Microsoft Windows XP won't allow you to uninstall Internet Explorer. How can you fix the browser or even reinstall the program if it becomes corrupt?


If you don't yet have the very latest Internet Explorer, you can fix many problems by visiting

http://windowsupdate.microsoft.com

and updating to the latest version. If you're already up to date, however, the site won't let you reinstall the program. You need to fool the system into thinking you don't have the latest version.


Launch REGEDIT from the Start menu's Run dialog and navigate to the key HKEY_LOCAL_MACHINE\SOFTWARE\ Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}. In the right-hand pane, double-click on the DWORD value IsInstalled and change it from 1 to 0 (no matter whether you choose Decimal or Hexadecimal). Close REGEDIT and go to the Windows update site again. Now it should let you "update" IE and, with luck, fix the problems.

By the way, you can do the same thing if you need to repair Outlook Express, but at the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}.

Registry Disassembled a basic tutorial

The registry is a hierarchical database that contains virtually all information about your computer's configuration. Under previous version of Windows, those setting where contained in files like config.sys, autoexec.bat, win.ini, system.ini, control.ini and so on. From this you can understand how important the registry is. The structure of the registry is similar to the ini files structure, but it goes beyond the concept of ini files because it offers a hierarchical structure, similar to the folders and files on hard disk. In fact the procedure to get to the elements of the registry is similar to the way to get to folders and files.
In this section I would be examing the Win95\98 registry only although NT is quite similar.

The Registry Editor
The Registry Editor is a utility by the filename regedit.exe that allows you to see, search, modify and save the registry database of Windows. The Registry Editor doesn't validate the values you are writing: it allows any operation. So you have to pay close attention, because no error message will be shown if you make a wrong operation.
To launch the Registry Editor simply run RegEdit.exe ( under WinNT run RegEdt32.exe with administer privileges).
The registry editor is divided into two sectios in the left one there is a hierarchical structure of the database (the screen looks like Windows Explorer) in the right one there are the values.

The registry is organized into keys and subkeys. Each key contains a value entry , each one has a name, a type or a class and the value itself. The name is a string that identifies the value to the key. The length and the format of the value is dependent on the data type.

As you can see with the Registry Editor, the registry is divided into five principal keys: there is no way to add or delete keys at this level. Only two of these keys are effectively saved on hard disk: HKEY_LOCAL_MACHINE and HKEY_USERS. The others are jusr branches of the main keys or are dynamically created by Windows.

HKEY_LOCAL_MACHINE
This key contains any hardware, applications and services information. Several hardware information is updated automatically while the computer is booting. The data stored in this key is shared with any user. This handle has many subkeys:

Config
Contains configuration data for different hardware configurations.
Enum
This is the device data. For each device in your computer, you can find information such as the device type, the hardware manufacturer, device drivers and the configuration.
Hardware
This key contains a list of serial ports, processors and floating point processors.
Network
Contains network information.
Security
Shows you network security information.
Software
This key contains data about installed software.
System
It contains data that checks which device drivers are used by Windows and how they are configured.

HKEY_CLASSES_ROOT
This key is an alias of the branch HKEY_LOCAL_MACHINE\Software\Classes and contains OLE, drag'n'drop, shortcut and file association information.

HKEY_CURRENT_CONFIG
This key is also an alias. It contains a copy of the branch HKEY_LOCAL_MACHINE\Config, with the current computer configuration.

HKEY_DYN_DATA
Some information stored in the registry changes frequently, so Windows maintains part of the registry in memory instead of on the hard disk. For example it stores PnP information and computer performance. This key has two sub keys

Config Manager
This key contains all hardware information problem codes, with their status. There is also the sub key HKEY_LOCAL_MACHINE\Enum, but written in a different way.
PerfStats
It contains performance data about system and network

HKEY_USERS
This important key contains the sub key .Default and another key for each user that has access to the computer. If there is just one user, only .Default key exists. . Each sub key maintains the preferences of each user, like the desktop colors, the fonts used, and also the settings of many programs. If you open a user subkey you will find five important subkeys:

AppEvent
It contains the path of audio files that Windows plays when some events happen.
Control Panel
Here are the settings defined in the Control Panel. They used to be stored in win.ini and control.ini.
Keyboard Layouts
It contains some advanced code which identifies the actual keyboard disposition how it is set into the Control Panel.
Network
This key stores subkeys that describe current and recent network shortcuts.
RemoteAccess
The settings of Remote Access are stored here.
Software
Contains all software settings. This data was stored in win.ini and private .ini files.

HKEY_CURRENT_USER
It is an alias to current user of HKEY_USERS. If your computer is not configured for multi-users usage, it points to the subkey .Default of HKEY_USERS.

