uSOFT items

STOP messages ( also known as BSOD ! )

• sfc /scannow - requires RPC server, not available in Safe Mode ...
• HijackThis
• review \SOFTWARE\Microsoft\Windows\CurrentVersion\Run, using "AutoRuns" or MsConfig
• Control Panel + Remove (last installed) program
• Device Manager
• TroubleShooting the Stop Error.
• Interesting : start "Last Good Known Configuration". Also : "System Restore" (All Programs, Accessoires, System Tools, System Restore).
• saving STOP messages to a file : select it in Control Panel + Recovery : "Write Debugging Information TO" ... %SystemRoot%\MiniDump
• mini-dump and BSoD viewer
• S'hi escriuen fitxers "*.DMP"
  Per obrir-los : DumpChk.exe - article + KB article Q315263
• Set "AutoReboot" to "OFF" at Control Panel + Recovery How to do it ? [/]
• install Debugging Tools from Windows SDK (for Windows 7 and .NET Framework 4) url. See Analyzing the Windows Crash Dump File

Top

mklink - a command line tool used to create Hard Links, Symbolic Links and Junction Points.

Jo faig servir:

It displays as :

Advantages list

Some programs don't let the user choose the installation directory, or install some of their files to the C: drive even when they are installed to a different drive. By creating a junction point, the program can be tricked into installing to a different directory.

Junction points are transparent to programs.

You can surpass the 26 drive letter limitation by using NTFS junction points.

The unspoken problem with VISTA is that 50% of all applications don't work on VISTA. Microsoft has taken a nonlinear jump, condemning 50% of the world's software investment to the trash heap. This is the opportunity of a lifetime for competitors. It's the break all should be ready to jump on. [egb]

• Bypass
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SL\SkipRearm := "1" ; + slmgr -rearm or rundll32 slc.dll,SLReArmWindows
• See expiration date :
  slmgr -xpr
• activation grace period reset to 30 days :
  rundll32.exe syssetup,SetupOobeBnk

  Restart the machine.

• see certificate expiration

• Mark Russinovich

As Auto-Tuning !?

To create a system cmd.exe box on VISTA or XP, use version 1.73 of psexec.exe command.
psexec -s cmd will create a cmd.exe box on VISTA and XP running in the SYSTEM account. On Vista, the psexec.exe executable should be marked with a "run as administrator" property.

Furthermore, if the "workstation" and "server" services are running and file sharing is enabled (not the simple file sharing) on a target machine ("\\systemname" below), psexec \\systemname -s cmd will create a cmd.exe box on the local system that is executing on the \\systemname system using the SYSTEM account on the remote machine.

• Vista for Forensic Investigators, part 1 and part 2.

• Measuring performance

• Allow unsigned drivers
  To allow unsigned drivers on 64-bit Windows there are some options:
  1. Boot Windows holding down F8 key and select "Disable driver signature enforcement". This works for the that boot session alone.
  2. From an elevated cmd.exe prompt, type:
     bcdedit -set loadoptions DDISABLE_INTEGRITY_CHECKS

     To re-enable "INTEGRITY" checks type:

     bcdedit -set loadoptions DENABLE_INTEGRITY_CHECKS

  url

Top

Monitoring Registry Activity During the Boot Process

To use Regmon's boot logging feature simply select the "Log Boot" menu entry. Regmon will indicate that starting the next time the system boots Registry activity will be monitored and recorded to a log file named REGMON.LOG in your system root directory. When you make this selection Regmon configures itself as the very first driver to initialize in the system, enabling it to capture the Registry startup activity of all other device drivers and services, including critical boot drivers such as SCSI miniport drivers and boot file system drivers.

url

Download All Suite !

Top

Sync Toy.

Top

FIPS Publications
http://csrc.nist.gov/publications/PubsFIPS.html

NIST Special Publications, including the XP configuration guide [XP configuration guide is SP 800-68]
http://csrc.nist.gov/publications/PubsFIPS.html

CERT/CC Advisories
http://www.cert.org/advisories/

Deploying Windows XP Service Pack 2 using Software Update Services
http://technet.microsoft.com/en-us/library/bb457097.aspx

Get Started Using Remote Desktop
http://www.microsoft.com/windowsxp/using/mobility/getstarted/remoteintro.mspx

The Windows XP Wireless Zero Configuration Service
http://technet.microsoft.com/en-us/library/bb878124.aspx

How to configure file sharing in Windows XP
http://support.microsoft.com/?id=304040

Universal Plug and Play in Windows XP
http://technet.microsoft.com/en-us/library/bb457049.aspx

Changes to Functionality in Microsoft Windows XP Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyID=7bd948d7-b791-40b6-8364-685b84158c78&DisplayLang=en

A detailed description of the Data Execution Prevention (DEP) feature in Windows XP
http://support.microsoft.com/kb/875352

Step-by-Step Guide to Internet Protocol Security (IPSec) [Dated Feb 17, 2000]
http://technet.microsoft.com/en-us/library/bb742429.aspx

IPSec [much newer]
http://technet.microsoft.com/en-us/network/bb531150.aspx

Basic Storage Versus Dynamic Storage in Windows XP
http://support.microsoft.com/?id=314343

SYSPREP
How to Use Sysprep: An Introduction
http://technet.microsoft.com/en-us/library/bb457073.aspx
How to use the Sysprep tool to automate successful deployment of Windows XP
http://support.microsoft.com/kb/302577
How to use Sysprep with Windows Product Activation or Volume License Media to deploy Windows XP
http://support.microsoft.com/kb/299840
How To Use the System Preparation Tool (Sysprep.exe) to Perform Disk Duplication
http://support.microsoft.com/kb/298491
Unsupported Sysprep scenarios
http://support.microsoft.com/kb/828287/
Sysprep functions and known issues
http://support.microsoft.com/kb/928386
Best Practices for Using Sysprep with NTFS Volumes
http://support.microsoft.com/kb/240126
How to Use Sysprep in Factory Mode [OLD]
http://technet.microsoft.com/en-us/library/bb457069.aspx
Updated System Preparation tool for Windows Server 2003 SP1
http://support.microsoft.com/kb/892778
Updated System Preparation tool for Windows Server 2003 SP2
http://support.microsoft.com/kb/926028
Updated System Preparation tool for Windows XP Service Pack 2, Windows Server 2003, and Windows XP Tablet PC Edition 2005
http://support.microsoft.com/kb/838080
How Sysprep Works
http://technet2.microsoft.com/WindowsVista/en/library/fd2f79c9-3049-4b8c-bcfd-4e6dc5771ace1033.mspx?mfr=true
Known issues that affect program deployment when you use Sysprep
http://support.microsoft.com/kb/814616
Sysprep Technical Reference
http://technet2.microsoft.com/WindowsVista/en/library/434e3931-a187-4940-a69c-70dd2ae657491033.mspx?mfr=true

Quick Guide to Preinstalling Windows
http://support.microsoft.com/kb/314472

Automated System Recovery overview in Windows XP
http://support.microsoft.com/kb/818903

How Windows RE Works
http://technet2.microsoft.com/WindowsVista/en/library/d807a440-90ce-4457-a23a-359ff2c9b9bf1033.mspx?mfr=true

Microsoft Windows XP Hotfix Installation and Deployment Guide
http://www.microsoft.com/windowsxp/downloads/updates/sp1/hfdeploy.mspx

How to install multiple Windows updates or hotfixes with only one reboot
http://support.microsoft.com/?id=296861

Qfecheck.exe verifies the installation of Windows 2000 and Windows XP hotfixes
http://support.microsoft.com/?id=282784

EST 2007 10 October 9 v2 Enterprise Scan Tool (standalone) [Enterprise Scan Tool for detecting if systems need hotfixes]
http://www.microsoft.com/downloads/details.aspx?FamilyId=744D6092-A928-45A2-B9AA-F5F8A628E083&displaylang=en&displaylang=en

Microsoft Baseline Security Analyzer
http://technet.microsoft.com/en-us/security/cc184924.aspx

Windows XP Security Guide
http://www.microsoft.com/downloads/details.aspx?FamilyId=2D3E25BC-F434-4CC6-A5A7-09A8A229F118&displaylang=en

Windows Vista Security Guide
http://www.microsoft.com/downloads/details.aspx?familyid=a3d1bbed-7f35-4e72-bfb5-b84a526c1565&displaylang=en

Group Policy Settings Reference
http://www.microsoft.com/downloads/details.aspx?FamilyID=7821c32f-da15-438d-8e48-45915cd2bc14&displaylang=en

Windows Server 2003 System Services Reference
http://www.microsoft.com/downloads/details.aspx?FamilyID=b38a0682-2997-4678-9d9e-a07cc66a3bba&displaylang=en

IPSec default exemptions are removed in Windows Server 2003
http://support.microsoft.com/?id=810207

Well-known Security Identifiers In windows Operating Systems
http://support.microsoft.com/kb/243330

1. run (regedit) and locate the HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\Current Version\WPAEvents registry key.
2. click on the WPAEvents folder, locate OOBETimer, and right-click on the OOBETimer entry and choose Modify from the resulting menu. Change at least one digit in the Value data text box and click OK. This will deactivate Windows XP.
3. feel free to close Registry Editor at this point.
4. in a CmdLine box, run this command : %systemroot%\system32\oobe\msoobe.exe /a
5. when the "Let's activate Windows" window appears, choose "Yes, I want to telephone a customer service representative to activate Windows" and then click Next.
6. click the Change Product Key button at the bottom of the window. Don't worry about filling anything out on this screen. Type your new, valid Windows XP product key in the New key: text boxes and then click the Update button.
7. (reboot) you should now reactivate Windows XP by following the instructions on the Activate Windows by phone window which you should now be seeing or via the Internet by clicking the Back button and following the instructions on that screen.
8. if you'd rather postpone activating Windows XP until a later date, you can click the Remind me later button.
9. after activating Windows XP, you can verify that activation was successful by repeating steps "run msoobe.exe". The Windows Product Activation window that appears should say "Windows is already activated. Click OK to exit."

url

Top

Es guarga la configuracio HW als fitxers

Se'n pot fer backup/restore en mode "Minimal Safe" ...

url

Task scheduler XP

set a cron job - stackoverflow

• XP downloads : SP3, wallpaper, PowerToy ...
• change display resolution in safe mode :
  1. start going into Safe Mode using F8
  2. when "start SafeMode" menu comes up, select "Enable VGA" - now Display Resolution can be changed and stored !
• bluetooth icon on desktop :
  1. Start -> Control Panel -> Bluetooth Devices
  2. click the Options tab -> click "Show the Bluetooth Icon in the notification area"
• Invisible cmd

  Verify scripting is enabled : type wscript in the Start/Run dialog.

