dirtyepic
Content Type
Profiles
Forums
Events
Posts posted by dirtyepic
-
-
there are reg entries that control the color and size of the cmd window. i'm not sure what they are anymore though. i use Tune-Up Utilities 2004 and i just do it from there now. (white on navy blue like WordPerfect 5.1 ;D)
0 -
(sorry bout the formatting)
edit: forgot to mention, this info applies to XP and Server 2003. i don't know
what the results would be for other versions of Windows, so use at your own risk.
Here's an easy way to manage a bunch of useful networking and security settings
without having to go digging through your registry whenever you want to adjust
something.
This information comes via Microsoft's Threats and Countermeasures security guide:
[ http://www.microsoft.com/technet/Security/...cg/tcgch10.mspx ]
This method gives you easy access to the following keys:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\
EnableICMPRedirect
SynAttackProtect
EnableDeadGWDetect
EnablePMTUDiscovery
KeepAliveTime
DisableIPSourceRouting
TcpMaxConnectResponseRetransmissions
TcpMaxDataRetransmissions
PerformRouterDiscovery
TCPMaxPortsExhausted
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD\Parameters\
DynamicBacklogGrowthDelta
EnableDynamicBacklog
MinimumDynamicBacklog
MaximumDynamicBacklog
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Netbt\Parameters\
NoNameReleaseOnDemand
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\FileSystem\
NtfsDisable8dot3NameCreation
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\
NoDriveTypeAutoRun
HKEY_LOCAL_MACHINE\SYSTEM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\
ScreenSaverGracePeriod
HKEY_LOCAL_MACHINE\ SYSTEM\CurrentControlSet\Services\Eventlog\Security\
WarningLevel
HKEY_LOCAL_MACHINE\ SYSTEM\CurrentControlSet\Control\Session Manager\
SafeDllSearchMode
Instructions
1. Navigate to your %systemroot%\inf folder (eg. c:\windows\inf)
2. Open sceregvl.inf in notepad.
3. Navigate to the bottom of the [Register Registry Values] section and copy the following text into the file:
;================================ MSS Values ================================
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect,4,%EnableICMPRedirect%,0
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\SynAttackProtect,4,%SynAttackProtect%,3,0|%SynAttackProtect0%,1|%SynAttackProtect1%
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableDeadGWDetect,4,%EnableDeadGWDetect%,0
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnablePMTUDiscovery,4,%EnablePMTUDiscovery%,0
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTime,4,%KeepAliveTime%,3,150000|%KeepAliveTime0%,300000|%KeepAliveTime1%,600000|%KeepAliveTime2%,1200000|%KeepAliveTime3%,2400000|%KeepAliveTime4%,3600000|%KeepAliveTime5%,7200000|%KeepAliveTime6%
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting,4,%DisableIPSourceRouting%,3,0|%DisableIPSourceRouting0%,1|%DisableIPSourceRouting1%,2|%DisableIPSourceRouting2%
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissions,4,%TcpMaxConnectResponseRetransmissions%,3,0|%TcpMaxConnectResponseRetransmissions0%,1|%TcpMaxConnectResponseRetransmissions1%,2|%TcpMaxConnectResponseRetransmissions2%,3|%TcpMaxConnectResponseRetransmissions3%
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissions,4,%TcpMaxDataRetransmissions%,1
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\PerformRouterDiscovery,4,%PerformRouterDiscovery%,0
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\TCPMaxPortsExhausted,4,%TCPMaxPortsExhausted%,1
MACHINE\System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemand,4,%NoNameReleaseOnDemand%,0
MACHINE\System\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreation,4,%NtfsDisable8dot3NameCreation%,0
MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun,4,%NoDriveTypeAutoRun%,3,0|%NoDriveTypeAutoRun0%,255|%NoDriveTypeAutoRun1%
MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security\WarningLevel,4,%WarningLevel%,3,50|%WarningLevel0%,60|%WarningLevel1%,70|%WarningLevel2%,80|%WarningLevel3%,90|%WarningLevel4%
MACHINE\SYSTEM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriod,4,%ScreenSaverGracePeriod%,1
MACHINE\System\CurrentControlSet\Services\AFD\Parameters\DynamicBacklogGrowthDelta,4,%DynamicBacklogGrowthDelta%,1
MACHINE\System\CurrentControlSet\Services\AFD\Parameters\EnableDynamicBacklog,4,%EnableDynamicBacklog%,0
MACHINE\System\CurrentControlSet\Services\AFD\Parameters\MinimumDynamicBacklog,4,%MinimumDynamicBacklog%,1
MACHINE\System\CurrentControlSet\Services\AFD\Parameters\MaximumDynamicBacklog,4,%MaximumDynamicBacklog%,3,10000|%MaximumDynamicBacklog0%,15000|%MaximumDynamicBacklog1%,20000|%MaximumDynamicBacklog2%,40000|%MaximumDynamicBacklog3%,80000|%MaximumDynamicBacklog4%,160000|%MaximumDynamicBacklog5%
MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SafeDllSearchMode,4,%SafeDllSearchMode%,0(note that every line above should start w/ MACHINE. if the text gets wrapped,
make sure you fix it after pasting it.)