Description of .reg file

Here I am assuming that you already have a .reg file on your hard disk and want to know more about how it is structured.Now do not double click the .reg file or it's content will be added to the registry, of course there will be warning message that pops up. Now to view the properties of the .reg file open it in notepad.
To do so first launch notepad by going to Start>Programs>Accessories>Notepad.
Then through the open menu open the .reg file.
Now the thing that differentiates .reg files from other files is the word REGEDIT4. It is found to be the first word in all .reg files. If this word is not there then the registry editor cannot recognize the file to be a .reg file.
Then follows the key declaration which has to be done within square brackets and with the full path.If the key does not exist then it will be created.
After the key declaration you will see a list of values that have to be set in the particular key in the registry.The values look like this:

"value name"=type:value

Value name is in double commas. Type can be absent for string values, dword: for dword values and hex: for binary values. For all other values you have to use the code hex(#): , where # indicate the API code of the type.
So:

"My string" = "string value" is a string
"My dword" = dword:123456789 is a dword
"My binary" = hex:AA,BB,CC is a standard binary
"My other type" = hex(2):AA,BB,00 is an expand string


Important Note: expand string has API code = 2 and extended string has API code = 7.

As you can see, strings are in double quotes, dword is hexadecimal and binary is a sequence of hexadecimal byte pairs, with a comma between each. If you want to add a back slash into a string remember to repeat it two times, so the value "c:\Windows" will be "c:\\Windows".
Before write a new .reg file, make sure you do this else you will get an error message.

Command Line Registry Arguments

FILENAME.REG to merge a .reg file with the registry
/L:SYSTEM to specify the position of SYSTEM.DAT
/R:USER to specify the position of USER.DAT
/e FILENAME.REG [KEY] to export the registry to a file. If the key is specified, the whole branch will be exported.
/c FILENAME.REG to substitute the entire registry with a .reg file
/s to work silently, without prompt information or Warnings.

That wraps up the Windows Registry.

Have you ever noticed that there are two versions of the Registry Editor on your computer? Ever wondered why? Well let me just give you a little insight!

It all depends on your Operating System. If you have Windows 2000 :

Regedit.exe

Regedit.exe is included with Windows NT 4.0 and Windows 2000 primarily for its search capability. You can use Regedit.exe to make changes in the Windows NT 4.0 and Windows 2000 registry, but you cannot use it to view or edit all functions or data types on Windows NT 4.0 and Windows 2000.

The following limitations exist in the Regedit.exe version that is included with Windows NT 4.0 and Windows 2000:

You cannot set the security for registry keys.
You cannot view, edit, or search the value data types <>REG_EXPAND_SZ and <>REG_MULTI_SZ. If you try to view a <>REG_EXPAND_SZ value, Regedit.exe displays it as a binary data type. If you try to edit either of these data types, Regedit.exe saves it as <>REG_SZ, and the data type no longer performs its intended function.
You cannot save or restore keys as hive files.
Microsoft recommends that you use Regedit.exe only for its search capabilities on a Windows NT 4.0-based or Windows 2000-based computer.

Regedt32.exe

Regedt32.exe is the configuration editor for Windows NT 4.0 and Windows 2000. Regedt32.exe is used tomodify the Windows NT configuration database, or the Windows NTregistry. This editor allows you to view or modify the Windows NT registry.The editor provides views of windows that represent sections of theregistry, named hives. Each window displays two sections. On the leftside, there are folders that represent registry keys. On the right side,there are the values associated with the selected registry key. Regedt32 isa powerful tool, and you must use it with extreme caution when you changeregistry values. Missing or incorrect values in the registry can make theWindows installation unusable.

Note: Unlike Regedit.exe, Regedt32.exe does not support importing and exporting registration entries (.reg) files.

Or..Windows XP and Windows Server 2003

Regedit.exe

Regedit.exe is the configuration editor for Windows XP and Windows Server 2003. Regedit.exe is used tomodify the Windows NT configuration database, or the Windows NTregistry. This editor allows you to view or modify the Windows NT registry. It supports setting security on registry keys, viewing and editing <>REG_EXPAND_SZ and <>REG_MULTI_SZ, and saving and restoring hive files.On the leftside, there are folders that represent registry keys. On the right side,there are the values associated with the selected registry key. Regedit isa powerful tool. You must use extreme caution when you use it to changeregistry values. Missing or incorrect values in the registry can make theWindows installation unusable.

Regedt32.exe

In Windows XP and Windows Server 2003, Regedt32.exe is a small program that just runs Regedit.exe.

Part 1

This series covers the basic steps of reformatting your hard drive and re-installing Windows. Now, this is not for the digitally squeamish and it's defiantly one of those do-at-your-own-risk deals. It's not intended for novices and should not be attempted unless you are fairly comfortable with DOS (if you have to ask what DOS is, than skip this tip).

A final warning - This is a general procedure so you may run into unforeseen problems. You may be able to get answers to problems at the message board, but don't come cryin' to me - You've been warned!!

OK, before we start any kind of disk formatting, we need to back up all the important info on your computer. I usually copy everything to my CD-R or a few zip disks. I generally only back up stuff that I created. I don't backup programs I have on disk, I re-install those. Make sure you get everything that's important to you backed up (maybe twice) because after we're done formatting the disk it will be COMPLETELY GONE!

Next, you'll want a boot disk. Even if you don't think you'll need it you should still have it, just in case.

