Targu-Jiu Online

[mitrutz]

Registry backup:
1) Inchideti toate programele care ruleaza pe desktop.
2) Click Start / Run , tastati regedit dupa care apasati OK.In fereastra nou deschisa apasati File --> Export.Aceasta comanda va va deschide o "cutie" , in care veti putea salva fisierul de Backup.
3) Salvati fisierul folosind o denumire luata la intamplare asigurandu-va insa ca , campul Export range este setat la ALL
4) Apasati save iar procesul este incheiat.In situatia in care doriti sa restaurati fisierele salvate urmati aceasi pasi doar ca de data aceasta apasati File -->Import dupa care tastati OK.


Servicii care functioneaza independent de ICF (Internet Connection Firewall)
1) Click Control Panel --> Network and Internet connections .
2) Click Network Connections.
3) Click dreapta pe conexiunea dumneavoastra la internet si selectati properties.
4) Selectati eticheta Advanced.
5) Click Settings in fereastra Advanced , deschisa.
6) De aici , puteti activa serviciile cele mai uzuale doar printr-un click pe ele , sau puteti adauga altele , accesand butonul Add.

Performanta
Marirea vitezei de boot prin dezactivarea programelor Auto-start
1) Click Start / Run , tastati msconfig dupa care apasati OK.
2) Apasati tasta Startup, din partea superioara a ferestrei care tocmai s-a deschis.Veti vedea o lista cu programele care pornesc automat , odata cu incarcarea Windows-ului.
3) Daca deselectati casuta din dreptul unuia dintre programele cuprinse in lista , acesta nu va mai porni automat.Resetati calculator si astfel setarea este completa.

Marirea vitezei de conectare la internet.
1) Asigurati-va ca sunteti logat ca si Administrator si aveti astfel de privilegii
2) Click Start --> Run dupa care tastati gpedit.msc si apasati Enter.
3) Extindeti coloana Local computer policy
4) Extindeti coloana Administrative templates
5) Extindeti coloana "network"
6) Selectati "QoS Packet Scheduler" in fereastra din stanga
7) In fereastra din dreapta , faceti dublu-click pe optiunea "limit reservable bandwidth"
In campul setting bifati optiunea 9 ca si "enabled"
9) Setati optiunea "Bandwidth limit %" dandu-i valoarea 0
10)Restartati sistemul.

Sporirea vitezei de boot prin defragmentarea fisierelor.
1) Apasati Start -->Run , tastati Regedit.
2) Extindeti coloana HKEY_LOCAL_MACHINE
3) Extindeti coloana Software
4) Extindeti coloana Microsoft
5) Faceti click pe Dfrg si apoi pe BootOptimizedFunction
6) In fereastra din dreapta , selectati optiunea Enable , dupa care introduceti valoarea Y.

Marirea vitezei de shutdown
1) Apasati Start --> Run si tastati regedit
2) Extindeti coloana HKEY_CURRENT_USER
3) Extindeti coloana Control panel
4) Selectati Desktop
5) In fereastra din dreapta , selectati AutoEndTasks , modificand valoarea 0 cu 1
Setari simple , performanta sporita.
1) Click dreapta pe My computer.
2) Apasati butonul Adavanced apoi , Performance --> Settings.
3) Selectati eticheta , Visual Efects , bifati Custom , dupa care deselectati setariile pe care le considerati nenecesare .
4) Selectati eticheta Advanced si bifati optiunea Background services. (!!!) Selectand aceasta optiune veti fi capabil sa rulati concomitent mai multe programe fara a influenta in mod negativ persormantele sistemului de operare . Fiecare aplicatie va folosi astfel , o cantitate egala de resurse.

Dezactivarea logoului de boot.
1) Click Start --> Run.
2) Tastati msconfig .
3) Selectati eticheta BOOT.INI si bifati casuta /NOGUIBOOT.
Marirea vitezei de afisare a meniurilor.
1) Click Start --> Run.
2) In fereastra de dialog , tastati regedit.
3) Extinedeti HKEY_CURRENT_USER\Control panel\Desktop.
4) In fereastra din dreapta , selectati MenuShowDelay si setati valoarea 1.
Marirea vitezei de incarcare a aplicatiilor.
1) Click pe entitatea dorita (director , fisier , fisier executabil , etc)
2) Executati click dreapta pe aceasta si selectati properties.
3) In campul target , adaugati /prefetch: 1

Practic
Scurtaturi (Shortcuts) in Windows XP.
[Windows Key] + [Q] =Schimbarea rapida a utilizatorilor (Switch users)
[Windows Key] + [E] = Deschide Windows Explorer
[Windows Key] + [R] = Deschide fereastra Run.
[Windows Key] + [F] = Deschide fereastra Find.
[Windows Key] + [L] = Blocheaza accesul la Desktop si deschide fereastra Login.
[Windows Key] + [U] = Deschide programul Utility Manager
[Ctrl] + [A] = marcheaza tot
[Ctrl] + [C] = copiaza
[Ctrl] + [V] = insereaza
[Ctrl] + [X] = decupeaza
[Ctrl] + [Z] = anuleaza
[Ctrl] = copierea unui element la tragerea acestuia
[Ctrl] + [Shift] = realizarea unui link spre un element la tragera acestuia
[F2] = redenumire
[F3] = cautarea unui fisier sau director
[Alt] + F4 = inchiderea aplicatiei curente
[Ctrl] + [F4] = inchiderea unui document
[F5] = actualizarea ferestrei curente
[Alt] + [Tab] = comutare intre programe
[Alt] + [Enter] = afisarea proprietatiilor unui element
[Esc] = intreruperea operatiei
[Del] = stergere in Recycle Bin
[Shift] + [Del] = stergere permanenta

Sporirea vitezei de boot prin defragmentarea fisierelor.
1) Apasati Start -->Run , tastati Regedit.
2) Extindeti coloana HKEY_LOCAL_MACHINE
3) Extindeti coloana Software
4) Extindeti coloana Microsoft
5) Faceti click pe Dfrg si apoi pe BootOptimizedFunction
6) In fereastra din dreapta , selectati optiunea Enable , dupa care introduceti valoarea Y.

Curatarea directorului "Prefetch"
Windows-ul salveaza la anumite intervale de timp, fisiere care contin informatii despre felul in care functioneaza anumite aplicatii.Acestea sunt stocate in fisierul "Prefetch" din directorul "Windows" dar care devin nenecesare dupa o anumita perioada.Acesta trebuie astfel, curatat regulat.

