dslreports logo

    All FAQs Site FAQ DSL FAQ Cable Tech About DSL Distance DSL Hurdles »»


how-to block ads

This Section

8. Misc

•This article describes how to prevent Windows Messenger from running. By default, Windows XP Professional and Windows XP Home Edition install Windows Messenger, and the user interface does not provide a way to remove or to uninstall Windows Messenger.

Microsoft Knowledge Base Article - 302089
•Microsoft has not made it easy to get rid of Messenger but there is a simple way to remove it forever. Here are the steps:
    •Click Start, Run.•Copy and paste the following into the Run box and click ok. A status bar will pop up and after you reboot your system it will be gone, for good!:
    RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove

•If you just want to stop Messenger from starting when you use certain MS web sites or programs, you can follow these steps.

Note: Any updates involving Messenger installed from Windows Update or elsewhere will reinstall Messenger. To stop that, see below.
•For those who wish to add additional Registry entries to prohibit Messenger from being reinstalled, run the Batch file NOMSNGR.bat contained within this ZIP file.

If you wish to restore your original settings please run WMRESET.BAT (also included in the ZIP) to remove the registry settings that prevent Windows Messenger from running. You will then need to manually reinstall Windows Messenger on your computer.
•You may also wish to check the Add/Remove Programs applet in the Control Panel.

by slash See Profile
last modified: 2004-07-15 16:21:51

Update 12/17: The latest build is now 3809 and can be found via Windows Update or by using the Windows Update Catalog (look for 810030: Microsoft VM Security Update or vm under Critical Updates). Full instructions can be found below.

You can also download Java directly from the makers of Java, Sun Microsystems.

Just click here to go to the Sun Java Download Page and click Yes at the ActiveX Security Prompt.

1. Go to the Windows Update web site.
2. Click on "Windows Update Catalog".
3. Click on Find updates for "Microsoft Windows operating systems".
4. Select your OS from the list.
5. Click "Advanced search options".
6. In the text box, type in "VM" but without the quotes.
7. Click the button to search.
8. Click the "Critical Updates and Service Packs (1)" link.
9. There you go, the Microsoft Java Virtual Machine.

Added 6/27/03:
Here is a direct link to the latest version (3810). Thanks go to NeO_JAW.

by trparky See Profile edited by MSeng See Profile
last modified: 2004-06-06 18:25:24

A slipstream disk using XP and SP1 is a disk that integrates XP and SP1 into one bootable installation disk.

Links are provided to create a XP & SP1 slipstream disk using Roxio and Nero.

Using Roxio EasyCD Creator:

From tackteck.com.

Using Nero:

From tackteck.com.
(Added 8/03):
For additional information and customization on slipstreaming, see this link as recommended by bcastner in this Microsoft Help Forum thread.

by blank name$$$ See Profile edited by MSeng See Profile
last modified: 2003-08-17 11:28:02

Shell Hardware Detection must be set to Automatic in Administrative Tools / Services. If Shell Hardware Detection is set to Manual or Disabled, the CD Drive Autoplay Tab will be missing and the CD Drive will not autoplay.

Feedback received on this FAQ entry:
  • It is om auto and started but still no tab and no auto start!

    2012-08-03 21:20:27

by GolfBall$ See Profile edited by MSeng See Profile
last modified: 2002-03-24 12:37:12

These are Windows XP Professional instructions.

Yes, there is a way, and it is built into the OS itself, but you have to convert to NTFS to take advantage of it.

To convert over to NTFS, go to the command prompt (Start Menu -> Run -> cmd) and type in the following command.

convert x: /fs:ntfs

x being the drive letter that you want to convert

Once you have converted over, open Windows Explorer, go to the Tools menu, Folder Options, View tab, and then uncheck Simple File Sharing. Right-click on the folder, choose Properties, go to the Security tab, click the Advanced button. On the Permissions tab, you will find a check mark by "Inherit from parent the permission entries that apply to child objects. Include these with entries explicitly defined here.", uncheck it. When you uncheck it, a message box will come up with the heading "Security", click the Copy button. Click the OK button back at the Permissions window to get back at the Folder Security settings.

Remove every user name including the Administrators group, except SYSTEM and CREATOR OWNER. Click Add to add a user. In the "Select Users or Groups" window, click the Advanced button. A new window will appear, click the Find Now button. Select the users that you want have have access to the folder (yes, you can select multiple users by using the Control key on the keyboard while clicking on the names). Once you have selected the users or groups that you want to allow access to, click the OK button. Click the OK button again in the "Select Users or Groups" window.

Make sure that you set Full Access to the users or groups that you want access to the folder. Also make sure that the SYSTEM user has Full Access.