To make a boot disk for win 95/98, (not a Windows recovery disk) follow these steps:

1. Open My Computer, insert a 3.5 floppy into your Drive A: and right-click the icon for your A: drive. Select Format from the resulting menu.

2. Select Full format and check the "Copy system files box". Then hit Start to format the disk.

 

>> Note that if you are using Win ME that the above little trick won't work. You'll need to go to your Start button, Settings, Control Panel. Open up the Add/Remove programs icon. From there, click the Startup Disk tab and create a new startup disk.<<

You should now have a bootable disk. You'll probably want to copy the following files to it:

EDIT.COM (you may need this to create or edit DOS files- this should be there if you made a Win ME recovery disk)
FORMAT.COM (for disk formatting)
FDISK.EXE (you'll lean about FDISK tomorrow- this should be there if you made a Win ME recovery disk)
MSCDEX.EXE (you may need this for your CD ROM)

All the above files should be under your C:\Windows\Command\ directory.
If not, use the Find feature to locate them (Start button, "Find" or "Search", depending on what version of Windows you have) . Once you find the files, right-click them and select Send to, 3 1/2 Floppy (A).

 

Here's some other stuff you'll want handy:

- Your CD ROM driver
- Your Windows CD
- Your Windows Setup Disk 1 (it's a floppy that you may have if you have a full version of Win 98. It's not 100% neces

1. Make a file of exactly the size of the cdrw disc's capacity (650MB in my case).
(this step may not be needed)

2. With Nero I created a new project and added the file to it so that I have the disc filled. I gues you can also fill up the disc with other files.
The reason why I fill the disc is because I want Nero to make a session that uses the entire disc. Like I wrote earlier in this thread I experienced that my CD-Drive refuses to read off the disc beyond the session's boundaries. When you quick-erase a disc there is no session anymore so the drive will not read at all. Burning a new session will overwrite the data and burning only a small session will NOT make the drive read the other data that is still on the disc.
The reason why I used the one big file is so that I could later on recognize which part of the disc was overwritten by this file because this file contained all zeros (0x00).

3. I pressed burn and selected disc-at-once. Then while Nero was burning the leadin I pressed cancel. My CD-Drive finished writing the lead-in and Nero reported an error.
This is what was accomplished however: Now the disc contains a session that says that the used disc size is the complete disc. Nero did not get to writing file because I cancelled it. Good thing because I don't want Nero to write any files because my old data will get overwritten!
I gues it works the same with different writing software. Another method that I used during a test was simply press the reset button of the computer when the burning software was done with writing the lead-in and started with the files.

4. I had to restart the computer after cancelling burning.
With the cdrw disc inserted I saw in "my computer" that windows recognized that the disc was 650MB, clicking on it gave an error. Good so far!

Now with IsoBuster you can extract the sectors from a disc to a file. This is what I did.
I gues that if you have data-recovery software at this point it will be usefull because now (if all went well;)) the CD-Drive WILL read data from the entire disc. Anyway, I used ISO-Buster because the files that I needed to recover where a bit odd for nowadays (.XM, .S3M, .MP3):
In IsoBuster I had to do several steps:

Step 1: Find out from and to which sector the drive will read
By choosing "Sector View" you can look at any given sector.
Here I found out what the first and the last sectors where that are readable. (Hint I used the method for the old game: "Gues a number below 100, I'll tell if it is higher or lower than what you gues")
Step 2: Extract the actual sectors
By choosing "Extract From-To" you can extract any given range of sectors to a file. My disc was a data-disc so I choose the first extraction type "User data, 2048 bytes/block...".

In the end I got a .tao file which was about 650MB. I ran several programs on it to look for files inside a file by searching for file-header-paterns:
1. Multi Ripper 2.80 (for DOS, for the .XM files. It does many other file formats as well (jpg,png, bmp,wav,etc,etc +100). Try google with this query: Multi Ripper 2.80. I still had the file from good old days but I saw several good search results)

2. Winamp for mp3.
Winamp will scan any file when you give it the extension .mp3 and play it as one big song (so I renamed the .tao file to .mp3). I used the discwriter to get a .wav and the Adobe Audition to manually cut and save my songs. I looked at the MP3 file format and it is hard to find an mp3 file in a big file because it has no clear header just a bunch of mpeg-frames in most cases for me . A lot of my files had no ID3v2 or ID3v1 tags... But after a couple of hours I recovered everything.

Finally a list of used stuff:

Software:
- IsoBuster v1.5
- Nero 6.3.0.3
- Multi Ripper 2.80
- WinAmp v5.02
- Windows XP Pro NL (patched up)

Hardware:
- NEC DVDRW ND1300A 1.06

Disc:
- some old 4 speed cdrw

If an essential Windows file gets whacked by a virus or otherwise corrupted, restore it from the Windows CD. Search the CD for the filename, replacing the last character with an underscore; for example, Notepad.ex_. If it's found, open a command prompt and enter the command EXPAND, followed by the full pathname of the file and of the desired destination: EXPAND D:\SETUP\NOTEPAD.EX_ C:\Windows\NOTEPAD.EXE. If either pathname contains any spaces, surround it with double quotes.

