This article explains about Windows SFC and its registry entries.

SFC is System File Checker. SFC is running in system to protect system files. All the system files are located in C:\Windows and C:\Windows\System32 folders. These files are important for Windows Operating to work effeciently. If any of the files is deleted accidently the file gets restored from the DLLCache folder automatically with the help of SFC. Sometimes, you might need to disable the SFC for development and testing purpose. This article explains the registry keys you can play with to disable the SFC and various options.

KEY Name:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

Entry Name: SFCDisable

Date Type: REG_DWORD

Value: 0,1,2,3,4

0 = enabled. This is the default option. The SFC is enabled by default on Windows Systems.

1 = disable the SFC. The value 1 disable the SFC but prompt the user at the boot to re-enable the SFC.

2 = This is to disable the SFC completely and users are not prompted to re-enable it.

4 = SFC is enabled but the popups are disabled.

At the same location at registry, you can configure one more registry entry: SFCScan. Data type for this is REG_DWORD and values could be 0,1,2. This entry can be useful to perform the scan of protected files of the systems.

0 = do not scan protected files at boot (default) 1 = scan protected files at every boot

2 = scan protected files once

_____________________________________________________________________________________

This article explains a quick fix you can use to solve the issue with Windows blank screen.

Windows is modular in design. The Windows Executive Services pass the control to Winlogon to display the Window Login Dialogue Box. Winlogon calls MSGINA.DLL to process the authentication for the user. MSGINA.DLL then passes the control to default Shell of Windows. There are two types of Shell: Windows Explorer Shell (Explorer.exe) and User Shell (Userinit.exe). Explorer Shell is responsible to display the Start Menu and User Shell is responsible to show the desktop. The user will see a blank screen window if both the shells are not executed by the MSGINA.DLL.

The MSGINA.DLL looks at the following registry location to identify the Explorer and User shell:

Key Name: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

Entry Name: Shell contains the value Explorer.exe

Entry Name: Userinit contains the value %SystemRoot%\System32\Userinit.exe

If you see either the entries are missing or they do not contain the value as shown above then use the following steps to rectify this:

Steps:

Go to a Computer connected to the network. Start Menu > Run > Regedit.exe > Connect Network Registry > Specify the computer

name.

Navigate to the above location in registry of remote computer and then change the value as shown above.

Restart problematic computer.

  ______________________________________________________________________________

How to resolve a problem when using the shutdown.exe command when logged on with non-admin credentials.

If you have a Windows XP desktop computer and you try to shut down your machine from the command-line by typing shutdown -s then you may get the following result in response to this command:

The operation completed successfully.A required privilege is not held by the client.

This will happen if you are logged on to your machine as an ordinary (domain) user instead of an account having administrative credentials. This happens because of a bug in how the shutdown.exe command works in Windows. Fortunately, there's a workaround:

1. Log on as an administrator and open Local Security Settings from Administrative Tools.

2. Select Security Settings \ Local Policies \ User Rights Assignment

3. Open the user right named "Force shutdown from a remote system" and add the INTERACTIVE group to this user right.

Speed XP startup by removing unneeded autostart programs.

If your company gets their desktop computers from a big vendor like Dell, you may find that you have a lot of unneeded autostart programs on your desktops. By removing unneeded autostart programs (programs that start automatically when Windows boots) you can improve the startup time for your desktop computers. Here are two ways to do this:

Run msconfig.exe, select the Startup tab, and clear the checkboxes beside those programs you no longer want to start automatically on startup.

Get the autoruns tool from Sysinternals, which does an even better job than msconfig of ferreting out those pesky autostart programs hidden away in various corners of the Registry.

______________________________________________________________________________

How to prevent the Welcome screen from running when your users turn on their OEM-supplied XP boxes for the first time.

If your company buys OEM boxes with Windows XP from vendors like Dell, you may be frustrated by the fact that when users turn on their machines for the first time the Windows Welcome wizard runs instead of mini-setup. The main frustration for administrators here is that when users step through the various screens of the Welcome wizard, one of those screens prompts the user to create a new user so they can log on as that user. Unfortunately, this new user that is created (a) has no password and (b) is a member of the local Administrators group on the machine. This is not good from a security standpoint--you don't want your users to be local admins, and you don't want accounts without passwords.

