? [u/k] install Debugging Tools from Windows SDK (for Windows 7 and .NET Framework 4) url. See Analyzing the Windows Crash Dump File other problems : use DrWatson32 ! W2K : see drwtsn32.log and user.dmp, usualy at C:\Documents and Settings\All Users\Documents\DrWatson MSCONFIG - similar to AUTORUNS Path : to launch MSCONFIG from a command line, use the START command: start msconfig With the MSConfig utility you can kill everything at startup the Win.ini, system.ini, boot.ini, services and startup Items. [url] MSINFO32 DXDIAG Recovery Console ( read here ) commands : ATTRIB BATCH CD CHDIR CHKDSK CLS COPY DEL DELETE DIR DISABLE DISKPART ENABLE EXIT EXPAND FIXBOOT - write a new bootsector to the partition c: FIXMBR - write a new MBR (\Device\HardDisk0\Partition0) - removes BM and boots XP again. FORMAT HELP LISTSVC LOGON MAP MD MKDIR MORE RD REN RENAME RMDIR SYSTEMROOT TYPE Top Comandos configuración access.cpl accesibilidad appwiz.cpl instalar/desinstalar programas bootcfg modificar las entradas de boot.ini charmap mapa de caracteres cleanmgr liberador de espacio del disco cleanmgr liberador de espacio del disco compmgmt.msc Mi PC + derecho + Administrar conf abrir Net Meeting control abrir panel de control control folders opciones de carpeta control fonts configuración de fuentes control keyboard configuración de teclado control mouse propiedades del ratón control netconnections conexiones de red [sin] control printers impresoras y faxes control schedtasks tareas programadas control javacpl.cpl Control Panel + Java - (buscar *.cpl en %WINDOWS%\system32) dcomcnfg componentes, MMC ddeshare recursos compartidos DDE devmgmt.msc administrador de dispositivos / device manager [sin] dfrg.msc desragmentador del disco duro directx.cpl panel de control DirectX diskmgmt.msc administrador de discos duros diskpart administra particiones drwtsn32 Dr. Watson, diagnóstico del sistema dxdiag Direct X, diagnóstico de problemas eventvwr.msc visor de sucesos firewall.cpl firewall de gindows fsmgmt.msc recursos compartidos fsquirt asistente de transferencia ficheros Bluetooth gpedit.msc group policy hdwwiz.cpl hardware add wizard iexpress crear archivos .CAB autodescomprimibles inetcpl.cpl propiedades Internet intl.cpl configuración Regional lusrmgr.msc usuarios locales y grupos mmsys.cpl multimedia msconfig (start+run) system.ini, win.ini, boot.ini, servicios, inicio mstsc escritorio remoto ntmsmgr.msc dispositivos de almacenamientos extraíbles. nusrmgr.cpl administrador de cuentas de usuario odbccp32.cpl ODBC Data Source Administrator openfiles   osk teclado en pantalla - útil si se estropea el teclado perfmon.msc Performance Monitor powercfg.cpl configuración de la energ¡a printers carpeta de impresoras regedit editor de registro secpol.msc seguridad, configuración local, políticas de seguridad services.msc servicios sysdm.cpl System Properties, as Computer Name, Device Manager, System Restore, Remote Desktop. winchat Microsoft Chat wmimgmt.msc WMI wscui.cpl Security Center Can't modify Automatic Updates (greyed) Dial a Fix. url: Click Start, Run and type gpedit.msc. Navigate to the following location: Computer Configuration -> Administrative Templates -> Windows Components -> Windows Update. In the right-pane, double-click Configure Automatic Updates and set it to Not Configured Servei que cal : "Windows update Service". Bon resum.

Disable Malicious Software Reporting Tool transmissions [From: http://www.support.microsoft.com/kb/891716/]

Q3. How can I disable the infection-reporting component of the tool so that the report is not sent back to Microsoft?

A3. An administrator can choose to disable the infection-reporting component of the tool by adding the following registry key value to computers. If this registry key value is set, the tool will not report infection information back to Microsoft.

This functionality is automatically disabled if the following registry key value exists:

This registry key value indicates that the computer is connected to an SUS server.

If you want to see the actual report or at least the data that the MRT finds, type the following from a command line: ("mrt.log" is a unicode text file) notepad c:\windows\debug\mrt.log

