Jump to content


  • Posts

  • Joined

  • Last visited

  • Donations


Everything posted by cluberti

  1. Define "OK"? If by you mean is anything going to break, the answer is "you have to test". Some apps don't play nice when they're running modified under EMET, but you don't know until you test.
  2. It is worth noting that the paging file can be used to store memory pages, but pages stored in the paging file cannot be actively used (thus any memory page access to a page that has been moved from RAM to the paging file must be paged back in and then used). If you have constant paging file access, then you have a program that is causing the paging activity (the memory manager wouldn't be paging things out on it's own with that much RAM free, if that really is the case). When does this happen, how are you determining it's paging file activity (and not simply disk I/O), and when did this behavior start?
  3. As someone who knows a bit about Windows Internals and how IE works on Windows (and IE internals), you should trust me that no, it doesn't. However, it's your machine, and you should do with it what you will - just know that no, it doesn't actually make the system more secure to remove IE.
  4. Well, that wasn't necessarily the best thing to do. Not sure what that buys you other than a feeling you made the box more secure (but didn't).
  5. Indeed it can, although without the cbs log it's hard to tell which.
  6. If you have two connections to the SAME major network and both have a gateway, Windows will indeed have issues with routing (and modifying binding via program adds an additional layer of complexity that furthers Windows being unaware of what you're doing). Windows isn't designed to route multiple network interfaces to the same major network - if you want internet access to work on one segment and not on another, you need to make sure only that interface has a default gateway set (although that will mean anything that needs to find a route outside the networks directly available will use the interface with the gateway set). There's a bit more to it than this, but that's the "in a nutshell" version - if you have two network interfaces to the same network, and both have gateways, Windows will eventually get confused. Only one interface can have a gateway, or you're going to need to set static routes for everything you want going over each interface - otherwise, you're going to have routing issues.
  7. That error seems to indicate the publisher certificate is invalid - which would lead me to believe the package has been "manipulated" by whomever posted those "alternate" links. The Windows Catalog site requires an ActiveX control to work, hence it requires IE. Since you have Windows, you should have IE, and should be able to visit that site in IE, download/install the control, and get the hotfix.
  8. Also, be aware that even if someone were to hack your network (anything's possible), all NTLM auth over SMB is hashed and encrypted (assuming you're not using Kerberos, which is slightly different - most NAS devices use NTLM). It's also not uncrackable, but it is another layer of security. Obviously NTLMv2 with SMB signing is more secure than without, or NTLMv1, but some is better than none.
  9. The project has been around sine 1998 in various forms, and given the hobby nature of development I wouldn't expect it to do much more than boot. If any of the items on the following list (fairly extensive) are important to you or apps you may want to run, I'd recommend just sticking with Windows instead: http://www.reactos.org/wiki/Missing_ReactOS_Functionality
  10. Depends - when you imported your Vista image, was it x86 or x64, and was it a captured image (one you created and re-captured to a WIM) or was it install.wim off of the original DVD or ISO? Also, did you bring that image in as a custom image, or as a full set of source files? The last question is, were you booting with an x86 or x64 boot.wim into MDT?
  11. If you're in the "My Settings" page of your account, there's a "Profile" option that contains the "Change Signature" option.
  12. Actually, both - I've seen updates that will stage correctly offline, but won't install online due to many issues. So yes, please check where they were integrated, but also check the cbs.log file on the deployed PC as well to see if anything happened there of interest as well.
  13. Unfortunately, user names can only contain the characters a-z, A-Z, and 0-9. Special characters (like an exclamation point) aren't allowed by the forum software.
  14. No offense, but why does it matter? Besides, it keeps us relevant as a viable alternative for discussion and help .
  15. Are the files that shipped with the updates still older versions on disk after you've installed Windows 8? For example, 2727528 updates synceng.dll to either .16432 (GDR) or .20533 (LDR) - what version is on disk after you install Windows 8 at that point? If it's older, you might want to check the cbs.log to see why those updates didn't apply during staging.
  16. If you're prestaging the files for the install locally on the disk, you could always use setupcomplete.cmd to install. I'd always prefer tools like MDT for creating installations, but if you just want a quick and easy way, you can always prestage the files on the hard disk of the image (so it's IN the WIM file) and run it from there - otherwise, if the USB key is attached, use setupcomplete.cmd to loop through drives until it finds the setup file and run it that way.
  17. Good luck - if you run into anything, post back in a new thread and we'll do our best to help. Thankfully MDT is pretty straight-forward for creating installation task sequences - add an OS, add apps, add packages (hotfixes, language packs, etc), create a Task sequence to install a client or server, and that's about it.
  18. Joscon is specifically speaking about Service Pack integration, which indeed must be done online and resealed (aka reverse integration). Given you can legally download a Windows 7 ISO with the latest Service Pack integrated, there's no viable reason I can think of to still be doing such a thing. After that, all other hotfixes should indeed be integrated offline using tools like MDT or SCCM (which is how Microsoft does it). Again, there are other tools, but those are the ones from Microsoft.
  19. I read the PDF, and I don't see this as circumventing activation in a malicious way or with any malicious intent. While it's a bit of a gray area, I don't feel like this violates the rules (and if you did use it to do so, validation would fail within a window of time anyway if a lot of installations decided they all had the same activations, making those installations broken). For what it's worth, preferring online updates (which are larger, need to be staged, and take longer to install) would not necessarily the best, easiest, or even wisest way to do this, but yes, it should work. It would be wiser to use a tool designed to handle this (there are many, including official Microsoft tools and others such as ones that exist here), install the updates offline during the initial setup pass, and the resulting installation would have a smaller disk footprint and setup and capture faster, but this would work if you were in a real pinch.
  20. Microsoft offers 5 years of security fixes for products that have discontinued MAINSTREAM support - Microsoft calls this the "extended support" phase. Windows XP exited the mainstream support phase in 2009, and will exit the "extended support" phase in April of 2014. After that, there are no more patches of any kind, at all.

  • Create New...