  Save this one line of text as "invisible.vbs":

  CreateObject("Wscript.Shell").Run """" & WScript.Arguments(0) & """", 0, False

  To run any program or batch file invisibly, use this TSK_INV.cmd:

  wscript.exe "C:\Wherever\invisible.vbs" "C:\Some Other Place\MyBatchFile.bat"

  url, more info.

• to run it every 15 (iddle) minutes:
  • tschd + general : ejecutar solo cuando el usuario haya iniciado sesion
  • tschd + general : ejecutar con los privilegios mas altos
  • tschd + general : oculta
  • tschd + desencadenadores : "una vez", inicio = 01/11/2012, 16:35:55
  • tschd + desencadenadores : repetir cada 10 minutos
  • tschd + desencadenadores : habilitado
  • tschd + acciones : c:\path\tsk_inv.cmd
  • tschd + condiciones : iniciar la tarea solo si el equipo esta inactivo durante 5 minutos
  • tschd + condiciones : esperar a que este inactivo durante 1 minuto

  Interesting items to include:

  • echo Inici > f1.txt
  • time /t >> f1.txt
  • hostname >> f1.txt
  • ipconfig | find "IPV4" >> f1.txt
  • netstat -ano | find "22" >> f1.txt
  • tasklist | find "sshd" >> f1.txt
  • sendEmail -a f1.txt

• remove "Bluetooth Sites" : "Start > Control Panel > Display > Desktop > Customize Desktop > Clean Desktop > Check "My Bluetooth Places" > Next > OK".

• System Info : "Start" + "Run" + " msinfo32.exe (o Accessories + System Tools + System Information)
  See "Software Environment" + "Startup Programs" (altogether with Event Log), or "Components" + "Problem Devices" - see "PNP Devide ID"

• dxva_sig.txt file is generated after playing video.

• Cannot create toolbar : this issue might happen if the Quick Launch folder is missing from this location: %Appdata%\Microsoft\Internet Explorer\Quick Launch

  To resolve the issue, you need to execute the following command at the Run dialog box: IE4UINIT.EXE
  The above command creates the Quick Launch folder automatically. If the issue still persists, re-register the following two files (Simply execute the commands one after the other at run dialog box):
  REGSVR32 /i SHELL32.DLL
  REGSVR32 /i BROWSEUI.DLL

  Restart Windows and enable the Quick Launch Toolbar.

• NumLock initial state :
  HKEY_USERS\.DEFAULT\Control Panel\Keyboard\InitialKeyboardIndicators = 0 ; HKEY_CURRENT_USER\Control Panel\Keyboard\InitialKeyboardIndicators = 0 ;

• open "Safe Remove Device" dialog : rundll32.exe shell32.dll,Control_RunDLL hotplug.dll

• Unknown device (without driver) :
  • msinfo32 + Software Environment + Startup Programs : relate prog name to Event log error message.
  • msinfo32 + Components + Problem Devices : see PNP Device ID
  • \\%SystemRoot%\Setupapi.log file

  url

• Ctrl + Alt + Del not working ? Try Ctrl + Shift + Escape !

• how to use CTRL + ALT + DELETE while using Windows Remote Desktop / Terminal Services : Use CTRL + ALT + END !

• Create a New restore Point :
  Go to Start > Programs > Accessories > System Tools and click "System Restore". Choose the radio button marked "Create a Restore Point" on the first screen then click "Next".

  How to use & create.

  You can delete all "restore points" by checking on "Turn off Restoring" ...

• XP Support ends on April 14, 2009

• El administrador ha deshabilitado la modificación del Registro.
  Abrir la consola Directivas de grupo, gpedit.msc, escoger "Configuración de usuario > Plantillas administrativas > Sistema", y Deshabilitar la opción "Impedir acceso a la herramienta de edicion de Registro"

• How do you perform a reinstallation of Windows XP, sometimes called a repair installation?

  Configure your computer to start from the CD-ROM drive. Then insert your Windows XP Setup CD, and restart your computer.

  1. When the Press any key to boot from CD message is displayed on your screen, press a key to start your computer from the Windows XP CD.
  2. Press ENTER when you see the message "To setup Windows XP now", and then press ENTER displayed on the "Welcome to Setup" screen.
  3. Do not choose the option to press R to use the Recovery Console.
  4. In the Windows XP Licensing Agreement, press F8 to agree to the license agreement.
  5. Make sure that your current installation of Windows XP is selected in the box, and then press R to repair Windows XP.
  6. Follow the instructions on the screen to complete Setup.

  url, url

• TaskList and more Command Line commands
  C:\> tasklist /svc Image Name PID Services ========================= ====== ===================================== winlogon.exe 2036 N/A services.exe 332 Eventlog, PlugPlay lsass.exe 336 PolicyAgent, ProtectedStorage, SamSs ibmpmsvc.exe 532 IBMPMSVC svchost.exe 564 DcomLaunch, TermService

• RAMDISK

  To install the bus driver on Windows XP and later operating systems:

  1. Double-click Add Hardware in Control Panel.
  2. At the Welcome to the Add Hardware Wizard, click Next.
  3. Click Yes, I have already connected the hardware, and then click Next.
  4. Click Add a new hardware device from the list, and then click Next.
  5. Click Install the hardware that I manually select from a list(Advanced), and then click Next.
  6. Click Show All Devices, and then click Next.
  7. Click Have Disk, make sure that A:\ is in the Copy manufacturer's files from: box, and click OK.
  8. Click the desired entry, and then click Next.
  9. At The wizard is ready to install your hardware, click Next.
  10. Click Finish.

  url

• [egb] For imaging of Windows systems, I recommend the WAIK tools. They are free and reasonably easy to use.
  I used WinPE and the tools in the WAIK (Windows Automatic Installation Kit) which is a free Microsoft download. The way the tools works is you boot WinPE from a bootable CD that you build from the WAIK. Once you are booted you can save the system drive to another drive. Basically, you use
  imagex.exe /capture ... --> Creates a *.wim image

  to save from the old drive to the temporary drive and

  imagex.exe /apply ... --> Restores from the *.wim image

  to restore the saved image to the new drive.

• SP3 setup cannot copy the file ATAPI.SYS : remove Alcohol 120% & Daemon Tools.

• remove "Language bar" forever : regsvr32.exe /u msutb.dll ;
  Re-register : regsvr32 msutb.dll + IPL (?)

  \\HKCU\software\microsoft\CTF\LangBar\ShowStatus=4

  Restart process ctfmon.exe

• after Blue Screen Of Death : remove "reiniciar automaticamente" from "Inicio y Recuperacion" en Propiedades del Sistema.

• Automatic Updates after SP2

• com treure "Podria ser víctima de una falsificación de software" / "you may be a victim of software counterfeiting" : url o url :
  Rename {c:\windows\system32} wgalogon.dll and wgatray.exe

  WGA = c:\windows\system32\KB905474\ ;

• "esta copia de office no es original" -> remove :
  http://www.microsoft.com/genuine + validar + reemplazar c:\win\system32\OGACheckControl.dll {v 1.6.28.0} + validar (IE only).

  Receta - buscas el proceso "WGATray.exe" y lo matas. Ir a la carpeta "windons32", y eliminar estos 3 archivos:

  • OGAAddin.dll
  • OGACheckControl.dll
  • OGAVerify.exe (OGAEXEC.exe)
  1. Arranca el Windows Task Manager (Ctrl+Alt+Del).
  2. Mata el proceso wgatray.exe con el Task Manager.
  3. Reinicia Windows XP en Modo Seguro (Safe Mode).
  4. Borra el archivo WgaTray.exe de c:\Windows\System32.
  5. Borra el archivo WgaTray.exe de c:\Windows\System32\dllcache.
  6. Ve a Inicio->Ejecutar "RegEdit"
  7. Ir a la carpeta HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft Windows\ NT\CurrentVersion\Winlogon\Notify
  8. Borra la carpeta "WgaLogon" y todos sus contenidos
  9. Reinicia Windows XP.

• SlipStream :

  Next time you reinstall Windows with that old installation disc, you don't want to connect your fresh, unpatched and vulnerable system to the internet only to download 176 new updates from Microsoft. If your XP installation CD is older than 2004, once your system is online, you'll have to wait for hefty service packs to download, chained to your mouse while pushing the Next button, watching progress bars, and rebooting multiple times. Wouldn't it be better to start your installation, head out to run errands or grab coffee, and come back to an up-to-date system before your system gets online? It's possible, using some free software and a blank disc. After the jump, I'll show you how to create an automated, customized XP installation CD or DVD, that includes Microsoft's official-but-not-released Service Pack 3 for Windows XP.

  It is done using nLite

  Guides hot to do it :

  • Winsupersite
  • HelpWithWindows
• Qfecheck.exe proporciona a los administradores de red capacidad para comprobar los hotfixes de XP instalados.
  Uses HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates

• to remove IE from Desktop :
  • right-click the Desktop and click Properties.
  • click the Desktop tab.
  • click Customize Desktop.
  • click the General tab, and then click the icons that you want to place on the desktop.

  url

• MSDTC - Distributed Transaction Coordinator - quin nom te el seu log ?
  msdtc -resetlog msdtc -uninstall msdtc -install
  
  url

• How to remove "unread message count" at Logon
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\UnreadMail\ key MessageExpiryDays ( DWORD ) := 0 ;

• to temporarily use the classic logon screen, press Ctrl+Alt+Del twice on the Welcome logon screen.

  url

• System requirements : 128 MB RAM, 1'5 GB HD, 300 MHz CPU.

• Troubleshooting XP :
  • How to know which process has locked a file (as Perflib_Perfdata_1e4.dat)
    The process can't acess the file 'cause it is being used by another process

    Win Server 2003 Resource Kit Tools - rktools.exe (12 MB) - OH.exe = Open Handles.

    OH {locked_filename} > {output_filename} The system global flag "maintain object type lists" is not enabled for this system. Please use oh +otl to enable it and then reboot.

    Can also use WhoLockMe

    Neither do detect Daemon Tools !?!?!?

