I've written some notes describing how to create a bootable Windows XP Pro plus SP2 slipstreamed CD.

I've written some notes describing how to create a bootable Windows XP Pro plus SP1 slipstreamed CD.

There may be occassion for some XP users to need to repair their installations. This does not always require a format and complete reinstallation. If a "repair install" is performed you can usually retain most of your settings as well as your currently installed software.

• First, boot from your Windows XP installation CD.
• When the "Press any key to boot from CD" message is displayed on your screen, press a key such as the [Spacebar].
• Choose the "setup Windows XP now" option by pressing [Enter].
• Next, press "F8" on the licensing agreement screen.
• Ensure that the screen is highlighting the XP installation you wish to repair, then press "R" to initiate the repair process.
• Finally, just follow the on-screen instructions to complete the repair.

You may decide that you want to hide some users so they don't show up with their own icons on the XP logon screen. Such hidden users can still logon by pressing Control-Alt-Del twice to reach the standard W2K/NT style logon box.

To hide users open the registry with Regedit.exe and navigate to the key:

HKLM\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon\SpecialAccounts\UserList

For each user you want to hide create a new REG_DWORD value named after the Username and set the value to 0x00000000 (0). Restart Windows for the change to take effect.

By default XP hides the Administrator account from view on the Welcome logon screen. You can still logon to the Administrator account by pressing Control-Alt-Delete twice, of course. However, if you'd like for the Administrator account to show up on the Welcome screen first use the registry editor to find the key:

HKLM\SOFTWARE\Microsoft\Windows NT\Current Version\Winlogon\SpecialAccounts\UserList

Create a new DWORD Value named Administrator with a value of 1. Then restart the computer for this change to take place.

Windows XP comes with built-in CD burning software derived from Roxio's Easy CD Creator.  However, the build-in software lacks many features so most advanced users install other software such as CDRWin, Fireburner, or Nero.  Many of these other programs require an ASPI layer to work properly.

There are a number of different ways to install ASPI layers: Force ASPI 1.7, LSI Logic ASPI, GRC ASPI Me!, and the official Adaptec ASPI Layer.

Windows XP comes with built-in Zip folder support. However, it has some unwanted side effects such as preventing zip file sizes from being displayed in the Explorer status bar.  Therefore, it is the duty of all hackers to remove such built-in lameness.

• First, go to the Start Menu and run this command: regsvr32.exe -u zipfldr.dll
• Next, use Regedit to open up the registry. Go to the top (press [home]) and then search (press [F3]) for all references to zipfldr.dll.  Delete all such references.
• Finally, use the Search tool on the Start Menu to find both instances of the zipfldr.dll file.  There should be one in \Windows\System32 and one in \Windows\System32\dllcache. Delete them both.
• After erasing those two files, Windows Fire Protection may prompt you for the CD-ROM but you should just cancel out of that dialog and continue. You don't want to reinstall the files you've just erased.

By default, Windows XP opens all picture files with the included Windows Picture and Fax Viewer no matter what other picture viewers you have installed. To disable the Windows Picture and Fax Viewer,

• First, go to the Start Menu and run this command:
  

  regsvr32 /u shimgvw.dll

• Next, use Regedit to open up the registry. Go to the top (press [home]) and then search (press [F3]) for all references to shimgvw.dll.  Delete all such references.
• Finally, use the Search tool on the Start Menu to find both instances of the shimgvw.dll file.  There should be one in \Windows\System32 and one in \Windows\System32\dllcache.  Delete them both.
• After erasing those two files, Windows Fire Protection may prompt you for the CD-ROM but you should just cancel out of that dialog and continue. You don't want to reinstall the files you've just erased.

