jaclaz

Read here: http://www.robvanderwoude.com/ntfor.php http://www.robvanderwoude.com/ntfortokens.php jaclaz

Maybe it had not enough time, it may well have a "list of priorities" and only infect a few files per session, for all we know. jaclaz

You cannot say. MRU is in Registry. NTFS normally updates last accessed time in the filesystem. Use this - in case you feel dangerously exposed : http://www.nirsoft.net/utils/clean_after_me.html jaclaz

Not a wise decision , if I may, you were lucky they didn't actually manage to ruin the thingy for real , according to the "standard" with which they are reported to operate usually. jaclaz

Not exactly useful, but thanks anyway. You want to test the restrictions? AFAIK there are none, but PMing Peter (psc) and ask him directly, or better post in the related thread: http://www.boot-land.net/forums/index.php?showtopic=9658 won't make any harm. If you want to copy/use/modify/extract info/peruse anything from the small batches or .inf, you are of course welcome. jaclaz

Well, that's ANOTHER thing. At least as I see it: RC=Recovery Console=2K/XP/2003 based - started by SETUPLDR.BIN RE=Recovery Environment=Vista/2008/7 based - started by BOOTMGR/whatever I am talking of the first, the second can be used as .iso/WIM booting, but not at all my field. Personally if I were to touch Vista or 7, I would try using something "better" than "pure" RE: http://www.boot-land.net/forums/index.php?showtopic=5917 jaclaz

English is such a difficult language, but I wonder which is the difficult part: Example: You ran: You can see that you DID NOT specify ANYTHING on command line, exception made for the script name. Command lines like these: contain the MINIMUM, REQUIRED parameter (the Source). A sommand line like this: has, besides the minimum, required source the option to use INSTEAD of the DEFAULT bootsector file "bootsect.bin" a custom one, named "myboot.bin". jaclaz

I usually have several of them. Point is which one (if any) would be useful for your problem. First thing I would do if I were you, would be to check (and disable) auto-reboot: http://www.theeldergeek.com/auto_reboot_on_system_crash.htm This way you should get a nice BSOD, which my crystal ball appears like identifying in a 0x0000007b, but we need to make sure of it's id. Then, you should forget the ngine.de guide (not that it isn't good, but it's a bit outdated) and use a newer approach: http://www.boot-land.net/forums/index.php?showtopic=9830 jaclaz

Sure, but the .iso MUST be a RAMDISK one, unless the scope is that of having a nice BSOD (a 0x0000007b if you want to know which one). The problem is NOT in the initial boot stage, it is in the second part, when the "protected mode" kicks in. If the MS RAMDISK booting is used, OK. If firadisk or winvblock are used to hook the image loaded in RAM by grub4dos, OK. If diskless angel or some similar NT driver is used, OK. I am not aware of any different method, not using a specific driver, you really should be reading the already given links: http://www.boot-land.net/forums/index.php?showtopic=8944 http://www.boot-land.net/forums/index.php?showtopic=4952 jaclaz

Is this a rethorical question/doubt or you want to know how to make a RC .iso? If the latter, here: http://www.boot-land.net/forums/index.php?showtopic=2254 http://tips.vlaurie.com/2006/05/recovery-console-for-those-without-an-xp-disk/ More info on RC booting as .img or .iso: http://www.boot-land.net/forums/index.php?showtopic=5316 jaclaz

It would be a very good finding, even small pieces are important to put the puzzle together. jaclaz

If you are getting ANSI characters it's working. If you are getting GARBAGE characters (let alone if ANSI or ASCII ) it is NOT . Usually the problem is missing, or ineffective GROUNDing. Do a loopback test first, just to make sure the converter is working, then check that grounding the HD to BOTH the converter AND the power supply is effective. jaclaz

Is this a joke or what? HOW do you run it? By double clicking on it? It is a BATCH file! You need to open a command prompt and "run" it specifying the options (if needed) and AT LEAST the Windows_source_directory. The defaults are: rem some defaults set boot_sector_file=bootsect.bin set IsoFile=%~dp0XP.iso set SourceDir= set mkisofs_option= and, obviously you will need the external exe's: rem used external applications rem mkisofs.exe : http://cdrecord.berlios.de http://www.student.tugraz.at/thomas.plank/ rem dd.exe : http://www.chrysocome.net/dd rem gsar.exe : http://home.online.no/~tjaberg jaclaz

It is possible that you are falling/have fallen in this problem: http://www.boot-land.net/forums/index.php?showtopic=9897&hl= or anyway something closely related to it. jaclaz