  • Dependency Walker

• Safe Mode Boot options [F8]

• como desactivar hibernación :
  • Click en Inicio, Panel de Control
  • Doble click en Opciones de Energia
  • Click en la pestaña Hibernacion, desmarca la casilla de seleccion de "Habilitar hibernacion" y click en Aplicar, luego Aceptar.
  • reinicia el computador; el archivo Hiberfile.sys será automaticamente eliminado

  url

• Physical Address Extension : poner /PAE en boot.ini - Permite que las aplicaciones usen hasta 3,5 GB de memoria.

• comandes RARES / comandos especiales / shortcuts :

  • net accounts : display properties

  • gpupdate /f - Group Plicies update (forced)

  • schtasks /?

  • esentutl

  • fsutil

  • sfc - verifica versiones de archivos de sistema.

  • sc is a command line program used for communicating with the NT Service Controller and services "instsrv"
    sc /? {plus answer "YES" to see details !} sc query : display running services sc query type= service state= inactive : display stopped services sc query type= service state= all : display all services

  • regsvr32 - register a DLL

  • dumpel.exe : dump event log in text mode

  • *.msc - used by Microsoft Management Console (MMC)
    • compmgmt.msc - Computer Management
    • devmgmt.msc - Device Manager {***}
    • diskmgmt.msc - manage all your disks, partitions, etc {***}
    • eventvwr.msc - Event Viewer
    • gpedit.msc - Group Policy Editor
    • gpmc.msc - Group Policy Management Console
    • perfmon.msc - Performance Monitor
    • secpol.msc - Local Security Policy Editor
    • tpm.msc - TPM management (Trusted Platform Module)

    The gpedit.msc is broader. The secpol.msc is narrower and focuses more on security related registry entries.

  • diskpart.exe - view, add, remove, resize, move ... partitions
    c:\> diskpart Microsoft DiskPart version 6.1.7601 Copyright (C) 1999-2008 Microsoft Corporation. On computer: YIP250RH DISKPART> list disk Disk ### Status Size Free Dyn Gpt -------- ------------- ------- ------- --- --- Disk 0 Online 298 GB 0 B Disk 1 Online 465 GB 1024 KB

  • dfrg.msc - defragment a hard disk.

  • WMIC = Windows Management Instrumentation Command-line ; url.
    wmic product > c:\prod.txt = productes instalats !

• net start
  C:\> net start These Windows services are started: IBM MQSeries VNC Server Version 4

• Windows Update :

  Stop it :

  net stop wuauserv

  Restart :

  net start wuauserv

  or reboot machine.

  Force the system to see if there are any patches that apply:

  wuauclt /scannow

  Useful for times when a patch won't be applicable until another is installed or you just installed a new product like office that wasn't there before.

  Force a query to the WSUS server to see if there are any updates that are needed :

  wuauclt /detectnow

  Probably you want to run the scannow before the detectnow ...

  Force the client to send updated status to the WSUS server :

  wuauclt /r /ReportNow

  Update log : %systemroot%\WindowsUpdate.log

  url

• boot XP from an USB drive ! [sep07]

• svchosts.exe

• Tired of the litle red shield in their taskbar ? a) Turn on autoupdates b) Open Control Panel then Security Centre. On the left are 4 paragraphs in blue. Click on the last one "Change the way Security Centre alerts me" Untick the middle box.

  url

• Disable/enable System Restore :
  • log in as SysAdmin
  • select My PC, right button, Properties
  • select System Restore tab

• Use this Product Key : [CD key, serial number, s/n]
  Sin = RHKG3-8YW4W-4RHJG-83M4Y-7X9GW (***) T42 = HCBR8-FGC2K-RY7BM-HM3KT-BKVRW Airis = RFJMD-G8FGK-W8BM4-23D8Q-YBMC6 P4(2/9) = RHKG3-8YW4W-4RHJG-83M4Y-7X9GW Kayak = RAP = RFJMD-G8FGK-W8BM4-23D8Q-YBMC6 HP = Bertran = RHKG3-8YW4W-4RHJG-83M4Y-7X9GW Pro_SP3 = V2C47-MK7JD-3R89F-D2KXW-VPK3J ;
  instead of FCKGW-RHQ 2-YXRKT-8TG6W-2B7Q8

  How to display it or display it. How to change it

  2003 [k]

• How to set a password hint as a precaution
  1. Log on to your computer.
  2. Click Start, and then click Control Panel.
  3. Double-click User Accounts.
  4. Click your user account, and then click Change my password.
  5. Enter your current password, enter a new password, and then enter the new password again to confirm it.
  6. Enter the password hint, and then click Change Password.
  7. The change will take effect the next time that you log on.

• com es treu el missatge "Your computer might be at risk" ???

• .Net Framework : (wiki) is a software framework. Programs written for the .NET Framework execute in a software environment (as contrasted to hardware environment) known as the Common Language Runtime (CLR), an application virtual machine that provides important services such as security, memory management, and exception handling. The class library and the CLR together constitute the .NET Framework.

  Download 1.1, 2.0, 3.0. .Net 4.0 installer : url
  Disk Space Requirements: 2.0 = 23 MB, 3.0 = 280 MB (x86), 4.0 = 869 KB !

  How to know which one does a machine have ?

  dir *. at c:\WINDOWS\Microsoft.NET\Framework
  url

  To remove it, use this tool from here : ".NET Framework Cleanup Tool User's Guide"

• ibmprc.exe
  Password synchronization is a feature that allows the end user to have their Windows password and their pre-desktop area password match. Each time a member of the administrator group changes the Windows password, the administrator user will be prompted to update the pre-desktop password. If this is not desirable, it can be disabled. To disable the password synchronization dialog, delete the following registry key:
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IBMPRC"="C:\IBMTOOLS\UTILS\ibmprc.exe"

  url

• XP validation.

• unhide hidden optional components in "Add/Remove Windows Components" in Control Panel :
  1. edit \windows\inf\SYSOC.INF
  2. remove the "HIDE" option from second to last parameter.

• remove "Visual Effects" : Control Panel + System + Advanced Options + Rendimiento + Optimizar Rendimiento (16 settings).

• EULA KB 890830 - comes back again and again.

• Hide Users on the Welcome Screen

  When you add an account for certain users with Windows XP, their user names will appear on the Welcome Screen. Sometimes a user needs to be added to a Windows XP machine, because he needs access (via the network) to resources on the machine, but he will not be physically logging in on the computer. You can remove his name from the Welcome Screen, while still maintaining the user account.

  Start the Registry Editor. Go to

  HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList \

  Right-click an empty space in the right pane and select

  New > DWORD (32-bit) Value

  Name the new value exactly as the Username : "db2admin", "mqm", etc. Leave the Value data as 0 if the user must be hidden. Close the registry editor.

  If you want to enable this user again on the Welcome Screen, either double-click the Username value, and change the Value data to 1, or delete the Username field.

• Tweak UI XP download

• Power Toys - as Open Command Window Here , PowerCalc, DeskMan, HTMLSlideShow, ... (XP only). CmdHere.

• go to command line from GUI :
  regedit HKEY_CLASSES_ROOT\Directory\shell Nueva Clave "DosHere" Información de Valor := "Ir a DOS" Nueva Clave := Command Información de Valor := 'c:\windows\system32\cmd /k cd "%1"'

• command list : netsh, tree, getmac, etc [C:\WINDOWS\system32\] - complete !

• Com nassos s'esborra la carpeta c:\Archivos de Programa\xerox\nwwia ?

• chkdsk no se puede abrir el volumen para acceso directo - com mirar qui te agafat el disc ?

• missatge there are unused icons on your desktop

  Control Panel + Display + Desktop + "Customize desktop" + uncheck "run desktop cleanup wizard every 60 days"
  url

• to LogOff another user, use Ctrl+Alt+Del keysequence to get to WTM, then select the Users tab ...

• Disable Simple File Sharing - necessary in order to enable the creation of Access Control Lists for shared disks and folders
  1. Click Start | My Computer | Tools | Folder Options | View.
  2. Scroll to the bottom of the list of advanced settings and un-check Use Simple File Sharing (Recommended).
  3. Click OK.

• SendTo - it is hidden by default ...
  Open Tools, then Folder Options - on the View tab, click Show hidden files and folders.

  c:\Documents And Setting\SendTo

  Can use "SendTo" command to open the folder ... url

• Thumbs.db

  Para que no se cree este fichero, hay 2 opciones :

  • click en Mi PC, abrir menú Herramientas. Selecciona Opciones de Carpeta. Click en Ver y selecciona No alojar en caché las vistas en miniatura - Activa esta opción.
  • abrir HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced y en la clave DisableThumbnailCache cambiamos el valor a 1.

  Para borrar los ya existentes :

  1. Ejecutamos en una consola DOS el comando dir /s /ash /b /n Thumbs.db > borrar.bat
  2. Abrimos el fichero borrar.bat y reemplazamos C:\ por del /ash "c:\ Después cambiamos los .db por .db"
  3. Sólo queda ejecutar el fichero borrar.bat

• Recent Documents
  • to display the My Recent Documents folder on the Start menu:
    1. Right-click Start, and then click Properties. Or, if the Start menu is already displayed, right-click an empty area of the Start menu, and then click Properties.
    2. Click Customize.
    3. Click the Advanced tab.
    4. Under Recent documents, click to select the "List my most recently opened documents" check box, click OK, and then click OK. The next time you click Start, the My Recent Documents command is displayed on the Start menu.

  • To Open a Recently Used Document :
    Click Start, point to My Recent Documents, and then click the item you want to open.

  • To Clear the Contents of the My Recent Documents Folder :
    1. Right-click Start, and then click Properties. Or, if the Start menu is already displayed, right-click an empty area of the Start menu, and then click Properties.
    2. Click Customize.
    3. Under the Advanced tab button, there is a "Sort" button and a "Clear" one - use it !

• Documentation

• XP re-install - URL - URL

• Resources for Troubleshooting Startup Problems in XP

• Troubleshooting STOP messages

• using Task Manager : right-click an empty space on the taskbar, and then click Task Manager
  In Windows 95/98/ME you can bring up the Task List by pressing Ctrl+Alt+Del.
  In Windows NT4/2000/XP/2003 you bring up the Task List by right-clicking on the Task Bar and choosing "Task Manager".
  Task list url or url
  The "mini-mode" or "small footprint mode" has no TABs - double-click on the border to get the TABs back, or Ctrl-TAB to change from one to the next. Read about "Tiny Footprint mode"

  Get this one !
  Symbols are not currently configured.
  You must configure symbols in order to view thread start address and stack inofrmation. Install the Microsoft Debugging Tools for Windows Package and configure a symbol server address in the Options | Configure Symbols dialog for the best symbol support.