If the file isn't found, search on the unmodified filename. It will probably be inside a CAB file, which Win XP treats as a folder. Simply right-drag and copy the file to the desired location. In other Windows platforms, search for a file matching *.cab that contains the filename. When the search is done, open a command prompt and enter EXTRACT /L followed by the desired location, the full pathname of the CAB file, and the desired filename; for example: EXTRACT /L C:\Windows D:\I386\Driver.cab Notepad.exe. Again, if the destination or CAB file pathname contains spaces, surround it with double quotes.

Testbed consisted of 321 Viruses, Trojans and Worms, all for the Windows32 environment, and all reasonably new samples. I don't have any data on whether some of these are zoo, or ITW, but they are all real threats I feel someone is likely to encounter, since I got them off the internet (and i've verified they are real as each sample must be detected by at least 4 AV's for me to consider it). All scanners were installed on a clean system, without any traces of other anti-virus softwares - between each test the system and directories were cleaned, and the registry was sweeped. Each AV product was treated with a double-reboot, one before, and one after installation. Each scanner was set at its highest possible settings, and was triple checked for proper options and configuration. Most products were the full registered version when possible, others were fully functional unrestricted trials. All products were tested with the current version as of 6-14-04, and the latest definitions for that date. Each product was run through the test set a minimum of 3 times to establish proper settings and reliability, the only product to exhibit some variance on this was F-Secure, which had one scan come up less than the other two without any settings changes indicating a possible stability issue.

The final standings:

1) MKS-Vir
1a) eXtendia AVK
2) Kaspersky 5.0/4.5
2a) McAfee VirusScan 8.0
3) F-Secure
4) GData AVK
5) RAV + Norton (2 way tie)
6) Dr.Web
7) CommandAV + F-Prot + BitDefender (3 Way Tie)
ETrust
9) Trend
10) Panda
11) Avast! Pro
12) KingSoft
13) NOD32
14) AVG Pro
15) AntiVIR
16) ClamWIN
17) UNA
18) Norman
19) Solo
20) Proland
21) Sophos
22) Hauri
23) CAT Quickheal
24) Ikarus

Heuristics seemed to play some of a roll in this test, as no AV had every virus in my test in their definitions, and products with stronger heuristics were able to hold their position towards the top of the test. Double/Multi engined products put up strong showings as well, proving to me that the redundacy method works, and I think more AV companies should considering double-engines. The strongest heurisitical AV I noticed was F-Prot/Command, picking up only 247 samples with definitions but they were able to power through 67 additional hits on "Possible Virus" indicators - very strong! Norton with BloodHound activated had 30 Heuristical pickups, and DrWeb rounded up the pack with 20 heuristical pickups. eXtendia AVK grabs the number one slot with double engine scanning, anything the KAV engine missed, the RAV engine picked up with great redundancy on the double engine/definition system. McAfee actually missed only 2 samples with its definitions, but picked those 2 up as "Suspicious File", and therefore, scores nearly perfect as well.

The biggest dissapointments for me were Norman and Nod32. Even with Advanced-Heuristics enabled, NOD32 failed to pick up a large portion of the samples. Norman, while finding some of the toughest samples, managed to completely miss a large portion of them! Showing that their sandbox-emulation system has great potetential, but its far from complete.

Actual test numbers were:

Total Samples/Found Samples (321 total possible) + Number Missed + Detection Percentage

Discovered and tested MKS-Vir2004, from Poland. Surprisingly, this one with caught every sample perfectly on Medium Heuristics. Specifically, nearly 50 samples were picked up Heuristically giving it a perfect score of 321/321. However, when I increased Heuristics to "Super Deep", it picked up an addition 10 more suspicious files. Upon further investigation, it was found that it was picking up signatures of hacktool utilities left over in some of the archives and flagging those files. Indeed, this is impressive. MKS-Vir2004 exhibits the most advanced detection algorithms i've ever seen, clearly it only had signatures for 271 of my samples, but through code emulation, it was able to pick up all 321 samples!! It clearly labeled the Heuristically found ones as things as "Likely Win32 Trojan" or "Highly Suspicious Acting File". In addition, its scanning speed was incredibly quick, and its memory footprint was quite small. Impressive! Furthermore, this is a full featured and fairly polished product that appears to update at least once per day, and tech support responded to me within 5-15 minutes on my emails. Unfortunately, it appears to not be available in the US for purchase at this time.