Fortunately, there's a workaround you can use to boot to mini-setup instead of the Welcome screen. Before you give your users their nice shiny new Dell boxes, you can:

1. Boot them into the first screen of the Welcome wizard. 2. Press CTRL+SHIFT+F3

3. Accept the EULA.

4. Reboot the machine into Sysprep factory mode.

5. Select the mini-setup option and reseal.

6. Create a sysprep.inf file to provide answers to mini-setup prompts.

7. Give the box to the user along with a floppy containing sysprep.inf and tell them to boot their machine.

Once this is done, mini-setup will run instead of the Welcome wizard and the machine will configure itself automatically instead of requiring the user to respond to a series of prompts.

______________________________________________________________________________

How to remove the Control Panel shorcut from the Start Menu.

If you don’t want users to access the Control Panel and want to completely remove the shortcut on the Start Menu, create the following registry entry:

Hive: HKEY_CLASSES_ROOT

Key: Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Name: NoControlPanel

Type: dword

Value: 1 

***Eric Geier is an author of many wireless networking and computing books including Home

Networking All-in-One Desk Reference For Dummies (Wiley 2008) and 100 Things You Need to Know about Upgrading to Windows Vista

This article explains how you can process the System Idle Tasks on Windows Computers. This tip applies to Windows XP, 2000, 2003, Vista and Windows 7 Computers.

System Idle Tasks are performed on Windows computers to improve the overall performance of the computer. These tasks are performed automatically when computer is idle for 15 minutes. You might need to perform these tasks forcefully on a computer. To run the command forcefully, you can use the following command:

Rundll32.exe advapi32.dll,ProcessIdleTasks

When you execute the above command, you will see System Idle Process taking CPU. These tasks are performed once 3 days.

If you want to run on multiple computers then run the above command with PSExec.exe. Psexec.exe can be obtained from Microsoft site.

1. Put all computer names in Comps.TXT

2. Then run the following command:

Psexec.exe -i -@Comps.TXT Rundll32.exe Advapi32.dll,ProcessIdleTasks

The command executes on each computer specified in the Comps.TXT. The -i switch is for interacting with the desktop of the user.

Removing the shortcuts in Windows for the Shared Documents folder.

If you don’t make use of the Shared Documents folder in Windows XP, you can remove the shortcuts that appear within Windows. It just requires a registry change. Only the shortcuts are removed, the folder will still remain at C:\Documents and Settings\All Users\Shared Documents.

To remove the Shared Documents shortcuts, create the following registry key:

Hive: HKEY_CURRENT_USER

Key: Software\\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSharedDocuments

DWORD Value: 1

 ***Eric Geier is an author of many wireless networking and computing books including Home

Networking All-in-One Desk Reference For Dummies (Wiley 2008) and 100 Things You Need to Know about Upgrading to Windows Vista (Que 2007).

How to customize the Default Users profile. Want to customize the desktop experience for any user who logs onto a computer? Customize the Default User user profile on the machine, which is found in C:\Documents and Settings\Default User. When a user logs onto a Windows computer for the first time, the machine first checks the NETLOGON share on the domain controller to see if there is a Default Users folder present there. If it finds one, it uses this profile as a template for creating a user profile for the

user. If Windows can't find a Default Users folder in NETLOGON, it uses the local Default Users profile to generate a profile for the user.

Mitch Tulloch is President of MTIT Enterprises, an IT content development company based in Winnipeg, Canada. Prior to starting his own company in 1998, Mitch worked as a Microsoft Certified Trainer (MCT) for Productivity Point International. Mitch is a widely recognized expert on Windows administration, networking and security and has written 14 books and over a hundred articles on various topics. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy Microsoft platforms, products and solutions. Mitch is also a professor at Jones International University (JIU) where he teaches graduate-level courses in Information Security Management (ISM) for their Masters of Business Administration (MBA) program. For more information see http://www.mtit.com.