Dezactivarea programului de inscriptionare a CD-urilor
1) Accesati My computer
2) Click dreapta pe unitatea de inscriptionare a Cd-urilor.
3) Selectati optiunea Properties
4) Faceti click pe casuta Recording
5) Dezactivati optiunea "Enable CD recording on this drive"

Aplicatii fara erori
1) Apasati Strat --> Run si tastati regedit
2) Extindeti coloana HKEY_CURRENTUSER
3) Extindeti Control Panel
4) Selectati Desktop
5) In fereastra din dreapta adaugati valoarea String "LowLevelHooksTimeout"
6) Tastati in campul Value data , valoarea 3000 , unde 3000 este timpul , in milisecunde dupa care , o aplicatie care contine erori se va inchide automat

Dezactivarea atentionarii "Low Space"
1) Deschideti regedit
2) Extindeti coloana HKEY_CURRENT_USER
3) Extindeti coloana software (faceti acelasi lucru si cu coloanele Microsoft ; Windows Policies )
4) Selectati explorer
5) In fereastra din dreapta , faceti click dreapta --> New --> DWORD value
6) Salvati inregistrarea dandu-i numele NoLowDiskSpaceChecks si valoarea 1
7) Inchideti regedit si restartati calculatorul
Imbunatatirea stabilitatii , lui Internet Explorer
1) Deschideti regedit
2) Extindeti coloana HKEY_CURRENT_USER\software\Microsoft\Windows\Current version\Explorer
3) Adaugati valoarea , string , "BrowseNewProcess" , careia ii dati valoarea YES.

Alfabetizarea meniului START.
Stiati ca programele nou instalate , apar la sfarsitul meniului START -- > Prorgrams. Daca doriti sa aranjati lista acestora , in ordine alafabetica nu trebuie sa faceti altceva decat , un click dreapta pe meniu si sa selectati optiunea SORT BY NAME.

Managementul sistemului de operare.
1) Folositi Disk Defragmenter de cel putin , o data pe saptamana , dupa ce ati instalat un program nou sau dupa ce ati dezinstalat altul.Evitati instalrea prea multor programe.
2) Folositi Chkdsk (Check disk utility - Program de verificare a integritatii harddisk-ului) de cel putin o data pe saptamana.Calea catre acesta este urmatoarea:Start --> Run , tastati command.com sau deschideti direct fereastra MS - DOS din meniu Program / Accessories / MS-DOS.Ajunsi aici tastati chkdsk x: unde "x" este litera corespunzatoare drive-ului pe care doriti sa-l verificati.
3) Sterge fisierele Internet temporare accesand meniul Tools/Internet Options/General/Temporary internet files , din fereastra Internet explorer.(Delete cookies ; history)
4) Sterge regulat fisierele ale caror extensie este : .tmp ; .gid ; .fts ; .dmp
5) Deselecteaza programele Auto-start , nefolositoare , utilizand msconfig. Vezi sectiunea Tips&Tricks
6) Foloseste SFC /scannow de cel putin o data pe luna (comanda MS-DOS).Procesul dureaza aproximativ 20 de minute.
7) Stergeti programele vechi pe care nu le mai folositi.(Control panel / Add Remove programs)
Creaza saptamanal un punct de restaurare folosind "unealta" System restore.
9) Reactualizati sistemul de operare , ori de cate ori este posibil.
10) In situatia in care va hotarati sa mai instalati inca un sistem de operare , folositi alt Hard drive , altul decat cel pe care este instalat sistemul vechi.
11) Folositi de fiecare data Add / Remove programs din Control Panel pentru a dezinstala programele nefolositoare.
12) In situatia in care memoria RAM a PC-ului este mai mica de 256 Mb straduiti-va sa o aduceti la aceasta valoare.
13) Dezactivati Hibernarea daca pentru un motiv sau altul , nu aveti nevoie de ea.(Calea este Control panel/Power options/Hibernate)
14) Folositi Disc cleanup ori de cate ori este nevoie , cu conditia insa sa ocoliti fisierele compresate.
15) Economiseste spatiu.Folositi un CD Writer pe care sa inscriptionati informatii care necesita mult spatiu pe Hard disk.
16) Incearcati sa nu utilizati mai multe programe simultan , in cazul in care memoria RAM nu va permite acest lucru.

Tricks
Deschiderea aplicatiei "System Restore" din linia de comanda.
1) Restartati calculatorul.
2) Tineti apasata , tasta F8 , pentru a intra in meniul de configurare.
3) Selectati optiunea "Start Windows in Safe Mode with Command Prompt". (ATENTIE: Trebuie sa va logati ca si administrator sau asigurati-va ca user-ul pe care-l folositi are astfel de privilegii)
4) In linia de comanda , tastati , %systemroot%\system32\restore\rstrui.exe , dupa care apasati ENTER.
5) Urmati instructiuniile de pe ecran.

Micsorati marimea fisierelor.
Metoda 1.
1) Click dreapta pe directorul care urmeaza a fi compresat.
2) Selectati Send To --> Compressed (zipped) folder.
Metoda 2.
1) Click dreapta pe desktop.
2) Selectati New.
3) Deschideti directorul si copiati , in acesta fisierele ce urmeaza a fi compresate.

Dezactivarea folosirii sistemului de operare de catre mai multi utilizatori.
1) Click START --> Control Panel sau START --> Settings --> Control panel.
2) Selectati User Accounts.
3) Selectati Change the way , users , log on and log off
4) Debifati optiunea Fast User Switching.

multzam lui dmldone pt forward
_________________
Mitrut Stanoiu
Cazare Targu Jiu
Servicii web
Gazduire web
Cazare Ranca

[dmldone]

eu ma gandeam ca le stii si tu pe toate. multumesc pentru multumire.

[mitrutz]

recunosc ca nu le stiam pe toate
cateva din ele DA.

si eu iti multumesc ca tu imi multumesti pentru multumire !



_________________
Mitrut Stanoiu
Cazare Targu Jiu
Servicii web
Gazduire web
Cazare Ranca

[dmldone]

si sa continuam asa cu multumirile.

[bllizzard_wizard]

Tips & Tricks pentru optimizarea Windows Xp Pro.



