cluberti

First, stop using nLite - it's for personal use only. Any other usage is a violation of the EULA. Next, what bluescreen is the Vostro giving specifically? Is it a 0x7B?

Well, there are packages out there that can do this sort of thing if you have clueless users who can't seem to use the event viewer . Most of them are not host-based, however, they're server based and generate reports. The best non-Microsoft tool I've found is this, but it monitors network logon info. If you're looking for "who's using my computer!"-type info, there are other tools out there like this or this, but I can't speak to the veracity of any of these. I've always used MOM/SCOM reporting/rollup and auditing, which generates reports based on gathered data.

Use dism.

Are all of the machines using the same GUID for their NIC? Also, are you using a database for storing MDT settings?

Hmmm - very odd. When you go into system properties, on the Advanced tab, click the "Settings" button in the Startup And Recovery section - uncheck "Automatically restart", and reboot. See if it creates a .dmp file (the BSOD should say "writing physical memory to disk" and count to 100 if it's working). Want to make sure your machine isn't rebooting prematurely (you'll have to physically power off and back on once it completes writing the file to disk at the BSOD, of course).

Micro$oft, Window$, App£€, Ma¢O$ X, Googl€, etc. It gets old.

SCCM?

You have to make sure your paging file is on the same drive letter as the Windows folder, it must be min and max RAM+64MB (at least), and once that's configured you have to reboot before it'll work. Did you do all that? It's the only reason I can think of why it wouldn't have put memory.dmp into \Windows\.

Hiren's is warez for pretty much everyone unless you have the most comprehensive (legally obtained) library of old software, and the files from the Ghost solution suite being redistributed outside of Ghost are also warez. Paragon is also non-free software, requiring someone to have a license for that as well for this to work (you create it from the software, not download it from the internet). Why is it some people don't read the forum rules before posting??? Anyway, bye. We won't miss you. [banned].

Microsoft updates storport about every 3 - 6 months - assuming your driver vendor isn't that behind on the times, you should try again.

What's wrong with the Event Viewer auditing for the local machine or domain? That plus a monitoring solution like SCOM (assuming this is a domain environment) works well. What specifically are you looking for above and beyond something like this? That info might help us better help you.

Either that, or configure the entire system for a full memory dump, reboot, then get it into a position where it's really, really slow again and crash the box with (right)CTRL+SCROLL+SCROLL on the keyboard (assuming you've got a PS/2 keyboard attached, or this is a laptop, for this to work). The resulting .dmp file is likely to shed light on what's happening.

Hmmm - are you seeing issues only on this machine with that drive (for example)? Usually a Windows problem happens only with explorer, but if it's happening with something like TeraCopy it's either filter drivers (antivirus, firewall, etc) or hardware issues.

I'll pay more attention, but I've never seen that - in fact, I see the reverse quite regularly (it'll still show the same number of new items after I've viewed them all, closed Chrome, and come back ). I'll keep a closer eye on it.

The only other thing you might try is to procmon trying to delete the printer to see if something's got locks on files or reg keys, for instance.

Either that or get an application crash dump of explorer.exe when it crashes, and post the .dmp file somewhere we can get to it.

So using something like Fastcopy (rather than explorer) gives you the same results?

Not sure, honestly. A Procmon might tell you more, but I think the metadata is part of the SMB2 lookup (it's in the filestream that's being copied).

It wasn't a default key, that's for sure. I've fixed and re-uploaded the .xml.

What security zone is it opening in on the web server? The CD-ROM will be opening the links in the My Computer zone, which is actually more restrictive than the Local Intranet zone (which is likely where they're opening on the web server). Also, IE behaves in specific ways when files are on a local hard disk versus removable media like a CD-ROM when in the LC zone, especially if the page doesn't have a MOTW.

Usually when a system won't even post (but fans spin up), I've always found it's one of 3 things: one, the CPU itself, two, the seating of the RAM, or three, you probably don't have enough juice going to the system from the PSU to power it up.

ERROR_EXE_MARKED_INVALID winerror.h # The operating system cannot run %1. I notice that the delays are a specific set of files:SQLEXPR_X64_FRA.EXE - 11 seconds SQLManagementStudio_x64_FRA.exe - 9 seconds 1-05 Horse Power.m4a (this one causes an auth request/handshake, a tree disconnect, and then a reconnect and re-auth for some reason) - 114 seconds 1-09 Don't Think (Bonus Track).m4a - 36 seconds It looks like all 4 files have metadata, which could be the problem - however, I noticed at the end there were SMB2_FILE_NETWORK_OPEN_INFO requests, once the files appeared to have been written. At this point, I'm not entirely certain it's a network issue. You might want to watch this happening on the system that's accepting the files with procmon to see what's happening at the filesystem level. I'm wondering if it's unable to parse the metadata to see if the files are "safe" or not, perhaps? This is a little odd.

If you found the location inside the OS, then it was probably in the Turn Windows Features On and Off applet under Programs and Features in the Control Panel: This doesn't actually *uninstall* Windows Media Player, it just removes it's entry points and file handlers from the registry. If you were to re-enable this, you should get it back as it was before you removed it. Not legally, no.

Well, the *lite* version of Win2K8 would have been illegal warez (Microsoft doesn't distribute any *lite* versions other than Server Core, which isn't what you downloaded given your description). However, since the discussion is for emulating this (rather than discussion of the warez distribution itself), I'm going to let this continue. Just be aware of the forum rules going forward, and thank you.

I think short of booting to a WinPE CD and backing up your files and reinstalling, you pretty much have no more options.