  Com es fà per posar els simbols al ProcExplorer ?

  url !

• Recovery Console - Administrator password is used at this moment ! Again

• Administrator password :
  • how to log on : start XP in Safe mode or (XP Pro) press CTRL+ALT+DEL twice at the Welcome Screen and input Admin password.
  • how to display at Welcome Screen :
    • Regedit
    • HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ SpecialAccounts \ UserList
    • Right-click in the right pane and select New DWORD Value.
    • Type-in Administrator as the value.
    • Double-click Administrator, and assign a value of 1

    url

  • when is it used :
    • to reset a User's password
    • to use the Recovery Console

• startup Hot Key : F8
  After the Power On Self test (POST), press the F8 key - here

• Recovery Console commands - read here :
  • ATTRIB
  • BATCH
  • CD
  • CHDIR
  • CHKDSK
  • CLS
  • COPY
  • DEL
  • DELETE
  • DIR
  • DISABLE
  • DISKPART
  • ENABLE
  • EXIT
  • EXPAND
  • FIXBOOT - write a new bootsector to the partition c:
  • FIXMBR - write a new MBR (\Device\HardDisk0\Partition0) - removes BM and boots XP again.
  • FORMAT
  • HELP
  • LISTSVC
  • LOGON
  • MAP
  • MD
  • "MKDIR
  • MORE
  • RD
  • REN
  • RENAME
  • RMDIR
  • SYSTEMROOT
  • TYPE

Top

"devmgmt.msc" or "mmc devmgmt.msc"

Dial a Fix.

url:
Click Start, Run and type gpedit.msc. Navigate to the following location: Computer Configuration -> Administrative Templates -> Windows Components -> Windows Update. In the right-pane, double-click Configure Automatic Updates and set it to Not Configured

Servei que cal : "Windows update Service".

Bon resum.

Top

Enable via Group Policy

1. Open registry on the HKEY_LOCAL_MACHINE
2. Find the subKey = SYSTEM\CurrentControlSet\Services\TcpIp\Parameters
3. Set data for the value "HostName"
4. Find the subKey = SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName
5. Set data for the value "ComputerName"
6. Reboot your PC and HostName will be set.

In order to configure TCP/IP settings such as the IP address, Subnet Mask, Default Gateway, DNS and WINS addresses and many other options you can use Netsh.exe, available on Windows 2000, Windows XP and Windows Server 2003.

url

Clear ARP cache :

In Windows Server 2008 Core installation, the only way to setup IP Address eithe Static or DHCP is from the command line. See here

Top

Use the devcon tool:

display network devices

display device status (mind "@" and dbl quotes)

disable/enable net card

scan for new HW

reboot

url

Top

Registry entries for the W32Time service (win 2000) :

Use net time command to modify NtpServer, or restart the windows time service using "net stop w32time" and "net start w32time" commands

• url,
• url.
• Basic operation of the Windows Time service : W32Time is a fully compliant implementation of the Simple Network Time Protocol (SNTP) as detailed in IETF RFC 1769
• NTP tools : w32tm.exe ! The W32Time service is not a full-featured NTP solution that meets time-sensitive application needs and is not supported by Microsoft as such

This feature hides the least used entries in the panels that come up after "Start" button is used. Instead, a double up (or down) arrow is displayed. To turn Personalized Menus on, select Start, Settings, Taskbar & Start Menu (or right click on taskbar). Then select Use Personalized Menus at the bottom of the General Tab. To turn Personalized Menus off, just deselect "Use Personalized Menus".

How to turn Off this feature in Office : on the View menu, point to Toolbars, and then click Customize; on the Options tab, click to select the Always show full menus check box.

IE : to enable or disable the Internet Explorer personalized Favorites menu:

1. start Internet Explorer
2. on the Tools menu, click Internet Options
3. click the Advanced tab
4. click to clear or select the Enable Personalized Favorites Menu check box
5. click OK

• Remove "My Documents" from Desktop : use "My PC" + Tools + Folder Options + "View"; uncheck.

• Sharing entry missing on any device of "My PC" : logged user is NOT Administrator.

• Automatic C$ and D$
  Use REGEDIT - a setting of zero (0) prevents the administrative shares, such as C$, D$, and Admin$ from being created automatically.
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters\AutoShareServer
  NT : en KOT diu de posar

   NT 4.0 W
   Hive:HKEY_LOCAL_MACHINE
   Key:System\CurrentControlSet\Services\LanmanServer\Parameters
   Name:AutoShareWks
   Type:DWORD
   Value:0
  

  Una comanda interessant [NT] es net config server /hidden:yes
  Fes net help config

• SFC - Windows File Checker Version - Scans all protected system files and replaces incorrect versions with correct Microsoft versions
  Mind PURGECACHE (before installing a SPn ...) !

• Server
  • On W2K Server, the Local Users and Groups icon can (only) be found at "MyPC" + Right button + Manage.

  • To set a new password for any user, select the user in "Local Users and Groups", push Right button and use "Set Password" entry.

• how to display Administrative Tools in the Start Menu ? Select it in "Taskbar and Start Menu properties"

• what is SFC.EXE ?
  System File Checker tool.

• W2K Services Tweak guide.

• W2K services : stop the not needed ones

• Resource Kits : W2K and tools.

• SysInternal's W2k utilities : CPUmon, DsikMon, FileMon, Handle, ListDLLs, RegMon, TCPview, BlueScreen, ...
  Use TCPview to kill a "strange" connection found by netstat -an !

• How to install Network Monitor.

• Install guide.

• CMD.EXE with Cut & Paste : select Quick Edit in the Command Line Properties menu ("Options" tab)

• uSoft (large and with Index and Search ) DataCenter

• W2K Tips & Tricks here

• Hidden files

• Admin pwd krk : 1 (NT/W2K/2003 domain controllers, not XP), 2 (W2K, not XP). 3 (XP).

To remove DEP :

1. edit Boot.ini file
2. modify the /noexecute= to /noexecute=alwaysoff to disasble DEP entirely
3. save and reboot your computer

For some programs :

1. run sysdm.cpl = System Properties
2. go Advanced + Performance Settings
3. select "Data Execution Prevention" tab

1. find key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WPAEvents
2. see the string OOBETimer
3. double click.change all content with this one FF D5 71 D6 8B 6A 8D 6F D5 33 93 FD
4. right Click on WPAEvents(Regedit)and choose Permissions
5. window will show up; click to System and check all of Deny Listbox

Thanks !

Shadow Copy (Volume Snapshot Service or Volume Shadow Copy Service or VSS), is a technology included in Microsoft Windows that allows taking manual or automatic backup copies or snapshots of data, on a specific volume at a specific point in time over regular intervals. It is implemented as a Windows service called the Volume Shadow Copy service.

• list of commands :
  • vssadmin list writers
  • vssadmin list providers
• replaced by diskshadow in 2008 onwards

If you are prompted to activate Windows XP or Windows Server 2003 every time that you start the computer : URL {llarg i complicat}

Windows 2008 R2 is a 64bit only release. Windows Server 2008 R2 is based on Windows 7, just as Windows Server 2008 is based on Windows Vista.

Networking documentation : url

• display interfaces - note "idx" for each one (as 14 bellow): netsh interface ipv4 show interfaces
• set fixed IP :
  PS C:\Users\Administrator> netsh interface ipv4 set address name=14 source=static address=9.137.166.60 mask=255.255.255.0 gateway=9.137.166.1
• set DHCP IP :
  netsh interface ipv4 add dnsserver name="idx" address=<DNS server IP> index=1
• set the administrative password - enter following command and you'll be prompted for new pwd :
  net user administrator *
• change the name of the server :
  netdom renamecomputer /NewName:
  then restart computer :
  shutdown /r /t 0

url

url

Method #1: Enable ICMP Replies via the local Command Prompt - on your Server Core machine, at a command prompt, type:

Rebem :

This will allow you to ping the Server Core server from a remote machine, and receive a reply. You can always run the following command in order to disable this option:

url

url

What does "Network Category = Domain Network" mean ? What does "Network Category = Public Network" mean ?

By default, Windows Server 2008 and Windows Server 2008 R2 use Network Location Awareness service (nlasvc) to identify networks and find the associated saved settings for the network, the NLA service will use a Default Gateway or SSID to identify a network. This identification is conducted by system automatically due to security consideration. We cannot change the network profile manually.

Domain. The domain network location type is detected when the local computer is a member of an Active Directory domain, and the local computer can authenticate to a domain controller for that domain through one of its network connections. An administrator cannot manually assign this network location type. Because of the higher level of security and isolation from the Internet, domain profile firewall rules typically permit more network activity than either the private or public profile rule sets.

url

If you haven't done so, you'll want to change the NIC to emulate an Intel PRO/1000 card. Shut down the VM and then edit the VMX to change the line for the NIC to ethernet0.virtualdev = "e1000".

I've modified group policy to allow the editing of locations:
(Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Network List Manager Policies, All networks, network location -> User can change location)

How to disable Windows 2008 Server Internet Explorer Enhanced Security Configuration.

1. open the Server Manager.
2. go to the Security Information task pane.
3. on the right hand side select Configure IE ESC.
4. at the IE Enhanced Security Configuration dialog box, set both the "Administrators" and the "Users" option to "Off".

"secpol.msc" : security settings -> account policies -> password policy -> "disable" complex rules

Install / uninstall IIS or FTP server : use Server Manager !

Want Media Player ?

1. Control Panel + Administrative Tools
2. Server Manager : right click "Features" + "Add feature"
3. install "Desktop Experience"

url

Computer properties : Windows Server 2008 R2 Standard. Service Pack 1.

winver : windows server, version 6.1, build 7601, service pack 1

Top

Un altre:

Translating between MSyy-xxxx namespace KBnnnnnn namespace.