• First, run this command:
  

  %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection NetMtg.Remove 132 msnetmtg.inf

• Next, delete all the matching files in the \Program Files\Netmeeting and %SystemRoot%\System32\dllcache folders.  I recommend a program like Beyond Compare for this - just compare the two folders and delete all the matching files.
• After erasing the Netmeeting files, Windows may prompt you for the CD-ROM but you should just cancel out of that dialog and continue. You don't want to reinstall the files you've just erased.
• After the uninstallation procedure is finished, restart your computer.

• Delete the follow folders, if they exist:

  C:\Program Files\Common Files\Microsoft Shared\Stationery
  C:\Documents and Settings\username\Application Data\Identities
  C:\Documents and Settings\username\Local Settings\Application Data\Identities
  C:\Documents and Settings\username\Application Data\Address Book
  C:\Documents and Settings\username\Local Settings\Application Data\Address Book
  

• Locate and delete the following registry keys, if they exist:

  HKLM\Software\Microsoft\Outlook Express
  HKLM\Software\Microsoft\WAB
  HKCU\Identities
  HKCU\Software\Microsoft\Outlook Express
  HKCU\Software\Microsoft\WAB
  HKLM\Software\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}
  HKLM\Software\Microsoft\Active Setup\Installed Components\{7790769C-0471-11D2-AF11-00C04FA35D02}

• Finally, find and delete all instances of the following files:

  csapi3t1.dll directdb.dll inetcomm.dll msimn.exe msoe.dll msoeacct.dll

  msoeres.dll msoert2.dll oeimport.dll oemig50.exe oemiglib.dll setup50.exe

  wab.exe wab32.dll wab32res.dll wabfind.dll wabimp.dll wabmig.exe

• After erasing the Outlook Express files, Windows may prompt you for the CD-ROM but you should just cancel out of that dialog and continue. You don't want to reinstall the files you've just erased.

You may notice on an XP computer with multiple users, that after you upgrade Windows Messenger to version 4.6 that it doesn't work for new user accounts. This is because v4.6 does not create all the registry keys needed. The less-than-elegant fix is simple however. Using the Administer account, uninstall Messenger v4.6 either by using the Sysoc.inf method mentioned above or by running the string:

Rundll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

Next, reinstall Messenger v4.5 so that all the proper registry keys are created.
You can find the installer for v4.5 here:

http://download.microsoft.com/download/windowsmessenger/install/4.5/wxp/en-us/mmssetup.exe

Then login to the account(s) that had problems with Messenger earlier to be certain they are functioning. Finally, log back in as the Administrator and use WindowsUpdate to upgrade Messenger to v4.6 again. Hopefully v4.7 will correct this upgrade bug.

• In folder options, make sure you can view hidden, system files.
• Use a text editor like Notepad to open \windows\inf\sysoc.inf
• Replace each instance of ,hide, with ,, and save the file.
• Now you can use the Add/Remove Programs applet in the Control Panel to remove previously hidden Windows components such as Desktop Wallpapers, etc.

Navigate to the registry key:

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\My Computer\NameSpace\DelegateFolders

and delete the {59031a47-3f72-44a7-89c5-5595fe6b30ee} subkey.

Open the registry with Regedit.exe and navigate to the key:

HKLM/Software/Microsoft/Windows/CurrentVersion/Explorer/RemoteComputer/NameSpace

Delete the task scheduler key: {D6277990-4C6A-11CF-8D87-00AA0060F5BF}

Open the registry with Regedit.exe and navigate to the key:

HKLM\System\CurrentControlSet\Services\LanmanServer\Parameters

Edit the AutoShareServer and AutoShareWks values and set them to 0 to disable hidden shares.
If these entries are not present, create them as REG_DWORD values.

• Start the registry editor (regedit.exe).
• Navigate to the key:

  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem.

• From the Edit menu select New - DWORD value.
• Enter a name of NtfsDisableLastAccessUpdate and click OK.
• Double click the new value and set to 1. Click OK.
• Reboot the machine.

• Store each album in it's own folder.
• Download the cover art for each album and save them as folder.jpg files inside the appropriate folders.
• Use the Thumbnail view to view your music collection.  Magic!