  Xorrades de Windows  

shortcuts : CONTROL = abre Control Panel MSTSC = activa Escritorio Remoto ; mstsc.exe -v 9.137.164.25 /console = remote console icon. APPWIZ.CPL = Add or Remove Programs ! DCOMCNFG = Management Console : Visor de Sucesos, Servicios, Componentes. how to know whether an OS is 32 bit or 64 bit ? command prompt and type set. Look for the processor type : x86 is 32bit, x64 is 64bit. Start -> Run, and type dxDiag cmd.exe /? has some goodies, as Auto-Complete. Set HKEY_CURRENT_USER/Software/Microsoft/Command Processor/CompletionChar to 9, and you have TAB completion (start typing a file or dir name, press TAB, and matching file/dir names appear). The difference between "runas.exe" and "Run as Administrator" I asked Microsoft the difference between the following two mechanisms for starting a cmd prompt: "runas /u:administrator cmd" Right-click cmd.exe and hit the "Run as Administrator" option Well, it turns out every program that is ever started with runas.exe is started in the ordinary logged in context, specifically, the reduced capability context. Hence, you might start a cmd.exe prompt with runas.exe, but it will run in the same reduced capability mode your login shell runs in. If you really want to elevate and then run, you must use the right click method. That produces an unrestricted Administrator program. This works even for Internet Explorer. W 2008 Server details Hot to use keyboard as mouse : url : The ALT+SHIFT+NUMLOCK key combination enables or disables the Mouse Keys option for the current Windows session. It does not actually update the MSINPUT.INI file for subsequent Windows sessions. Keep in mind that media files, like any other files, can be re-associated at any time. For example, if you decide you want to associate MP3 files with another program at some point you can simply locate an MP3 file, hold the Shift key and right-click the file. At this point a menu will appear and you can select Open With and then choose the application you want to use to play MP3 files. Check the box next to "Always use the select program to open this kind of file" and the next time you double click an MP3 file it will open that program. How to kill any process ? drwtsn32 -p < process-id > How to know the process-id of a program ? Task Manager or TLIST.EXE url or TaskList From here [got it here ] Ver PULIST.EXE ... dresseres : run services.msc run gpedit.msc Display Desktop icon : create a file "Show Desktop.scf" located at [NT, W2K, XP] C:\Documents and Settings\Username\Application Data\Microsoft\Internet Explorer\Quick Launch [Shell] Command=2 IconFile=explorer.exe,3 [Taskbar] Command=ToggleDesktop url Lock PC : Right click an empty area of your desktop. Choose New/Shortcut and enter this line as the command line: %windir%\System32\rundll32.exe user32.dll, LockWorkStation Finally, get a nice icon from SHELL32.DLL ... Expand Control Panel in Start Menu W2K : To make the Control Panel act like submenu of the Start Menu, right-click the Task Bar in an open area, and choose Properties. In the "Taskbar & Start Menu Properties" window that appears, click the "Advanced" tab. Under the Start Menu Settings, check next to "Expand Control Panel." Now, when you click Start, Settings, Control Panel, you can choose one of the Control Panel applets, such as Add/Remove Programs, right from there. url WXP : Right-click the Start menu button, then choose Properties. From the Taskbar & Start Menu Properties window, click the Customize button, then click the Advanced tab. You should see three options for Control Panel: Display as Link (default), which means it opens in a separate window when you click it, Display as Menu, which means that when you click it, or even hold the mouse over it, the Control Panel items will open as a sub-menu, and Do not display this item, which will remove it from the Start Menu completely. url Com saber quin Fix Pack es instalat ? See Add/Remove Programs in Control Panel ... Install KB835732 disable "Caps Lock" : see here --------------------------------------------------------------------- Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout] "Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,00,00,3a,00,00,00,00,00 --------------------------------------------------------------------- trace "log" errors to Event Viewer / Security Log : Administrative Tools + Local Security Policy + Local Policies + Audit Policy + Audit account logon events Thankx Albert (again) com veure quina versió tenim instalada ? winver W2K : Winver : uSoft Windows Version 5.0 (Build 2195:Service Pack3) System : uSoft Windows 2000 5.00.2195 Service Pack 3 W98 (P4) : Winver : windows 98 System : W98, Segunda Edicion, 4.10.2222 A IE5 busca dins uS si la URL no es bona Tools - Internet Options - Advanced - "Do not search from Address bar" paràmetres per instalar NT 4.0 : E:\I386>winnt /? Installs Windows NT. WINNT [/S[:]sourcepath] [/T[:]tempdrive] [/I[:]inffile] [/O[X]] [/X | [/F] [/C]] [/B] [/U[:scriptfile]] [/R[X]:directory] [/E:command] /S[:]sourcepath Specifies the source location of Windows NT files. Must be a full path of the form x:\[path] or \\server\share[\path]. The default is the current directory. /T[:]tempdrive Specifies a drive to contain temporary setup files. If not specified, Setup will attempt to locate a drive for you. /I[:]inffile Specifies the filename (no path) of the setup information file. The default is DOSNET.INF. /OX Create boot floppies for CD-ROM installation. /X Do not create the Setup boot floppies. /F Do not verify files as they are copied to the Setup boot floppies. /C Skip free-space check on the Setup boot floppies you provide. /B Floppyless operation (requires /s). /U Unattended operation and optional script file (requires /s). /R Specifies optional directory to be installed. /RX Specifies optional directory to be copied. /E Specifies command to be executed at the end of GUI setup. So, my command line was : c:> d:\i386\winnt /s:d:\i386 /b WIN2000 no té /B com instalar SP6 en un NT 4.0 en castellà Q250867 says : To work around this issue and prevent the version-number scanner from comparing the Schannel.dll file versions : Use any text editor (such as Notepad) to open the Update.inf file in the I386\Update folder in the service pack source files. Place a semicolon (;) before the reference to the Schannel.dll, Security.dll, and Ntlmssps.dll files in the [CheckSecurity.System32.files] section of the Update.inf file. Save and then close the Update.inf file. Install the service pack. Ignacio la ha millorat : Lanzar la instalación del Service Pack 6a, lo cual descomprimirá una serie de ficheros en el subdirectorio del directorio apuntado por la variable TEMP (por ejemplo d:\temp\ext9830). Antes de responder al diálogo en el que se nos pide que aceptemos los términos de la licencia, buscar dicho directorio temporal y copiar los archivos a otro sitio. Aceptar el diálogo, lo cual intentará lanzar la instalación, pero mostrará error, borrando los ficheros del subdirectorio inicial. Ir al directorio con las copias, y modificar el fichero UPDATE.INF como se indica en el artículo de Microsoft. La sección [CheckSecurity.System32.files] debe quedar así : [CheckSecurity.System32.files] ; SCHANNEL.DLL ; SECURITY.DLL ; NTLMSSPS.DLL Lanzar la instalación ejecutando UPDATE.EXE ; esta vez no aparecerá el error. com instalar SP6 HIGH-ENCRYPTION en un NT 4.0 en castellà Hay que ir al directorio %SystemRoot%\system32\ donde encontraremos tres archivos rsaenh.dll enhsig.dll schannel.dll Hay que renombrarlos o cambiarles la extension (por ejemplo: rsaenh.dl_, enhsig.dl_ y schannel.dl_). Despues de esto hay que reiniciar el sistema y una vez arranque se puede instalar el SP6a. versions de SCHANNEL.DLL Export -> 40-bit U.S. Domestic -> 128-bit existeix RSAENH.DLL => High-Encryption (128 bit). SU-0013 - no MS-DOS boot partition, installing W98 on 2-nd hard disk. Netscape "updating client registry" : c:\windows\nsreg.dat on son els cookies (i altres trasses) dels navegadors ? Netscape : c:\Program Files\Netscape\Users\default\cookies.txt Disable bye setting user_pref("network.cookie.cookieBehavior", 2); in prefs.js ! IE 5.5 : c:\windows\cookies (hidden) and c:\windows\Temporary Internet Files\Content.IE5\INDEX.DAT IE 5.5 settings are quite hidden in Internet options + Tools + Security + "Custom Level" eines interessants : CoolSwitch (taskswitch.exe) : ALT TAB replacement PowerToy for XP Resource Meter (c:\windows\Rsrcmtr.exe) tlist -s, from SUPPORT.CAB (w2K) - display active processes. "-s" switch shows the list of active services in each process. For more information about the process, type tlist pid. From here minimum swap size (manual management) : less than 32 MB of RAM : 2,5 times your amount of RAM less than 64 MB of RAM : 2 times your amount of RAM more than 64 MB of RAM : equal the amount of RAM configurador interessant (W9x) : msconfig o un clone uninstall hidden XP components : c:\windows\SYSOC.INF - remove the hide word (leave comas), so they appear in Add/Remove dialog. Link and link. configure XP 100 % : gpedit.msc from here. customize SendTo menu, by creating shortcuts and placing them in c:\windows\SendTo [XP] remove Error Reporting Service service using msconfig. Tweak-UI : the must have tool. Search uS for PowerToys. Or download it ! (v 1.33) XP [XP] SuperGuide When using the new IE 7.0, you must first enable JavaScript; it is disabled by default. Follow these steps: Open your browser (I.E. 7.0) Click on Tools button (it is located in the upper right part of the screen) Select Internet Options. Click on Security tab. Click on Custom Level. Scroll down until you see section labeled Active Scripting. Select Enable. Click OK to save changes. Confirm Yes and click OK. Close and restart the browser. change text in Explorer's title bar The title bar of Internet Explorer displays the text "Microsoft Internet Explorer," along with the title of the page you're visiting. If you're tired of constantly being assaulted with images and words from Big Green up in Redmond, you can change that text to anything that you want. From a command line or from the Run line, run regedit Select the folder HKEY_CURRENT_USER and follow the folder path \Software\Microsoft\Internet Explorer\Main Add a new String Value named Window Title. In the Value field type in the text you want to appear and then hit OK. Close Internet Explorer if it's open, and restart it. The title bar will now have your new text. If you want your title bar to have no text in it aside from the title of the page you're currently visiting, create the Window Title string value, but leave the Value field empty. CAB Extract from here Sample : from the Windows 2000 installation CD's Support\Tools folder, extract the TLIST.EXE utility from the Support.cab file. HOSTS file location : W95 : W98 : ??? W2K : c:\WINNT\System32\Drivers\etc (sample in c:\WINNT\I386) WXP : windows releases numbers : 4.00.950 = windows 95 & 95 A (FAT16, no FAT32) 4.00.1111 = windows 95 B & 95 C (FAT32) 4.10.2222 = windows 98 B & 98 se 4.90.3000 = windows Me