Note that if a user that has been denied access to a particular folder attempts to access the folder, Windows will come back with an "Access Denied" error. The folder will still be visible to the user without access but the user will be unable to view the folder contents, execute, view, or edit the files stored in the folder.

by trparky See Profile
last modified: 2002-03-21 14:34:46

Compatibility Mode is a feature in Windows XP that allows Windows XP to run a program in a mode not native to Windows XP.

For example.....You have a program that will run perfectly on Windows 98, but it won't run on Windows XP. You can tell Windows XP to run that program in Windows 98/ME Compatibility Mode, thus effectively hiding itself from the program in question and making the program think that it is running in Windows 98.

You can enable Compatibility Mode for any program that you choose. Simply find the EXE of the program, right-click on it, choose Properties, click the Compatibility tab, and set the preferences.

You can find more detail on Compatibility Mode from this KB article:
How to Troubleshoot Program Compatibility Issues in Windows XP (Q285909)

Feedback received on this FAQ entry:
  • may i know what is compatibility mode? and what function it does in various Os?

    2009-05-09 01:09:27

by trparky See Profile edited by MSeng See Profile
last modified: 2002-07-04 09:17:05

Sometimes a boot disk is required to recover from various problems, such as:•Corrupted boot sector.•Corrupted master boot record (MBR).•Virus infections.•Missing or corrupt NTLDR or Ntdetect.com.•Incorrect Ntbootdd.sys driver.

You can find instructions for accomplishing this in all versions of XP from the Knowledge Base Article: Creating a Boot Disk for an NTFS or FAT Partition (Q311073)

by MSeng See Profile

Yes there is a way to find out how long Windows XP has been up. In fact, this tip will work on Windows 2000 also.

There is a program that Microsoft distributes to do this very task. You can download it here.

Networked users (or those with an ethernet based broadband connection) can also get Uptime information by clicking on the Local Area Connection status in your taskbar. Note - this is for NETWORK uptime and may not accurately reflect actual system uptime.

There is a Real-Time version of Microsoft's Uptime monitor using Microsoft Visual Basic .NET for the x86 platform created by one of our users. You can download that here.

by trparky See Profile
last modified: 2005-03-05 11:08:13

Microsfot has provided some information in these KB articles:

Overview of Remote Assistance in Windows XP (Q300546)
HOW TO: Configure a Computer to Receive Remote Assistance Offers in Windows XP (Q301527)

by slash See Profile
last modified: 2004-11-17 14:39:43

Basically, it is the same as accessing the command line in Windows 9x.

Just go to the Start Menu, click Run, then type "command" or "cmd".

Note that "command" doesn't support long file names. It displays files and folders in 8.3 format. "cmd" has full long file name support.

by trparky See Profile

Win XP like Win2000 is set to collect physical drive data. Most don't need this as it consumes extra drive transfer time. To disable the disk performance counters: Go to->Start->Programs->Command Prompt Now type in: diskperf -n then reboot. There is a space between the f and the dash (-).

by Skipdawg See Profile

Edit the registry and add/update this (REG_DWORD) :

[HKEY_CURRENT_USER /Software /Microsoft /Command Processor]
DefaultColor = 0A (Black background with green text)

Color codes to use(HEX)
0 = black
1 = blue
2 = green
3 = cyan
4 = red
5 = magenta
6 = yellow/brown
7 = white
8 = gray
9 = bright blue
A = bright green
B = bright cyan
C = bright red
D = bright magenta
E = bright yellow
F = bright white

Feedback received on this FAQ entry:
  • thz very helpful any idears on how to alter notepad via cmd

    2011-05-27 13:26:07

by Skipdawg See Profile


Go to System Properties -> Date and Time -> Internet Time -> activate or deactivate "Automatic Synchronisation with Internetserver.".

by Skipdawg See Profile
last modified: 2002-03-10 06:22:26

Usually the Win9x will be the C: drive, which also contains the files needed for booting. So, you cannot simply reformat this partition to remove Win9x. Instead, the following procedure should work:

1. Delete the C:\Windows and C:\Program Files folders, along with any other folders on the C: drive that you do not need anymore.
2. Convert the C: drive to NTFS if desired, using the convert program.
3. Edit C:\boot.ini to remove the Win9X reference.

Some reports also say you can format the C: drive and boot from the Win XP CD, which will allow you to repair the boot files.

by ClmsnTgrFan See Profile edited by trparky See Profile
last modified: 2002-03-05 14:20:33

Step 1: Put your Windows XP install CD into your CD-ROM drive.
Step 2: Go to the Start Menu and select Run.
Step 3: Type in the following command.
X:\i386\winnt32.exe /cmdcons
X being your CD-ROM drive letter.
Step 4: Click Yes to the prompt to install.
Step 5: Restart the computer. The next time you start your computer, you will see a "Microsoft Windows Recovery Console" entry on the boot menu.

by trparky See Profile


Right-click the title bar of an open command window and click Properties. Set the colors, font, window size, etc. When you Save, you'll be asked whether it applies only to this window or all windows opened using the same shortcut.