4. Navigate to the bottom of the [strings] section and copy the following text into the file:
;================================ MSS Settings ================================
EnableICMPRedirect = "MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes"
SynAttackProtect = "MSS: (SynAttackProtect) Syn attack protection level (protects against DoS)"
SynAttackProtect0 = "No additional protection, use default settings"
SynAttackProtect1 = "Connections time out sooner if a SYN attack is detected"
EnableDeadGWDetect = "MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS)"
EnablePMTUDiscovery = "MSS: (EnablePMTUDiscovery ) Allow automatic detection of MTU size (possible DoS by an attacker using a small MTU)"
KeepAliveTime = "MSS: How often keep-alive packets are sent in milliseconds"
KeepAliveTime0 ="150000 or 2.5 minutes"
KeepAliveTime1 ="300000 or 5 minutes (recommended)"
KeepAliveTime2 ="600000 or 10 minutes"
KeepAliveTime3 ="1200000 or 20 minutes"
KeepAliveTime4 ="2400000 or 40 minutes"
KeepAliveTime5 ="3600000 or 1 hour"
KeepAliveTime6 ="7200000 or 2 hours (default value)"
DisableIPSourceRouting = "MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)"
DisableIPSourceRouting0 = "No additional protection, source routed packets are allowed"
DisableIPSourceRouting1 = "Medium, source routed packets ignored when IP forwarding is enabled"
DisableIPSourceRouting2 = "Highest protection, source routing is completely disabled"
TcpMaxConnectResponseRetransmissions = "MSS: (TcpMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged"
TcpMaxConnectResponseRetransmissions0 = "No retransmission, half-open connections dropped after 3 seconds"
TcpMaxConnectResponseRetransmissions1 = "3 seconds, half-open connections dropped after 9 seconds"
TcpMaxConnectResponseRetransmissions2 = "3 & 6 seconds, half-open connections dropped after 21 seconds"
TcpMaxConnectResponseRetransmissions3 = "3, 6, & 9 seconds, half-open connections dropped after 45 seconds"
TcpMaxDataRetransmissions = "MSS: (TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)"
PerformRouterDiscovery = "MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)"
TCPMaxPortsExhausted = "MSS: (TCPMaxPortsExhausted) How many dropped connect requests to initiate SYN attack protection (5 is recommended)"
NoNameReleaseOnDemand = "MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers"
NtfsDisable8dot3NameCreation = "MSS: Enable the computer to stop generating 8.3 style filenames"
NoDriveTypeAutoRun = "MSS: Disable Autorun for all drives"
NoDriveTypeAutoRun0 = "Null, allow Autorun"
NoDriveTypeAutoRun1 = "255, disable Autorun for all drives"
WarningLevel = "MSS: Percentage threshold for the security event log at which the system will generate a warning"
WarningLevel0 = "50%"
WarningLevel1 = "60%"
WarningLevel2 = "70%"
WarningLevel3 = "80%"
WarningLevel4 = "90%"
ScreenSaverGracePeriod = "MSS: The time in seconds before the screen saver grace period expires (0 recommended)"
DynamicBacklogGrowthDelta = "MSS: (AFD DynamicBacklogGrowthDelta) Number of connections to create when additional connections are necessary for Winsock applications (10 recommended)"
EnableDynamicBacklog = "MSS: (AFD EnableDynamicBacklog) Enable dynamic backlog for Winsock applications (recommended)"
MinimumDynamicBacklog = "MSS: (AFD MinimumDynamicBacklog) Minimum number of free connections for Winsock applications (20 recommended for systems under attack, 10 otherwise)"
MaximumDynamicBacklog = "MSS: (AFD MaximumDynamicBacklog) Maximum number of 'quasi-free' connections for Winsock applications"
MaximumDynamicBacklog0 = "10000"
MaximumDynamicBacklog1 = "15000"
MaximumDynamicBacklog2 = "20000 (recommended)"
MaximumDynamicBacklog3 = "40000"
MaximumDynamicBacklog4 = "80000"
MaximumDynamicBacklog5 = "160000"
SafeDllSearchMode = "MSS: Enable Safe DLL search mode (recommended)"(ditto.)