Sa incepem:


Control Panel -> Administrative Tools-> Services

De aici dezactivate urmatoarele servicii (in functie de necesitati puteti lasa unele dintre ele); serviciul se dezactiveaza cu un dublu click pe el, daca e pornit atunci se opreste apasand butonul "STOP" si selectand de la Start-up Type: "Disabled"

Automatic Updates: acestea e mai sigur sa se faca manual (nu toate update-urile sunt necesare; in schimb cele critice trebuie sa le aveti)
COM+ Event System
COM+ System Application
Computer Browser
Distributed Transaction Coordinator
Error Reporting Service
Fast User Switching: serviciul care "mananca" cea mai multa memorie RAM. Daca aveti un singur user pe calculator nu mai este necesar sa folositi serviciul. Oricum recomand sa aveti un singur user.
Help and Support
Indexing Service
Messenger: in cazul in care folositi MSN Messenger NU dezactivati serviciul
Net Logon
NetMeeting Remote Desktop Sharing
Network DDE
Network Location Awareness
NT LM Security Support Provider
Performance Logs and Alerts
Print Spooler: in cazul in care folositi imprimanta NU dezactivati serviciul
Remote Desktop Help Session Manager
Remote Registry
Secondary Logon
Server
Smart Card
Smart Card Helper
SSDP Discovery Service
System Event Notification
System Restore Service: incercati sa evitati backup-ul de Windows. Eu unul il urasc. Folositi Norton Ghost. E mult mai practic.
Task Scheduler
Telnet
Terminal Services
Uninteruptable Power Supply: daca folositi UPS atunci NU dezactivati serviciul
Upload Manager
Wireless Zero Configuration: daca aveti o retea wireless NU dezactivati serviciul.


Dupa aceste modificari veti vedea ca viteza de incarcare a Windows-ului s-a marit considerabil; in plus daca dati un ALT+CTRL+DEL si monitorizati memoria RAM veti vedea ca si aceasta a scazut considerabil.

Continuam:

Pentru marirea vitezei de operare prin optimizarea librariilor pe care Windows-ul le incarca si care ocupa iarasi din memoria RAM. Ce trebuie sa faceti:

Start -> Run dupa care scrieti comanda: regedit

Aceasta va deschide registrii Windows. Cautati urmatoarea sectiune:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer]

Dupa ce ati localizat-o cu click dreapta creati un sub-key pe care-l numiti AlwaysUnloadDLL si setati Value egal cu 1
Ultimul pas: restartati Windows-ul
_________________
If the answer is Micro$oft, u probably ask the wrong question.

[bllizzard_wizard]

Daca sunteti curiosi de ce va ocupa directorul Windows in cele mai multe cazuri mai mult de 1GB, si vreti sa stiti daca se poate sterge ceva din el...pai se poate.
Eu am obtinut o marime a directorului Windows de 585 MB Si ruleaza stabil.
Cum ? Foarte simplu.

In cazul in care directoarele la care fac referinta nu exista, puteti sari peste pasul respectiv.

1. C:\Windows\system32\dllcache
Directorul se poate sterge in intregime, contine cate o copie de backup a fiecarui fisier sistem folosit de Windows. Deci e imens (400-500MB). Efectul cauzat de stergerea directorului este aparitia unei erori in momentul in care incercati sa modificati/stergeti/inlocuiti un fisier sistem. In cazul in care lasati intact directorul, in locul fisierului in cauza se va copia cel original gasit in director.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!

2. C:\Windows\ServicePackFiles\i386
Acest director exista numai in cazul in care v-ati instalat un Service Pack pe XP. Contine fisierele noi care au fost updatate de service pack.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!

3. C:\Windows\$Uninstall----$
Directoarele cu aceasta denumire sunt folosite doar pentru a dezinstala un update la Windows. De obicei nu veti dezinstala aceste updateuri, deci directorul poate fi sters.

4. C:\Windows\Driver cache\i386
Aici se afla driverele pe care le va folosin Windows atunci cand adaugati o componenta hardware noua in sistem. Daca toate componentele sunt instalate, puteti considera ca nu mai aveti nevoie de drivere. Ocupa aproximativ 80MB (sau mai mult daca sunt instalate service packuri).
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!

5. C:\Windows\Help
Numele ii spune atat rostul cat si rata de utilizare Deci daca nu folositi niciodata Help and Support, puteti economisi alti 50MB.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!

6. C:\Windows\inf
Contine multe drivere de windows. Cand adaugati o componenta hard noua in sistem, Windows cauta prima data aici un driver corespunzator. De obicei componentele noi vin cu kituri de instalare proprii, deci nu veti avea nevoie de aceste drivere impicite. Daca doriti totusi sa le pastrati, stergi doar driverele pt modemuri, pt ca sunt cele mai multe (del mdm*.*).
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!

7. C:\Windows\srchasst
Search Assistant, interfata animata folosita pentru Search. Daca il stergeti, cautarea se va face folosind interfata veche (din windows 2000).

8. C:\Windows\system32\restore
Daca doriti sa scapati definitiv de amenintarea System Restore, aici este aplicatia malefica Inainte de a sterge directorul, asigurati-va ca System Restore este deja dezactivat.

9. C:\Windows\system32\usmt
File and Settings Transfer Wizard. Daca stiti la ce foloseste si nu aveti nevoie de acest serviciu, se poate sterge. Daca n-ati auzit de el, atunci cu siguranta nu-l veti folosit, deci este in siguranta sa-l stergetii.

10. C:\Windows\system32\oobe
Out Of Box Experience - ecranele care apar dupa instalrea Windows, referitoare la inregistrarea si activarea produsului, etc.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!

11. C:\Windows\msagent
O aplicatie complet nefolositoare, MS Agent.

12. C:\Windows\java
Componente Java furnizate de Microsoft. In prezent Microsoft nu mai le distribuie si nu mai ofera suport integrat pt Java. Daca folositi totusi Java, va recomand instalarea Sun Java VM.

13. C:\Windows\mui
Aplicatie ce ofera switching intre mai multe limbi. Daca singura folosita este cea implicita, nu aveti nevoie de aplicatie.


Happy Tunning!
_________________
If the answer is Micro$oft, u probably ask the wrong question.

[mitrutz]

sa mai zica presa ca nu se scriu lucruri serioase !


_________________
Mitrut Stanoiu
Cazare Targu Jiu
Servicii web
Gazduire web
Cazare Ranca

[dmldone]

care presa. asta din tg-jiu. te referi probabil la articolul ala citit de mai multi.