How to configure IP from command line

In order to configure TCP/IP settings such as the IP address, Subnet Mask, Default Gateway, DNS and WINS addresses and many other options you can use Netsh.exe, available on Windows 2000, Windows XP and Windows Server 2003.

netsh interface ip show config netsh interface ip set address name="Local Area Connection" static 192.168.0.100 255.255.255.0 192.168.0.1 1 Export : netsh -c interface dump > c:'location1.txt Import : netsh -f c:'location1.txt or netsh exec c:'location2.txt Get an IP from DHCP : netsh interface ip set address "Local Area Connection" dhcp Set DNS : netsh interface ip set dns "Local Area Connection" static 192.168.0.200 index=1 netsh interface ip set dns "Local Area Connection" static 192.168.0.201 index=2 Set WINS : netsh interface ip set wins "Local Area Connection" static 192.168.0.200 Dynamic : netsh interface ip set dns "Local Area Connection" dhcp Display the (large) list of Winsock LSPs that are installed on the computer {***}: netsh winsock show catalog

url

Clear ARP cache :

c:\> netsh interface ip delete arpcache Ok.

In Windows Server 2008 Core installation, the only way to setup IP Address eithe Static or DHCP is from the command line. See here

netsh syntax

c:\> netsh /? Usage: netsh [-a AliasFile] [-c Context] [-r RemoteMachine] [Command | -f ScriptFile] The following commands are available: Commands in this context: ? - Displays a list of commands. add - Adds a configuration entry to a list of entries. bridge - Changes to the `netsh bridge' context. delete - Deletes a configuration entry from a list of entries. diag - Changes to the `netsh diag' context. dump - Displays a configuration script. exec - Runs a script file. firewall - Changes to the `netsh firewall' context. help - Displays a list of commands. interface - Changes to the `netsh interface' context. lan - Changes to the `netsh lan' context. ras - Changes to the `netsh ras' context. routing - Changes to the `netsh routing' context. set - Updates configuration settings. show - Displays information. winsock - Changes to the `netsh winsock' context. The following sub-contexts are available: bridge diag firewall interface lan ras routing winsock To view help for a command, type the command, followed by a space, and then type ?.

---

Top

Enable/disable network adapter from command line

Use the devcon tool:

display network devices

c:\eines> devcon.exe listclass Net Listing 10 device(s) for setup class "Net" (Network adapters). PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0 : Intel(R) PRO/1000 MT Mobile Connection ROOT\MS_IRDAMINIPORT\0000 : Infrared Port ROOT\MS_L2TPMINIPORT\0000 : WAN Miniport (L2TP) ROOT\MS_NDISWANIP\0000 : WAN Miniport (IP) ROOT\MS_PPPOEMINIPORT\0000 : WAN Miniport (PPPOE) ROOT\MS_PPTPMINIPORT\0000 : WAN Miniport (PPTP) ROOT\MS_PSCHEDMP\0000 : WAN Miniport (IP) - Packet Scheduler Miniport ROOT\MS_PTIMINIPORT\0000 : Direct Parallel ROOT\VMWARE\0000 : VMware Virtual Ethernet Adapter for VMnet1 ROOT\VMWARE\0001 : VMware Virtual Ethernet Adapter for VMnet8

or

devcon hwids =net

display device status (mind "@" and dbl quotes)

c:\eines> devcon status "@PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0" PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0 Name: Intel(R) PRO/1000 MT Mobile Connection Driver is running. 1 matching device(s) found.

disable/enable net card

c:\eines> devcon disable "@PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0 PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0: Disabled 1 device(s) disabled. c:\eines> devcon status "@PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0" PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0 Name: Intel(R) PRO/1000 MT Mobile Connection Device is disabled. 1 matching device(s) found. c:\eines> devcon enable "@PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0" PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0: Enabled 1 device(s) enabled. c:\eines> devcon status "@PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0" PCI\VEN_8086&DEV_101E&SUBSYS_05491014&REV_03\4&39A85202&0&08F0 Name: Intel(R) PRO/1000 MT Mobile Connection Driver is running. 1 matching device(s) found.

scan for new HW

c:\eines> devcon rescan

reboot

c:\eines> devcon reboot

url

  Xorrades 2000  

PWS & IIS

Here it says :
PWS is not supported and cannot be installed on any version of Windows XP.
Windows XP Professional is designed for business users and contains Internet Information Services (IIS) version 5.1. IIS 5.1 includes Web and FTP server support, as well as support for Microsoft FrontPage transactions, Active Server Pages, and database connections.

So, PWS was for W98 only

IIS :

• Installing IIS under XP
  You can install IIS, add optional components, or remove optional components for IIS by using the Add/Remove Programs dialog box in Control Panel.
  Installation guide
  LocalHost documentation !
• LockDown tool v 2.1
• MetaEdit utility
• Resources
• TroubleShooting ASP in IIS 5.0
• How to know what you've got : go to "C:\WINDOWS\Microsoft.NET\Framework\" directory ...

Problemes amb el IIS :

• the server failed to load application '/LM/W3SVC/1/ROOT'
  • The most likely cause of this problem is that the DTC coordinator service has not started. Solucio : "msdtc -resetlog" !
    From here
  • To correct this problem, run the SyncIwam.vbs utility in the InetPub/AdminScripts directory.
    cscript synciwam.vbs
    From here

• The COM Application ... failed to activate out of process
  • Here it says the solution is this (IWAM Account).

