jaclaz

Yep , that's surely the case, maybe you can "Procmon" Everest's accesses to the Registry and see where it looks for info (maybe it decodes a binary key or maybe it doesn't get them from Registry but this latter would be also "strange"). jaclaz

Duffy will love this one Attack of the Zombie Drones ( ) http://www.businessweek.com/articles/2012-07-09/attack-of-the-zombie-drones#r=lr-fst jaclaz

OT , but not much, let's see who knows what this graph represents (without checking the Spoiler or reading the link): jaclaz

Yep, it was only the first reference I found for the 5.0 vs. 5.1, but I wasn't clear enough. In the: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ CurrentVersion value should be 5.1 on XP and 5.0 for 2K. The result of Everest could be that: Microsoft Windows 2000 Professional 5.0.2600 (WinXP Retail) Microsoft Windows 2000 Professional is "reversed" from 5.0 in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CurrentVersion .2600 is taken from HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\CurrentBuildNumber (WinXP Retail) is "reversed" from the key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProductId It does NOT exist a 5.0.2600 version of *anything*. jaclaz

It could be some other string/ID/number/whatever that is "reveresed" to "Windows 2000". Can you check with some other tools (maybe this way it can be understood the source of the issue ): What does winver command return? And WMI? And this? http://www.codeproject.com/Articles/1238/Windows-Version-Numbers If *somewhere* a "5.1" is written as "5.0" that could be the cause. jaclaz

It's really queer though you'll have to admit that there is some truth in: Microsoft Windows 2000 Professional 5.0.2600 (WinXP Retail) Seriously, check the version - related data in the Registry, they are under: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion jaclaz

At least myself, personally I do need it. There are a few reasons for this, if you are interested I can explain them. Now if the point was about re-posting if the last post on a thread is your own (as opposed to editing last post) being not part of common netiquette, that may be a good topic to discuss IMHO. Who knows? , the stupidometer is managed by MS through Forrester Research and other respectable firms, but they release only partial and "aggregated" data. jaclaz

Check the other old thread: jaclaz

I thought that split setup was not supported on 8 http://technet.microsoft.com/en-us/library/hh825096.aspx jaclaz

I would add that a PS/2 IBM model M, which is otherwise a nice thing to have , won't help . jaclaz

As if we had not enough apps that worked alright for years and then - because they "phone home" - started to stop working because the Author (or Software House) changed business/closed the site/whatever. Imagine all the proprietors of SAAB's having their car stop going because the manufacturer went default: http://www.autoindustryinsider.com/?p=2004 And if it continues like this it is not completely unlikely that the good MS guys will close operations of a "line", or "department" or of the whole thing. Imagine that the new CEO (when Ballmer will be replaced) will decide that MS needs to concentrate on it's "core business" (and let's say that it will close or sell the Phone and Games sections) what will happen? Going "live" and "on the cloud" might be the third best thing after ice cream and sliced bread, but definitely it is THE LEAST "future proof" (I tend to believe that "future proof" means "lasting in working conditions"). But let's make a much more practical and common enough example. Imagine that you are a gamer and an internet user. Your phone line gets cut on friday at 17:00 PM (struck by lightning ). Your telephonce company/ISP provider contact guarantees you a intervention within 72 hours. You are left saturday and sunday with no email, no internets, no youtube (yes you live in a place not covered by cellular network or you have alredy used your monthly Gb allotment) You decide to play a few games on your console.... What will you do first thing Monday? Go and buy a good console that needs NO §@ç#ing phoning home Go and buy a good console that needs NO §@ç#ing phoning home AND tell everyone how much the MS thingy sucks Go and buy a good console that needs NO §@ç#ing phoning home AND tell everyone how much the MS thingy sucks AND sell the old one and it's games (hey, wait, you CANNOT do that! you can only tell everyone how it sucks ADDITIONALLY) Please choose one . jaclaz

What they are looking for looks VERY similar to this: http://www.w3.org/History/19921103-hypertext/hypertext/WWW/TheProject.html (which is the 1992 version) And this is the 1991 version (that Jones has preserved on ibiblio): http://first-website.web.cern.ch/blog/1991-web-page-found-password-lost http://www.ibiblio.org/pjones/old.page.html jaclaz

Just for the record, and to clarify, jaclaz never actually proposed a flash drive, he provided two possibilities: using grub4dos to boot a floppy image (without specifying where the grub4dos and the floppy image should reside, it could well be the hard disk - and as well a flash drive, a second hard disk a ZIP or a CF card) using alternatively an El-Torito emulation bootable CD The whole point is/was that a floppy image loaded by grub4dos or by the BIOS El-torito emulation for the CD is to all effects and "from DOS" a floppy, and suitable to flash a BIOS. jaclaz

Ah well, then a lot of people have used them vainly all these years. What about defragging it? I would say that that depends on the storage subsystem, I had the impression that the time needed to load a file from disk was dependent on it's size and on the speed of data transfer the actual device/bus can provide. jaclaz

ALL of them? What is the alternative, cleaning a Registry by hand? Old related threads: http://www.msfn.org/board//index.php?act=ST&f=19&t=111078 http://www.msfn.org/board//index.php?act=ST&f=19&t=68677 jaclaz