1. visit http://www.microsoft.com/technet/security/current.aspx
2. select the "Search by KB article number" tab
3. search on the KB number of choice
4. the links should redirect you to a url in the form http://www.microsoft.com/technet/security/Bulletin/MS0w-xyz.mspx

Build a url with the following form: http://www.microsoft.com/technet/security/Bulletin/MS0w-xyz.mspx

Top

• Notepad inserts x'EF.BB.BF at the beginning of a (large) XML file (BOM = Byte Order Mark)

• Programs that are started at Windows Logon :
  [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]

  See mr Russinovich's autoruns.exe

• The programs that are started at Windows StartUp are located in
  HKLM -> Software -> Microsoft -> Windows -> Current Version -> Run #1 /winnt/profiles/egb/start menu/programs/startup [/windows/profiles is still present but mostly unused] ["egb" profile is now /Documents and Settings/egb] #2 /winnt/profiles/all users/start menu/programs/startup [/Documents and Settings/All Users] #3 HKCU/software/microsoft/windows/CurrentVersion/run (found that pesky AOL Instant Messenger here) #4 HKCU/software/microsoft/windows/currentversion/runonce #5 HKCU/software/microsoft/windows NT/CurrentVersion/windows/run #6 HKLM/software/microsoft/windows/currentversion/run #7 HKLM/software/microsoft/windows/currentversion/runonce #8 HKLM/software/microsoft/windows/currentversion/runonceex #9 HKUsers/.DEFAULT/software/microsoft/windows nt/currentversion/windows/run (this is the default user; it gets copied to each new user, so if you want something to not be copied, remove it from here.) #10 HKUsers/S-1-5-.../software/microsoft/windows/currentversion/run That's my SID, the "S-1-5-..." stuff. This is me under my SID. It is the same as #3 above #11 HKUsers/S-1-5-.../software/microsoft/windows nt/ currentversion/windows run - same as #4

  A short list :

  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg

  AutoStart locations : 53 = 35 Registry + 12 files + 6 folders.

  GRC : Sub7 insinuates itself into Windows in a few clever ways. It installs in the seldom used "run=" line of the deprecated WIN.INI file. It also installs under the "Run" key of the registry. And it inserts a much smaller 10k "runner" into the Windows Shell "command/open" key. All of this pretty much guarantees that Sub7 will keep running inside the system. It's difficult to shake it loose.

• To enable or disable automatically running CD-ROMs, controlled by file Autorun.inf, do :
  • open Control Panel and double click System Properties
  • select Device Manager tab
  • double-click the CD-ROM icon and right-click your CD-ROM drive
  • select Properties and click the Settings tab
  • Uncheck the Auto insert notification check box

  Using TweakUI, one of PowerToys, this can be disabled by turning off the Play audio CDs automatically and the Play data CDs automatically options in the Paranoia tab.

To Disable Autorun url :
Windows XP Pro users: Click Start and then click Run. Type gpedit.msc and click OK. The Group Policy window will open. In the left pane, double-click Administrative Templates. In the right pane, double-click System, scroll down the list and double-click Turn Off Autoplay. In the Turn Off Autoplay Properties window, select Enabled. From the dropdown next to Turn Off Autoplay on, select All drives and then click OK. Exit Group Policy by selecting File, then choosing Exit from the menu.

• ACL modify :
  c:\> CACLS Displays or modifies access control lists (ACLs) of files CACLS filename [/T] [/E] [/C] [/G user:perm] [/R user [...]] [/P user:perm [...]] [/D user [...]] filename Displays ACLs. /T Changes ACLs of specified files in the current directory and all subdirs. /E Edit ACL instead of replacing it. /C Continue on access denied errors. /G user:perm Grant specified user access rights. Perm can be: R Read W Write C Change (write) F Full control /R user Revoke specified user's access rights (only valid with /E). /P user:perm Replace specified user's access rights. Perm can be: N None R Read W Write C Change (write) F Full control /D user Deny specified user access. Wildcards can be used to specify more that one file in a command. You can specify more than one user in a command.

• how to Disable Windows File Protection (Windows 2000/XP) - url
  Go to [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] and change the value of "SFCDisable" to equal "ffffff9d" to disable WFS or "0" to enable it.

• To force an "Admin" logon at Startup, ...

       HKLM -> Software -> Microsoft -> Windows NT -> Current Version -> WinLogon
       AutoAdminLogon := 1 ;
  

• To clear the Documents menu every time you start, click on the Paranoia tab and turn on the Clear Document history at logon option.
  Or, in HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
  set (DWORD) ClearRecentDocsOnExit to "1".

• To remove programs listed in the Control Panel's "Add/Remove Programs" section, open

       HKLM -> Software -> Microsoft -> Windows -> Current Version -> Uninstall
  

  and delete the program entry here. Then, restart the machine.

• XP security hole - any file will be deleted if the file's name is incorporated into a URL beginning with hcp:// and IE is induced to visit the URL. Fixed in SP1.

• TaskList - when you type "Ctrl+Alt+Del" under W95, you get the Task List. Here is a page to understand its contents

  My "usual" entries are :

  • Explorer - end-user interface : desktop, task bar, start menu, etc. *** Vital ! Leave untouched ***
  • Daemon
  • Ibmbaysn - UltraBay ?
  • Systray - runs Windows System Tray, part of the Task Bar. *** Leave untouched ***
  • Navapw32 - Norton Antivirus Auto-Protect for Windows 32-bit.
  • C4ebreg - PC scan from Germany. --- Removable --- :
  • Idhelper
  • Loadwc - Internet Explorer's Load WebCheck. *** Remove *** Used this to find that.
  • Nhldaemn - Notes.
  • Nupdate - Notes.
  • Nwrdaemn - Notes.
  • Pcscm
  • Pcs_agnt
  • Pcs_srvr
  • Rxapi

• large list of startup applications. Here I found SENTRY !!!
  Mind file win.ini

• Here are a lot of good W95 tips and tricks. They have them ALL !
  • to copy a "system" floppy, use diskcopy a: a:
  • to remove manually a program :
    • HKEY_Local_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall - remove reference in the "Add/Remove Programs" tool.
    • HKEY CURRENT USER\Software\Microsoft\Windows\CurrentVersion\Run
    • HKEY LOCAL MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    • Start/Run/Msconfig/Startup

• W98 "Windows Protection Error" troubleshooting
  Run msconfig and choose Selective Startup.

• To socksify the TCP/IP stack, use
  • c:\windows\system\WSOCK32.DLL
  • c:\windows\system\HCLSOCK5.DLL
  • c:\windows\system\SOCKS.CNF
  
  Sucesor (IBM) : PIX, as Blue ICE (Internet Connection Environment) from Cisco.
  If you are behind a firewall, and ping www.yahoo.com fails, or W95 tracert, your TCP/IP stack is socksified, as PING is not socksifyable.

  SOCKS is an implementation of what is known as a circuit-level proxy. A proxy is a device that makes a connection on your behalf.
  PIX performs what is known as "stateful packet inspection".

• Windows 2000 TCP/IP Implementation details : browse or download
  Large doc ! got it. Server 2003 : also

• Windows TCP/IP troubleshooting :
  • "ping error 10043" : TCP not installed. Use winipcfg to verify it.
  • "Unable to browse the network" : did not Log into the network (initial screen).

  URL

• W2K network traffic (to Tinet)
  using netstat -an or TcpView, you can see that W2K periodically opens local port 3710 (and UP) and remote port 135, scanning ranges of IP addresses [SYNC_SENT].
  Services registered for this port ( from Neohapsis ) :
  tcp - epmap - DCE endpoint resolution
  tcp - loc-src - NCS local location broker
  udp - epmap - DCE endpoint resolution
  udp - loc-srv - location service

  135 = RPC End-Point Mapper

  Chicago University problems talk about "Port 135 is essential to the functionality of Active Directory and Microsoft Exchange mail servers, among other."

  W32.Blaster.Worm uses port 135
  See forum

  What to do ? Here they say : The simplest way to turn off 135 is to go to your Network Properties and disable File Sharing. Also, click the ADVANCED tab and DISABLE NetBIOS over TCP/IP.

  Search Google for a utility named FPORT : here

  Goto https://grc.com/x/ne.dll?bh0bkyd2 and run a port scan, and see if the port is really open or not

• IE configuration :

   HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN
   

• The file "C:\WINDOWS\Temporary Internet Files\Content.IE5\index.dat" contains information about websites you have visited, cookies you have received, etc. It is not displayed by MS Explorer, never, no way (thanks, Bill). To delete it under W95, place at the begin of "autoexec.bat", the line "deltree /Y c:\windows\tempor~1\"

  Under W2K, move it ! To find out where the real cache is, go to Internet Explorer and select Tools, Internet Options. On the General tab, click Settings. In the Settings dialog box, click View Files to bring up your real cache folder.
  URL

   1.376.256  index.dat    BEFORE
      32.768  index.dat    AFTER
  

  UnLocker, Privacy Keeper, DelIndex (no XP/NT/2000).

  Source

• startup "hot" keys :
  
  • W95. From here
    • F5 = Safe Boot.
    • F8 = boot Menu - goto "safe boot".
  • W2K
    • F8 = Safe Boot. From here
  • XP
    • F8 = Safe Boot. From here

1. disable the Recycle Bin for your Iomega Drive
   1. Right click the Recycle Bin and select Properties.
   2. Click the option for Configure drive independently.
   3. Click the Iomega drive tab.
   4. Click the option for Do not move files to the Recycle Bin. Remove files immediatly when deleted.

2. Use Open Explore :
   Open Process Explorer, and select "Find Handle or DLL" (Control + "F") from top menu. Enter "h:\" or whatever disc letter is in use. See who's got it open.

3. clean "C:\Documents and Settings\(user)\Local Settings\Temp" - then try to stop your device again.

4. try turning off System Restore
   1. Click Start, right click My Computer, then click Properties.
   2. Click the System Restore tab.
   3. Click to select the check box for Turn off System Restore (or the check box for Turn off System Restore on all drives).
   4. Click Apply.