How to prevent the Welcome screen from running when your users turn on their OEM-supplied XP boxes for the first time.

If your company buys OEM boxes with Windows XP from vendors like Dell, you may be frustrated by the fact that when users turn on their machines for the first time the Windows Welcome wizard runs instead of mini-setup. The main frustration for administrators here is that when users step through the various screens of the Welcome wizard, one of those screens prompts the user to create a new user so they can log on as that user. Unfortunately, this new user that is created (a) has no password and (b) is a member of the local Administrators group on the machine. This is not good from a security standpoint--you don't want your users to be local admins, and you don't want accounts without passwords.

Fortunately, there's a workaround you can use to boot to mini-setup instead of the Welcome screen. Before you give your users their nice shiny new Dell boxes, you can:

1. Boot them into the first screen of the Welcome wizard. 2. Press CTRL+SHIFT+F3

3. Accept the EULA.

4. Reboot the machine into Sysprep factory mode.

5. Select the mini-setup option and reseal.

6. Create a sysprep.inf file to provide answers to mini-setup prompts.

7. Give the box to the user along with a floppy containing sysprep.inf and tell them to boot their machine.

Once this is done, mini-setup will run instead of the Welcome wizard and the machine will configure itself automatically instead of requiring the user to respond to a series of prompts.

Mitch Tulloch (MVP Windows Server) is a well-known industry expert in Windows administration and security and author of fourteen books including the Microsoft Encyclopedia of Networking, the Microsoft Encyclopedia of Security, Windows Server Hacks and IIS6 Administration. Mitch is based in Winnipeg, Canada and is President of MTIT Enterprises, an IT content development company. You can find more information about him on his website www.mtit.com

If you remove a piece of hardware, particularly USB devices that may be frequently swapped out, without first Uninstalling it in Device Manager, the drivers remain behind, but the device no longer shows up in Device Manager by default.

Plug and Play, when it works, makes life simpler by automatically detecting and configuring new hardware as it is attached to the computer. With today's USB, smartcard and other removable media, it makes life much more efficient. But, while Windows is fairly good at detecting the hardware and installing the appropriate drivers, it is not so good at realizing that the device is gone and purging the drivers from the system.

If you actually right-click the device in Device Manager and select Uninstall, the device and its associated drivers will be removed. But, if you just remove the device, it will disappear from the Device Manager, but may leave the drivers behind. Those drivers, aside from taking up space, could later be found to contain vulnerabilities and expose your system to compromise even though you aren't aware the drivers exist.

With the device physically removed from the computer, the only way to view, and thereby have access to uninstalling, the drivers is to alter Device Manager to Show hidden devices. Follow the steps below to display the hidden device information:

1. Right-click My Computer and select Properties 2. Click on the Advanced tab

3. Click on Environment Variables

4. Below the bottom Environment Variables window pane (System Variables), click on New

5. For Variable Name, enter devmgr_show_nonpresent_devices

6. For Variable Value, enter 1

7. Click OK to close Environment Variables and OK again to close System Properties

Now that you have created this entry, when you open Device Manager, you can click on View and then select Show hidden devices from the menu. You can identify the hidden devices by their grayed-out icons.

Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security (http://netsecurity.about.com), providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security (http://www.tonybradley.com).

Windows Explorer is a fairly functional tool for browsing files and folders and finding what you are looking for. But, depending on how large and how organized your hard drive is, it may take some time to sift through to the folder you really want. Using command line parameters, you can create desktop shortcuts that take you quickly to your most-used folders.

In Windows XP, the Windows Explorer utility is somewhat buried. You have to click on Start - All Programs - Accessories, and then Windows Explorer. I usually place a shortcut to Windows Explorer on my Quicklaunch toolbar or desktop as soon as I install Windows because I know I will use it fairly frequently and I don't want to drill through so many levels of menus to find it.

But, even with easy access to the Windows Explorer utility itself, there are certain folders which I frequently use that are buried mutliple levels down in the folder hierarchy due to the way I have organized my data. That means that I have to open a folder, then a sub-folder, then another sub-folder, etc., etc. just to get to information that I use on an almost daily basis.