    To resolve this problem, you must make sure that the passwords for the IUSR and IWAM accounts are synchronized in all three of the above-mentioned locations.

    Read here :

    • Obtain the IUSR account password : cscript.exe adsutil.vbs get w3svc/anonymoususerpass
    • Obtain the IWAM account password : cscript.exe adsutil.vbs get w3svc/wamuserpass
    • Set the IUSR account password : cscript.exe adsutil.vbs set w3svc/anonymoususerpass "password"
    • Set the IWAM account password : cscript.exe adsutil.vbs set w3svc/wamuserpass "password"

    From here

  Note : when you try to obtain the password in Windows NT 4.0, the password appears as clear text; however, the password appears as asterisks in Windows 2000. To obtain the password in clear text in Windows 2000, you must modify Adsutil.vbs so that it displays the unmasked password. To do this, follow these steps:

  1. In Notepad, open Adsutil.vbs.
  2. On the Edit menu, click Find, type IsSecureProperty = True, and then click Find Next.
  3. Change "IsSecureProperty = True" to "IsSecureProperty = False".
  4. Save the changes to Adsutil.vbs, and then close Notepad.

  Change the password in MTS or Component Services : cscript.exe synciwam.vbs -v
  You may need to restart IIS for all changes to take effect. To restart IIS, from the Start menu, click Run, type iisreset, and then click OK.

• ADSUTIL

 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
 Windows="%SystemRoot%\system32\csrss.exe
 ObjectDirectory=\Windows
 SharedSection=1024,3072,512
 Windows=On
 SubSystemType=Windows
 ServerDll=basesrv,1
 ServerDll=winsrv:UserServerDllInitialization,3
 ServerDll=winsrv:ConServerDllInitialization,2
 ProfileControl=Off
 MaxRequestThreads=16"
 

  How to read a MiniDump  

If user selects so, a "Small Memory Dump" (64 KB) is generated on system failure. Select CP + System Properties + Advanced + Startup and Recovery Directory of C:\WINNT\Minidump 18/09/2003 09:25 65.536 Mini091803-01.dmp 17/10/2003 10:14 65.536 Mini101703-01.dmp 08/10/2004 08:32 65.536 Mini100804-01.dmp To read its contents ... N.I.Y. Header structure Hot to read a minidump ... W2000/NT ... WXP To install it : W2K - Windows 2000 CD-ROM: Install the Support Tools by running Setup.exe from the Support\Tools folder on the CD-ROM. By default, Dumpchk.exe is installed to the Program Files\Support Tools folder. Windows NT 4.0 CD-ROM: Support\Debug\<Platform>\Dumpchk.exe Windows XP: Install the Support Tools by running Setup.exe from the Support\Tools folder on the CD-ROM. By default, Dumpchk.exe is installed to the Program Files\Support Tools folder.

  Keyboard shortcuts  

Copy = CTRL + C Cut = CTRL + X Paste = CTRL + V Mark = SHIFT + <left> or <right> arrow Mark to EOL = SHIFT + <End> Select All = CTRL + A Refresh = PF5 Mouse Right Button = Shift + PF10 ALT+SPACE: Displays the main window's System menu From the System menu, you can restore, move, resize, minimize, maximize, or close the window. General keyboard-only commands How to move a window when its title bar is off the screen Hold down Alt + Spacebar Press the M key Use the arrow keys to relocate the window Press the Enter key when you have the Window in the desired location.

Tecla Acción F1 Help F2 Rename F3 Search F4 Abrir la lista desplegable d ela barra de herramientas. F5 Refresh F6 o TAB Circula el foco por la lista F10 o ALT Pone el foco en la barra de menús ALT + ESC Desplaza el foco entre aplicaciones abiertas. ALT + TAB Abre una ventana con iconos representando los archivos y carpetas abiertos. Mantener pulsado ALT y pulsar TAB para ir al siguiente. Para ir al icono actual, soltar ALT. ALT + SHIFT + TAB Igual que el anterior, pero en sentido inverso. CTRL + ESC Abre el menú Inicio. ALT + F4 Cerrar la aplicación actual. ALT + SB Abre el menú de control de la ventana activa. (icono de la esquina superior izquierda de la ventana) SHIFT + IMPR PANT Copia la pantalla actual en el portapapeles (use Paint). ALT + IMPR PANT Copia la ventana activa en el portapapeles (use Paint). Apendice B, Windows NT Server 4.0, ISBN 1-57231-333-1. Keyboard shortcuts for Windows

  Main fixes  

  Complete fixes list  

Complete (and LARGE) list + short description : url {*****} 1998 thru 2011 ! [24/8/2011 had 854 entries]
Jul 2007 : H:\Guindous_Fix_Packs has [all 2007, 2006 down to MS06-050].

Parches de uSoft per mesos :

WinUp = parches hasta el 1 de Enero del 2008. Requiere : XP con SP2 instalado.

SP2 {KB835935} download : [ES], [EN]

SP3 - To install SP3, either Windows XP Service Pack 1a (SP1a) or Windows XP Service Pack 2 (SP2) must already be installed.

url

  Guindous Debug  

From SysInternals blog - they end up using SoftIce ...

URL

1. download and install the "Debugging Tools for Windows"
   http://www.microsoft.com/whdc/DevTools/Debugging/default.mspx
2. let's say you've installed the debugger in d:\windbg
3. if you service executable is myservice.exe then you can do
   d:\windbg\gflags /p /enable myservice.exe /debug d:\windbg\windbg.exe

   Start your service and it will pop up in the debugger and you can do whatever debugging you need.
   When you are done debugging you must do:

   d:\windbg\gflags /p /disable myservice.exe

The real nice thing about this is if you are working on a dll like say myserv1.dll and myserv2.dll. Then you can do the same thing as above except you change the /enable myservice.exe to /enable myserv2.dll. This one you have to be careful with because if you have multiple process that loads that dll then each one will pop up in the debugger when it's loaded. This is also disabled the same way as mentioned above.

BTW, this can be done for any executable not just a service also gflags can be used for much more than this. This is just one nice thing I've found over time. I guess the nice thing is that gflags handles all the registry updates for you so you don't have to do it yourself.

