[What Not To Remove For Some Programs]

I made an INF that installs/uninstalls the 16-bit Subsystem so those who thought they didn't need it can reinstall it, but I have one snag: I don't know where C:\WINDOWS\system\setup.inf is located on the XP CD. It might not be an important file but just to be sure. If not I will publish the INF with setup.inf included.

The INF works very well.

Nevermind, I found it

--

Alright here it is.

NTVDM_nlite.inf

To restore the 16-bit subsytem:

RunDll32 advpack.dll,LaunchINFSection NTVDM_nlite.inf,Ntvdm.Install

To uninstall the 16-bit subsytem:

RunDll32 advpack.dll,LaunchINFSection NTVDM_nlite.inf,Ntvdm.Remove

Insert the path to an un-nLited CD or other source when prompted. A restart should not be required. I've only tested on XP SP2 though.

sep 22, 4pm edit; Refined file list

NTVDM_nlite.inf

[Suggestion for "16-bit app support"]

LMFAO!!!

Honestly, if you get rid of either

C:\CONFIG.SYS

C:\MSDOS.SYS

C:\IO.SYS

C:\WINDOWS\system32\command.com

Windows won't even boot!!

Are you sure about that? I removed them, Windows XP still boots, and those files remain deleted. Those files are only a part of DOS/9x/ME boot process, never do they take any part in NT's boot process.

Command line scripts should use a *.cmd extension, not *.bat.

[Suggestion for "16-bit app support"]

Some 16-bit files still remain. They are useless since they say "is not a valid Win32 application." (which it is supposed to) so I don't think any 32-bit program will be using these. They are:

C:\WINDOWS\system32\command.com

C:\WINDOWS\twain.dll

C:\WINDOWS\twunk_16.exe

C:\WINDOWS\system\WINSPOOL.DRV (not sure about this one but if it is safe to delete perhaps the 'system' folder could be deleted since it would be nice for autocompleting in the command-line when typing 'system32'. This was the last file in 'system')

C:\WINDOWS\system.ini

C:\WINDOWS\win.ini

C:\WINDOWS\Fonts\dosapp.FON

C:\WINDOWS\Fonts\EGA80WOA.FON

C:\WINDOWS\Fonts\EGA40WOA.FON

C:\WINDOWS\Fonts\CGA80WOA.FON

C:\WINDOWS\Fonts\CGA40WOA.FON

C:\AUTOEXEC.BAT

C:\CONFIG.SYS

C:\MSDOS.SYS

C:\IO.SYS

Also the following file isn't 16-bit and still works even if it isn't useful to most people, but was removed by nLite:

C:\WINDOWS\diskcopy.com

I was using XP SP2 media, and only remove 16-bit support. Let me know if you need more info..

[.exe file probs with Mac OS X]

ROFL... EXEs are a PC executable format.

Correction: EXEs are Windows executables.

[I want to run Vista's M$ games in xp]

Isn't the problem obvious? M$ Windows binaries aren't compatible with MS Windows.

[Windows XP Security behavior]

Because "Authenticated Users" is in Users, and an authenticated user is just that: You have a valid account regardless of admin or other groups. This includes Administrator (or "admin" in your case). With NT, Deny takes precedence over Allow.

To fix your problem: simply remove "Users". If you don't want "Users" accessing the folder, you simply leave them out. Like an exclusive nightclub if you aren't on the list you aren't getting in.

[How to make NTFS partition bootable and keep the data?]

You can go into Disk Management and mark C: as active if it isn't already. D: should simply report "Healthy", but if it says it is still active then that is no good.

Since i'm not aware of any way in 2003 or XP or 2000 to remove the active flag short of deleting the partition, I use the first CD of Slackware (slackware.com) to boot and run "cfdisk" which can remove the bootable flag on a partition without destroying it. In your case, after doing that for D: you might have to run those commands again.

[How to make NTFS partition bootable and keep the data?]

Did you simply do "fixboot" and "fixmbr" or did you do "fixboot C:" and "fixmbr \Device\HardDisk0"?

They also say for fixmbr if you didn't do the latter: "If an invalid or nonstandard partition table signature is detected, you will be prompted whether you want to continue. If you are not having problems accessing your drives, you should not continue. Writing a new master boot record to your system partition could damage your partition tables and cause your partitions to become inaccessible."

[XP Corporate key problems]

If you are having problems with a corporate key, then contact your administrator or IT department and he or she will straighten out issues with keys issued to the company.

[what account do you use in Win XP. Administrator or User?]

Thats too much hassle. Why use a standard user account for anyway?