5. Save sceregvl.inf and close notepad.
6. Start -> cmd. Type regsvr32 scecli.dll.
7. Open the Local Security Policy console in Administrative Tools. Browse to Local
Policies -> Security Options. You'll now see a selection of "MSS" policies you can set.
B)
For more information on each setting, the recommended values, and detailed info on
the vulnerabilities and countermeasures for each key, check out
[ http://www.microsoft.com/technet/Security/...cg/tcgch10.mspx ]. It's written for the
Enterprise IT tech or network administrator in mind, but you can still use a lot of the info provided.
0 -
Registry Myths #2 - Setting the L2 Cache Size
Sample misinformation:
For users of Windows 2000 or XP you actually have to tell the OS what size L2 cache your processor has otherwise it won't be used properly! Luckily it's fairly easy to fix.Once you're in the Memory Management folder look for the DWORD value
secondleveldatacache. Right click on that and go to modify. Very important you have to change the Base from Hexidecimal to Decimal before modifying the values. After that's done just punch in your L2 cache size so if you're using an AthlonXP since the CPU has 256KB L2 Cache you enter 256. For Duron's enter 64 and for P4 Northwood's enter 512.
After that's done you should notice your programs now have quite a bit more zip and the system is less sluggish because Windows now knows how to use your L2 cache properly.
[source: http://www.techzonez.com/forums/archive/in...php/t-5618.html]
Windows XP can't detect the proper amount of L2 cache on your CPU. you'll want to go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Managementand change the SecondLevelDataCache key to the L2 cache size of your CPU (in Kb). I've received a few questions about this one and I thought I'd clarify it. when you select to modify this file the default entry is in hexadecimal simply change the selection to decimal and THEN enter your number. Such as 256, 512. A value of 100 in Hexadecimal will result in 256Kb being shown since that is what it's decimal number is.[source: http://www.tweakfactor.com/articles/tweaks/xptweak/7.html]
The Reality:
I don't know how this one even manages to survive. I guess it's another perfect example of the lasting power of rumor.
SecondLevelDataCache records the size of the processor cache, also known as the secondary or L2 cache. If the value of this entry is 0, the system attempts to retrieve the L2 cache size from the Hardware Abstraction Layer (HAL) for the platform. If it fails, it uses a default L2 cache size of 256 KB. If the value of this entry is not 0, it uses this value as the L2 cache size. This entry is designed as a secondary source of cache size information for computers on which the HAL cannot detect the L2 cache.This is not related to the hardware; it is only useful for computers with direct-mapped L2 caches. Pentium II and later processors do not have direct- mapped L2 caches. SecondLevelDataCache can increase performance by approximately 2 percent in certain cases for older computers with ample memory (more than 64 MB) by scattering physical pages better in the address space so there are not so many L2 cache collisions. Setting SecondLevelDataCache to 256 KB rather than 2 MB (when the computer has a 2 MB L2 cache) would probably have about a 0.4 percent performance penalty.
[source: http://support.microsoft.com:80/support/kb...s/Q183/0/63.ASP]
One of the most infamous NT tweaks since the introduction of NT4 has got to be the "L2 cache" tweak, a lone registry entry which stipulates the amount of L2 cache (or secondary cache) that the OS will make use of. Well, as with many things in life, the effects of this tweak are not so black and white. If you're using a processor that implements a direct-mapped L2 cache design (like Pentium I's), then this registry adjustment is indeed for you. However, if you own any Intel processor post-PI, or any modern AMD processor (K6-2 and newer), then your processor is using a set-associative L2 cache design, and thus you need not specify your L2 cache size. Let me explain.If you choose not to futz with the registry key in question, the OS will call on the HAL (Hardware Abstraction Layer) for retrieval of the L2 cache size when you boot your computer. If this happens to fail, a default value of 256KB is used for all logon sessions on that boot session. This is where the myth that NT can only use 256KB of L2 cache comes from. But it's false. See, the HAL is able to retrieve the processor (L2) cache from any processor using the set-associative cache design, it's only the relatively few processors out there with direct-mapped L2 caches that the HAL won't chat it up with. Thus, this tweak only applies to a select number of people anymore (like people with Pentium I procs between 166-233MHz, as lower rated procs had only 256KB cache).