1a) MKS_Vir 2004 - 321/321 0 Missed - 100%
1b) eXtendia AVK - 321/321 0 Missed - 100%
2a) Kaspersky 5.0 - 320/321 1 Missed - 99.70% (with Extended Database ON)
2b) McAfee VirusScan 8.0 - 319/321 + 2 (2 found as joke programs - heuristically) - 99%
3) F-Secure - 319/321 2 Missed - 99.37%
4) GData AVK - 317/321 4 Missed - 98.75%
5) RAV + Norton (2 way tie) - 315/321 6 Missed - 98.13%
6) Dr.Web - 310/321 11 Missed - 96.57%
7) CommandAV + F-Prot + BitDefender (3 Way Tie) - 309/321 12 Missed - 96.26%
ETrust - 301/321 20 Missed - 93.76%
9) Trend - 300/321 21 Missed - 93.45%
10) Avast! Pro - 299/321 22 Missed - 93.14%
11) Panda - 298/321 23 Missed - 92.83%
12) Virus Buster - 290/321 31 Missed - 90.34%
13) KingSoft - 288/321 33 Missed - 89.71%
14) NOD32 - 285/321 36 Missed (results identical with or without advanced heuristics) - 88.78%
15) AVG Pro - 275/321 46 Missed - 85.66%
16) AntiVIR - 268/321 53 Missed - 83.48%
17) Antidote - 252/321 69 Missed - 78.50%
18) ClamWIN - 247/321 74 Missed - 76.94%
19) UNA - 222/321 99 Missed - 69.15%
20) Norman - 215/321 106 Missed - 66.97%
21) Solo - 182/321 139 Missed - 56.69%
22) Fire AV - 179/321 142 Missed - 55.76%
23) V3 Pro - 109/321 212 Missed - 33.95%
24) Per_AV - 75/321 - 246 Missed - 23.36%
25) Proland - 73/321 248 Missed - 22.74%
26) Sophos - 50/321 271 Missed - 15.57%
27) Hauri - 49/321 272 Missed - 15.26%
28) CAT Quickheal - 21/321 300 Missed - 6%
29) Vir_iT - 10/321 311 Missed - 3%
30) Ikarus - Crashed on first virus. - 0%

Interesting also to note, is the detection level of the US AVK version with KAV+RAV engines was higher than the German version with KAV+BitDefender engines. Several vendors have free versions of their for purchase AV's, we didn't test the free versions, as it would serve no purpose for this test, but based on the results, none of the free versions would have been very impressive anyway. The term "Heuristics" seems like it should be taken very liberally, as some products that claim to be loaded with Heuristics scored miserably on items they clearly didn't have definitions for. Scanning speed was not measured, as it was totally irrelevant to my testing, and on-access scanners were not tested, as it would have been too time consuming, but considering most products have similar on-access engines as on-demand, and use the same database, results most likely, would be very similar.

Cut through the hype, cut through the marketing schemes, this was a real test, with real samples, and none of these samples were provided to the antivirus software vendors in advance. This is real world, and these are likely badguys you'll encounter, since I got them in my real encounters, and all were aquired on the internet in daily activities which anyone out there might be involved in. (Installing shareware, filesharing, surfing, etc). Keep in mind that with ITW tests the AV vendors have full disclosure of what they will be tested on in advance, not so here, so heuristics and real detection algorithms will play a big part, as well as the depth and scope of their definition database.

[Edit: After re-testing the Kaspersky products with Extended Database option turned ON, the moved up effectively scoring 100% considering the 1% margin of error]

Directions

Rapidshare traces the users IP address to limit each user to a certain amount of downloading per day. To get around this, you need to show the rapidshare server, a different IP address. You can do this one of multiple ways.

Requesting a new IP address from your ISP server.

Here's how to do it in windows:
1. Click Start
2. Click run
3. In the run box type cmd.exe and click OK
4. When the command prompt opens type the following. ENTER after each new line.


ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit


5. Erase your cookies in whatever browser you are using.

6. Try the rapidshare download again.
Frequently you will be assigned a new IP address when this happens. Sometime you will, sometimes you will not. If you are on a fixed IP address, this method will not work. To be honest, I do not know how to do this in linux/unix/etc. If this works for you, you may want to save the above commands into a batch file, and just run it when you need it.

Want to share a folder, or multiple folders, quickly and easily?

You can invoke the Shared Folder Wizard by typing shrpubw.exe at the Run box or command line. The wizard takes you through the process of setting up a shared folder and allows you to start the process over within the same wizard, which is especially good if you want to make multiple folders shared.

How To Stop Spam

Change Mcft to microsoft

HOW TO STOP SPAM VIA WINDOWS MESSENGER SERVICE
Below you'll find many ways (sorted in the most successful ratio first) to stop the Windows Messenger service, depending on your system environment, some may require more than one process. This service is available only on NT, 2K, XP & Server 2003. Administrator Login is REQUIRED

About The Messenger Service


* Messenger is a Windows Service that runs in the background
* Messenger is not the same as MSN Messenger or any other Instant Messaging Program
* Messenger does not facilitate two-way chatting
* Many Windows Programs, Firewalls, UPS and Antiviruses require the Messenger Service
* Antivirus and UPS software, among others, may not work if Messenger is disabled
* The Messenger Service is usually turned on by default in most Windows NT, 2K and XP systems


1. Manually

1. Example 1

1. Click Start, Run and enter the following command:
RunDll32 advpack.dll,LaunchINFSection %windir%\inf\msmsgs.inf,BLC.Remove
NOTE: This will prevent a long delay when opening Outlook Express if you have the Contacts pane enabled
2. To prevent this, click Start, Run and enter {REGEDIT} Go to:
HKEY_LOCAL_MACHINE\Software\Mcft\Outlook Express
3. Right click in the right pane and select New, Dword value
4. Give it the name Hide Messenger Double click this new entry and set the value to 2
5. End result should look EXACTLY like this:
System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Mcft\Outlook Express]
Value Name: Hide Messenger
Data Type: REG_DWORD (DWORD Value)
Value Data: (2 = remove messenger)