Alternatively, you can right-click the shortcut, click Properties, and do the same thing.

by CyberSchnook$ See Profile edited by Skipdawg See Profile
last modified: 2002-03-24 20:51:34

The next step in product evolution is the introduction of "Freestyle" and "Mira" which essentially are steps to make computers be more portable while still having access to all of your information. These technologies are likely to be included in Windows Longhorn which will ship 2004. Some great info on this technology can be found on WinSuperSite.

Microsoft is currently developing technology, codenamed Palladium in conjunction with the TCPA (Trusted Computing Platform Alliance).

An interesting FAQ on Palladium and TCPA can found here -- TCPA / Palladium Frequently Asked Questions.

by slash See Profile edited by MSeng See Profile
last modified: 2003-02-11 22:02:18

Device Manager tends to hide devices that may have been in your system at one time or another. This sometimes occurs after your have installed a new sound card, video card, or a new USB device.

There are ways to make Windows Device Manager show these hidden devices.


You can either enter that at a command prompt, or add it to your environmental variables ( Start Menu --> Control Panel --> System --> Advanced ). Click the Environment Variables button. Under System Variables [user variables also works] click 'New', enter "DEVMGR_SHOW_NONPRESENT_DEVICES" with the value of "1").

After doing the above, open Device Manager, click View in the ToolBar, then Show Hidden Devices.

You'll see a lot more devices to work with then before you did this tweak.

This helps when you want to uninstall a driver for a piece of hardware that is long gone.
This can also be done via a Registry entry.

Open RegEdit and browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Environment.

Make a new String Value with a name of "DEVMGR_SHOW_NONPRESENT_DEVICES". Give it a value of "1".

by trparky See Profile edited by MSeng See Profile
last modified: 2003-02-11 22:04:45

Depending on how you run a command-line program, its output console window may briefly be displayed, but vanish before you've been able to read it.

This will happen if you type the command into the Run box on the Start menu, or double-click on the program's .exe file. Command-line programs are generally intended to be run from the command prompt.

First, you must open a command prompt. Type 'cmd' into the Run box, or choose 'Command Prompt' from Start -> Programs -> Accessories.

Then, in the command prompt's window, type the command you're interested in. The output from the command will go to the command prompt's window, which will not vanish when the command terminates.

To close the command prompt window, type 'exit'.

by dave See Profile edited by MSeng See Profile
last modified: 2002-05-29 00:57:26

There are a few sites out there with great information that help the user understand what the error in the BSOD actually means.

Check these out:
Microsoft MSDN Library
Inside the Blue Screen
Stop Messages
Event ID

by slash See Profile edited by MSeng See Profile
last modified: 2003-03-11 20:41:38

Windows XP (as with Windows 2000 and NT) has NATIVE support for multiple users. Each user account is 99% INDEPENDENT from ALL the other user accounts. Account A does NOT interfere/mess with Account B. Therefore, when you create an account, it will have it's own settings (desktop shortcuts, My Documents folder, appearance settings, etc...)

ONLY Computer wide settings are reflected in all accounts. Example: You change the computer time, ALL of the accounts will have the changed time. You reconfigure a printer in the Hardware Manager, ALL of the accounts will have the change. You install a program like Microsoft Word, ALL the accounts can use Microsoft Word (if you let them). These are system wide settings.

Open up My Computer, double click your main hard drive (usually Local Disk C), then double click "Documents and Settings". In this folder, are more subfolders of all the user accounts on your computer.

For example, if you have the following user accounts: Mom, Dad and The Kids, you will see the following folders,
"C:\Documents and Settings\Mom"
"C:\Documents and Settings\Dad"
"C:\Documents and Settings\The Kids"

And inside those folders will be each accounts settings and files. For example, Mom's "My Documents" is located in "C:\Documents and Settings\Mom\My Documents" and her Favorites are located in "C:\Documents and Settings\Mom\Favorites". Same with Dad, Dad's "My Documents" are in "C:\Documents and Settings\Dad\My Documents" and so on.

This is how Windows XP manages user accounts, a folder for each user. Each users settings (settings from the Registry and whatnot) also reside in the user's respectable folder.

Now, if you install a program in Mom's account, you can log into The Kids and use it. You don't have to install the same program in each user account. Once it's installed on your computer, it's installed and all user accounts can use it. When you install a program, it's usually installed to the directory of "C:\Program Files\(Program name)", NOT the folder that contains the user accounts.