There you have it. Unless you're reading this from a Pentium I, the L2 cache tweak is going to do you more harm then good.
0 -
this is from ref.chm from the SP2 deployment package:
If you are using DriverSigningPolicy = Ignore and you attempt to install a newer, unsigned copy of a driver that distributed with Windows XP or the Windows Server 2003 family, Setup installs the signed Windows XP driver instead of the unsigned drivers, in accordance with the ranking process used by the operating system.maybe that's what's happening?
PS the only values used for [Display] are BitsPerPel, Vrefresh, Xresolution, and Yresolution.
and to create cab files use makecab, it's included in windows. try a google or makecab /?
0 -
actually, scratch that. the numbering is right, but the command isn't.
the >> *.log is what's screwing it up. take those off or put them inside the /f's
/f is a switch of REG. the command your adding has to go:
REG ADD [key] /V [value] /D [data] /f
so..
REG ADD %KEY%\015 /VE /D "Alcohol 120%" /f
REG ADD %KEY%\015 /v 1 /D "%systemdrive%\install\Applications\Alcohol\setup.exe /qn >> %windir%\apps.log" /f
is the way to do it.
if you need to have a title in your log do:
REG ADD %KEY%\015 /VE /D "Alcohol 120%" /f
REG ADD %KEY%\015 /V 1 /D "echo \"Alcohol 120%\" >> %windir%\apps.log" /f
REG ADD %KEY%\015 /V 2 /D "%systemdrive%\install\Applications\Alcohol\setup.exe /qn >> %windir%\apps.log" /f
you can't >> a line of text, ">>" captures output of a command. so use "echo \"Whatever\" >> app.log"
0 -
wrong. you are correct.
...
REG ADD %KEY%\015 /VE /D "Alcohol 120%" /f >> %windir%\apps.log
REG ADD %KEY%\015 /v 1 /D "%systemdrive%\install\Applications\Alcohol\setup.exe /qn" /f >> %windir%\apps.log
is the way to do it.
0 -
Hello.
Does seeing "EnablePrefetcher"=dword:5 make you go like this ->
?When someone happens to mention setting AdditionalCriticalWorkerThreads to 100, do you have an urge to beat that person about the head yelling "THE MAXIMUM IS SIXTEEN YOU $@%#& MORON!"?
If this describes you, then you should really seek the attention of a certified psychologist.
But for anyone who hates registry myths, regardless of sanity, this thread is for you.
Registry Myths #1: IoPageLockLimit
sample misinformation:
This tweak boosts the Input/Output performance of your computer when it is doing a large amount of file transfers and other similar operations. This tweak won't do much of anything for a system without a significant amount of RAM (if you don't have more than 128 MB, don't even bother), but systems with more than 128 MB of RAM will generally find a performance boost by setting this to between 8 and 16 MB. The default is 0.5 MB, or 512 KB. This setting requires a value in bytes, so multiply the desired number of megabytes * 1024 * 1024. That's X * 1048576 (where X is the number, in megabytes). Test out several settings and keep the one which seems to work best for your system.[source: http://www.subvers.com/technobabble/html/tweaking.htm]
Configure the amount of memory that can be locked for I/O Post CommentThere is a limit for how much memory the system can lock for I/O (Input/Output) operations. Increasing the limit might benefit applications or drivers, which are highly dependent on highspeed network or harddisk access, as it will allow a larger amount of outstanding I/O.