Open up Folder Options (My Computer>Tools>Folder Options) and select the View tab.  In the Advanced Settings section, scroll down and uncheck Use simple file sharing (Recommended).  Now you can share drives and folders as you would with earlier Windows versions.

Every time a program crashes, Windows prompts the user to send an error report to Microsoft. To disable this annoying "feature",

• Open Control Panel and double click on the System applet.
• Then select the Advanced tab.
• Click on the Error Reporting button.
• Select Disable error reporting and click OK.

Use Regedit to navigate to the following key:

HKLM\SOFTWARE\Microsoft\Dfrg\BootOptimizeFunction

and you can change the Enable value from N to Y as needed.

By default Internet Explorer reports itself to webservers as: Mozilla/4.0 (compatible; MSIE 6.0; Win32).  It's easy to change this, if desired.
Use Regedit and navigate to:

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings

Then change the User Agent string value to whatever text you'd like.

If you use System Restore to revert your XP system to a point before it was activated, this method will let you reactivate it.

• Start your Windows installation in Minimal Safe mode.
• Navigate to the \%systemroot%\system32 folder.
• Rename wpa.dbl to wpa.noact.
• Rename wpa.bak to wpa.dbl.
• Reboot your system as normal.

• Log in as the local Administrator.
• Navigate to the registry key:
  HKLM\Software\Microsoft\Windows NT\CurrentVersion\wpaevents
• In the right pane, right-click OOBETimer, and then click Modify.
• Change at least one digit of this value to deactivate Windows.
• Click OK and close regedit.
• Click Start > Run and type in: "%systemroot%\system32\oobe\msoobe.exe /a" and click OK.
• Click Yes, I want to telephone a customer service representative to activate Windows, and then click Next.
• Click Change Product Key.
• Enter your valid Corporate Product Key.
• Press Update and close the window.
• If you are returned to the previous window, click Remind me later.
• Reboot your computer.

Verify the change:

• After the computer restarts, click Start > Run 
• Type in: "%systemroot%\system32\oobe\msoobe.exe /a" and click OK.
• The dialog box should confirm 'your copy of windows is already activated'.

• First, open the Start Menu and Run the command: cmd
• In the command prompt window that opens you need to issue a command.
  Here are some examples (where testuser is the username):

net user testuser /times:M-F,5pm-9pm; Sa,6am-9pm;Su,6am-9pm
net user testuser /time:M-F,08:00-17:00
net user testuser /time:M-F,8am-5pm
net user testuser /time:M,4am-5pm;T,1pm-3pm;W-F,8:00-17:00
net user testuser /time:all (this one means this user can always log on)

• To see if your PC is at risk create a folder called C:\Test and fill it with some trash files.
• Then click this link here.
• If the C:\Test folder is empty, your PC still has the bug.
• Applying ServicePack1 should correct this problem.
• However, a quick fix is to delete the file: C:\WINDOWS\PCHEALTH\HELPCTR\System\DFS\uplddrvinfo.htm

• Open the Services applet. (Control Panel > Administrative Tools > Services)
• Stop the Automatic Updates service, then set it to be Disabled.
• Next, delete the files: wuauclt.exe, wuaucpl.cpl.manifest, wuaueng.dll, wuauserv.dll in the %SystemRoot%\System32 and %SystemRoot%\System32\dllcache folders. (You may need to reboot the computer before Windows will allow those files to be deleted.)
• After erasing those files, Windows Fire Protection may prompt you for the CD-ROM but you should just cancel out of that dialog.

Just in case you need it, I've posted a list of the default services and their settings with which Windows XP ships.

If you discover that your remote desktop sessions have reverted to just 256 colors, check the value for "Shell Icon BPP" under

HKCU\Control Panel\Desktop\WindowMetrics

on the server machine. If it is set to 32, then change it to 16. You may need to reboot the server machine and clear the Terminal Services Client cache on the client machine for this to take effect.