Now, to create a new user account, go to the Control Panel either through the start menu or My Computer, click "User Accounts" > Click "Create a new account". Type in the name of the account, this is what is seen on the login screen, and in the folder "C:\Documents and Settings\". Next,you have to choose what TYPE of user account you want it to be. You can choose between "Administrator" or "Limited". It's very simple, an "Administrator" account has complete access to the computer, whereas a "Limited" account cannot install programs, change system wide settings, or make any changes outside of their own account. If "The Kids" have a habit of installing software you don't like, keep messing up the network card, or like to delete files they shouldn't be deleting, make them be a "Limited" user account. HOWEVER, some programs REQUIRE Administrator access to them, and if they do, you have to let them be an "Administrator" account or you can right click on a program shortcut, choose properties, then under the Shortcut Tab click the advanced button. You then want to click the button that says to "run with different credentials." This will pop up a box (similar to the 2k style login screen) that allows a user with different privileges to run a program.

Now, as far as your shortcuts and the others getting mixed up, they wont. The only shortcuts that mix are the "All Programs" shortcuts to programs. For example, go to Start > All Programs. You'll see a list of all installed programs. Now, when you install a program in Dad's account and because when a program installs, ALL user accounts can access it, you see the shortcut to the program in all of the user accounts.

So if you install Program A and DO NOT want to let The Kids have access to it, here's what you do.

Go back to "C:\Documents and Settings\". Now, go to the "All Users" folder. Inside this folder are things that all user accounts will see very simply. Now go into "Start menu" and into "Programs". This is where the shortcuts to all your "All Programs" are stored. Simply move Program A from here, to your own user accounts folder. So in essence, you MOVED the shortcut "Program A" from "C:\Documents and Settings\All Users\Start menu\Programs" to "C:\Documents and Settings\Dad\Start menu\Programs" and if Mom needs it, COPY it to "C:\Documents and Settings\Mom\Start menu\Programs".

This does not necessarily stop the kids from using the program though, they can explore the hard drive and find the program and execute it that way.

by Ctrl Alt Del See Profile edited by Kramer See Profile
last modified: 2009-04-08 20:39:05

This question is usually asked by people who are used to Win9x. In those operating systems, the "percentage of free system resources" is a critical thing to know.

It actually arises because of an architectural limitation in Win9x: two system memory areas are extremely limited (64KB each) due to the 16-bit heritage of the OS.

This doesn't apply to NT4/2000/XP as it did in 9x. Memory heaps are essentially unlimited. There is no need or benefit in having some "percentage used" figure, and there is no such number displayed.

You can find out useful system information about resources (in the general sense, not the specific Win9x sense) from the Performance tab in Task Manager. Hit ctrl+alt+del (or ctrl+shift+esc for a direct route in Classic mode) to open up the Task Manager.

by dave See Profile edited by slash See Profile
last modified: 2002-06-16 17:13:24

By default NTBackup is not installed in WinXP HE, but it is still available. To install it :

1) Insert the XP home CD-ROM
2) Go to the folder VALUEADD\MSFT\NTBACKUP
3) Double-click the ntbackup.msi file
4) Your done.

* For more information see MS KB Q302894

by Skipdawg See Profile

If your Windows XP based Dell computer is losing time while the computer is turned on, you can try the following commands to fix it:
1. Click on Start, Run, CMD which will open a command line window.
2. Type 'Net stop w32time' then press Enter
3. Type 'w32tm /unregister' then press Enter
4. Type 'w32tm /unregister' then press Enter
5. Type 'w32tm /register' then press Enter
6. Type 'Net start w32time' then press Enter
7. Close the command line window

by jaykaykay See Profile edited by slash See Profile
last modified: 2002-06-30 22:09:42

The two are similar programs but GoBack goes much further than System Restore.

System Restore only backs up your registry and other key files while GoBack backs up your entire system.

For most people System Restore is enough but if you tend to install a lot of software and make a lot of changes to your system, GoBack may be best.

Both applications run in the background but GoBack can noticeably slow down your system while System Restore is more transparent in the day to day operations.

by slash See Profile edited by trparky See Profile
last modified: 2002-08-30 12:06:05

In XP (and 2k for that matter) it's called "chkdsk" and it can still be accessed by right-clicking a drive in My Computer and choosing the Tools tab.

If you use the NTFS file system, it is not necessary to use chkdisk since it is a journaling file system and keeps track of everything that happens to the drive.

by redxii See Profile edited by slash See Profile
last modified: 2002-08-12 18:15:04

By default, Windows XP will remember the view settings for the 400 most recently used folders. After that, XP will begin overwriting the data of the oldest folder, and its view setting will be lost. The information is stored in the registry by two keys:


These keys can be modified to make XP remember more folder settings. There are three different ways available to make this change:
  • Manually change the registry entries.