Well for the record - and to be more exact, the sense of the board is to exchange idea, info and help each other , WHILST the scope of this particular thread is ONLY about solving the BSY and/or LBA error on 7200.11 drives and NOT "I botched my drive with a wrong firmware, please help?" and NOT "I have different firmware upgrades and I cannot understand why?". This part has been hopefully, but evidently vainly, expressed in the READ ME FIRST (the thing noone reads first ): jaclaz

Not really , on a board, UNLIKE what you normally use, there are QUOTE tags that EVERYONE uses to quote someone else, and double quotes are used to mean " between quotes" (either single or double). Question , when you make gesture "between quotes" do you use just your index (or middle ) finger or both of them? http://en.wikipedia.org/wiki/Air_quotes Now, if you would be so kind to learn how to use the board software properly and along the conventions everyone else uses, I am sure your posts would be much more readable . jaclaz

I wonder HOW you can know that. and how you know this: jaclaz

Sure , I also don't think that there will be one, but you will have to concur that the label in the picture of the thread here is "confusing": http://forum.hddguru.com/viewtopic.php?f=1&t=25629 Model: ST1000LM024 <- anything beginning ST should mean "Seagate Technology" HDD p/n: HN-M101MBB/AVN <- this is a Samsung model On the left: Samsung Spinpoint On the right: Momentus ® <- name traditionally connected with Seagate families of drives Below: Hard Disk drive Rated: DC +5V 0.85 A Seagate Technology LLC Further below: HDD Mfg by Seagate Technology LLC And below again: KCC-REM-STX-Momentus-B Without quite a bit of patience and research it seems like a mad typographer prepared the label. And if you find the datasheet it makes nothing to clear the matter: http://www.seagate.com/files/staticfiles/support/docs/samsung-ds/100698122c.pdf they still seem like two distinct models... But yes I think they are little by little completely removing anything with "Samsung" from their products labeling and datasheets. About RAID, you should normally do raids with SCSI disks (or with SAS ones). (and yes that means $$$$ ) For a good RAID setup, it is logical to have "intelligent" controllers and "dumb" (but fastish and reliable) disks. If you have a bunch of "intelligent" disks, they may *somehow* fight with the controller (and often they do that). jaclaz

Two modems won't normally work without a telephone line, but it is possible to "fake" one . There are a couple related threads here: jaclaz

Define "decent". However : http://www.forensicfocus.com/Forums/viewtopic/t=10557/ In theory they all work alright . Please check attentively the signature I have on Forensic Focus . jaclaz

Yep , and with the motherboards where the chip is soldered is evidently a much more complex thing to do. BTW it of course depends, but it seems like the "boot-block" (in those chips that do have it) is the same (i.e. it is not "model specific") which can enlarge the choice of possible candidate "donours". jaclaz

I have never done this, but in case I do, how do you fix something like this? You miss this reference : jaclaz

Not really, as a matter of fact you have it right : a WinFE ("sterile forensics PE") or Linux Live Forensic distro ("sterile forensics Linux") can still have (as an example) direct access to a hard disk (and both R/W) so you can use them to dig big holes in your filesystems alright, and you would find NO TRACES of what made those "holes" as much as you won't find any bacteria in your real life case. It's the OS (and it's mechanisms) that do not write to the filesystem or to the device (because it is not mounted and/or offline). Imagine to use DOS (booted from a floppy) on a PC with a single partition formatted as NTFS (and without having any third party tool capable of reading NTFS in the DOS floppy). Such a floppy won't do any changes to the hard disk (because DOS is a good, simple, non-multitasking OS without a few tens of mostly unuseful services or daemons runnning in the background, largely undocumented and doing *anything* by their free will ) but also it won't do any changes to the NTFS filesystem/partition, because additionally it doesn't know anything about that filesystem AND it has been designed to consider a (not so casually called properly "protective") partition ID in the MBR as "non plus ultra" or "hic sunt leones". Still, you can use (say) DEBUG to write to the disk alright or use FDISK to remove the "HPFS/NTFS partition". Now imagine the other way round, you draw from the scrapyard an old (DOS only) 386 machine, and it's hard disk that never "saw" a NT based OS. As soon as the hard disk is connected to a new machine running *any* Nt based OS or PE, a disk signature will be written to the MBR. Though this is not a real issue for "substantial" forensics (it is only four bytes, it is not like it creates out of thin air a compromising chat message or a an illegal picture ) it is enough to invalidate the MD5 (or other hash) of the whole disk, enough for a clever lawyer to raise an issue about the managing of the evidence. As soon as the filesystem is mounted, Windows may decide to create new artifacts in the filesystem, or change file access date, theoretically allowing to overwrite some potentially accusing or exculpatory data, this is not acceptable even in "substantial" forensics. No actual surprise that many digital forensic professionals prefer to ONLY use write blockers to connect hard disks for imaging (though even write blockers have been, at least in one occasion, found to be not write blocking properly). jaclaz

Sure, I guess that there are some misunderstandings. As I see it: The OP wrote: Both PROBLEMCHYLD and myself provided possible alternatives to a "real" floppy drive. Nothing more, nothing less. buyerninety raised some doubts on the suggestion I provided and I tried to tell him how his doubts were IMHO not justified/backed up, then he insisted with his doubts and I tried again to explain in more detail why IMHO they were not really an issue. submix8c (who is still shocked by the nice doorholders he made out of a couple of his Dells ) provided some further ranting about updating BIOS under Windows (that was never discussed/mentioned/implied before). Everything seems to me cool enough B) , only some OT has sprung by magic out of the blue (it happens all the time, nothing to worry about ). jaclaz