2. Example 2

1. Copy and paste the following to Run Command Bar in the Start Menu:
RunDll32.exe advpack.dll,LaunchINFSection
%windir%\inf\msmsgs.inf,BLC.Remove

3. Example 3

1. If Example 5 didn't work, then try this - Many users miss or don't know of it
2. Click on Start then go to RUN and type:
C:\WINDOWS\inf\sysoc.inf
3. Change:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
4. To:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,7
5. Then use Add/Remove Windows Components to remove Messenger
NOTE: You can also prevent access to Windows Messenger using Group Policy or the Set Program Access and Defaults utility added by default in Windows XP SP1 and Windows 2000 SP3

4. Example 4

1. Open Windows Messenger
2. From the menu, select "Tools" then "Options" then "Preferences" tab
3. Uncheck "Run this program when Windows starts"
4. Open Outlook Express
5. From the menu, select "Tools" then "Options" then "General" tab
6. Uncheck the option to "Automatically log on", if it's there
7. Also in Outlook Express, select "View" then "Layout"
8. Uncheck the option to "display Contacts" - The program will open a connection and display a list of all Contacts on line if you do not
9. In "Startup Folder" make sure there is no entry there for Messenger
10. Open Norton Anti-Virus if you have it installed
11. Click "Options" then "Instant Messenger"
12. Unckeck "Windows Messenger (recommended"
NOTE: This list ought to work in disassociate MSN from Outlook Express, so that it'll only start up if you really want it to

5. Example 5

1. 2000

* Click Start-> Settings-> Control Panel-> Administrative Tools->Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK

2. XP Home

* Click Start->Settings ->Control Panel
* Click Performance and Maintenance
* Click Administrative Tools
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK

3. XP Professional

* Click Start->Settings ->Control Panel
* Click Administrative Tools
* Click Services
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties.
* Click the STOP button.
* Select Disable in the Startup Type scroll bar
* Click OK

4. Windows NT

* Click Start ->Control Panel
* Double Click Administrative Tools
* Select Services-> Double-click on Messenger
* In the Messenger Properties window, select Stop
* Then choose Disable as the Startup Type
* Click OK
NOTE: If you stop the service and don’t adjust the startup type, the Messenger service will start automatically the next time you reboot. Keep in mind that when you disable the Messenger service, you'll no longer receive messages about an attached UPS, and you won’t be notified of print job completion, performance alerts, or antivirus activity (from Windows) not the program you're using for those purposes.

6. Example 6

1. To disable receipt of messenger pop-ups, verify that your firewall disables inbound traffic on UDP ports 135, 137, and 138, and TCP ports 135 and 139. On a system connected directly to the Internet, you should also disable inbound traffic on TCP port 445. If the system you want to protect is part of a Win2K-based network with Active Directory (AD), don't block incoming traffic on port 445 - Mcft Knowledge Base Article - 330904
Code:
http://support.Mcft.com/default.aspx?scid=kb;en-us;330904

NOTE: You can use the firewall approach only if your system doesn't communicate with legacy systems that rely on NetBIOS name resolution to locate machines and shared resources. If, for example, you let users running Windows 9x share your printer or scanner, when you disable inbound NetBIOS traffic, users won't be able to connect to these shared resources. Regardless of the method you choose, you can stop messenger spam

2. Program

1. Example 1

NOTE: On Oct 15, 2003, Mcft releases Critical Security Bulletin MS03-043 warning users that the Windows Messenger Service running and exposed by default in all versions of Windows NT, 2000 and XP, contains a "Remote Code Execution" vulnerability that allows any not otherwise secured and protected Windows machine to be taken over and remotely compromised over the Internet
1. Shoot the Messenger
Code:
http://grc.com/files/shootthemessenger.exe


2. Example 2

1. Messenger Disable
Code:
http://www.dougknox.com/xp/utils/MessengerDisable.zip

NOTE: If you choose to uninstall Windows Messenger on a system with SP1 installed, you will receive an error message about "un-registering" an OCX file. This is normal, and doest not affect the removal process. Windows Messenger will still be removed

3. TEST

1. Example 1

1. Right-click "My Computer"
2. Select "Manage"
3. Under "System Tools" right-click on "Shared Folders"
4. Choose "All Tasks" and select "Send Console Message..."
5. If you recieve the following error message then the service has been disabled, otherwise confirm that you have disabled it or try another example
"The following error occured while reading the list of sessions from Windows clients:
Error 2114: The Server service is not started."