Garfield A. Lewis

Top

Temas misceláneos

• Notepad inserts x'EF.BB.BF at the beginning of a (large) XML file (BOM = Byte Order Mark)

• Programs that are started at Windows Logon :
  [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

  See mr Russinovich's autoruns.exe

• The programs that are started at Windows StartUp are located in
  HKLM -> Software -> Microsoft -> Windows -> Current Version -> Run #1 /winnt/profiles/egb/start menu/programs/startup [/windows/profiles is still present but mostly unused] ["egb" profile is now /Documents and Settings/egb] #2 /winnt/profiles/all users/start menu/programs/startup [/Documents and Settings/All Users] #3 HKCU/software/microsoft/windows/CurrentVersion/run (found that pesky AOL Instant Messenger here) #4 HKCU/software/microsoft/windows/currentversion/runonce #5 HKCU/software/microsoft/windows NT/CurrentVersion/windows/run #6 HKLM/software/microsoft/windows/currentversion/run #7 HKLM/software/microsoft/windows/currentversion/runonce #8 HKLM/software/microsoft/windows/currentversion/runonceex #9 HKUsers/.DEFAULT/software/microsoft/windows nt/currentversion/windows/run (this is the default user; it gets copied to each new user, so if you want something to not be copied, remove it from here.) #10 HKUsers/S-1-5-.../software/microsoft/windows/currentversion/run That's my SID, the "S-1-5-..." stuff. This is me under my SID. It is the same as #3 above #11 HKUsers/S-1-5-.../software/microsoft/windows nt/ currentversion/windows run - same as #4

  A short list :

  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

  AutoStart locations : 53 = 35 Registry + 12 files + 6 folders.

  GRC : Sub7 insinuates itself into Windows in a few clever ways. It installs in the seldom used "run=" line of the deprecated WIN.INI file. It also installs under the "Run" key of the registry. And it inserts a much smaller 10k "runner" into the Windows Shell "command/open" key. All of this pretty much guarantees that Sub7 will keep running inside the system. It's difficult to shake it loose.

• To enable or disable automatically running CD-ROMs, controlled by file Autorun.inf, do :
  • open Control Panel and double click System Properties
  • select Device Manager tab
  • double-click the CD-ROM icon and right-click your CD-ROM drive
  • select Properties and click the Settings tab
  • Uncheck the Auto insert notification check box

  Using TweakUI, one of PowerToys, this can be disabled by turning off the Play audio CDs automatically and the Play data CDs automatically options in the Paranoia tab.

To Disable Autorun url :
Windows XP Pro users: Click Start and then click Run. Type gpedit.msc and click OK. The Group Policy window will open. In the left pane, double-click Administrative Templates. In the right pane, double-click System, scroll down the list and double-click Turn Off Autoplay. In the Turn Off Autoplay Properties window, select Enabled. From the dropdown next to Turn Off Autoplay on, select All drives and then click OK. Exit Group Policy by selecting File, then choosing Exit from the menu.

• ACL modify :
  c:\> CACLS Displays or modifies access control lists (ACLs) of files CACLS filename [/T] [/E] [/C] [/G user:perm] [/R user [...]] [/P user:perm [...]] [/D user [...]] filename Displays ACLs. /T Changes ACLs of specified files in the current directory and all subdirs. /E Edit ACL instead of replacing it. /C Continue on access denied errors. /G user:perm Grant specified user access rights. Perm can be: R Read W Write C Change (write) F Full control /R user Revoke specified user's access rights (only valid with /E). /P user:perm Replace specified user's access rights. Perm can be: N None R Read W Write C Change (write) F Full control /D user Deny specified user access. Wildcards can be used to specify more that one file in a command. You can specify more than one user in a command.

• how to Disable Windows File Protection (Windows 2000/XP) - url
  Go to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] and change the value of "SFCDisable" to equal "ffffff9d" to disable WFS or "0" to enable it.

• To force an "Admin" logon at Startup, ...

       HKLM -> Software -> Microsoft -> Windows NT -> Current Version -> WinLogon
       AutoAdminLogon := 1 ;
  

• To clear the Documents menu every time you start, click on the Paranoia tab and turn on the Clear Document history at logon option.
  Or, in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  set (DWORD) ClearRecentDocsOnExit to "1".

• To remove programs listed in the Control Panel's "Add/Remove Programs" section, open

       HKLM -> Software -> Microsoft -> Windows -> Current Version -> Uninstall
  

  and delete the program entry here. Then, restart the machine.

• XP security hole - any file will be deleted if the file's name is incorporated into a URL beginning with hcp:// and IE is induced to visit the URL. Fixed in SP1.

• TaskList - when you type "Ctrl+Alt+Del" under W95, you get the Task List. Here is a page to understand its contents

  My "usual" entries are :

  • Explorer - end-user interface : desktop, task bar, start menu, etc. *** Vital ! Leave untouched ***
  • Daemon
  • Ibmbaysn - UltraBay ?
  • Systray - runs Windows System Tray, part of the Task Bar. *** Leave untouched ***
  • Navapw32 - Norton Antivirus Auto-Protect for Windows 32-bit.
  • C4ebreg - PC scan from Germany. --- Removable --- :
  • Idhelper
  • Loadwc - Internet Explorer's Load WebCheck. *** Remove *** Used this to find that.
  • Nhldaemn - Notes.
  • Nupdate - Notes.
  • Nwrdaemn - Notes.
  • Pcscm
  • Pcs_agnt
  • Pcs_srvr
  • Rxapi

• large list of startup applications. Here I found SENTRY !!!
  Mind file win.ini

• Here are a lot of good W95 tips and tricks. They have them ALL !
  • to copy a "system" floppy, use diskcopy a: a:
  • to remove manually a program :
    • HKEY_Local_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall - remove reference in the "Add/Remove Programs" tool.
    • HKEY CURRENT USER\Software\Microsoft\Windows\CurrentVersion\Run
    • HKEY LOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    • Start/Run/Msconfig/Startup

• W98 "Windows Protection Error" troubleshooting
  Run msconfig and choose Selective Startup.

• To socksify the TCP/IP stack, use
  • c:\windows\system\WSOCK32.DLL
  • c:\windows\system\HCLSOCK5.DLL
  • c:\windows\system\SOCKS.CNF
  
  Sucesor (IBM) : PIX, as Blue ICE (Internet Connection Environment) from Cisco.
  If you are behind a firewall, and ping www.yahoo.com fails, or W95 tracert, your TCP/IP stack is socksified, as PING is not socksifyable.

  SOCKS is an implementation of what is known as a circuit-level proxy. A proxy is a device that makes a connection on your behalf.
  PIX performs what is known as "stateful packet inspection".

• Windows 2000 TCP/IP Implementation details : browse or download
  Large doc ! got it. Server 2003 : also

• Windows TCP/IP troubleshooting :
  • "ping error 10043" : TCP not installed. Use winipcfg to verify it.
  • "Unable to browse the network" : did not Log into the network (initial screen).