    1. Open Windows Explorer and go to Tools--Folder Options--View--Advanced Settings. Ensure that "Remember each folder's view settings" is checked.

    2. Open Regedit and go to HKCU\Software\Microsoft\Windows\Shell. Right-click on "Shell", then follow to New--Key--DWORD Value. Name this item "BagMRU Size" (without quotation marks, but with a space between BagMRU and Size). Double-click BagMRU Size, give it a Decimal value of 2000, then click OK.

    3. Now go to HKCU\Software\Microsoft\Windows\ShellNoRoam. Create another BagMRU Size DWORD Value for "ShellNoRoam". Again, give it a Decimal value of 2000, then click OK.

    4. You will have two "BagMRU Size" values equal to 0x000007d0 (2000).

    5. Close the registry and reboot. Windows XP will now remember 2000 folder view settings instead of 400.

  • Download and install TweakUI 2.0 for Windows XP (found here), then go to Explorer-->Customizations and set the value accordingly.

  • Go to Kellys Korner, scroll down to the Folder Views - Keep Settings (Pete) section, download and execute the reg file provided.

Service Pack 2 adds the necessary DWORD values to the keys referenced above. Thaks to Fat City See Profile for confirming this in a Microsoft Help forum thread.

by bluebottle$ See Profile edited by MSeng See Profile
last modified: 2007-12-29 18:38:46

For some reason, MS took out the ability to put pictures in the background of your folders in XP. Below are the steps required to get your selected picture back in there...
    •Open the folder you want a background on.•Make sure you can see ALL files. To do so: Go Start > Control Panel > Folder Options > View tab, under "Hidden files and folders" check "Show hidden files and folders" AND UNCHECK "Hide protected operating system files (recommended)".•Check to see if that folder has a file called "desktop.ini". If the folder does NOT have that file, you need Windows to create it for you... Right click in an empty area of the folder > Properties > Customize tab > Click "Customize" button > select the normal folder icon, Apply, OK (doing this creates the file). Note - you can delete this choosing of the folder icon later. All you want is the file, not the folder icon.•Open desktop.ini and add the following lines of code:

    IconArea_Image=C:\My Folder Background.jpg

    If you had to perform the second part of number 3 (You had to select an icon for the folder so Windows would create the file), you can delete the following code, which was used to change the folder icon:

    IconIndex=(some number)

    This lets the folder have the default icon back, but the desktop.ini file which you want still remains, and now only contains the code for a background image.•Finally, edit the last line of code (IconArea_Image=C:\My Folder Background.jpg) to the path of your picture, save the file and close it. Refresh the folder and it should have the new background.

Feedback received on this FAQ entry:
  • easy and simple method written by me... AmanAhad click here http://amanahad.blogspot.com/2013/11/have-personalized-logon-wallpaper-in.html

    2013-11-11 05:09:34

  • pwede... astig... thank's alot... thank you so much^_^

    2011-01-25 01:08:10

  • it was one of the best tutorials i finally go it. thank you.

    2009-11-30 05:29:18

by Ctrl Alt Del See Profile edited by MSeng See Profile
last modified: 2002-11-23 10:51:42

There are two programs that can you can use to view the installation CD key used during the installation of Windows XP.

There is one that can only read the Windows XP Installation Key and then there is one that can read both the Windows XP and the Office XP installation key.

As a bonus feature to the Magical Jelly Bean's Windows XP/Office XP Key Installation Viewer, you can also change the installation keys.

Windows XP Installation Key Viewer
Magical Jelly Bean's Windows XP/Office XP Key Installation Viewer

Feedback received on this FAQ entry:

by redxii See Profile edited by trparky See Profile
last modified: 2003-01-23 15:40:54

First make sure it is not a system file. After you have determined it to not be a system file follow these steps:
    •Close all open applications.•Open a command prompt and navigate to the directory with the offending files.•Then open the Task Manager and click on the Processes tab. select "explorer.exe" under Image Name. Click "End Process".•This will leave only the command prompt and the task manager running.•Now at the Command Prompt, its time to delete the file(s) using the DEL command. Example -- from the c:\movies directory type del movie.avi•Now the files are deleted, go to the task manager and click on the Applications tab. Click the "New Task" button. in the dialog, type explorer.exe and click OK.

Added 12/21/02 -- ref: this MS Help forum post:
As alot of you know XP will sometimes hang onto a file causing you to go into the command prompt and kill explorer to delete the file. Well if you want a permanent fix read on:

1. open up regedit.exe and head to the following key

2. Delete the default value and close regedit.

This should keep you from having to go through the long process of having to close everything and use the command prompt to delete the file.

Feedback received on this FAQ entry:
  • It did not work. I still could not delete the .part file.