This DWORD value specifies how much memory (in bytes) that can be locked for I/O operations:
[HKEY_LOCAL_MACHINE \System \CurrentControlSet \Control \Session Manager \Memory Management]IoPageLockLimit=0 (0 = Calculated at boot, Default = 0)
One can use the following chart for finding a value, though the best value is found by testing:
Total RAM(MByte) IoPageLockLimit(Hex) Max Value
64 0 Total RAM minus 7 MByte
64-200 800000 Total RAM minus 16 MByte
256-500 1000000 Total RAM minus 16 MByte
512+ 2000000 Total RAM minus 64 MByte
[source: http://snakefoot.fateback.com/tweak/winnt/tweak.html#IOLOCK]
Anyone who has done any kind of registry tweaking has seen IoPageLockLimit. It's all over the net, from Winguides, to Pure Performance, to Kelly's Korner, to TechSpot, to even Ars Technica. It's in every tweaking program you've ever used and most you haven't. Even the hallowed Expert's Exchange endorses this registry entry, although no one seems to be able to agree on exactly what format the values are supposed to be in.
What if I told you that this registry entry does absolutely jack? In fact, it isn't even read by the OS, or any other function of the system.
Wait a minute, you say. If this registry entry is bunk, then explain this:
http://www.microsoft.com/windows2000/techi...entry/29932.asp
Big Daddy MS itself says this thing works. So what do you say to that, Mr. Fancypants?
I say yes, you're right, it's true. In Windows 2000 RTM it was a real and valid setting. However, starting with W2000 SP1 and continuing with every subsequent release from 2K to XP to Server 2003 and everything in between, there is no reference to this registry value. In fact, in Windows XP and Windows Server 2003, the I/O Page Lock Limit is locked to 64mb.
Windows 2000 Power UsersVolume 3, Number 16
December 5, 2003
Killing a Myth or Three (or, Getting My Foot Out of My Mouth)
I was going to start talking about Longhorn this issue, but something more important (to me) has come up. Every now and then I realize that I have been inadvertently responsible for spreading a piece of information that turns out to be simply not true. When that happens, the only thing to do is sit down and make a meal out of my own words, sometimes salted liberally with crow.
Take, for instance, a certain Registry hack that is bandied around as being a performance-enhancer in both Windows 2000 and XP. This is the IoPageLockLimit hack, which (according to its proponents) allows you to change the amount of memory locked for exclusive access by the kernel. Setting this to a bigger value should lock more memory at once and in theory enhance performance. And indeed, it does do this -- but only in an RTM Windows 2000 machine. It does absolutely nothing in Windows 2000 Service Pack 1 and up, and absolutely nothing in Windows XP. This makes it effectively useless, since I know of no one in their right minds who runs Windows 2000 RTM on a production machine at this point in time.
How did I fall into this trap? Easy -- I tested it on a machine with Win2K RTM installed! It sure seemed to have an effect there, although not always a healthy one, and when I wrote about it I noted that this was a your-mileage-may-vary situation, and that seemed to be the end of it. The sheer amount of stuff out there to write about is intimidating, and I didn't want to spend weeks and weeks beating on the same issues until all but the most stalwart had fled or given up in boredom. I was applying a fair level of skepticism to the subject, but evidently it wasn't enough. (You can read what I wrote here: http://www.thegline.com/win2k/issues/2002/22.html)
One of the people who woke me up to how this whole IoPageLockLimit thing was a giant shill was Jamie Hanrahan of Kernel Mode Systems (http://www.cmkrnl.com). He had proof, he claimed, that the setting was absolutely worthless as of Win2K SP1 and up. He had run a string analysis on NTOSKRNL.EXE, looking for the actual Registry entry itself to see if it was being referenced by the kernel, and what he found was eye-opening. The RTM kernel references IoPageLockLimit. The SP1 kernel does not. Neither do any subsequent editions of the kernel; neither does the XP kernel in any of its incarnations. To double-check, he ran SysInternals' RegMon utility to determine if anything was, in fact, accessing that Registry entry at all, and the answer seemed to be a resounding no. There seem to be no references to the entry in any other system components, either. (I ran GREP on pretty much the whole Windows directory and came up empty.)
So why did some people report performance gains when they did this? There are plenty of explanations that have more to do with psychology and behavior than anything else. One of them is simple enough: that while making this tweak they did other things that may have legitimately affected their system performance (like do a defrag or clean up their boot acceleration cache, if they used XP). The other is nothing more than the placebo effect, where people perceive changes that simply aren't there, without having hard numbers to back it up. (Guilty!)
Now, the Ars Technica site, themselves no slouches, have reprinted the trick (at http://www.arstechnica.com/tweak/nt/IO-1.html), along with hard numbers to back it up -- but only under NT 4.0, not Windows 2000! Evidently a lot of people (myself included) have been mindlessly following the bandwagon that NT 4.0 = 2000 when it serves them and NT 4.0 <> 2000 when it does not.