[mitrutz]

prietenii stie de cine, ce, cum unde si care "presa"..
oricum..suntem monitorizati
_________________
Mitrut Stanoiu
Cazare Targu Jiu
Servicii web
Gazduire web
Cazare Ranca

[mentor]

Windows (ca orice sistem de operare) are vulnerabilitatile lui. In general, datorita codului care nu acopera toate situatiile, la diverse atacuri Windows "ingheatza", kernel-ul neputand suporta si trata diversele iesiri din peisaj ale programelor. Comunitatea hackerilor (vorbesc de artisti, nu de mârtani care stiu sa foloseasca exploit-uri de arome Linux), adanc emotionata in fata slabiciunilor Windows, nu mai pridineste cu scoaterea la iveala a acestor slabiciuni. DoS este modalitatea prin care un sistem de operare este fortat sa nu mai serveasca cereri pe conexiunile deschise.
Pentru XP, anularea catorva cai de atac se poate face prin cateva setari in registrii sistemului.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

Se creaza sau se modifica urmatoarele valori:

[mentor]

Intai studiati si acest topic pentru a dezactiva "QoS Packet Scheduler" pe conexiunea de internet. (Acest "QoS Packet Scheduler" e binevenit pentru job-uri in reteaua locala).

Pentru Cable Modem/XP:
In regedit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters:

[Bossman]

[Bossman]

[Bossman]

Sa facem loc pe hdd
-toate programele care le folosim mananca spatiu pe hdd ... unele chiar destul de mult ... insa si Windows-ul binevoieste sa pape niste GB fara sa ne ajute in vreun fel ... ce e de facut?

a. Mai intai, duceti-va in Start->Settings->Control Panel->Power Options, iar in fereastra de Power Options, selectati tab-ul Hibernate si debifati casuta care e acolo ... tocmai v-ati eliberat spatiu pe hdd egal cu memoria voastra disponibila ... ori daca aveti 512 sau mai mult, asta e ceva.

b. Da-ti un click dreapta pe My Computer, apoi pe properties ... in noua fereastra care s-a deschis, selectati tab-ul System Restore si binevoiti sa dezactivati acest minunat serviciu, care mananca estimativ vreo 20-30% din HDD ... nu de alta, dar ce-i frumos la XP e ca atunci cand e sa crape, crapa de tot :fadein: .. nu va mai ajuta nici System Restore-ul, nici nimic ... poate doar un Norton Ghost ... insa important e ca e bine sa dezactivati acest serviciu.

c. Tot aici aveti un tab numit Windows Updates pe care e bine sa-l dezactivati ... valabil ptr cei care au XP-ul luat pe cai ,,oculte"


Cum se efectueaza uninstall la MSN Messenger 4.7:
Start>Run si scrieti
RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove
Restart Windows

In cazuri rare se intampla ca setarile pentru Folder View sa devina corupte, astfel incat folder-ele nu sunt afisate corect sau nu retin preferintele vizuale. Pentru a rezolva problema: 1. Start>Run>Regedit
2. Stergeti toate valorile din: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\BagMRU\ (de obicei maxim de 5 sau 6 valori diferite)
3. Stergeti toate valorile din: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\Bags\ (posibil uneori sa fie foarte multe, chiar si 400)

Un mic truc pentru atunci cand explorer.exe se blocheaza in XP/2k sau provoaca procesorul sa stea in full load pentru aparent nici un motiv: -se inchid cat mai multe programe posibile ce ruleaza in taskbar
-alt+ctrl+del
-in task manager, end task la explorer.exe [daca acesta e cel ce indica full load la procesor]
-tot in task manager: File > New Task > explorer
Voila! Restart la explorer.exe fara a necesita restart la sistem

Nota: explorer.exe si iexplore.exe sunt diferite.
iexplore e Internet Explorer, pe cand explorer.exe este ... well, explorerul din Windows, including taskbar-ul

[mitrutz]

incet, incet se aduna si lucruri utile aici, pe forum !

Bravo Bossman !
Iti multumim si .. bine ai venit in comunitatea noastra !
_________________
Mitrut Stanoiu
Cazare Targu Jiu
Servicii web
Gazduire web
Cazare Ranca

[Bossman]

ms
aici se gasesc niste tutoriale interesante....
Windows Xp Tweaking Guide

[Ryan]

Imi cer scuze de la inceput pentru dimensiunea postului meu

INTERNET EXPLORER LIGHTING-FAST STARTUP.
Isn't it annoying when you want to go to a new website, or any other site but your homepage, and you have to wait for your 'home' to load?
This tweak tells Internet Explorer to simply 'run', without loading any webpages. (If you use a 'blank' page, that is still a page, and slows access. Notice the 'about:blank' in the address bar. The blank html page must still be loaded..). To load IE with 'nothing' [nothing is different than blank]:
1. Right-click on any shortcut you have to IE
[You should create a shortcut out of your desktop IE icon, and delete the original icon]
2. Click Properties
3. Add ' -nohome' [with a space before the dash] after the endquotes in the Target field.
4. Click OK
Fire up IE from your modified shortcut, and be amazed by how fast you are able to use IE!

SPEED UP DETAILED VIEW IN WINDOWS EXPLORER.
If you like to view your files in Windows Explorer using the "Details" view here is a tweak to speed up the listing of file attributes:
Viewing files in Windows Explorer using the "Details" mode shows various attributes associated with each file shown. Some of these must be retrieved from the individual files when you click on the directory for viewing. For a directory with numerous and relatively large files (such as a folder in which one stores media, eg: *.mp3's, *.avi's etc.) Windows Explorer lags as it reads through each one. Here's how to disable viewing of unwanted attributes and speed up file browsing:
1. Open Windows Explorer
2. Navigate to the folder which you wish to optimize.
3. In "Details" mode right click the bar at the top which displays the names of the attribute columns.
4. Uncheck any that are unwanted/unneeded.
Explorer will apply your preferences immediately, and longs lists of unnecessary attributes will not be displayed.
Likewise, one may choose to display any information which is regarded as needed, getting more out of Explorer.

FIX IE 6 SLOWDOWNS AND HANGS.
1. Open a command prompt window on the desktop (Start/Run/command).
2. Exit IE and Windows Explorer (iexplore.exe and explorer.exe, respectively, in Task Manager, i.e - Ctrl-Alt-Del/Task Manager/Processes/End Process for each).
3. Use the following command exactly from your command prompt window to delete the corrupt file:
C:>del "%systemdrive%Documents and Settings%username%Local
SettingsTemporary Internet FilesContent.IE5index.dat"
4. Restart Windows Explorer with Task Manager (Ctrl-Alt-Del/Task Manager/Applications/New Task/Browse/C:Windowsexplorer.exe[or your path]) or Shutdown/Restart the computer from Task Manager.