The link is working for me, and memdisk is NOT used. We are talking about RAMDISK booting, not "memdisk". jaclaz

And the answer is ...... .....yes and no. grub4dos and syslinux are generally developed "in parallel", though the developer teams are different, as soon as one of the two gets to make a new feature work, the other one adds it and viceversa. When it comes to choosing it is more a matter of personal experience and "feeling" than anything else, but also remember that they are pretty much exchangeable, as grub4dos can generally chainload Syslinux and Syslinux can load grub4dos. I personally prefer grub4dos because of it's command line capabilities and the fact that the same loader works on all media, others prefer Isolinux/Syslinux: http://www.boot-land.net/forums/index.php?showtopic=8546 Where to find info about both: http://www.boot-land.net/forums/index.php?showforum=66 http://www.boot-land.net/forums/index.php?showforum=92 jaclaz

There are FOUR wires connected to the interface. Put aside the disk for the moment. Connect POWER to the interface, which means that you have to connect the wires 3.3/5V and Ground to a +3.3V/0 power supply (or battery). Connect the two other cables together (Tx and Rx). You are doing a loopback test, which is meant to verify that the interface is working, read here: http://www.msfn.org/board/index.php?showtopic=128807&st=384 http://www.msfn.org/board/index.php?showtopic=128807&st=1194 jaclaz

And additionally, are you using Server2003 SP1 files or any of the other Ramdisk methods or are you trying to boot the .iso "directly"? Please take your time reading these two seemingly unrelated threads (AND links in them): http://www.boot-land.net/forums/index.php?showtopic=8944 http://www.boot-land.net/forums/index.php?showtopic=4952 if the answer to the above question is "Why, what is a RAMDISK?" jaclaz

In my personal opinion you should UNinstall ALL Norton Antivirus versions, old and new, from ANY system around. There are a few thread about software that still work on 98, here: http://www.msfn.org/board/index.php?showtopic=105936 http://www.msfn.org/board/index.php?showtopic=105936&st=390 http://www.msfn.org/board/index.php?showtopic=137928 there may be others. jaclaz

Well, you should complain to MS if your legit VLK key has been blacklisted. What do you mean you bought a new retail key? Isn't this what you are asking? OLD: http://support.microsoft.com/kb/328874/en-us NEW: http://www.microsoft.com/genuine/selfhelp/XPPkuinst.aspx?displaylang=en jaclaz

Sure it is. The makers of the Board software expressly made their parser for posted URL's in such a way as to break them at commas, in order to prevent users from reading pages like: hxxp://news.cnet.com/Security-firms-on-police-spyware,-in-their-own-words/2100-7348_3-6196990.html (or maybe it was FBI or NSA forcing CNET to use these malformed URLs? ) Let's see if they got to TinyUrl too: http://tinyurl.com/cnc3d3 Good , they missed it. jaclaz

I guess you are missing the point I was trying to make. Hiding a partition by means of changing it's partition ID in the MBR (or EPBR's) is ONLY a convention to prevent "good behaving" apps and OS's to access that partition. As long as the partition data is there, a program under ANY OS may be able to read that info and consequently "operate" on the hidden partition. In other words a hidden partition is only hidden to you and to the running OS and to programs that respect this "convention". I showed you an example for NT, but you can do EXACTLY the same under DOS/9x or Linux or whatever, in other words, if the data is there, it can be read (and used for whatever good or malicious scope). If you want to make a partition really "hidden" you need to remove the data identifying it, not simply changing it's ID. Think of it about the difference between having a reserved document in plain view on your desktop with a nice yellow post-it on it "Please don't read or take this" vs. keeping it in your safebox. jaclaz

What do you mean "before MS took it over"? Some research was done at the time of this project (now abandoned): http://www.boot-land.net/forums/index.php?showtopic=5308&hl= jaclaz

jaclaz

Maybe I see. The first screenshot shows that the disk is detected as being 202.09 Gb in size. The second screenshot shows that the disk is detected as being 149.05 Gb in size. I presume you are saying that your disk is actually 149.05 Gb, right? Under which OS is the drive detected as being 202.09? Just Win2K or also other ones? Under which OS is the drive detected as being 145.05? Just Win7 or also other ones? Can you run beeblebrox: http://web.archive.org/web/20080423005903/http://students.cs.byu.edu/~codyb/ And post screenshots of: the MBR data the data in each EPBR's (just to make sure that the "base" data is correct, in which case the problem is somewhere in the Registry of the OS('s) that show the "false" disk size) jaclaz