That is, until I learned how to use the command-line to create desktop shortcuts that lead straight to my destination folder. Quick, simple and efficient. No more clicking and more clicking just to get to commonly used data.

At the command line, you can type "explorer" followed by the following switches to create a custom shortcut:

* /n - opens Explorer without a displaying folders in the lefthand pane. It still fills that space with links and information, but no folders.

* /e - opens Explorer with the Folders bar

* /root, {path or object} - the /root switch is followed by a comma and then the path to the directory you want to display or the Globally Unique Identifier (GUI) of the object you want to navigate to

To create a desktop shortcut for frequently used folders, right-click on the desktop and select New, then Shortcut. Type the command line syntax as shown above for the folder you want the shortcut to go to, supply a name for the shortcut, and click OK.

While I have provided my own wording and unique perspective on this trick, I got my inspiration from the O'Reilly book Windows XP Hacks, 2nd Edition. For a more detailed and thorough explanation, along with the GUI's for common system objects such as My Computer or Network Connections, see Hack #22 in that book .

Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security (http://netsecurity.about.com), providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security (http://www.tonybradley.com).

Windows 2000 and Windows XP have thrown on lots of transition effects in its menus and windows. If you have a really good video card, no problem. In fact its really neat. But for a long time, my home PC sucked! If you want to get maximum performance without the flash, or if you want to control :

For Windows XP :

Click Start Control Panel

Display

Click the Appearance tab

Click the Effect button

For Windows 2000 :

Click Start Settings

Control Panel

Display

Click the Effects tab

then experiment by checking and unchecking various effects. Uncheck all for the best video performance.

To access the local administrative utilities, you need to: Click Start Click Control Panel

You can switch from the new XP view to the classic NT view using left panel Switch to category view

Click Administrative Tools

If you access Admin tools often, you can make the tools available from the Start Menu directly: Right-Click Start Click Properties

Click Customize selection box in the Start Menu tab

Click Advanced Tab

Click down Start Menu items pulldown to System Administrative Tools section

Select Display on the All Programs and the Start menu radio button

You can lock the Windows 2000 or XP desktop with a click of an icon. Create a shortcut icon on the desktop to run the following command:

rundll32.exe user32.dll,LockWorkStation

Rundll32.exe is an application included with Windows that executes functions in dynamic link libraries (DLLs). Most applications (and Windows) use DLLs to share code between multiple applications or multiple modules within a single application. There are lots of other tasks you can accomplish with Rundll32.exe. You can execute these commands from a console or incorporate them into scripts or batch files to help you quickly access certain features in the user interface for configuring the operating system or hardware.

The following command starts the Add Printer Wizard: Rundll32.exe printui.dll,PrintUIEntry /il

If you want to add a standard TCP/IP port for printing, use this command: Rundll32.exe tcpmonui.dll,LocalAddPortUI

You can easily create new shared folders through the New Share dialog box. Use this command to open it: Rundll32.exe ntlanui.dll,ShareCreate

Another function you can access through Ntlanui.dll is the Shared Directories dialog box. Here's how to open it: Rundll32.exe ntlanui.dll,ShareManage

Related tips:

Create Lock Desktop Icon Launch URL from Desktop Icon

WinKey Shortcuts

I have seen tips using similar syntax to create a shutdown shortcut icon:

rundll32.exe user32.dll,ExitWindowsEx Actually that tip works for Windows NT but not Windows 2000 or Windows XP. You can use the Resource Kit shutdown.exe for Windows NT, Windows 2000, or Windows XP. See Shutdown Windows NT or Win9x at specific time each day for an example use of Shutdown.exe.

Want My Computer or My Docutments icons back on the desktop rather than on the Start menu? You can control whether they display using the Control Panel:

Double-click Display icon On the Desktop tap:

Click Customize Desktop button

On the General tap, you can select to display on the Desktop one or more of the following:

o My Documents

o My Computer

o My Network Places

o Internet Explorer

You can also drag and drop icons from the Start menu to the Desktop. For My Pictures and My Music, a drap and drop will copy the entire folder. Drag and drop the other icons such as My Computer, My Documents, or My Network Places will place a shortcut to the folder on the desktop.