  URL

• W2K network traffic (to Tinet)
  using netstat -an or TcpView, you can see that W2K periodically opens local port 3710 (and UP) and remote port 135, scanning ranges of IP addresses [SYNC_SENT].
  Services registered for this port ( from Neohapsis ) :
  tcp - epmap - DCE endpoint resolution
  tcp - loc-src - NCS local location broker
  udp - epmap - DCE endpoint resolution
  udp - loc-srv - location service

  135 = RPC End-Point Mapper

  Chicago University problems talk about "Port 135 is essential to the functionality of Active Directory and Microsoft Exchange mail servers, among other."

  W32.Blaster.Worm uses port 135
  See forum

  What to do ? Here they say : The simplest way to turn off 135 is to go to your Network Properties and disable File Sharing. Also, click the ADVANCED tab and DISABLE NetBIOS over TCP/IP.

  Search Google for a utility named FPORT : here

  Goto https://grc.com/x/ne.dll?bh0bkyd2 and run a port scan, and see if the port is really open or not

• IE configuration :

   HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN
   

• The file "C:\WINDOWS\Temporary Internet Files\Content.IE5\index.dat" contains information about websites you have visited, cookies you have received, etc. It is not displayed by MS Explorer, never, no way (thanks, Bill). To delete it under W95, place at the begin of "autoexec.bat", the line "deltree /Y c:\windows\tempor~1\"

  Under W2K, move it ! To find out where the real cache is, go to Internet Explorer and select Tools, Internet Options. On the General tab, click Settings. In the Settings dialog box, click View Files to bring up your real cache folder.
  URL

   1.376.256  index.dat    BEFORE
      32.768  index.dat    AFTER
  

  UnLocker, Privacy Keeper, DelIndex (no XP/NT/2000).

  Source

• startup "hot" keys :
  
  • W95. From here
    • F5 = Safe Boot.
    • F8 = boot Menu - goto "safe boot".
  • W2K
    • F8 = Safe Boot. From here
  • XP
    • F8 = Safe Boot. From here

  Remove PWL files ... forever  

By default Win95 keeps a record of passwords for everyone who logs into windows. It does this by creating a .pwl file in the windows directory. This file is encrypted, but it has been reported that it is very easy to decrypt.
To turn off this "feature" of Win95 you need to run the policy editor for Win95. This is called poledit.exe and can be found on the Win95 CD. It is not installed by default. It is located in \admin\apptools\poledit on the CD. Or get it from uSoft.
Once you start poledit, you need to "Open Registry" under the File menu. You will then see a "Local Computer" icon; double click this. Then go to Network / Passwords and check the box next to "Disable password caching". Once you restart windows, it will no longer make those silly .pwl files.

W95 produces RC4 keys of 32 bits to protecl the .pwl files. The 20 first bytes of any .pwl files contains the username, which is the same as the filename, in capitals, padded with 0x00.

RC4 is a stream cipher, it generates a long pseudo random stream that it uses to XOR the data byte by byte. This isn't necesarily weak encryption if you don't use the same stream twice: however WIN95 does. Every resource is XORed with the same pseudo random stream. What's more the 20 first bytes are easy to guess. This is easy to exploit: XOR the 20 bytes starting at position 0x208 with the user name in uppercase, and slide this string through the rest of the file (xoring it with whatever is there) . This reveals the 20 first bytes of the different resources.

  W95 startup process  

Link

The Windows 95 startup process can be broken into the following steps:

1. The read-only memory (ROM) Basic Input-Output (BIOS) bootstrap process
2. The master boot record (MBR) and boot sector
3. The IO.SYS file (must be the first entry in the root directory)
   MS.DOS must be on entry number two !
4. Real-mode configuration
5. The WIN.COM file and the Windows 95 Environment

• 1.The Power On Self-Test (POST) occurs.
• 2.The A drive is checked for the existence of a boot disk.
• 3.If a boot disk is not found in the A drive, the ROM BIOS bootstrap checks for a hard disk. If a hard disk is found, the ROM loader transfers control to the operating system loader.
• 4.The master boot record and partition table are read. Microsoft and several original equipment manufacturers (OEMs) have defined a Plug and Play BIOS specification. This specification defines the interactions between the Plug and Play BIOS, Plug and Play devices, and option ROMs. If your computer has a Plug and Play BIOS, the following additional steps are performed:
• 5.The Plug and Play BIOS checks non-volatile random access memory (RAM) for input/output (I/O) port addresses, interrupt request lines (IRQs), direct memory access (DMA) channels, and other settings needed to configure Plug and Play devices on the computer.
• 6.All Plug and Play devices found by the Plug and Play BIOS are disabled.
• 7.A map of used and unused resources is created.
• 8.The Plug and Play devices are configured and re-enabled, one at a time. Windows 95 Configuration Manager queries the Plug and Play BIOS for device information, and then queries each Plug and Play device for its configuration. If your computer does not have a Plug and Play BIOS, Plug and Play devices are initialized using their default settings when you start your computer. These devices may be reconfigured dynamically when Windows 95 starts.

Step 3 - The Io.sys File
The following steps occur when the IO.SYS file loads into memory :

• 1.A minimal file allocation table (FAT) file system is loaded.
• 2.The MSDOS.SYS file is read.
• 3.The "Starting Windows 95" message is displayed for < n > seconds, or until you press a Windows 95 function key. The amount of time the message is displayed is determined by the BootDelay=< n > line in the MSDOS.SYS file. The default is 2 seconds.
• 4.If you have multiple hardware profiles in Windows 95, you receive the following message and must choose a hardware configuration to use: Windows cannot determine what configuration your computer is in.
• 5.The LOGO.SYS file is loaded and displays a startup image on the screen.
• 6.If the DRVSPACE.INI or DBLSPACE.INI file exists, the DRVSPACE.BIN or DBLSPACE.BIN file is loaded into memory.
• 7.The IO.SYS file checks the system registry files (SYSTEM.DAT and USER.DAT) for valid data.
• 8.The IO.SYS file opens the SYSTEM.DAT file. If the SYSTEM.DAT file is not found, the System.da0 file is used for startup. If Windows 95 starts successfully, the System.da0 file is copied to the System.dat file.
• 9.The DBLBUFF.SYS file is loaded if the "DoubleBuffer=1" is in the MSDOS.SYS file, or if double buffering is enabled under the following registry key: HKLM\System\CurrentControlSet\Control\WinBoot\DoubleBuffer Windows 95 Setup automatically enables double buffering if it detects that it is required.
• 10.If you have multiple hardware profiles in Windows 95, the hardware profile you chose is loaded from the registry.
• 11.The IO.SYS file processes the Config.sys file.

• 1.The Config.sys file loads drivers into memory. If the Config.sys file does not exist, the Io.sys file loads the following required drivers:

             IFSHLP.SYS
             HIMEM.SYS
             SETVER.EXE
  

  The IO.SYS file obtains the location of these files from the "WinBootDir=" line of the MSDOS.SYS file. These files must reside on the hard disk.
• 2.Windows 95 reserves all global upper memory blocks (UMBs) for Windows 95 operating system use or for expanded memory support (EMS).
• 3.The AUTOEXEC.BAT file loads files and terminate and stay resident (TSR) programs into memory.