On the one hand, this is bad news, because it means I've been inadvertently been spreading things which seemed to be facts, but which simply no longer have any truth to them, and haven't for some time. On the other hand, there is some good news here -- it means that the amount of stuff that needs to be tweaked in a Win2K or WinXP system is that much smaller, and that the system has apparently been made that much more self-regulating lately. I don't know about you, but I didn't particularly relish the thought of taking days to try and tweak my cache settings. (How does that song go? "Always ... look on ... the bri-ight side of life...") If it means I have to go and make a mess of retractions, then so be it. I'd rather do that than continue to knowingly be wrong.
I think an old adage is worth trotting out: Believe half of what you see and none of what you hear.
[source: http://www.thegline.com/win2k/issues/2003/16.html#1]
Full credit for discovering this registry myth goes to Windows 2000 Power Users (www.Win2KPowerUsers.com).
0 -
-
Very cool little util.
0 -
-
"SP2 limits the number of simultaneous incomplete outbound TCP connection attempts"
" but aren;t u talking about the TCP/IP limitation??"
0 -
i guess you could open Device Manager and check Show Hidden Devices. open the Non-PnP Drivers bit and see what you're not using.
0 -
and also, in the second method once you have your custom ntuser.dat, what do you do with it? put it in $OEM$\$Docs\Default User ?
yes
i think i have it all straightened out now. thanks both of you for your ideas.
0 -
let me see if i'm understanding this. in the first method, he creates a new user, then sets everything up the way he wants. these settings are saved in NTUSER.DAT plus some important bits from the profile tree, which is copied to $OEM$\$DOCS\Default User etc. etc. in the second method, you open NTUSER.DAT and edit the settings in regedit til you get them how you want them.
so excuse my newbness, but what's the difference?
and also, in the second method once you have your custom ntuser.dat, what do you do with it? put it in $OEM$\$Docs\Default User ?
0 -
hmm,
since sp2 for xp this doesn`t work.
i don`t know why but i become advance notice if i install drivers without a digital sign.
sure it does. i install unsigned cmedia drivers during my SP2 uA and it doesn't give me any problem.
[Unattended]
ComputerType = "Standard PC", Retail
UnattendMode=FullUnattended
OemSkipEula=Yes
OemPreinstall=Yes
TargetPath=\Windows
UnattendSwitch = Yes
FileSystem = *
WaitForReboot = No
DriverSigningPolicy = Ignore
Hibernation = No
OemPnPDriversPath="Drivers\8338wdm536"0 -
so i just made up a new install with the regkey above included. it looks to me like that does the job. perflib is the library or database that all these counters report to i guess, so turn it off and the counters go as well. i did find out that while performance tracking is enabled by default, performance monitoring isn't; meaning while the counters are always reading the data, they're not storing it anywhere. if you activate a monitor in the Performance tool or another monitoring program, then it starts logging the info for you. so yes, they are separate, and the Perflib key above disables all counters.
and just to confuse you some more, if you check in that exctrlst.exe tool posted above to see what counters are active, it will still show them as being enabled. this is because it only checks to see if there's a Disable key set in each service's registry entry [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\<ServiceName>\Performance]. but we didn't touch those keys and instead just disabled the whole system so it still reports back as being on. (just like for example when you disable the Indexing Service your drive properties window will still have Allow Indexing Service... checked).
i think i'm just going to forget about this whole thing and instead focus my attention on something a little less complicated like quantum physics or world domination.
oh yeah, something else i stumbled across. if you want to see exactly how many of these counters there are, check out c:\windows\system32\PerfStringBackup.ini
0 -
hehe thanks alanoll. i suggest we move it to slashdot.
ok, what about either Windows Tips 'n' Tweaks or Windows XP?
0 -
can anyone suggest a good file/directory comparison utility? i want to see side by side exactly what changes a program is making to a directory - what files are added or removed, if a file is modified exactly what the modifications are, etc etc. the ability to revert the changed directory to original would be a bonus but isn't required. it has to handle subdirectories as well, about 20 or more levels. also it has to be able to handle files inside zip's and cab's. searching google brings up a lot of junk software, and i don't know what's good or not.
thanks.