    2013-09-06 16:14:02

  • hello could you please help me. i have someone remoting my computer. and i have no access to anything. i have intranet and kerbos like i am on a domain, but i should not be. please could you help me. thank you so much joviroo@yahoo.com thank you

    2010-08-15 12:16:32

by Kaotic See Profile edited by MSeng See Profile
last modified: 2003-05-26 09:28:10

This behavior may occur if Task Manager is running in Tiny Footprint mode. If you double-click the empty space in the border around the tabs, Task Manager switches to this mode.

To switch Task Manager to its typical display mode, double-click the gray border of the window.

Normal Task Manager:

Tiny Footprint Mode:

Feedback received on this FAQ entry:
  • Thank you very much. Kriengsak from THAILAND

    2011-05-19 09:25:41

by DavisPhotog See Profile edited by slash See Profile
last modified: 2003-03-23 09:05:06

From Microsoft -- the definition of System Idle Process:
This process is a single thread running on each processor, which has the sole task of accounting for processor time when the system isn't processing other threads. In Task Manager, expect this process to account for the majority of processor time.

The system idle process uses all the CPU time that is not used by anything else. CPU time is like any other time; you can't not use it. If you do nothing, you're still using time: you are using time to do nothing.

If the system idle process is using 99% of the CPU, then your CPU is busy only 1% of the time. That's good, not bad.

by dave See Profile edited by MSeng See Profile
last modified: 2003-06-05 21:29:22

Firstly, let's talk about the numbers. They are in 4 groups, labelled Totals, Commit Charge, Physical Memory, and Kernel Memory.

Totals: tells you how many handles, processes, and threads there are allocated in the OS. The numbers are simple counters, but the words are quite tricky to explain, because they're basic programming concepts, and basic concepts are always tricky (try explaining the verb 'to be' some time).

Handles: the kernel supplies programs with 'objects' such as files, shared-memory sections, registry keys, and so on. A program uniformly manipulates an object by means of a handle, which is a temporary connection to the object. A handle is not the object; for example, if a file is opened for 17 different uses at the same time, it will have 17 different handles connected to it.

Processes: a process is an instance of a program in execution. If you're running Explorer 3 times, then there will be 3 processes running. See the difference? The program is the thing that persists - the program you had yesterday is the program you have today (unless you did something!). Processes come and go.

Threads: what actually runs in a process. Each process is made up of one or more threads, at the decision of the programmer. The threads execute in a more-or-less independent manner. If you had enough processors, they could all really execute at the same instant. Otherwise, they only appear to be all running at the same time.

None of these numbers have 'proper' values. Mostly, if they start increasing without limit, then it's time to suspect that something is going wrong. A program can cause a 'handle leak' by failing to close files, for example (though if you kill the process, all its handles will then be closed by the OS; this isn't DOS).

Commit charge: this measures the amount of 'committed virtual memory' (see the VM FAQ for background) in the system. This is all memory requested by processes that is not backed by some named file (for example, the program instructions are stored in the program.exe file and thus are not counted in the commit charge). One way to look at this is that the system has a certain budget for virtual memory, and each program request is charged against that budget.

The Total commit charge is the current in-use value; the Limit is the sum of the pagefile sizes and the physical memory that's available in principle for programs (i.e., not counting all the permanently-resident parts).

The Peak is simply the highest value recorded since boot.

Physical memory: this is easy. The total is the amount of memory that the OS detected, and the available amount is pretty much what you'd expect. The so-called system cache size is actually the size of the system 'working set' (i.e., the amount of physical memory used by the System process, pid 4, which is a process wired in to the kernel and which executes threads on behalf of the kernel and device drivers). The system file cache temporarily holds contents of files, to speed system performance, and is probably the largest consumer of memory in the System process, though, so it's a reasonable approximation.

Kernel memory: tells you how much memory is in use by the kernel and device drivers. I believe (but I could be wrong here) the numbers here are virtual memory counts. For non-paged memory, there's no difference: the virtual memory is always resident in physical memory. For paged memory, the size is virtual; the physical memory occupancy could be less.

Now, the graphs and meters. Despite their headings, the PF Usage and Page File Usage History displays don't measure Page File Usage. They measure the total commit charge. The total commit count is sort of related to page file use; it's how much page file you'd use if everything that could possibly get written to the pages file, was in fact written to the page file. On Windows 2000, the same displays are called Mem Usage, leading people to think they measured physical memory use. That wasn't right either.

What do you expect from a program calling itself the "Task Manager" anyway? There is nothing called a "task" in the operating system kernel - the OS has "processes" and "threads". DOS had "tasks". The Intel hardware has "task" structures, but the OS doesn't use them because it's faster for it to do it itself. (Recently, a user mode program called the "task scheduler" has appeared, but the kernel knows nothing of those tasks either, and besides, that's a completely different use of "task").