• Make a backup the SFC_OS.DLL in the %SystemRoot%\System32 directory in case you make a mistake.
• Make another copy of SFC_OS.DLL called SFC_OS.NEW and open it in a hex editor.
• Find the values "83F89D7508" at 0000EC84 and change it to "3BC0EB3290" and save the file.
• Next, use the registry editor to find the key,

  HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon

• Change the value of "SFCDisable" to equal "ffffff9d" to disable WFS or "0" to enable it.
• Finally, reboot with your dual boot OS or using a Linux or Bart PE Live disc.
• Copy the edited file as SFC_OS.DLL over the existing file in %SystemRoot%\System32\dllcache and %SystemRoot%\System32.
• Restart Windows normally and Windows File Protection should be disabled.

There are some 3rd party CD-Writing programs and emulators that can corrupt your registry so that the cd-rom drives do not appear in explorer. Follow this procedure to fix this problem:

• Open the registry editor (regedit.exe).
• Navigate to the key, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}
• Delete UpperFilters and LowerFilters.
• Close the registry editor and reboot.
• You should now have your cd-rom back.

Apparently newer nVidia drivers install a service that changes the My Computer and My Network Places icon names back to their defaults from any changes the user might have made. From the Control Panel, open the Administrative Tools and then open the Services applet. Disable the nVidia Driver Service to prevent this annoyance from recurring.

• Click Start > Run 
• Type in: rundll32.exe advapi32.dll,ProcessIdleTasks and click OK.

Prefetch is enabled by default but you can change its performance. Simply navigate to

HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\PrefetchParameters

in the registry and find the value EnablePrefetcher. The most aggressive setting is 5, while a setting of 0 disables it. The \windows\prefetch folder needs to contain a file named Layout.ini. If it gets deleted, simply recreate it with the following lines,

[OptimalLayoutFile]
Version=1

This may also prevent the clean disk tool (cleanmgr.exe) from prompting the user needlessly.

You can use TweakUI if you have it installed. Open TweakUI and select the Taskbar and Start menu, then take the checkmark out of "warn when low on disk space" and click Apply.

Or if you want to do it manually open the Registry Editor and find the key,

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Find the value called NoLowDiskSpaceChecks. If it's not there you'll have to create a new DWORD value with that name. Set the value to be 1. Reboot for it to take effect.

Open the Registry Editor and find the key,

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer

Disable Automatic Network Shortcut Resolution:
Find or create the DWORD value called LinkResolveIgnoreLinkInfo and set it to 1.

Disable Comprehensive Search for Broken Shortcuts:
Find or create the DWORD value called NoResolveSearch and set it to 1.

Disable Tracking of Broken Shortcut Links:
Find or create the DWORD value called NoResolveTrack and set it to 1.

Reboot for these to take effect.

Open the System Properties dialog box.
Select the Advanced tab and click the Environment Variables button.
Then click the New button under the System Variables panel.
In the New System Variable dialog box, type devmgr_show_nonpresent_devices in the Variable Name text box and 1 in the Variable Value text box.
Click OK to return to the System Properties dialog box and then click OK again.
Select the Hardware tab and click the Device Manager button.
In the Device Manager, go to View | Show Hidden Devices.
Expand the various branches in the device tree and look for the washed out icons, which indicate unused device drivers.
To remove an unused device driver, right-click the icon and select Uninstall.

To change this you need to create a system environment variable called MYVIRTUALMACHINES with a value of the path that you want Virtual PC to use for the default location for storing virtual machines.

Open the Registry Editor and find the key,

HKLM\SYSTEM\CurrentControlSet\Services\nvata or HKLM\SYSTEM\CurrentControlSet\Services\nvatabus depending on your particular chipset.

Find or create the DWORD value called DisableRemovable and set the value to 1.
Reboot for it to take effect.