You can also:

Click Start Right-click the My Computer icon (or other Start menu icon)

From the shortcut menu, select Show on Desktop

The majority of viruses recently have been email-based. They are often written in VBScript which is a scripting language used to automate tasks without user intervention (or perhaps, one even knowing the script is running). Microsoft built the Windows Scripting Host (WSH) as an application to run vbscript programs. It ships as an integral part of Windows 2000 and Windows XP. WSH is also included when one downloads Internet Explorer 5. WSH can be used to get access to the Windows commandshell, file system, and registry. Lots of people know vbscript. Its complexity is low, at least, the complexity to write virus code.

To find out if the Windows Scripting Host is enabled on your PC:

Click Start | Run | cmd Type wscript in the command shell

If its enabled, the Windows Script Host Settings dialog box will poppup.

You can protect yourself from these malicious programs if you have up-to-date antivirus code resident. This is becoming an absolute requirement in corporate environments. If you don't have that level of protection, you might want to block the vbscripting threat by disabling the Windows Scripting Host which is the agent that executes the .vbs files. There are several methods which are compatible for Windows NT / Windows 2000 and Windows XP:

Rename or delete the WSH executable : wscript.exe Its normally found in the system32 folder.

Block WSH from executing .vbs files by removing the file association

o Right-click My Computer

o Select Open from the menu

o Select the View tab

o Select Options

o Open the File Types tab

o Select VBScript Script File from the list of file types If its not there, then WSH is not installed or has been disabled. If its there

o Click on the Remove button to remove the ability of WSH to run .vbs scripts.

o Another alternative if you want to know when a script has been activated, you can use the Edit button to change the default action for .vbs files from Open (running) them to Edit . That is open script in Notepad.

Dynamically disable / enable WSH using Symantec's Noscript.exe freeware program.

Disable scripts using freeware AnalogX Script Defender program. AnalogX Script Defender will intercept any request to execute the most common scripting types used in virus attacks, such as Visual Basic Scripting (.VBS) and Java Script (.JS). It can even be configured to intercept new script extensions as needed! It's very simple to use and helps to ensure that you do not inadvertently run a script no matter what email program you use, or even if you get it via another method.

You can control whether the NumLock key is automatically on or off at logon using the following Windows NT / Windows 2000 / Windows XP registry hack:

Hive: HKEY_CURRENT_USERKey: Control Panel\KeyboardName: InitialKeyboardIndicatorsType: REG_DWORDValue: 0 NumLock disabled for current user after logging onValue: 2 NumLock enabled and will retain the settings from the last shutdown

Numlock doesn't reflect these setting during the logon phase because at that point, NT is using the .Default user profile since it does not know which user is logging on. Make the same changes to HKEY_USERS\.DEFAULT\Control Panel\Keyboard if you want the numlock state to be consistent throughout.

The best, and non-registry editing method to set InitialKeyboardIndicators, is to set numlock on, then use Alt-Ctrl-Del to log off. It should remember state for the account.

Its usually best to avoid registry hacks if possible. You can use the following Windows Script, name it numlock.vbs, to control numlock:

set WshShell = CreateObject("WScript.Shell")WshShell.SendKeys "{NUMLOCK}"

For an individual user, copy numlock.vbs to the user's startup folder. To get the script to run for all users, put the script in the Startup folder in the All Users profile. Support for the Windows

Scripting Host is builtin for Win98, W2K and XP. For Win95 and NT, you have to download and install it.

.

By default, Notepad will allow you to enter text and not wrap when the screen is full, it will scroll right instead. To make it wordwrap

Hive: HKEY_CURRENT_USERKey: SOFTWARE\Microsoft\NotepadName: fWrapType: REG_DWORDValue: 1 word wrap

XP lets you set wordwrap without having to resort to a registry hack. Within Notepad click Format, Wordwrap.