2. Example 2

1. Click Start then "Run"
2. Type in {cmd.exe}
3. Type in net send 127.0.0.1 hi
4. If you get a popup "hi" message, then confirm that you have disabled it or try another example

4. IF YOU INSIST

1. If you insist on keeping Windows Messenger, then I'd recommend Messenger Manager - "Allows you to keep your messenger service running, as is intended and needed by Windows. This ensures that vital system errors and notifications may be sent informing you of Important System Events"
Code:
http://www.sellertools.com/default.asp?i=MessageManager3.htm

2. However, as a replacement to Windows Messenger remote control feature, I'd recommend this free tool Virtual Network Computing - "It is a remote control software which allows you to view and interact with one computer (the "server") using a simple program (the "viewer") on another computer anywhere on the Internet. The two computers don't even have to be the same type, so for example you can use VNC to view an office Linux machine on your Windows PC at home"
Code:
http://www.realvnc.com/download.html



RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.

How to speed Up HTTP Requests On Internet Explorer

To comply with current Internet standards, Internet Explorer limits the number of simultaneous downloads to two downloads, plus one queued download. This configuration is a function of the browser. However, as connection speeds increase, and the number of total connections that are allowed to Internet servers increase, the two-connection limit may be restrictive.

Please Note: Changing the maximum number of connections beyond two is a violation of Internet standards; use at your own risk!

To increase the number of simultaneous connections that are allowed, follow these steps:

1. Start the Registry Editor
2. Go to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings
3. Select New > DWORD Value from the Edit menu
4. Name the new value MaxConnectionsPer1_0Server
5. Right-click the MaxConnectionsPer1_0Server value and choose Modify
6. Under Base, click the radio button next to Decimal
7. In the Value Data: box enter the number of simultaneous connections you want to set (for example 10 is a good value), and 8. click OK
9. Repeat steps 3 - 7 using the new value MaxConnectionsPerServer
10. Exit the registry editor

Visit

http://blogs.msdn.com/nickmac/archive/2004/08/25/220001.aspx

How To Speed Up A Slow Computer

first off in the bottom right hand corner of your computer if you see alot of icons start up there when you first start your computer then this is for you if you dont know already how to get rid of em.

Press your Start Button (bottom left) and go to "run"
now type in: msconfig
now you will get a box that pops up and will tell you bunch of stuff dont mess with anything else other than what I tell you otherwise you could do something really bad (possible) go to your "startup" tab on the top right of the screen where it usually is and click it.

Now you will have a closed in box with bunch of filenames n addresses and more boxes with checks in them. Now if your like me you dont want anything startin up when you start you computer up or while your even doing anything cause it slows you down. Now unless your like me right now 1 have 1 thing starting up when my computer starts up and thats my settin for my overclocked vid card. But other than that uncheck every box and then hit apply and ok. Then window you were jus in will now close and ask you if you want to restart or wait till later to restart.

Either way when you shut it off and then turn it back on the settins will kick in

How To Setup Your Own Dns (Domain Name Server)

This is only a quick tutorial, there are literally hundreds of little tricks you can do with a DNS, but this will get your basics up and running. I'm assuming you want to setup a windows DNS server, but the principals will work for most servers.

You will need..

1) A domain name over which you have full control
2) DNS server software(Windows server always comes with one of these)
3) At least one fixed IP address, allthough two is highly desirable
4) An idea of what services you want on your server

The first thing you need to do is create your new domain entry. In windows this is called a "Zone" and you will have one for every domain name you have. Add your main domain in the forward lookup zone as a Primary zone, which will be in the format "Domainname.com", or .co.uk, or whatever, you shouldn't need any more details for this bit. Do *not* allow dynamic updates unless this is a local network DNS. Once it is created you will have 2 entry's under your new domain, "SOA"(Or Start of Authority) and "NS"(Or Name server). If you want a 100% compliant DNS then you should now follow the same process but adding a domain as a reverse lookup zone. Any changes you make to the forward lookup should have the "Update Reverse Lookup" option ticked if its available, if not you must update the reverse zone manually(This is very important).

Now edit the "NS" entry in your forward zone to "NS0.DomainName.Com", and set it to the relevant IP address. Add another (NS) record and set it to "NS1.DomainName.Com". If using 2 IP address, try to make NS0 the first IP. Now you need to configure the SOA entry in the forward lookup zone. The serial number should be changed to a date followed by a number in this format "YYYYMMDDnn", this is not required, but is advised by RIPE. The primary server will be the "NS0.domainname.com" entry you just made and the responsible person should be left for now. The refresh interval should be set somewhere between 1200 to 43200 seconds, the retry should be between 120-7200 seconds and the expires after should be around 2-4 weeks(I'll let you work out the seconds for that). The minimum TTL is quite important, and depending on what you are going to do with the domain, you might need to tweak this a bit. Typically a value between 1-3 hours should be used. Now go to your "Name server" settings in your SOA record(In windows this is a tab in the same window) remove the defaults, and add your two Name servers that you just setup. We will come back to the SOA record later, but for now we need to do some more stuff.