ALLOW MORE THAN 2 SIMULTANEOUS DOWNLOADS ON IEXPLORER 6.
This is to increase the the number of max downloads to 10.
1. Start Registry Editor (Regedt32.exe).
2. Locate the following key in the registry:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings
3. On the Edit menu, click Add Value , and then add the following registry values:
"MaxConnectionsPer1_0Server"=Dword:0000000a
"MaxConnectionsPerServer"=Dword:0000000a

MOUSE POINTERS.
It seems that even without pointer precision disabled, the mouse under XP is still influenced by an acceleration curve. This is especially noticeable in games. To completely remove mouse acceleration from XP, you will need to go into the registry and adjust the SmoothmouseXYCurve values. Here is how its done.
1. Click Start button
2. Select Run
3. Type 'regedit' in the open textbox
4. Open the tree 'HKEY_CURRENT_USER', select control panel, then select mouse
5. Right clicking, modify the SmoothMouseXCurve and SmoothMouseYCurve hexidecimal values to the following:
SmoothMouseXCurve:
00,00,00,00,00,00,00,00
00,a0,00,00,00,00,00,00
00,40,01,00,00,00,00,00
00,80,02,00,00,00,00,00
00,00,05,00,00,00,00,00
SmoothMouseYCurve:
00,00,00,00,00,00,00,00
66,a6,02,00,00,00,00,00
cd,4c,05,00,00,00,00,00
a0,99,0a,00,00,00,00,00
38,33,15,00,00,00,00,00
If done correctly, you will notice you are holding a markedly more responsive mouse.

KILL THE SEARCH DOG.
copy this to note pad and save as dog.INF then right click, install
;********COPY THIS******
[Version] Signature= "$Windows NT$" LayoutFile=layout.inf [DefaultInstall] AddReg = Reg.TestSection.Add DelReg = Reg.TestSection.Del [Reg.TestSection.Add] [Reg.TestSection.Del] HKCR,"CLSID{2AD1B782-53A4-4CDA-8A81-CD4DC6D716D4}" HKCR,"CLSID{47C6C527-6204-4F91-849D-66E234DEE015}" HKCR,"CLSID{68F2D3FC-8366-4A46-8224-58EFA2749425}" HKCR,"CLSID{AC1B0D5D-DD59-4FF0-93F8-A84373821606}" HKCR,"CLSID{FFAC7A18-EDF9-40DE-BA3F-49FC2269855E}" HKCR,"TypeLib{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}" HKLM,"SOFTWAREClassesCLSID{47C6C527-6204-4F91-849D-66E234DEE015}" HKLM,"SOFTWAREClassesCLSID{68F2D3FC-8366-4A46-8224-58EFA2749425}" HKLM,"SOFTWAREClassesCLSID{AC1B0D5D-DD59-4FF0-93F8-A84373821606}" HKLM,"SOFTWAREClassesCLSID{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}" HKLM,"SOFTWAREClassesCLSID{FFAC7A18-EDF9-40DE-BA3F-49FC2269855E}" HKLM,"SOFTWAREClassesTypeLib{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}" ;HKU,"S-1-5-21-725345543-113007714-839522115-500SoftwareMicrosoftSearch Assistant"
;*****END COPY*****

CLICKING * .AVI FILES ON EXPLORER CAUSING 100% CPU USAGE.
Well windows seem to have a REALLY big problem when it comes to reading AVI files. It seems that when you click on an AVI file in explorer, it'll try to read the entire AVI file to determine the width,height, etc. of the AVI file (this is displayed in the Properties window). Now the problem with Windows is that if you have a broken/not fully downloaded AVI file that doesnt contain this info, Windows will scan the entire AVI file trying to figure out all these properties which in the process will probably cause 100% CPU usage and heavy memory usage.
To solve this problem all you have to do is the following:
1. Open up regedit
2. Goto HKEY_CLASSES_ROOTSystemFileAssociations.avishellexPropertyHandler
3. Delete the "Default" value which should be "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"
Voila! Please not that this will no longer provide you with the windows properties displaying the AVI file information such as width, height, bitrate etc. But its a small price to pay for saving you resources.

To be continued...

[mitrutz]

lasa ca-i bun asa !

bun venit pe forum !
_________________
Mitrut Stanoiu
Cazare Targu Jiu
Servicii web
Gazduire web
Cazare Ranca

[Ryan]

mersi

[Raius]

mitrutz,chestia cu QoS packets,cum adica optiunea 9?
_________________

[mitrutz]

rectific:
la acea etapa, formularea corecta este "In campul setting bifati optiunea "enabled" "

multumit ?
_________________
Mitrut Stanoiu
Cazare Targu Jiu
Servicii web
Gazduire web
Cazare Ranca

[alexbossu]

bllizzard_wizard te rog imi explici si mie chestia aia cu update ca nu inteleg stiu ca trebuie dezactivata dar ceea ce nu inteleg este alea care trebuie updatate ai enumerat tu niste "programe" cred la alea cum le dau update daca nu sunt updatate si chiar imi merge mai fain calculatoru cu "porcariile" alea faine am mai vazut eu filmulete cu nu stiu ce sa cresti viteza la internet sau sa nu mai dai voie la sher etc.Multumesc tuturor care au postat aici chiar miau fost de ajutor alea

[bllizzard_wizard]

[raudetot]

Mai ramane sa testati voi si sa imi ziceti si mie


http://www.winguides.com/guides.php?guide=registry

[bllizzard_wizard]

Un link util pentru cei care nu stiu sa instaleze windows, mai mult de atat nici ca se poate )
http://www.theeldergeek.com/xp_home_install_-_graphic.htm
_________________
If the answer is Micro$oft, u probably ask the wrong question.

[mumu]

Am o intrebare
As dori sa dezinstalez ultima versiune a Movie Maker 9, cea venita si instalata cu SP2.In esentza as fi interesat sa revin la versiunea precedenta a Movie Maker. Idealul ar fi bineinteles sa am ambele versiuni dar nu stiu daca se poate.
Imi poate da cineva un sfat?
Multzam fain
_________________
Toti ne nastem egali.... unii se nasc insa, mai egali decat altii...

[nyl]

hacks, hacks, hacks
va ofer niste carti care va ajuta sa faceti trikuri ca hodini

exemple din carti:

Hack 71 Rename the Administrator and Guest Accounts


Renaming the default administrator and guest accounts is a simple but effective step to help secure your machines.

To enhance system security on your Windows server-based network, you should rename the administrator account. You should choose a name that does not identify it as an administrator account, to make it difficult for any unauthorized user to break into the computer or network. One of the account settings in Windows 2000/2003 allows you to enter an account name to rename the administrator and guest accounts automatically using Local Security Policy (for standalone machines in a workgroup) or Group Policy (in an Active Directory environment).