Notepad's major advantage as an editor is its default presense on every windows box, Win9x, Windows NT, ME, Windows XP. Its universal windows presence is analogous to VI for unix. Like vi, a common use for Notepad is creating log files or journal files. You can easily insert the current time and date into Notepad manually. Just open Notepad and press F5 or use the menu: select Edit | Time/Date. This is a manual process. There is an automatic option that inserts the time and date automatically when you open the file:

Create a blank text file with .LOG as the first line of the file, followed by a carriage return.

Double-click the file to open it and notice that Notepad appends the current date and time to the end of the file and places the cursor on the line after.

Type your notes and then save and close the file.

Each time you open the file, Notepad repeats the process, appending the time and date to the end of the file and placing the cursor below it.

The long and short of it is that any file that notepad opens which has .LOG on the first line followed by a carriage return will open the file, put date/time on the last line and place the cursor on the last line.

How to find when Windows was installed on a computer.

Here's a trick you can use to find out when Windows was installed on the computer you are working at. Open a command prompt and type the following:

systeminfo | find /i "install date"

This command pipes the output of the systeminfo.exe command into the find.exe command to locate the line of text that contains the string "install date" and displays the result.

There is a registry hack to enable or disable Windows NT TaskManager. The same registry hack applies to Windows 2000 and Windows XP.

Hive: HKEY_CURRENT_USER Key: Software\Microsoft\Windows\CurrentVersion\Policies\System Name: DisableTaskMgr Type: REG_DWORDValue: 1=Enablethis key, that is DISABLE TaskManagerValue: 0=Disablethis key, that is Don't Disable, Enable TaskManager

As part of the enhanced management available in Windows 2000 and Windows XP, rather than risking a registry change, as an administrator you can enable or disable Windows 2000 Pro or Windows XP Pro's TaskManager using Group Policy Editor. This can be applied to the local policy. Note: if you are trying to override your organizations group policy, you can't. As soon as you re-authenticate to the domain, the domain or OU Group Policy will rewrite the registry setting. But if the TaskManager was accidently disabled or you need to control this item for a set of standalone boxes this is for you:

Click Start Click Run

Enter gpedit.msc in the Open box and click OK

In the Group Policy settings window

o Select User Configuration

o Select Administrative Templates

o Select System

o Select Ctrl+Alt+Delete options

o Select Remove Task Manager

o Double-click the Remove Task Manager option

And as I mentioned above, since the policy is Remove Task Manager, by disabling the policy, you are enabling the Task Manager.

Got XP Home - use the registry edit.

This tip explains how you can migrate user profiles from Windows XP to Windows 7.

User Profiles on Windows XP are not compatible with Windows 7. The default folder for user profiles in Windows XP is X:\Documents and Settings and X:\Users in Windows XP. If you upgrade your Windows XP to Windows 7 the user profiles are not migrated automatically. You need to use a tool called USMT to migrate. The USMT version must be 4.0 and ships with Windows WAIK for Windows 7. This article explains how you can migrate your documents, profiles and application to Windows 7.

Steps:

Download WAIK for Windows 7 from the below URL http://www.microsoft.com/DOWNLOADS/details.aspx?familyid=696DD665-9F76-

4177-A811-39C26D3B3B34&displaylang=en

Install Windows WAIK on a computer running Windows 7

Upgrade your Windows XP (Perform an in-place upgrade of Windows 7)

Go to the following location where you have installed Windows WAIK

C:\Program Files\Windows AIK\Tools\USMT

Copy USMT folder to C:\Windows\USMT on Windows 7 and then run the following commands to migrate user settings:

ScanState command: 

C:\Windows\USMT\scanstate.exe c:\USMT /v:13 /o /c /hardlink /nocompress /efs:hardlink /i:MigApp.xml /i:MigDocs.xml /offlineWinDir:c:\windows.old\windows

LoadState command:

C:\Windows\USMT\loadstate.exe c:\USMT /v:13 /c /lac /lae /i:migapp.xml /i:migdocs.xml /sf /hardlink /nocompress

That's it.

The first command (ScanState command) scans your computer to gather information from C:\Windows.old. This folder contains the Windows XP installation and user profile settings.