The CPU Usage and CPU Usage History displays do in fact measure CPU use! That is to say, they count all CPU use except that which is used in the system idle loop at non-interrupt level. It's thus a pretty good picture of how busy your system really is.

On multiprocessor systems, I think the total is given in terms of the power of one CPU (they're always identical CPUs). Thus a two-CPU system has "200%" available to it. You can if you like show one graph per CPU. If someone would care to send me a two-CPU system, I will verify these claims.

The usual green line gives the total CPU use. You can optionally add a red line showing the time spent in kernel mode; this is sometimes handy for problem isolation, or perhaps it just looks nicer. Use Show Kernel Times in the View menu.

The bottom status line repeats CPU use, commit charge, and process totals.

Feedback received on this FAQ entry:
  • This is excellent! I've always wondered about what's being measured, especially regarding memory. This is much better written than the online help for the Task Manager. Thank you very much for sharing.

    2013-11-13 16:04:59

by dave See Profile edited by MSeng See Profile
last modified: 2003-06-12 21:38:10

The processes tab in Task Manager has one row per process executing on the system, and a number of columns showing information about the process. You can configure which columns are displayed (View->Select Columns), and rearrange their order by dragging the column headers in the usual way. On XP, you can decide whether to show other user's processes or just your own.

The 'image name' is the name of the executable file used when the process was created; this name is popularly referred to as the name of the process, though it's not really. (Why 'image'? Because programmers used the word 'image' for 'memory image file' long before it was possible to put pictures on a computer without a defense-department-sized budget).

There are two exceptions to this, the System Idle Process (pid 0) and the System process (pid 4). These are wired into the kernel, and do not have corresponding image files. They don't have image names either, so various tools such as Task Manager make up names, so you might see different names in different tools.

The System Idle Process consumes all the CPU time that no-one else wants. If no other process is ready to run (on a particular CPU), the kernel will run the idle process.

The System process contains threads used by the OS kernel for 'background' functions. For example, the working set trimmer, which may reclaim physical memory from some processes, runs as a thread in the System process. The System process may also have threads used by some device drivers to do work outside the normal path of operation. (If the System process is using a huge amount of CPU for an extended time, it usually means some device driver is to blame).

Most of the columns of data are adequately explained by Task Manager's help, so I won't repeat the information here. The memory-related data, however, could probably use extra clarification.

The Mem Usage column shows the current working set size for the process, which is to say, the amount of physical memory the process is currently allocated. Three things need to be said here: firstly, this is only somewhat related to "how big the process is". The process is probably larger than that; the OS's job is to keep only those pages in physical memory that it is useful to have in physical memory. Secondly, the number can get smaller, if the OS decides to take some physical memory away from the process ('working set trimming'), which it will do if it has some other use for the memory. Lastly, you can't add up all the numbers and get the total used by all processes; some of the physical memory is shared by more than one process.

The VM Size column shows the number of Private Bytes of virtual memory owned by the process. As always, 'virtual memory' does not necessarily mean disk or RAM; it could be either, or neither.

by dave See Profile edited by Kramer See Profile
last modified: 2003-07-23 19:36:01

Brought to us by PC Mag.

When you use the Search option on the Start menu to find files containing specific text, the results may not include files of all types. In fact, if you haven't installed any service packs, quite a few file types will be omitted. Microsoft created this situation deliberately, to avoid having you find "irrelevant" files, but in the initial release of Windows XP the software company overdid the limitation. Updating with the latest service pack will allow Windows XP to search several dozen more file types.

The Search function relies on an internal filter to find words; file types that don't have a defined filter won't be searched. If you find that certain file types don't appear in the search results, you can try assigning the plain-text filter to those types. To do this, launch Regedit from the Start menu's Run dialog and navigate to the key HKEY_CLASSES_ROOT\.??? (where .??? is the extension you want searched). If you don't find a subkey named PersistentHandler, create one. Double-click on the value "(Default)" for that subkey and set its data to {5e941d80-bf96-11cd-b579-08002b30bfeb}. Repeat the procedure for any other file extensions you want included.

You can also change a setting in the Content Indexing Service to index all files. Select Search from the Start menu. Click on the Change preferences link, then on the With Indexing Service link. Scroll down to Change Indexing Service Settings (Advanced) and click on it (you don't have to turn on indexing).

Now select Customize from the View menu, check the Console tree box, and click on OK. Right-click on Indexing Service on Local Machine in the left-hand pane and click on Properties. On the Generation tab, check the box Index files with unknown extensions and click on OK. Close the Indexing Service console.