Iomega

1. Java control panel
2. "Advanced" tab
3. default java for browsers
4. check "Mozilla family"

• Step ONE: Select disk where the Windows installation is : [1] = first disk.
• Step TWO: Select PATH and registry files : [1] = edit pwds.
• Step THREE: Password or registry edit : [1] = edit + "*" = blank.
• Step FOUR: Writing back changes : [y] = write.

url

Offline pwd editor. OphCrack url

1. boot install disc
2. choose Repair
3. continue until "System Recovery Optoins come up, choosing "Command Prompt"
4. cd c:\windows\system32
5. rename sethc.exe sethc.exe.original
6. cp cmd.exe sethc.exe
7. remove CD and reboot
8. at login screen, hit the SHIFT key 5 or more times - Sticky Keys application launches Command Prompt with admin privileges
9. change password using net use user-name new-password or open a GUI using control userpasswords2 (mind pwd reqiurements must be met)

url

Examine Memory Usage: Once again in both Task Manager and Process Explorer you can click on the "Mem Usage" (or "Working Set" in Process Explorer + select "nom.exe" + botó dret + properties + Performance tab + "Physical memory : working set) column header and see who's using the most of your computer's RAM. This will vary widely depending on what software you are running, and what it's been doing. In Process Explorer you can also click on the "Virtual Size" column header to see who's using the most total virtual memory (both in RAM, and swapped out to disk).

url

The same value is available in Performance Monitor as Process: Private Bytes.

mtrace, memwatch, dmalloc

dmalloc, ccmalloc, NJAMD, YAMD, Valgrind, mpatrol, Insure++

Java

• Using Windows Event Log
• Event Log Sample - (Visual Studio 2005, .Net 2.0). Logging sample

• a) create a new task
• b) Perform task := every day ;
• c) Start Time = 00:01 ;
• d) Advanced Properties ;
• e) check box "Repeat Task"
• f) every 10 minutes
• g) until time = 23:59

Top

Reqs :

• 1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor
• 1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)
• 16 GB available hard disk space (32-bit) or 20 GB (64-bit)
• DirectX 9 graphics device with WDDM 1.0 or higher driver

PCs with multi-core processors:
All 32-bit versions of Windows 7 can support up to 32 processor cores, while 64-bit versions can support up to 256 processor cores.

PCs with multiple processors (CPUs):
Windows 7 Professional, Enterprise, and Ultimate allow for two physical processors. Windows 7 Starter, Home Basic, and Home Premium will recognize only one physical processor.

Sys Reqs

Windows 7 Product Guide, 62 MB : url.

On (VM) T430 I get Windows activation error 0xc004c003

F8 = Safe Mode + open HKLM\software\Microsoft\windows NT\CurrentVersion\ProfileList and toggle S-1-5-filename.bak file

url

1. Click Start, Type: cmd
2. Right click on cmd in start menu and select 'Run as Administrator'
3. Type: net stop wuauserv
4. Type: ren c:\windows\SoftwareDistribution SoftwareDistribution.old
5. Type: net start wuauserv
6. Type: exit

url

Win 7 CD has a very good "MBR fix" tool. Boot CD and you'll see the menu entry "Fix MBR". It finds multiple w7's on diferent HD's and creates a menu to access them.

Restore XP / remove GRUB :

• boor XP install disk
• select "R" for Recovery Console
• enter Admin password
• fixboot
• fixmbr

• install UltraISO
• start it As Administrator
• open the ISO file
• click Bootable, then Write Disk Image
• select the Disk Drive as your USB flash drive
• select the write method as USB-HDD
• click Format, then Start

use UltraISO

To disable IE security checkings, create this DWORD entry:

To create a restore point in Windows 7:

• Inicio + Panel de control + Sistema + Seguridad + Sistema
• Clic en Protección del sistema, ubicado en el panel izquierdo
• Seleccionar la pestaña Protección del sistema de la ventana Propiedades del sistema
• Hacer clic en el botón Crear
• Ingresar un nombre al punto de restauración en la casilla de texto y hacer clic en el botón Crear
• Luego de terminar la creación del punto, se mostrará un mensaje indicando que el punto de restauración se creó satisfactoriamente.

url.

1. regedit - go to HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon
2. right click on Winlogon and click New and click Key. Type SpecialAccounts and press Enter
3. right click on SpecialAccounts and click New and click Key. Type UserList and press Enter.
4. in right panel of UserList, right click on a empty area and click New then click DWORD (32bit) Value.
5. type in the name of the user account that you want to hide and press Enter
6. right click on the user account name and click Modify. 0 = hide the user account, 1 = unhide.

Click Start button, click All Programs, click Accessories, right-click Notepad, and then click Run as administrator.

Daemon Tools Lite 4.45.1.0236 : url, 4.41.3.0173.jpg

• open "Windows Explorer" window
• click "Organize" button
• click "Folder and Search Options"
• open "Folder Options"
• click on "View" tab
• uncheck "Hide extensions for known file types"

Delete c:\users\<nom>\AppData\Local\IconCache.db ! url

1. Control Panel
2. Folder Options
3. View
4. "Use check boxes to select items"

url : Control Panel -> Programs -> Programs and features -> Tunr Windows features on or off -> search telnet client

1. Open Windows Firewall by clicking the Start button Picture of the Start button, clicking Control Panel, clicking Security, and then clicking Windows Firewall.
2. Click Turn Windows Firewall on or off.
3. Click Off (not recommended), and then click OK.

If the "Turn on or off" option is gray ...

1. run regedit and go to "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall"
2. delete the "\WindowsFirewall\" branch

Or try entering gpedit.msc on the Win 7 machine. Go to Computer Configuration - windows settings - Security Settings - Windows Firewall with advanced Security - local Group. In domain profile box click Windows Firewall Properties - and change firewall state to off.

Another: To disable Windows Firewall in a domain environment, the Group Policy setting you would use is located in Computer Configuration\Administrative Templates\Network\Network Connections\Windows Firewall\Domain Profile. The setting is called Windows Firewall: Protect all network connections. If you disable this policy setting, Windows Firewall does not run and it cannot be started.

• On the Windows 7 machine go into Control Panel\All Control Panel Items\Network and Sharing Center then click on Change Advanced Sharing Settings.

From command line:

• start, All Programs, Accessories, right-click Command Prompt, then click Run As Administrator
• net share <sharename=drive:path>
• example : net share myshare=c:\users\myname

Responsible for "Admin pwd requested to run a file"

• disable UAC :
  • msconfig + "Tools" + select "change UAC settings" + "Launch" : select "Never notify" + OK
  • open User Account Control Settings by clicking the Start button Picture of the Start button, and then clicking Control Panel. In the search box, type "uac", and then click Change User Account Control settings. Set to "never".
  • start + Control Panel + User Accounts : click Turn User Account Control off + goto Windows Solution Center + Security : click Adjust UAC to "never notify".

  UAC [*****] UAC

• description
• download
• get 2 files : cygwin_includes.zip has cygintl-2.dll and cygwin1.dll

On T440 (ivm) :

Another command :

On oldie :

OpenSSH under CYGWIN uses the /etc/passwd file to determine your HOME directory, NOT whatever you might have set for HOME as an environment variable, either inside of your BASH shell or in Windows itself. The answer is to patch the /etc/passwd file to have a correct directory.

Instructions

1. open CMD with Administrative privileges
2. create c:\cygwin
3. from http://www.cygwin.com/ download setup.exe
4. run c:\cygwin\setup-x86_64.exe {setup version 2.891, 64 bit}
5. select "install from Internet"
6. local directory "c:\cygwin"
7. select a download site, as "tecnico.ulisboa.pt"
8. top left, set "View := Full ;"
9. scroll down to "OpenSSH" and verify there is a "X" on the "bin" column - click "Next"
10. select to create a Desktop icon
11. after the packages have been downloaded, finish the installation
12. right-click on "My Computer", and go to "Properties", "Advenced System Settings", then "Environment Variables"
13. under "System Variables", click "New" and add "CYGWIN" as the variable name and "ntsec" as the variable value (was "tty")
14. under "System Variables", find "Path" and make sure "c:\cygwin\bin" is in it
15. open Cygwin on the desktop and type in "ssh-host-config" [not found]
16. install "openssh" packages -> found :
    • should StrictModes be used? (no)
    • new local account "sshd"? (yes)
    • do you want to install sshd as a service? (yes)
    • enter the value of CYGWIN for the daemon: (ntsec)
    • do you want to use a different name (from "cyg_server")? (no)
    • create new privileged account "reinabtt\cyg_server"? (yes)
    • enter password for new user cyg_server: kuinvtt
    • the sshd service has been installed under th "cyg_server" account.
      To start the service now, call "net start sshd" or "cygrunsrv -S sshd".
      Otherwise it will start automatically after the next reboot.

To configure it, use this page

WinSCP from W500 : "invalid password"

Using install CD :

• boot install CD, load setup files and select your language
• choose "Repair your computer"
• select the operating system to repair
• choose "Command Prompt"
• "copy c:\windows\system32\sethc.exe c:\"
• "copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe"
• reboot
• at logon screen, tap SHIFT five times and you'll see an admin mode command prompt
• "net user MyUserName MyNewPassword"

Using System Rescue CD : instructions.

Install it on a USB:

1. download the ISO file
2. mount ISO with "-o loop" and "-o exec" options :
   1. mkdir -p /tmp/cdrom
   2. mount -o loop,exec /path/to/systemrescuecd-x86-x.y.z.iso /tmp/cdrom
3. run installer
   1. cd /tmp/cdrom
   2. bash ./usb_inst.sh

Top

Left-bottom corner menu :

• .

Right-bottom corner menu :

• .

1. move the mouse cursor to the upper right corner of the screen until the Charms Bar appears
2. click Search
3. click Control Panel
4. click View devices and printers
5. right-click your printer
6. click Printer Properties
7. click Print Test Page

Get it (build 10240, 14393 and more) here :

Lets boot an USB :

• start RUFUS
• select USB drive
• in "Create a bootable USB drive option" select the ISO

Lets burn an DVD from ISO, using "Windows Disk Image Burner"

Single language

Get it here :

Update 1607 deletes "Daemon Tools" if you have it ! Have to try "DTLite1051-0231.exe" {20170718}

• disable it
  • hit Start, type "defender", and then select "Windows Defender"
  • click the "Settings" button in the top right of the window
  • make sure that the "Real-time protection" toggle is set the way you want (Off)

• prevent initial scan
  • Seguridad de Windows
  • Proteccion antivirus y contra amenazas
  • Exclusiones
  • Agregar "C:\"

Tom's guide, (es)

.

.