If you want a website, then your going to want the WWW. setting up. We will set it up as an "A" record, which means it is a separate top level record and will be populated separately from other entries. So add an "A" to your forward lookup zone and put the entry as "WWW", and set the IP address to wherever you want the website to be. This will be where the domain always goes, and it could be anywhere. Just make sure there is a web server waiting there for it. If you want FTP, then setup the same thing but with "FTP" in the entry. You will now also have to setup "A" records for the NS0 and NS1 name servers that you added previously, just make them the same as WWW and FTP, but make sure the IP addresses match the ones used for setting up the "NS" records. Also add a blank "A" record, this will make sure that "domainname.com" works as well as "www.domainname.com".

Now you should decide whether or not you want to have mail on this domain. It is Hegel advisable that you set one up, even if it just to catch domain mail about abuse or potential problems that might occur. You can find plenty of high quality free mail servers out there, but I would recommend "Mail Enable", its free and provides everything you would want, but if you want webmail you do have to pay something extra for it. We will now configure the MX records. Add an "A" name for your mail server, you can add 2 if you want, but for simplicity I would advise staying with 1. We will call ours "Mail.domainname.com", and point it to one of our IP addresses. Now add an "MX" record in the Forward Lookup zone, giving it the full "A" record you just entered "Mail.domainname.com", and do not setup a host or child domain, just leave it blank.

This next step isn't needed, but is again highly recommended.

Now to finish the SOA you need to add two more records. A "RP" entry, which is a Responsible Person, and they will be the contact point for domain complaints and a "MB" entry, which is a mailbox entry. The "MB" should just be pointed to the mail server domain name "Mail.domainname.com", and the "RP" should have the host or domain set to the name of your mail box. So for this server it will be "Tony.Domainname.com", and the mailbox will be set to the "MB" record you just made. Don't worry about the RP address having no "@" in it, this is the expected format for an "RP" entry. You will now have to go back into the SOA and change the responsible person to the new "RP" record you just made.

And thats it, your done! You can add as many "A" records as you like to point to other web servers, or a multitude of FTP sites. And you can add "CNAME" records to basically point to another name, usually an "A" record, like an alias.

Now before you switch your domain on, you need to check that the server is performing properly. So go to www.dnsreport.com, and run the report on your domain "domainname.com", and it will give you a very detailed report of any problems, and even a short description of how to fix the problems. If all is OK, then you are ready to go live. If your domain name is new, or not currently hosted anywhere then the first thing you should do is re-point the domain at your new server. You will typically do this with the provider who owns the domain, and it will be different with all hosts. But the basic settings are the same. You will be asked for at least 2 name servers and ip addresses to go with them. Just put in "NS0.domainname.com" and "NS1.domainname.com" and put in the correct IP addresses. Make sure you do not mess this up, as changes to your main NS servers could potentially take several days to straighten themselves out. Update these settings, and then sit back and wait. You can do a whois on the main DNS server of your domain provider to check if the settings have worked, but again this doesn't always work. For the big 3 domains(.com .net .org) you can do a whois on the network associates site to see the changes instantly. You can also track the progress of the domain changes by doing an NSLookup in dos, like this...

c:\nslookup ns0.domainname.com NS0.yourprovidersdns.com

That will give you the entries your domain provider has

c:\nslookup www.domainname.com ns0.domainname.com

And this will tell you if the changes for your domain have gone through to your ISPs DNS yet. It should give you back the IP address of your new DNS server.

You should always make sure your server is backed up, and that you refresh or update the DNS when you are making changes.

If you're running ZoneAlarm Pro you will probably have considered that most of the "advanced" settings might as well be in Chinese for all the use they are. User friendly they are not!

If you are not on a LAN (connected to another computer in a network) you can use this guide to give your firewall some real muscle and a new lease of life:

Launch ZoneAlarm Pro and click to highlight the "Firewall" tab on the left hand side . In the pane that appears on the right hand side in the section "Internet Zone Security" set the slider control to "High" Then click the "Custom" button in the same section.

The next settings page is divided into two sections with tabs Internet Zone and Trusted Zone at the top of the page. Under the Internet Zone tab there is a list of settings that can be accessed by scrolling. At the top is the high security settings and the only thing that should check from there is "allow broadcast/multicast". The rest should be unchecked.

Scroll down until you get to the medium security settings area. Check all the boxes in this section until you get to "Block Incomming UDP Ports". When you check that you will be asked to supply a list of ports, and in the field at the bottom of the page enter 1-65535

Then go back to the list and check the box alongside "Block Outgoing UDP Ports" and at the bottom of the page enter 1-19, 22-79, 82-7999, 8082-65535

Repeat this proceedure for the following settings
"Block Incomming TCP Ports": 1-65535
"Block Outgoing TCP Ports": 1-19, 22-79, 82-7999, 8082-65535
Then click "Apply", "Ok" at the bottom of the page.

Back in the right hand "Firewall" pane go next to the yellow "Trusted Zone Security" section and set it to "high" with the slider. Click "Custom" and repeat the above proceedure this time choosing the Trusted Zone tab at the top of the settings page.

These settings will stop all incoming packets @ports 1-65535 and also block all pings, trojans etc... this will also stop all spyware or applications from phoning home from your drive without your knowledge!

And as always, don't let ZA phone home either....to fix this, manually enable you want to check for updates!