Note that both of these techniques require that you first update your system to the Windows XP Service Pack 1.

by acehyde See Profile edited by MSeng See Profile
last modified: 2004-03-13 11:48:18

You can obtain the SPCheck Tool from Microsoft.com

You can use the SPCheck tool to determine the service pack level of installed components on computers that are running either Windows NT Server 4.0, Windows 2000 Server, WIndows XP, or Windows Server 2003. The SPCheck tool generates a report that lists the origin of each file for each installed component.

SPCheck reports on the current service pack level of the following components.

Windows NT 4.0-Based Computers
DHCP Server
Remote Access Service (RAS)
Routing and Remote Access service
Simple Network Management Protocol (SNMP)
Internet Protocol (TCP/IP)
Exchange Server 5.5

Windows 2000-Based Computers
DHCP Server
Simple Network Management Protocol (SNMP)
Internet Protocol (TCP/IP)
Exchange Server 5.5
Internet Security and Acceleration (ISA) Server
SPCheck examines each component one file at a time. Because of this, SPCheck must run under a security context that is equivalent to the local administrator account. If SPCheck is not run in this security context, files may be reported as missing, even though they are installed on the computer. SPCheck searches for files by using the "PATH" environmental variable. If files are reported as missing (although they can be found on the target computer), ensure that the folder or folders which the component is installed in are included in the PATH environmental variable.

by Greg_Z See Profile edited by MSeng See Profile
last modified: 2004-10-15 09:45:56

Many people get confused between 'privileges' and 'permissions' in Windows NT/2000/XP.

In NT/2000/XP, a 'privilege' or 'right' is something you are allowed to do by virtue of who you are. Privileges have names like 'Load and Unload Device Drivers'. Privileges are assigned to particular user ids or to user groups. Assigning privileges to role-based groups is often more convenient, so (for example) the Load Drivers privilege is assigned to the Administrators group, which means that any member of Administrators can load drivers.

Privileges are assigned by the User Rights Assignment thingy in the Local Security Settings console, secpol.msc.

Privileges are independent of any particular object. You can 'Load (any) Drivers', not 'Load (specific) Driver FOO.SYS'.

In NT/2000/XP, 'permissions' are settings applied to system objects (such as files, directories, registry keys) that say who is allowed to do what to this object. Permissions are specified in the access control list (part of the security descriptor) for each such object.

Thus the access control list for some file might say:

Administrators : full control
Power Users : read
Dave : read + write

The ability to edit an access control list is of course a permission that is granted (or not) by that access control list. Given that access, the list can be edited to add or remove access permissions.

Entries in the access control list refer to either a user id or a group. It is often convenient to use role-based groups such as Administrators rather than indidivual user ids; this avoids the need to update every file in the system when (for example) you appoint a new member of Administrators.

Note that granting some user Joe 'full control' access to a file FOO.SYS does not allow Joe to load FOO.SYS as a driver. That requires 'load driver' privilege. The thing that is being protected is the running operating system and not the file FOO.SYS (FOO.SYS is the weapon that we're protecting the OS against).

More information --
Rights and Permissions
Working with Access Control Lists

by dave See Profile edited by MSeng See Profile
last modified: 2004-12-01 21:21:51

A: You might want to remove the Microsoft JVM, which Microsoft no longer supports, in favor of the more recent Sun Microsystems JVM. To remove the Microsoft JVM, perform the following steps:

From the Start menu, select Run.
Enter the command
RunDll32 advpack.dll,LaunchINFSection java.inf,UnInstall
to start the uninstall process
Click Yes to the confirmation, then select Reboot.

After the machine restarts, delete the following items:
the \%systemroot%\java folder
java.pnf from the \%systemroot%\inf folder
jview.exe and wjview.exe from the \%systemroot%\system32 folder
The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Java VM registry subkey
The HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AdvancedOptions\JAVA_VM registry subkey (to remove the Microsoft Internet Explorer (IE) options

Microsoft Java is now removed. You can download Sun's newer JVM for Windows at:
Download Java Software

Feedback received on this FAQ entry:
  • Dead link http://www.dslreports.com/faq/%3C%22http://java.com/en/download/index.jsp

    2008-07-14 16:48:47 (RWOTB See Profile)

by steve1a See Profile edited by Kramer See Profile
last modified: 2008-07-14 17:24:14

When Internet Explorer 7 is installed on Windows XP, ctfmon.exe runs in the background without purpose, and when the Run entry for ctfmon.exe is deleted it will reappear. Ctfmon.exe activates the Alternative User Input Text Input Processor (TIP) and the Language Bar (for input of other languages such as East Asian).

To permanently stop ctfmon.exe from running:

1. Open Regional and Language Options from the Control Panel.

2. In the Languages tab, click Details... for Text services and input languages.

3. In the Advanced tab, place a check in Turn off advanced text services, and Apply.

by redxii See Profile edited by MSeng See Profile
last modified: 2007-10-14 17:52:47