The reason I do is because it is obvious that malware gets no advantage. Signatures only go so far, so far that as I said earlier you need 2 of every type of "security app" running in the background to be safe. That is fine if all you do is word processing.

The only "security" app I have is AVG. I had SpywareBlaster, but I uninstalled it and even reversed any changes it made. I had Ad-Aware. I rarely used it, and when I did, I didn't need it only telling me that cookies and recently opened files were endangering my privacy. I don't have a slow system but I sure don't want tons of other crap running slowing it down.

I'll let other people be but, anyone not seeing the obvious advantage shouldn't complain that Windows has no security.

[Can I have two systems on one drive]

Give them their own account and make it a limited user account. Be sure to be using NTFS as well. Then they can only screw with their own account and not beyond it.

[what account do you use in Win XP. Administrator or User?]

User.

How can you be "careful"? Careful is when you are even using Firefox as a non-admin, get hit with an exploit and has no privileges to do anything. Or is careful installing at least 2 of each of the following:

- Antivirus

- Antispyware

- Anti-Trojan

- Miscellaneous block lists

- Miscellaneous process watchers

I use a limited account and AVG. I've had Windows installed for a year and 3 months, and never lived in fear.

[windows setup directly from hard drive?]

The file you run at the DOS prompt is i386\winnt.exe. Note: not winnt32.exe. Setup.exe can't be run from DOS either.

[Creating another user having admin preveliges]

net localgroup Administrators Ashraf Zia /add

the username should probably be in quotes, otherwise "Zia" would be interpreted as another switch or command:

net localgroup Administrators "Ashraf Zia" /add

[CHKDSK not clearing problem]

When I run CHKDSK /F at bootup, it doesn't find any errors.

Thanks

The screen won't tell you but in the Event Viewer look for a source of "Winlogon" for more details on chkdsk results.

[Why do most people leave out Internet Explorer on unattented install?]

You need another program to remove IE. Unattended only removes shortcuts.

[Any way to change system Langauge]

You'll have to buy a Chinese XP Home or get XP Pro and become a volume license customer (probably very expensive). MUI packs aren't available for retail sale.

[[Question] - add English menu support (MUI)for windows xp chinese vers]

You need to be a volume license customer. The MUI packs are not for retail sale. Also it is only availabe for XP Pro (so if you have Home then you aren't going to be able to use it).

[Last Patchday --> persuade M$ to extend support for Windows 9]

Dear Bill Gate$, plea$e extend $upport for Micro$oft Window$ 98.. ?

No point in fixing execution flaws in an OS where the only type of accounts are those with absolute power and allows programs like CIH access to your hardware.

[How can I secure WindowsXP?(registry hacks)]

Don't run as administrator.

http://blogs.msdn.com/aaron_margosis/default.aspx

[Microsoft's new Kernel Patch Protection scheme sucks!]

Oh thanks AllUltima for clearing this issue up, I was wondering why daemon and alcohol wouldn't work on x64 os. I guess i will remove this patch from my Update Pack. Micros*** is bunch of stupid idiots.

Daemon Tools and Alcohol would work if they didn't "patch" the kernel.

http://www.sysinternals.com/blog/2006/02/u...at-digital.html

The kernel shouldn't be f***ed with by ISVs.

[Microsoft's new Kernel Patch Protection scheme sucks!]

So you favor rootkits?

I say good day to you...

[[Help] Logon user restrictions]

That might mean file sharing is not enabled.

Just go to the Control Panel, and run the Network Setup Wizard.

Also, if you are not using simple file sharing, then the account that you use to connect to the other computer must have a password.

[per machine VS per user]

Entries in HKCU\software\classes override HKCR entries. If an entry for X exists in HKCU, then that is used. If an entry does not exist for X, then it looks to HKCR and uses that value.

I think it is a simple case of the program configuring per-user information as a post-setup task, rather than being done at runtime in the actual program to see if the entries exist in HKCU and create per-user entries if needed. Grab Registry Monitor at http://www.sysinternals.com and execute the program while monitoring to see where it fails. If it fails after reading HKCU then the program is broken.

You also want to check the permissions on the keys.

[SP1...safe to use again?]

I think SP2 is safer.

It is more than a big security and bugfix rollup. It contains changes to RPC, turning what may be exploited in 2000 SP4 and XP SP0/1 remotely into a local exploit or no issue at all in SP2. Then there is Data Execution Protection.. may work well as software-only but is better with a 64-bit CPU.

There are other steps you can take as well.. for one, not using an administrator or power user account for internet tasks ("Users" group is the one to use).