Use www.jscreenfix.com

• remove it
  • cd %PROGRAMFILES(X86)%\Microsoft\Edge\Application\xxx\Installer
  • setup.exe --uninstall --system-level --verbose-logging --force-uninstall

• prevent from re-install
  • using regedit (as Admin) go to "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft"
  • create Key "EdgeUpdate"
  • in it, create "DWORD (32-bit) Value" and call it "DoNotUpdateToEdgeWithChromium"
  • set the value to "1"

Tom's guide, (es)

• remove "fast start"
  configuracion -> Sistema -> Energia y suspension -> Configuracion adicional de energia -> Elegir el comportamiento del boton de inicio/apagado -> uncheck "Activar inicio rapido"
  make use of

• install the latest versions of drivers for your storage controllers (ACPI/AHCI/RAID/SCSI), hard drives and video card

• comprobar archivos del sistema :
  • dism.exe /online /cleanup-image /checkhealth
  • dism.exe /online /cleanup-image /scanhealth
  • dism.exe /online /cleanup-image /restorehealth
  • dism.exe /online /cleanup-image /startcomponentcleanup
  • sfc /scannow

  URLs :

  • SFC
  • no TM
  • clean boot

• msconfig : normal startup

Lobato te un Lenovo G500, producte 20236, serie CB24825016, amb

• CPU : Intel Core i5-3230M 2,60 GHz {no val per W11}
• RAM : 6 GB (5,87 usable)
• HDD : SMART device HGST HTS545032A7E380, 300 GB
• VDU : Intel HD Graphics - 4000
• WLAN : Broadcom 802.11n
• OpSys : Windows 10 Home, version 21H2
• disk 2 TB WD easystore 2648 (USB-3)

Download Lenovo diagnostic tools : ldiag x64

Intel Rapid Storage Technology Driver for Windows 10 64-bit

• MRT disabled by Administrator {directiva de grupo}

  Delete HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr "DWORD"

• uno de los dispositivos conectados al sistema no funciona

• no TaskManager.exe

  u get fix - restore TM via gpedit.msc

  activat gpedit W10 H : descargar instalador {gone}

You can use tools like Command Prompt, PowerShell, and Performance Monitor to access information from the Self-Monitoring, Analysis and Reporting Technology (SMART) built into most drives to determine if the device is still physically healthy or failing due to hardware issues.

To quickly check the SMART status with the Windows Management Instrumentation Command-line (WMIC) utility, use Command Prompt (Admin)

windows central

get it for free :
w11 ES, Win11_24H2_Spanish_x64.WOXAA51_.iso - 5,4 GB

Windows 11 can only run on 64-bit CPUs.

Office es al nuvol

dual boot Chrome OS and Windows

ShortCuts :

• win + "D" = minimize / maximize all windows
• win + "I" = settings, as "notification icons"
• win + "M" = minimize all windows (maximize = win + shift + "M")
• win + "R" = run, as "CMD" or "gpedit.msc"
• win + "X" = control panel {w8 and up}

• CTRL + SHIFT + Escape = Task Manager

Ordinarily, on Windows, 2GB of virtual address space is allocated to programs and a further 2GB to the kernel. It is possible to alter this by adding the "/3gb" switch to the Windows "boot.ini" file. This forces x86-based systems to allocate 3GB of virtual address space to programs and 1 GB to the kernel and executive components. Use of this switch is limited in various ways.

Firstly, support for this switch is limited to certain versions of the Windows operating system; Microsoft's website states these versions to be:

• Windows 2000 Advanced Server
• Windows 2000 Datacenter Server
• Windows Server 2003 Standard Edition
• Windows Server 2003 Enterprise Edition
• Windows Server 2003 Datacenter Edition

Use of this switch on unsupported versions of Windows can cause undesirable results. Microsoft state that "the /3GB switch should not be used on Windows 2000 Server because it is unsupported and can cause application or operating system crashes." In our own internal testing, we have encountered system crashes with this flag set on Windows 2000 Server.

Also, the application binary requires a special link bit to be set to take advantage of this Windows setting. This can be set at link time or by using a Microsoft-provided utility.

url

The /3GB switch should not be used on Windows 2000 Server or Window XP Pro because it is unsupported and can cause application or operating system crashes. The /3GB switch is supported only on the following operating systems: Windows 2000 Advanced Server, Windows 2000 Datacenter Server, Windows Server 2003 Standard Edition, Windows Server 2003 Enterprise Edition, Windows Server 2003 Datacenter Edition.

url

The /3GB switch is supported on the following systems:

• Windows Server 2003
• Windows XP Professional
• Windows 2000 Datacenter Server
• Windows 2000 Advanced Server

url

Top

Provides POSIX-like services on MS Windows systems.

cygwin - a Linux-like environment for Windows - on LinuxJournal. PuttyCYG - a local Cygwin terminal to be used instead of the Windows console or xterm. Gracias, Bruno !

Top

• microsoft
• google / chrome
• java
• adobe
• firefox

MO74 - library that adds MQ admin capabilities to windows PoerShell

It usually means a corrupted system file, driver, or security component is crashing immediately at startup — even in Safe Mode.

Since this error often prevents you from getting past the login screen, you might need to try these steps:

• System File Checker (SFC)
  If you can get into Safe Mode, open the Command Prompt as an Administrator and run:
  sfc /scannow chkdsk c: /f

  This will look for and repair corrupted Windows system files.

• DISM tool
  If SFC doesn't work, try running:
  DISM /Online /Cleanup-Image /RestoreHealth

If we start "Safe Mode", PC stays in a loop with the LogonUI.exe message.

1. Turn on your PC
2. As soon as you see the Windows logo, hold the power button to force shutdown.
3. Repeat this 3 times.
4. On the 4th boot, Windows will show "Preparing Automatic Repair".
5. Select:
   • Advanced options
   • Troubleshoot (Solucionar problemas)
   • Advanced options (opciones avanzadas)
   • Startup Settings (Configuración de inicio)
   • click "Restart"
6. When the options appear, press:
   • 4 → Safe Mode
   • 5 → Safe Mode with Networking
   • 6 → Safe Mode with Command Prompt

1. 🔧 Step 1 — Boot to Advanced Recovery
   1. Power on the PC
   2. As soon as Windows starts loading, hold the power button to force shutdown
   3. Repeat this 3 times
   4. On the 4th boot → you should see "Preparing Automatic Repair" Then select Advanced options → Troubleshoot → Advanced options
2. 🔧 Step 2 — use "Command Prompt" - "Símbolo del sistema" (not "Safe Mode")

   Choose "Command Prompt" - this avoids loading the broken component.

3. 🔧 Step 3 — run Offline Repair commands

   In the Command Prompt, type these one at a time:

   1. find where is Windows :
      diskpart list volume
   2. 1️⃣ check disk first:
      chkdsk C: /f /r Etapa 1 : examen de la estructura básica del sistema de archivos Etapa 2 : examenn de la vinculación de nombres de archivos Duracion de la fase (Reconexion de huérfanos) : 17,23 segundos Etapa 3 : examen de los descriptores de seguridad Etapa 4 : búsqueda de clústeres incorrectos en los datos del archivo de usuario Etapa 5 : búsqueda de clústeres incorrectos disponibles Corrigiendo errorres en el mapa de bits del volumen Windows ha hecho algunas correcciones en el sistema de archivos Error cuando se transferían los mensajes de sesión al registro de eventos con estado 6.
   3. 2️⃣ run SFC offline:
      sfc /scannow /offbootdir=C:\ /offwindir=C:\Windows Iniciando examen en el sistema. Proteccion de recursos de Windows no encontró ninguna infracción de integridad
   4. 3️⃣ then run DISM (very important):
      dism /Image:C:\ /Cleanup-Image /RestoreHealth Herramienta Administración y mantenimineto de imágenes de implementación Versión: 10.0.19041.1 Versión de imagen: 10.0.19045.6466 La operación se completó correctamente

Desactivar el inicio rápido (Fast Boot)

A veces, el archivo de hibernación donde Windows guarda el estado del núcleo se corrompe y causa el "buffer overrun".

En el Símbolo del sistema (desde el USB o Modo Seguro), escribe este comando para desactivar la hibernación y el inicio rápido, forzando a Windows a cargar el LogonUI.exe desde cero en el próximo arranque.

Es muy probable que una actualización a medio instalar esté causando el error de saturación de búfer

1. 4x Power-on -> "Preparing Automatic Repair"
2. "Opciones Avanzadas"
3. Solucionar Problemas -> Opciones avanzadas -> Restaurar sistema

   no se creó ningun punto de restauracion

1. "Windows" + "R" (Run, ejecutar)
2. sysdm.cpl -> propiedades del sistema
3. pestanya superior "Proteccion del sistema"
4. surt una llista de les unitats de disc
5. si la columna "Proteccion" diu "Activada", prem el boto de sota que diu "Crear"
6. si diu "Desactivada", pica el botó "Configurar", marca "Activar proteccion del sistema", mouu la barra un 5 o un 10 %, prem "Aceptar" i després "Crear"

Comando "Mágico" para desatascar actualizaciones

1. 4x Power-on -> "Preparing Automatic Repair"
2. "Opciones Avanzadas"
3. Solucionar Problemas -> Opciones avanzadas -> Simbolo del sistema
4. comando
   dism /image:C:\ /cleanup-image /revertpendingactions Herramienta Administración y mantenimineto de imágenes de implementación Versión: 10.0.19041.1 Versión de imagen: 10.0.19045.6466 Revirtiendo las acciones pendientes de la imagen Se completó la operación. Después del reinicio, se intentará revertir las acciones pendientes. La operación se completó correctamente.

1. 4x Power-on -> "Preparing Automatic Repair"
2. "Opciones Avanzadas"
3. Solucionar Problemas -> Opciones avanzadas -> Simbolo del sistema
4. comando
   dism /image:C:\ /get-packages
5. surt una llista i mirem el del darer timestamp :
   Package Identity : Package_for_KB5030211~31bf3856ad364e35~amd64~~10.0.1.2 State : Installed Release Type : Security Update Install Time : 2024-09-15 10:22
6. el desinstalem : (tilde es "AltGraph" + "4")
   dism /image:C:\ /remove-package /packagename:Package_for_WinREServicing~31bf3856ad364e35~amd64~~19041.6446.1.1 Error: error de Package_for_WinREServicing: 0x800f082f

   Ese error (0x800f082f) es muy específico: hay una operación de reinicio pendiente bloqueando cualquier cambio en los paquetes.
   DISM se niega a quitar nada porque el sistema cree que "necesita un reinicio" para terminar otra tarea.