To access local policy settings, click StartRun, type mmc, and press Enter. Select FileAdd/Remove Snap-in. Click the Add button, scroll through the list until you see Group Policy (in Windows 2000) or Group Policy Object Editor (in Windows Server 2003). Click add, then finish (the default is to manage Local Computer). Expand Local Computer Policy, Computer Configuration, Windows Settings, Security Settings, Local Policies, and Security Options. If you like, you can save this console with a familiar name to have this MMC snap-in available for future use. Once you've selected Security Options, you should see a screen similar to Figure 8-1 (if you're running Windows Server 2003 or Windows XP).

Figure 8-1. Policy settings for the default administrator and guest accounts in Windows Server 2003 and Windows XP

In the pane on the right, you can see that the first five options detail policies for Accounts. The last two options in the Accounts section are used to rename the administrator account and rename the guest account. Clicking on "Accounts: Rename administrator account" brings up the screen shown in Figure 8-2. You will see a similar screen if you select the Guest option. Simply type whatever name you want to use and click OK. This automatically renames the administrator or guest accounts.

Figure 8-2. Renaming the default Administrator account

Some Considerations
Note that if your machine belongs to a domain, the local policy settings you configure using the previous method might be overwritten by any Group Policy settings defined at the domain, organizational unit (OU), or site level.

Windows 2000 provides only the first two Accounts policy settings and they're named differently than the settings shown in Figure 8-2. The Windows Server 2003 setting named "Accounts: Rename administrator account" is simply named "Rename administrator account" in Windows 2000, and likewise with the Guest account policy setting. Windows XP, however, is identical to Windows Server 2003 in this regard.

Finally, as a further security precaution, after you rename the accounts, you might want to add another administrator and guest account (through the User Accounts option). Once you create these accounts, give them a secure password, but give the accounts no rights to anything. Even if the administrator and guest accounts are compromised, the potential intruder will have no rights to do anything to the computer.

—John Gormly
_________________


www.clanah.net
CONTACT ME IF YOU WANA JOIN THE CLAN!!!

[nyl]

Hack 72 Get a List of Local Administrators


Local administrators can do anything on their machines. Here's a quick way to determine who has this power.

When an intruder penetrates a network's defenses, the intruder generally tries to elevate the privileges of his account to that of local administrator on the machine. Once the intruder has achieved this, he can do anything he wants to do on the machine.

So, if you think your network defenses have been penetrated, it's a good idea during the triage stage to check which accounts are local administrators on your machines. Using the GUI, this can be done using the Local Users and Groups node in Computer Management, but that is tedious.

A faster way to identify individuals who have local computer administrator rights is to use the following VBScript, which you can customize further as desired.

The Code
Just open a text editor such as Notepad (make sure you have Word Wrap disabled), type the following code, and save it with a .vbs extension as GetAdmins.vbs:

[nyl]

Hack 73 Find All Computers that Are Running a Service


Use this script to find rogue web servers, misconfigured clients, and other potentially insecure systems on your network.

Querying the status of a service across multiple computers can be an extremely useful tool. You can check for the SMS client service, antivirus services, or even viruses/Trojans that run as a service. Under most interfaces, such as WMI or ADSI, you need to check the status of services with an account that has administrator rights on the machine you are targeting. It turns out that in many organizations there are quite a few PCs on the network that have done a phenomenal job of removing most of the IT department's administrator rights. These unmanaged PCs can be a real risk at times.

One day, I noticed that when you query a remote box with the Windows 2000 services snap-in for the MMC, you do not need administrator rights to check on the services that reside on remote boxes. You simply need an account in a trusted domain with simple user-level rights. On further investigation, it was revealed that what in fact was going on was a direct query to the Service Control Manager (SCM), as opposed to some API call through WMI or ADSI. One of the best free third-party tools that also queries the SCM is Psservice from Sysinternals (http://www.sysinternals.com). Although this is strictly a command-line utility, we can tweak it with some parameters and do some fancy parsing to make efficient use of it in a script.

First, the script will search IP addresses by subnet, using a ping response, and find the Windows-based machines by parsing out a NetBIOS call. Then, it will determine if the machine is running a particular service, by querying it with Psservice, and log the results in tab-delimited format. This will retrieve the following data in the log file: IP address, computer name, currently logged-on user, domain or workgroup to which the machine is joined, and the status of the service. The IP address is included even if the node is not pingable and can be treated as a key in most cases. The computer name is resolved with a DNS lookup on the IP address and then, if a NetBIOS name is found, it is switched to that name. Note that this could be blank if both methods fail. The currently logged-on user field should display data if the machine is NetBIOS-compatible and someone is currently logged on. However, if no one is logged on, it will be blank. Note that this logon name could be a domain account or a local account; there is no way to tell. The domain (or workgroup) to which the machine is joined is the domain (or workgroup) associated with the computer account, not the user account.

The status of the service can be any of seven possible values, as shown in Table 8-2.

Table 8-2. Possible values for server status Status
Description

UnPingable
The IP address does not respond

RUNNING
Service is running

STOPPED
Service is stopped

PENDING
Service is starting or stopping

Blank
Service does not exist

Access is Denied
Your account does not have minimal user-level rights to the box

The RPC server is unavailable
Computer is running Win9x,Win 3.x, or is a Samba box



There are several items you will need before the script will run. First, you need the Psservice utility that comes with the Pstools suite from Sysinternals. Place the psservice.exe utility in the same directory as the script itself. You also need to register the free System Scripting Runtime COM object from Netal (http://www.netal.com/ssr.htm). To register the COM object, copy the DLL to your system32 directory and use regsvr32 to register it. You'll need to do this for every box you run the script from, but this does not need to be done on the remote machines. By the way, I highly suggest reading through the documentation on both of these valuable pieces of software.

The Code
Type the following script into Notepad (with Word Wrap disabled) and save as FindNTService.vbs. Alternatively, since this is a long one, you're probably better off downloading the source from http://www.oreilly.com/catalog/winsvrhks/.

[nyl]

Hack 73 Find All Computers that Are Running a Service


Use this script to find rogue web servers, misconfigured clients, and other potentially insecure systems on your network.

Querying the status of a service across multiple computers can be an extremely useful tool. You can check for the SMS client service, antivirus services, or even viruses/Trojans that run as a service. Under most interfaces, such as WMI or ADSI, you need to check the status of services with an account that has administrator rights on the machine you are targeting. It turns out that in many organizations there are quite a few PCs on the network that have done a phenomenal job of removing most of the IT department's administrator rights. These unmanaged PCs can be a real risk at times.