• 1.After the AUTOEXEC.BAT file is processed, the WIN.COM file is run.
• 2.The WIN.COM file accesses the VMM32.VXD file. If there is enough available RAM, the VMM32.VXD file loads into memory, otherwise, it is accessed from the hard disk. This may result in a slower startup time. The VMM32.VXd file is similar to the WIN386.EXE file used in earlier versions of Windows.
• 3.The real-mode virtual device driver loader checks for duplicate virtual device drivers (VxDs) in the Windows\System\Vmm32 folder and the VMM32.VXD file. If a VxD exists in both the Windows\System\Vmm32 folder and the VMM32.VXD file, the duplicate VxD is "marked" in the VMM32.VXD file so that it is not loaded.
• 4.Real-mode VxDs can be loaded into memory in any of the following ways : Real-mode device drivers or TSRs that respond to the Windows 95 INT2F broadcast load their embedded VxDs when Windows 95 starts. Drivers internal to the Vmm32.vxd file that are not "marked" are loaded from the following registry key: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD If the real-mode virtual device driver loader finds a "marked" driver, it changes its registry entry from a VxD (a driver preceded with an asterix "*") to a file with a .vxd extension so that the external driver is found in the Windows\System\Vmm32 folder. When the external driver is found, it is loaded into memory. VxDs that are not already loaded by the Vmm32.vxd file are loaded from the [386 Enh] section of the Windows\System.ini file. Some VxDs are required for Windows 95 to run properly. These required VxDs are loaded automatically and do not require a registry entry. The following VxDs are required by Windows 95:

               *BIOSXLAT   *CONFIGMG    *DYNAPAGE
               *DOSMGR     *EBIOS       *IFSMGR
               *INT13      *IOS         *PAGESWAP
               *SHELL      *V86MMGR     *VCD
               *VCACHE     *VCOMM       *VCOND
               *VDD        *VDMAD       *VFAT
               *VKD        *VMCPD       *VPICD
               *VTD        *VTDAPI      *VWIN32
               *VXDLDR
  

• 5.The real-mode virtual device driver loader checks that all required VxDs loaded sucessfully. If not, it attempts to load the drivers again.
• 6.Once the real-mode virtual device driver loading is logged, driver initialization occurs. If there are any VxDs that require real-mode initialization, they begin their process in real-mode.
• 7.Vmm32 switches the computer's processor from real-mode to protected-mode.
• 8.A three-phase VxD initialization process occurs in which the drivers are loaded according to their InitDevice instead of the order in which they are loaded into memory. The VxDs are carried out in the following sequence:
  • a.SYS_CRITICAL_INIT (SYSCRITINIT): Interrupts are disabled during this phase. This gives VxDs time to prepare for device initialization without being interrupted by the system. No file I/O is allowed during SYSCRITINIT, so all SYSCRITINITs are not written to the Bootlog.txt file until after SYSCRITINIT is complete for all VxDs.
  • b.SYS_DEVICE_INIT (DEVICEINIT) The bulk of the VxD initialization takes place during this phase. File I/O is allowed during DEVICEINIT, so each VxD's DEVICEINIT is logged as it occurs. The one exception is during Ifsmgr's DEVICEINIT. Ifsmgr takes over the real-mode file system, and disk I/O is not allowed until Ifsmgr's DEVICEINIT succeeds. For this reason, Ifsmgr does not appear in the DEVICEINIT phase. When a DevLoader VxD is called, it loads other drivers it is responsible for, regardless of their InitDevice order. The DevLoader examines the Registry and finds drivers (for example, portdrivers [such as.mpd files]) and any associated support drivers. It then initializes the device associated with these drivers. During this phase, if a VxD failed to initialize, it was unable to properly communicate with the hardware or service it drives. Typically, this is due to incorrect hardware settings or the service not being installed. The remaining static VxDs continue with the initialization phase. Also, dynamic VxDs may begin initializing during this phase. They do not have a SYSCRITINIT phase. However, a dynamic VxD may also load anytime after Windows 95 has started.
  • c.SYS_INIT_COMPLETE (INITCOMPLETE) VxDs that successfully pass the InitComplete phase should be working properly. If a VxD was listed in one of the previous phases but is not successful in this phase, that VxD is unloaded from memory. GUI Components: After all the static VxDs are loaded, the Krnl32.dll, Gdi.exe, User.exe, and Explorer.exe (the default Windows 95 shell) files are loaded.

  DLL-hell  

Side by Side was "invented" by Microsoft in order to overcome the "DLL-hell" problem. DLL-hell is where a particular dll might have multiple versions and different parts of the same program require different versions. Another form of DLL-hell is where a program is happy with the currently installed version A of a dll. At that point, a new version is installed, fixing "known bugs" in the old version. Then the program no longer works.

DLL-hell has been a problem since the early days of Windows 3.1. Furthermore, I have never heard of an application program or a software developer having the problem with their own DLL's. Translated, DLL-Hell is a term used to describe the Windows software development teams' inability to do proper design and testing of software. It's "Ain't it awful" from the Microsoft software development teams.

The update problem mentioned above could easily have been avoided if the application developers had statically linked their programs. However, no such capability exists in Windows. The reason is that generally, libraries for static linking are not provided by Microsoft. Were the applications statically linked, updating DLL's would not effect the already delivered and working application.

Static linking was not traditionally done in Windows 3.1 due to the resulting memory requirements for multiple programs running simultaneously. An interesting observation is that if you, as I did, ran only one program at a time in the brittle Windows 3.1 environment, then there was no memory benefit of a DLL. A second benefit for Windows 3.1 was the reduced disk foot print. Static linking would have the effect of multiple copies of the DLL on disk. With dynamic link libraries, only one copy of the library would be on disk -- theoretically. Practially, there were dozens of copies of the same DLL but different versions.

  USB support under W95  

• under Control Panel, select System and General tab.
  You shall have version 4.00.950 B or superior.

• to determine whether you are running OSR2.1 :
  • under Control Panel, select Add/Remove Programs and check for USB Supplement to OSR2.
  • Then, check for version 4.03.1212 of the Ntkern.vxd in the Windows\System\Vmm32 folder. This is done using Windows Explorer and selecting Properties of the file, and then clicking Version tab.

• but Sony says no-no to dscp9

Copy / Move a File

Aplicacions "rodones"

• Zone Labs - tallafocs. url
• CD Burner XP - grabacio CDs. url - requires .Net that requires "wic" ...