The second command (LoadState command) migrates the captured settings to Windows 7.

How can you uninstall Windows Installer-based applications in Safe Mode if you need to?

When a Windows computer won't boot properly, you may be able to get it to boot in Safe Mode. What if your boot problems are caused by an application you installed and you need to uninstall the app in Safe Mode? Unfortunately Windows Installer usually won't work in Safe Mode, but here's a workaround:

1. Start your computer and press F8 before the splash screen or boot menu to enter Safe Mode.

2. Open a command prompt window.

3. Type the following commands, pressing ENTER after each command:

4. REG ADD "HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer" /VE /T REG_SZ /F /D "Service"

5. net start msiserver

6. Double-click on the .msi file for the application and uninstall the application from your system.

How to configure logon hours for local users on standalone machines in a workgroup In an Active Directory environment, you can use the Active Directory Users and Computers to specify log on hours for a user i.e. which times the user can log on and which times he or she is prevented from logging on. Can you do the same for standalone Windows machines in a workgroup?

Yes but not using the UI. Instead, you can use the net user command with the /times switch to set and display the logon hours for a user account. Type net help user for more info.

***

Mitch Tulloch is lead author for the Windows Vista Resource Kit from Microsoft Press, which is THE book for IT pros who want to deploy, maintain and support Windows Vista in mid- and large-sized network environments. Mitch is also the author of Introducing Windows Server 2008, the first book from Microsoft Press about the exciting new server platform. For more information on these and other books written by Mitch, see www.mtit.com.

The right way and the wrong way of deleting user profiles from a machine.

Whenever a user logs onto a Windows computer, a user profile folder is created for that user under C:\Documents and Settings. If you want to delete any of these user profiles, don’t simply delete the C:\Documents and Settings\user_name folder for that user as it leaves the registry settings for that profile intact and this can confuse the profile service and cause unpredictable results. The right way of deleting a user profile is to use the profile applet, which is accessible from the Advanced tab of the System applet in Control Panel.

How to allow selected non-admin users to configure their power settings using Group Policy.

One of the annoyances of running as a non-admin on my computer is that I don't have the ability to change the power scheme on my machine. That's because administrative credentials are required to modify machine settings, and if you're a thoughtful admin then you'd rather have your users run as domain users and not local admins on their computers. I was interested to discover however that Microsoft has a workaround for this issue, and you can use Group Policy to create a policy setting that you can use to allow or prevent targeted users from changing their power settings. For more info about this, see this Knowledge Base article.

How to prevent users from enabling Remote Desktop on their machines.

While Remote Desktop can be a useful feature for remotely managing servers, you may or may not want to allow this capability on Windows XP desktop computers on your network. Furthermore, if you allow some users to run as local admins on their workstations (either because of application compatibility issues or because they need more control over thier machines) then having such privileges allows them to enable Remote Desktop on their machines if they so desire.

Using Group Policy however, you can lock down Remote Desktop functionality on all computer accounts in a domain or OU by disabling the following policy setting:

Computer Configuration \ Administrative Templates \ Windows Components \ Terminal Services \ Do not allow new client connections 

Disabling this policy will enforce this setting on the target machines.

Want to create a keyboard shortcut to popup a folder at any time: In Windows Explorer, browse to the folder Right-Click the folder

Click Send To

Select Desktop (create shortcut)

On the desktop, right–click the new shortcut

Click Properties

Enter the ctrl-alt-letter or ctrl-shift-letter of your choice in the shortcut key box For example, ctrl-alt-f or ctrl-shft-f

Want Windows XP Explorer to reopen folders at logon that were open when Windows was shutdown?

In Explorer, click Tools Click Folder Options

Click the View tab,

Check Restore previous folders at logon in the Advanced settings list.

The registry method for this setting is to set DWORD value of PersistBrowsers=1 in the HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced registry key.