One day, I noticed that when you query a remote box with the Windows 2000 services snap-in for the MMC, you do not need administrator rights to check on the services that reside on remote boxes. You simply need an account in a trusted domain with simple user-level rights. On further investigation, it was revealed that what in fact was going on was a direct query to the Service Control Manager (SCM), as opposed to some API call through WMI or ADSI. One of the best free third-party tools that also queries the SCM is Psservice from Sysinternals (http://www.sysinternals.com). Although this is strictly a command-line utility, we can tweak it with some parameters and do some fancy parsing to make efficient use of it in a script.

First, the script will search IP addresses by subnet, using a ping response, and find the Windows-based machines by parsing out a NetBIOS call. Then, it will determine if the machine is running a particular service, by querying it with Psservice, and log the results in tab-delimited format. This will retrieve the following data in the log file: IP address, computer name, currently logged-on user, domain or workgroup to which the machine is joined, and the status of the service. The IP address is included even if the node is not pingable and can be treated as a key in most cases. The computer name is resolved with a DNS lookup on the IP address and then, if a NetBIOS name is found, it is switched to that name. Note that this could be blank if both methods fail. The currently logged-on user field should display data if the machine is NetBIOS-compatible and someone is currently logged on. However, if no one is logged on, it will be blank. Note that this logon name could be a domain account or a local account; there is no way to tell. The domain (or workgroup) to which the machine is joined is the domain (or workgroup) associated with the computer account, not the user account.

The status of the service can be any of seven possible values, as shown in Table 8-2.

Table 8-2. Possible values for server status Status
Description

UnPingable
The IP address does not respond

RUNNING
Service is running

STOPPED
Service is stopped

PENDING
Service is starting or stopping

Blank
Service does not exist

Access is Denied
Your account does not have minimal user-level rights to the box

The RPC server is unavailable
Computer is running Win9x,Win 3.x, or is a Samba box



There are several items you will need before the script will run. First, you need the Psservice utility that comes with the Pstools suite from Sysinternals. Place the psservice.exe utility in the same directory as the script itself. You also need to register the free System Scripting Runtime COM object from Netal (http://www.netal.com/ssr.htm). To register the COM object, copy the DLL to your system32 directory and use regsvr32 to register it. You'll need to do this for every box you run the script from, but this does not need to be done on the remote machines. By the way, I highly suggest reading through the documentation on both of these valuable pieces of software.

The Code
Type the following script into Notepad (with Word Wrap disabled) and save as FindNTService.vbs. Alternatively, since this is a long one, you're probably better off downloading the source from http://www.oreilly.com/catalog/winsvrhks/.

' Dennis Abbott - speckled_trout@hotmail.com

' you need to register the Scripting System Runtime from www.netal.com in

' your System32 directory on the machine you are running this script from

' first.

' You also need the utility psservice.exe from www.sysinternals.com in

' the same directory as this script and you need a text file with the

' subnets listed with a linefeed after each subnet.

'

' example of subnet listing

'

' 192.168.0.0

' 192.168.1.0

' 34.54.78.0

'

' You can view the script in action by opening the log file with a

' realtime log file viewer such as SMS Trace from Mircosoft.

'

'On Error Resume Next

Option Explicit

Dim Title 'used for dialog boxes as well as the log file name

Dim PathToScript 'path to the directory that the script is running from

Dim PathToLogFile 'full path including filename of the log file

Dim WshShell 'shell object

Dim WshNet 'network object

Dim WshFso 'file system object

Dim WshSysEnv 'environment variable object

Dim ScriptNet 'System Scripting Runtime object from www.netal.com

Dim ComSpec 'path to cmd.exe

Dim DataFile 'file containing machine names

Dim LogFile 'log file for stats

Dim CompName 'name of the current remote target computer

Dim User 'user logged on to remote computer

Dim Domain 'domain that the remote computer is joined to

Dim IP 'IP address of remote computer

Dim CurLine 'used when parsing text files

Dim NbtFile 'file parsed for NetBIOS information

Dim SubnetFileName 'file containing subnets to be searched

Dim I 'counter

Dim SysFolder 'the system folder

Dim TimeOut 'timeout in milliseconds for ping

Dim Go 'gives user option to quit

Dim ServiceToCheck 'name of the service to look for--NOT THE DISPLAY NAME

Dim EditSubnets 'give user option of editing subnet file

Dim File 'File object

Dim Subnet 'current subnet being searched

Dim Service 'Status of the service

Dim ServFile 'file parsed for the service information



Set WshShell = CreateObject("WScript.Shell")

Set WshFso = CreateObject("Scripting.FileSystemObject")

Set WshNet = CreateObject("WScript.Network")

Set ScriptNet = CreateObject("SScripting.IPNetwork")



SysFolder = WshFso.GetSpecialFolder(1)

PathToScript = Left(WScript.ScriptFullName, & _

(Len(WScript.ScriptFullName) - (Len(WScript.ScriptName) + 1)))

Title = "FindNTService"

Set WshSysEnv = WshShell.Environment("SYSTEM")

ComSpec = WshSysEnv("COMSPEC")

Timeout = 125



'collect input

Go = MsgBox("This utility will search the network by subnet to find " & _

"all machines running a particular service." & vbcrlf & _

"To do this you must supply a text file with the subnets and the name of " & _

"the service." & vbcrlf & vbcrlf & "Do you wish to continue?",vbyesno,Title)

Select Case Go

Case VbYes

Case VbNo Wscript.Quit(0)

End Select

If WshFso.FileExists(PathToScript & "\psservice.exe") <> True Then

MsgBox "The PSSERVICE utility does not exist....GOODBYE" & vbcrlf & _

"You can get PSSERVICE from www.sysinternals.com",vbok + vbcritical, _

Title Wscript.Quit(0)

End If

If WshFso.FileExists(SysFolder & "\sscrrun.dll") <> True Then

MsgBox "The sscrrun.dll does not exist....GOODBYE" & vbcrlf & "You can

get sscrrun.dll from www.netal.com",vbok + vbcritical, Title

Wscript.Quit(0)

End If

ServiceToCheck = InputBox("enter the service name(not display name) that " & _

"you want to search for.",Title,"w3svc")

If ServiceToCheck = "" Then

MsgBox "you did not enter a service name....GOODBYE",vbok + vbcritical, Title

Wscript.Quit(0)

End If

SubnetFileName = InputBox("enter the path to the file that contains " & _

"the subnets.",Title,PathToScript & "\subnets.txt")

If WshFso.FileExists(SubnetFileName) <> True Then

MsgBox "The subnet file does not exist....GOODBYE", _

vbok + vbcritical, Title

Wscript.Quit(0)