0 -
that should do it.
i found this as well:
Performance counters are enabled by default to allow applications such as Performance Logs and Alerts to subscribe to these counters and measure performance. One can disable these performance counters to free resources."applications such as" makes me think they're two seperate things, so maybe i was wrong about disabling the PL&A service being the same thing. it sounds like they would continue to log data. i think i'm wandering off into the unknown myself here.
anyways this thread is getting way off-topic so i won't babble on about it anymore.0 -
@Jeremy
found it:
http://www.jsiinc.com/SUBP/tip7800/rh7815.htm
http://www.microsoft.com/downloads/details...&displaylang=en
@All
more performance counter info than you'll ever need:
http://labmice.techtarget.com/troubleshooting/PerfMon.htm
http://www.microsoft.com/resources/documen...t6/proch27.mspx
http://snakefoot.fateback.com/tweak/winnt/tweak.html (#15)
http://forums1.itrc.hp.com/service/forums/...&threadId=45322
@ Jeronimo
that's what i gather, but i'm still a little fuzzy on what does what. to me it seems that the performance counters process and record the raw data and the log/alert displays that data in a form that you can monitor over time. also it can be setup to send you an Administrative Alert if anything goes wonky. what i'm hazy on is whether they're independant of eachother or not, or if the logs are disabled, do the counters still process the raw info?
probably not, but i'm just going to disable both and get some sleep.
0 -
@puntoMX
it's in Administrative Tools -> Performance
the counters do just that - they count. they just record statistical data. they don't make any adjustments to your settings, just provide the information so you can make an informed decision on how to adjust your system yourself and see what results each change makes. apparently this is really useful for finding bottlenecks or diagnosing problems. i don't use it myself as most of the info is over my head but i've come across several pages explaining how it can be used to optimize your system.
ever disable the Performance Logs and Alerts service? this is the exact same thing. i've never had problems with it off.
@Jeremy
event log i like to keep running. i don't use it very often at all, but when need it i'm glad it's there.
i don't think they're too massive. you're not going to get a huge jump in performance since all it's really doing is reading values. but if you're not using it anyways, it won't hurt to disable it.
Windows saved user THE-REALM\Jeremy registry while an application or service was still using the registry during log off. The memory used by the user's registry has not been freed. The registry will be unloaded when it is no longer in use.""Windows cannot unload your classes registry file - it is still in use by other applications or services. The file will be unloaded when it is no longer in use."this has something to do with services (1st error msg) or programs (2nd msg) that don't properly close the registry when they exit (like how sometimes you can't delete a avi or folder because it's "in use" even though you have nothing running). it's a known problem and ms has put out a "patch" you can download. it's actually a small service that sits in the background and watches for reg entries that are open but the app that opened them is not longer running, and closes them. i can't remember what it was called, but i'll have a look for it in about 20 min or so. (smoke break) i know it had HIVE in the name. if you happen to have the Event ID of the error msgs, you should be able to look it up no problem.
0 -
ah okay:
This problem occurs in non-English versions of the operating system (OS) because of differences in display font styles and scaling.guess i'm not so special after all
0 -
nice idea! it would take some doing though. i'm not sure how extensions/mods work in Invision.
and just to go the other way, i think it would be better if the search DIDN'T search code boxes. ever try searching for more information on on a certain heading or option? eg. you want to know what 'UnattendSwitch' or 'RA_AllowFullControl' does in winnt.sif. the search brings up each and every post where someone has happened to paste their script for whatever reason. it's impossible to find anything.
but searching in the code does have many advantages as well. maybe an option to include/exclude code boxes on the search page could give ppl the best of both worlds?
0 -
The dimensions stated on that page are incorrect. They are stated as 180x114. They've been stated incorrectly by Microsoft's documentation in the past. The correct dimensions for Windows XP are 172x100.
There is the requirement that the OEMLOGO.BMP file must be a Windows compliant BMP file of 256 color only.
well, that sure is news to me. maybe it works because i didn't know it's not supposed to.
seriously though, i've had 3 oem logos, all 180x114. two worked fine and the other was cropped like that KB page describes.
*shrug*
0
?
Adobe Reader 6.02 silent install
in Application Installs
Posted
just thought i'd mention, Adobe Reader Speedup disables WISPTIS.exe from loading when Reader starts. Maybe an email to the developer would shed some light on things. (http://www.tnk-bootblock.co.uk/prods/misc/)