1. regedit + HKEY_LOCAL_MACHINE
2. "Archivo" + "Cargar subarbol" (load Hive)
3. C:\Windows\System32\config\COMPONENTS
4. nom de la clau := TEST

1. 4x Power-on -> "Preparing Automatic Repair"
2. "Opciones Avanzadas"
3. Solucionar Problemas -> Restablecer este equipo (Reset this PC)
4. compte : escull "Keep my files" - "Mantener mis archivos"
5. si pregunta "com" reinstalar Windows, escull "Reinstalacion local" - no cal internet
6. pica "Restablecer"

Apagar i a veure com segueix

1. entrar WinRE: Apaga y enciende el PC 3 veces seguidas forzadamente durante el logo de Windows.
2. "Opciones Avanzadas"
3. Solucionar Problemas -> Opciones avanzadas -> Simbolo del sistema
4. escribe estos comandos para asegurar que el arranque esté impecable:
   bootrec /fixmbr bootrec /fixboot bootrec /rebuildbcd

Code 19: Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged

Possible solution : "Upperfilters" field must contain "kbdclass"

1. open regedit.
2. Expand the folders found on the left hand side exactly as written (for the Keyboard) :
   HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}
   Mycomputer\HKEY_Local_Machine\System\CurrentControlSet\Control\Class\-{745A17A0-74D3-11D0-B6FE-00A0C990F57DA}
3. to fix the keyboard, click directly on the 4D36E96B-E325-11CE-BFC1-08002BE10318 folder (don't expand it). Once you click the folder, you'll see registry value files appear on the right hand side (the file icons look like torn pages with a lower case "ab" written in red).
4. the file you're looking for is the last one in the group -- the one named UpperFilters. Double-click on it, and a small box opens titled "Edit Multi-Screen"
5. once the Edit Multi-Screen box opens, you want to delete any information in the Value data: field (if there is any), and type kbdclass. When finished, click the OK button.

Another :
The VMware Keyboard Driver had an additional entry 'vmkbd' in the UpperFilters key, but the driver file that was needed (C:\Windows\system32\drivers\VMkbd.sys) was missing which in effect caused all the problems. See ./soft/drivers

EDDSN

Go to "Device Manager" and under "View" tab you can activate "Show hidden devices"

Try

1. open a folder "eines"
2. "Tools" + "Folder Options"
3. push "Restore Defaults"

Try

1. open a folder
2. "Tools" + "Folder Options"
3. "View"
4. change any value and click "Apply" and "OK"

"DCOM Server Process Launcher service terminated unexpectedly"

• other PDF readers : FoxIt, Nitro, Sumatra, ...
• Help + chack for updates
• Help + repair
• edit + prefs + general + uncheck "enable protected mode"
• network DDE / DSDM services "automatic"
• HKEY_CLASSES_ROOT\acrobat\shell\open\ddeexec\application : AcroviewA10 -> AcroviewR10 ;

Excel cannot open or save any more documents because there is not enough available memory or disk space

• echo %TEMP% -> clean it. Also c:\windows\temp
• right click on file, properties, Unlock

• Estaria be que al menu "Open" hi poguessis ficar icones a llocs habituals de l'ordinador, oi ?

• que nassos es el fitxer libeay32.dll que en tinc 15 al disc ? El SendEmail em diu "the original 3288 could not be located in libeay32.dll" ...

• LSASS - com es que "matar" aquest thread fa re-iniciar el Guindous en 1 minut ?

• quin us té el Computer Security Identifier (SID) ? url

• que fa en un portatil la funcio "Import Foreign Disk" ?

• al instalar un programa sota W2K, al final, pot crear : (Rexx ?)
  • add a desktop shorcut
  • add an icon to Quick Launch Toolbar
  • add an icon to the Start Menu
  • add a search link in Start Menu "Find"

• diferencies entre
  • regedit
  • regedt32

• eina per netejar
  • View and delete Temporary Internet Files including the corresponding index.dat file.
  • View and delete Internet Cookies including the corresponding index.dat file.
  • View and delete Internet History including the corresponding index.dat file.
  • Clean auto complete web forms.
  • Remove typed URLs.
  • View and remove Internet Explorer plugins
  • Delete the contents of Windows Temp folder
  • Empty Recycle Bin
  • Clean Windows Recent Documents folder
  • Remove Windows Search history
  • Remove Windows Run history

  In Windows NT, 2000 and XP, the folders are located in these locations:

  • C:\Documents and Settings\[Username]\Cookies\
  • C:\Documents and Settings\[Username]\Local Settings\History\
  • C:\Documents and Settings\[Username]\Local Settings\Temporary Internet Files\Content.IE5\

  See INDEX.DAT contents, using Index Dat Viewer.

  Use Internet Sweeper ? Window washer ?

• how to Print a file from DOS under Windows 98 ?
  • Exec ('c:\windows\notepad.exe', '/p '+Filename);
  • copy <file_to_print> LPT1:

• SC.EXE dins del "Resource Kit" ... Qué és ?
  NT Service Controller and services

• create windows user from command line
• hide user from command line
• install (open) sshd server in silent mode
• scan a remote disk for viruses

Dedicat a la Esther !

1. write down target's IP
2. on target, share the disk
   Right click on disk, Properties, Sharing, Advanced sharing, Share this folder, set share name as DD and give permissions
3. on host, use
   c:\eines> net use M: \\<target-ip>\DD /u:<user-pere> * <provide remote password>
4. scan M: disk using Symantec

Serveis, tasques que aturo

CompatTelRunner.exe is also known as Windows Compatibility Telemetry. This periodically sends usage and performance data to Microsoft so that improvements can be made on user experience and fix potential errors.

Task Scheduler - Microsoft - Windows - Application Experience - right click on each task and DISABLE

uSoft answers - Marcel

Follow

1. get MediaCreationTool1909.exe {19.255.000 at w500\\C:\eines\soft\microsoft windows} from here
2. run MediaCreationTool.exe
3. select "Upgrade this PC now"
4. select the "Keep personal files and apps" option
5. use Device Manager to check that every piece of hardware is installed correctly on your system

url

Disable it ...

• for 35 days
• forever (service)
• forever (registry)

all things.how

Top

• {Esther} delay starting services

• MSDN On-Line (***)
  Registry Functions (***)
  Registry e.p.
  RegFlushKey to write Registry to disk.
  How to use the Registry (***)

• Windows memory diagnostic

• BSoD survival guide

• Annoyances : Good !

• LongHorn - the three highlighted technologies for Longhorn are :
  1. Avalon - A replacement for the Windows GDI and HTML programming models.
     GUI and GUI creation.

  2. Indigo - Communication Services through Web Services. Remote procedure calls are out and Web Services are in. Remote procedure calls require tight coupling between client and server; Web Services require only loose coupling.
     Communications.

  3. WinFS - A transaction enhanced NTFS file system and a SQL engine on top. Properties of content (jpg size, jpg width and height; document authors; document key words; XML data) can all be indexed automatically.
     Removed

  WMIExplorer is a GUI built on top of PowerShell.

  Introducing Longhorn for Developers

   Longhorn supports two methods for creating applications :
  
       1. Write code -- the traditional approach
       2. Write Markup -- using Extensible Application Markup Language (XAML).
  

    64-bit is the path to Longhorn, mark my words   [egb, 28042005]

  Differences between Windows Server 2003 and Windows Server 2008 (a.k.a. Longhorn): URL

• Process library : description of lsass.exe, service.exe, svchost.exe, etc
  smss.exe : Session Manager
  lsass : Local Security Authority Subsystem

  Common Windows files : nupdate.exe

  Default Processes details - can end / cannot end.

• Windows to Linux roadmap

• Windows command line mailer : BLAT 1.88

• Total Commander

• Windows Hex editor [ Pro !!! ] From Pc World.

• Free and Good utilities :
  • AVG antivirus
  • Diskeeper Lite
  • Reg Cleaner

• Boot from CD : ERD Commander 2002

• Register Backup : ERUNT
  The Export registry function in Regedit is USELESS for making a complete backup of the registry. Neither does it export the whole registry (for example, no information from the "SECURITY" hive is saved), nor can the exported file be used later to replace the current registry with the old one. Instead, if you re-import the file, it is merged with the current registry without deleting anything that has been added since the export, leaving you with an absolute mess of old and new entries.
  URL

• search Microsoft KB (Support Knowledge Base)

• FTC recomienda ... DriveSnapShot [ better than GHOST !!! ]

• XP and W2K boot CD : Bart's PE Builder URL

• NAV : NAVCPU & NAVWHEN

• XP Experts NewsGroup : U/K := bacardinet@hotmail.com/KpGrs
  How to set AutoReboot Off without Control Panel ? Start here: "Resources for Troubleshooting Startup Problems in Windows XP" URL

• uSoft W2K Server HowTo's list

• uSoft System Eror Codes

• Inside the Native API [SysInternals]

• Outlook versions

• WIN32 programming FAQs

• Register Hack tips

• How to surf and read e-mail safely as an Administrator !?!?!? (uSoft)

• Win Links

• Bink.nu - uSoft news, technology and downloads.

• Open ?

• Stop WGA notifications

• Top 15 most controversial Microsoft quotes

• Mark Minasi's W Tech letter. @/k

• Windows products lifecycle index (by product), policy (& roadmap), select a product.

  Few samples : W2000Pro = Mar 2005. WXPPro = Jan 2009. W2000Server : soporte técnico = 2005; soporte ampliado = 2010.

• Intel Core 2 problems : Intel problem list, Geek,

• Excel can't multiply ? Que diu uSoft. Una altra opinió. Va de "IEEE 754" ...

• How to use Registry Editor to identify an unknown PCI device

• Auto actualitzacions ? (WU)

• New Passport account

• uS protocols

• PowerShell free book, 567 pages.

• SteadyState.

• Windows Installer Cleanup Utility.

• Desktop images.

• Ninite : install multiple apps at once without toolbars or clicking Next. Gracias, Bruno !

• Applications launcher :Rocket Dock (Gabriel) o Launchy (Bruno).

• xPlorer 2 Lite

• http://www.windowsnetworking.com/ : nice tips page

• C (registry and others) cleaner.

• Dynamics - line of enterprise resource planning (ERP) and customer relationship management (CRM) software applications.

• MTP, Media Transfer Protocol [/] directe

• Visual Studio Express {free}

• claus msdn

• install DisableWinTracking - permite deshabilitar algunos servicios preinstalados en el sistema operativo y bloquear determinadas direcciones IP

• PC manager - antivirus, etc (W10 o W11)

• unistall Edge

• OneDrive on "Microsoft 365", as Excel al nuvol

• Previous page

• Back to main page

• Site map