End If

EditSubnets = MsgBox("Do you want to edit the subnets file?",vbyesno,Title)

Select Case EditSubnets

Case vbyes WshShell.Run "notepad " & SubnetFileName,1,True

Case vbno

End Select



PathToLogFile = PathToScript & "\" & Title & "_" & Month(Now) & "_"

& Day(Now) & "_" & Year(Now) & "-" & Hour(Now) & "_" &

Minute(Now) & ".log"

Set LogFile = WshFso.CreateTextFile(PathToLogFile)

Set File = WshFso.GetFile(SubnetFileName)

Set DataFile = File.OpenAsTextStream(1,0)

LogFile.WriteLine "IPaddress" & vbtab & "ComputerName" & vbtab & _

"LoginName" & vbtab & "Domain" & vbtab & "Status"

Do While Not DataFile.AtEndOfStream

Subnet = DataFile.ReadLine

LogFile.WriteLine subnet & vbtab & vbtab & vbtab & vbtab & _

"beginning subnet " & Now

Discover(subnet)



Loop

MsgBox Title & " script is done. The log file is located here." & _

vbcrlf & PathToLogFile



Function Discover(boundary)

Subnet = Left(boundary,InstrRev(boundary,"."))

For i = 1 to 254

IP = subnet & i

CompName = Null

User = Null

Domain = Null

Curline = Null

Service = Null

If ScriptNet.Ping(ip,,,Timeout) <> 0 Then

LogFile.WriteLine IP & vbtab & vbtab & vbtab & vbtab _

& "UnPingableClient"

Else

CompName = ScriptNet.DNSlookup(IP)

If InStr(CompName,".") <> 0 Then

CompName = Left(CompName,InStr(CompName,".")-1)

End If

Call GetNBTstat(IP,User,Domain)

Call GetService(IP, Service)

Call WriteToLog(IP,CompName,User,Domain,Service)

End If

Next

End Function



Function GetNBTstat(IP,User,Domain)

WshShell.Run ComSpec & " /c nbtstat -a " & IP & " >" & PathToScript & _

"\nbt.txt",6,True

Set NbtFile = WshFso.OpenTextFile(PathToScript & "\nbt.txt", 1, True)

Do While NbtFile.AtEndOfStream <> True

CurLine = NbtFile.ReadLine

If InStr(CurLine,"---") <> 0 Then

CurLine = NbtFile.ReadLine

CompName = Trim(Left(CurLine,InStr(CurLine,"<")-1))

End If

If InStr(CurLine,"<03>") <> 0 Then

If Trim(Left(CurLine,InStr(CurLine,"<03>")-1)) <> _

UCase(CompName) and Trim(Left(CurLine,InStr(CurLine,"<03>")-1)) <> _

UCase(CompName) & "$" Then

User = Trim(Left(CurLine,InStr(CurLine,"<03>")-1))

End If

End If

If InStr(CurLine,"<1E>") <> 0 Then

If Trim(Left(CurLine,InStr(CurLine,"<1E>")-1)) <> _

UCase(CompName) and Trim(Left(CurLine,InStr(CurLine,"<1E>")-1)) <> _

UCase(CompName) & "$" Then

Domain = Trim(Left(CurLine,InStr(CurLine,"<1E>")-1))

End If

End If

Loop

NbtFile.Close

End Function



Function GetService(IP,Service)

If CompName <> "" and User <> "" or Domain <> "" Then

WshShell.Run ComSpec & " /c " & PathToScript & "\psservice \\" _

& IP & " query " & Chr(34) & ServiceToCheck & Chr(34) & " >" _

& PathToScript & "\service.txt",6,True

Set ServFile = WshFso.OpenTextFile(PathToScript _

& "\service.txt", 1, True)

Do While ServFile.AtEndOfStream <> True

CurLine = ServFile.ReadLine

If InStr(CurLine,"STATE") <> 0 Then

Service = Trim(Right(CurLine,InStr(CurLine," ")-1))

End If

If InStr(CurLine,"RPC") <> 0 Then

Service = CurLine

End If

If InStr(CurLine,"Access") <> 0 Then

Service = CurLine

End If

If InStr(CurLine,"function") <> 0 Then

Service = CurLine

End If

If InStr(CurLine,"Unable") <> 0 Then

Service = CurLine

End If

Loop

If InStr(Service,vbcr) <> 0 Then

Service = Left(Service,InStr(Service,vbcr)-1)

End If

End If

End Function



Function WriteToLog(IP,CompName,User,Domain,Service)

If IP <> "" Then

LogFile.Write IP

End If

LogFile.Write vbtab

If CompName <> "" Then

LogFile.Write CompName

End If

LogFile.Write vbtab

If User <> "" Then

LogFile.Write User

End If

LogFile.Write vbtab

If Domain <> "" Then

LogFile.Write Domain

End If

LogFile.Write vbtab

If Service <> "" Then

LogFile.Write Service

End If

LogFile.WriteLine

End Function
Running the Hack
First, create a text file that contains the subnets you wish to query. Each subnet should end with .0 and be on its own line in the file. You can name the file subnets.txt and save it in the same directory as the script. Now, simply run the script by double-clicking on it; it will prompt you for input. The first input is just an introduction to the script. Clicking No will exit the script altogether.

The next input is the name of the service; this is not the same as the display name, so be careful here. Table 8-3 shows some examples of services for which the display name differs greatly from the service name. This information can help you detect rogue web servers running secretly on your network, client machines whose antivirus software has been disabled, or machines with SMS client software disabled, making them difficult to keep updated with security patches and service packs.

Table 8-3. Display names and corresponding service names Display name
Service name

World Wide Web Publishing Service
w3svc

Norton Antivirus Client
Norton Antivirus Server

SMS Client Service
clisvc



The next prompt is the full path to the text file that contains the subnets. At this point, you can enter a different text file if you wish. Lastly, you have the opportunity to modify the subnets file before you begin. The scan will begin either after you click No or after you close Notepad. You will be notified when the script is finished with a pointer to the log file; there is no progress indicator as the script runs. If you need to cancel the script, go into Task Manager and kill the wscript.exe process.

I have used this script to find machines on which the SMS Client Service has been disabled. I have also found numerous IIS web servers and their owners. Lastly, this utility does a great job of finding the FLC service, which is better known as the FunLove virus. I get a big kick out of sending directors a list of developer machines that have FunLove on their box, have also disabled SMS, and are not running antivirus software.

Always deploy this script in a lab environment first and do your own benchmarking before pinging those 32,000 nodes.