System crash

• CP + System Properties + Advanced + Startup and Recovery :
  c:\WINNT\Minidump\MiniMMDDQQ-nn.dmp

• c:\winnt\system32\drwtsn32.exe
  • c:\WINNT\System32\drwtsn32.log
  • c:\WINNT\System32\user.log

Tips & Tricks

• Use c:\sdwork\binwin\reboot.exe to re-boot your machine !
  Thanks, Cerys !

• Just input the string below as part of the file name any time you want the current system date and/or time included as part of the file name.
  Date: %date:~4,2%-%date:~7,2%-%date:~12,2% Time: %time:~0,2%-%time:~3,2%-%time:~6,2%

  url

• NT, 2000, XP, Server 2003 - URL :
  • How do I run a series of 'jobs' in Windows 2000, the next time a user logs on? URL
  • Microsoft has released a tool to verify the installation of Windows 2000 hotfixes. URL

• Creating program aliases :
  To create a new alias, create a sub-key, and call it the name of the alias you wish to create (e.g. "JBLOGGS.EXE").
  Modify the (default) value of the sub-key to equal the fully qualified path and filename of the application you want to be launched when you execute the alias (e.g. "c:\windows\notepad.exe")

• Word : here.

Blank Admin Pwd

  Handles are an extremely valuable resource, so leaking handles is more virulent than leaking memory. [MSDN at Process Class]  

Top

Win 7

Reqs :

• 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
• 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
• 16 GB available hard disk space (32-bit) or 20 GB (64-bit)
• DirectX 9 graphics device with WDDM 1.0 or higher driver

Windows 7 Product Guide, 62 MB : url.

To create a restore point in Windows 7:

• Inicio + Panel de control + Sistema + Seguridad + Sistema
• Clic en Protección del sistema, ubicado en el panel izquierdo
• Seleccionar la pestaña Protección del sistema de la ventana Propiedades del sistema
• Hacer clic en el botón Crear
• Ingresar un nombre al punto de restauración en la casilla de texto y hacer clic en el botón Crear
• Luego de terminar la creación del punto, se mostrará un mensaje indicando que el punto de restauración se creó satisfactoriamente.

url.

How to edit HOSTS file

Click Start button, click All Programs, click Accessories, right-click Notepad, and then click Run as administrator.

Daemon tools (per en Guille (;-)

Daemon Tools Lite 4.45.1.0236 : url.

Show filename extensions

• open "Windows Explorer" window
• click "Organize" butto
• click "Folder and Search Options"
• open "Folder Options"
• click on "View" Tab
• uncheck "Hide extensions for known file types

Links

• MSDN On-Line (***)
  Registry Functions (***)
  Registry e.p.
  RegFlushKey to write Registry to disk.
  How to use the Registry (***)

• Windows memory diagnostic

• Annoyances : Good !

• LongHorn - the three highlighted technologies for Longhorn are :
  1. Avalon - A replacement for the Windows GDI and HTML programming models.
     GUI and GUI creation.

  2. Indigo - Communication Services through Web Services. Remote procedure calls are out and Web Services are in. Remote procedure calls require tight coupling between client and server; Web Services require only loose coupling.
     Communications.

  3. WinFS - A transaction enhanced NTFS file system and a SQL engine on top. Properties of content (jpg size, jpg width and height; document authors; document key words; XML data) can all be indexed automatically.
     Removed

  WMIExplorer is a GUI built on top of PowerShell.

  Introducing Longhorn for Developers

   Longhorn supports two methods for creating applications :
  
       1. Write code -- the traditional approach
       2. Write Markup -- using Extensible Application Markup Language (XAML).
  

    64-bit is the path to Longhorn, mark my words   [egb, 28042005]

  Differences between Windows Server 2003 and Windows Server 2008 (a.k.a. Longhorn): URL

• Process library : description of lsass.exe, service.exe, svchost.exe, etc
  smss.exe : Session Manager
  lsass : Local Security Authority Subsystem

  Common Windows files : nupdate.exe
  Default Processes details - can end / cannot end.

• Windows to Linux roadmap

• Windows command line mailer : BLAT 1.88

• Total Commander

• Windows Hex editor [ Pro !!! ] From Pc World.

• Free and Good utilities :
  • AVG antivirus
  • Diskeeper Lite
  • Reg Cleaner

• Boot from CD : ERD Commander 2002

• Register Backup : ERUNT
  The Export registry function in Regedit is USELESS for making a complete backup of the registry. Neither does it export the whole registry (for example, no information from the "SECURITY" hive is saved), nor can the exported file be used later to replace the current registry with the old one. Instead, if you re-import the file, it is merged with the current registry without deleting anything that has been added since the export, leaving you with an absolute mess of old and new entries.
  URL

• search Microsoft KB (Support Knowledge Base)

• FTC recomienda ... DriveSnapShot [ better than GHOST !!! ]

• XP and W2K boot CD : Bart's PE Builder URL

• NAV : NAVCPU & NAVWHEN

• XP Experts NewsGroup : U/K := bacardinet@hotmail.com/KpGrs
  How to set AutoReboot Off without Control Panel ? Start here: "Resources for Troubleshooting Startup Problems in Windows XP" URL

• uSoft W2K Server HowTo's list

• uSoft System Eror Codes

• Inside the Native API [SysInternals]

• Outlook versions

• WIN32 programming FAQs

• Register Hack tips

• How to surf and read e-mail safely as an Administrator !?!?!? (uSoft)

• Win Links

• Bink.nu - uSoft news, technology and downloads.

• Open ?

• Stop WGA notifications

• Top 15 most controversial Microsoft quotes

• Mark Minasi's W Tech letter. @/k

• Windows products lifecycle index (by product), policy (& roadmap), select a product.

  Few samples : W2000Pro = Mar 2005. WXPPro = Jan 2009. W2000Server : soporte técnico = 2005; soporte ampliado = 2010.

• Intel Core 2 problems : Intel problem list, Geek,

• Excel can't multiply ? Que diu uSoft. Una altra opinió. Va de "IEEE 754" ...

• How to use Registry Editor to identify an unknown PCI device

• Auto actualitzacions ? (WU)

• New Passport account

• uS protocols

• PowerShell free book, 567 pages.

• SteadyState.

• Windows Installer Cleanup Utility.

• Ninite : install multiple apps at once without toolbars or clicking Next. Gracias, Bruno !

• cygwin - a Linux-like environment for Windows - on LinuxJournal. PuttyCYG - a local Cygwin terminal to be used instead of the Windows console or xterm. Gracias, Bruno !

• Applications launcher : Rocket Dock (Gabriel) o Launchy (Bruno).

• xPlorer 2 Lite

• Previous page

• C cleaner.

• Back to main page

• Site map

• Escriu-me !

Site under construction.

Updated 8/2/2012 (a).