If you are like me and like to work from the dark place, that is the command-shell, DOS windows, then you can get confused if you have several windows opened. Window#1 you are telneting, Window#2 ftping, Window#3 you are running admin scripts, ... You look at the task bar and they are all the same. But there is a Windows NT / Windows 2000 / Windows XP trick to keep them straight, use titles. In each DOS windows, at the command prompt, use the Title command. For example:

Title telnet unixbox1 for command-shell #1 Title ftp unixbox1 for command-shell #2 Title scripts domainX for command-shell #3

... Now the DOS windows will have your titles and they will show on the taskbar also.

Lets go over the NT/W2K/XP DOS windows options.

Open a emulated DOS window:

Start Programs

Accessories

Command Prompt

Right-click on the title bar

Select Defaults

or Start Run

Open: cmd

Right-click on the title bar

Select Defaults

Select the first tab, Options. Here you can set the cursor size; display option, either full screen or a window mode; command history; and edit options. The Edit Options include QuickEdit mode which allows you to select and copy and paste DOS text; insert mode; and AutoComplete mode. Command history includes Buffer size which is the number of commands to remember so they can be recalled by scrolling by pressing the up arrow / down arrow.

Select the second tab, Font. Here you can set the default font and font size which selects the window size.

Select the third tab, Layout. Here you set the screen buffer size and the windows size. By setting the screen buffer size to a higher number (mine is at 500), you buffer lines displayed and you will be able to scroll back to see them. You can also set the windows size in colum width and lines.

Select the last tab, Colors. Here you can choose text and background colors.

Experiment with the options to fit your work habits.

NT/W2K/XP's default directory for installing applications is the \Program Files folder (at least for English language version of NT/Windows 2000/XP). To change the default application installation folder:

Hive: HKEY_LOCAL_MACHINEKey: Software\Microsoft\Windows\Current VersionName: ProgramFilesDirType: REG_EXPAND_SZValue: C:\Program Files default

Please note that some programs ignore this registry setting.

To add a Command Prompt: option on folder context menus (right-click file or folder), cut and paste the following code into commandline.reg file and run it.

REGEDIT4 BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Directory\shell\DosHere]@="Command &Prompt:"BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Directory\shell\DosHere\command]@="C:\\WINDOWS\\cmd.exe /k cd \"%1\""BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Drive\shell\DosHere]@="DOS &Prompt Here"BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Drive\shell\DosHere\command]@="C:\\WINDOWS\\cmd.exe /k cd \"%1\""

BLANK LINE GOES HERE

See .REG files for background information on .REG files. If you don't want to directly edit the registry, download Command Prompt Here powertoy for Windows NT and follow the instructions.

This kind of install script is included in Windows 2000 Resource Kit. To install CMD Prompt Here, open the folder where the W2K Pro Resource Kit is installed, right-click Cmdhere.inf and choose Install.

The W2K version of the .reg file would be the same as the Windows NT version. You would need to change the path to cmd.exe to the W2K location, usually C:\WINNT\SYSTEM32. The w2k version is:

REGEDIT4 BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Directory\shell\DosHere]@="Command &Prompt:"BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Directory\shell\DosHere\command]@="C:\\WINNT\\SYSTEM32\\cmd.exe /k cd \"%1\""BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Drive\shell\DosHere]@="DOS &Prompt Here"BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Drive\shell\DosHere\command]@="C:\\WINNT\\SYSTEM32\\cmd.exe /k cd \"%1\""

BLANK LINE GOES HERE

Win95 Powertoys also includes a Command Prompt Here tool which work for Windows NT or Windows 2000. To install, right-click Doshere.inf then choose Install.

The XP version of the .reg file would be the same as the Windows NT version. You would need to change the path to cmd.exe to the XP location, usually C:\WINDOWS\SYSTEM32. The xp version is:

REGEDIT4 BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Directory\shell\DosHere]@="Command &Prompt:"BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Directory\shell\DosHere\command]@="C:\\windows\\SYSTEM32\\cmd.exe /k cd \"%1\""BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Drive\shell\DosHere]@="DOS &Prompt Here"BLANK LINE GOES HERE [HKEY_CLASSES_ROOT\Drive\shell\DosHere\command]@="C:\\windows\\SYSTEM32\\cmd.exe /k cd \"%1\""