rikgale

Testing now. Will post back in about 20mins EDIT: Tried what you said and that failed to. This is odd. I can't see why it would not work. It runs fine when I double click on it in Windows but fails to run when called from a .cmd file

Ok, no worries Martin, just an idea Good luck with it all next week and I look forward to testing the new code.

Hey Guys @Moon, here is my RunOnceEx.cmd and RunOnceEx.exe, (if you decompile there is no password at the moment, I'm gonna set one once it's all working) I think that it is pretty standard. Cheers for pointing me at greenmachines guide. I am trying a few things at the moment, but I am not overly optimistic. The RunOnceEx.exe runs ok once I have logged into Windows for the 1st time and I run it manually (i.e. after it has failed to run at t-12 and windows has carried on to t-0 and logged me in). Nope still not working, tried storing RunOnceEx.exe in $OEM$\Setup and then using ".\Setup\RunOnceEx.exe", where cmdlines.txt is in $OEM$. @Martin, if you want you could figure away of intergrating your $$Rename scripts that you mentioned eariler, so that ppl don't have to worry about 8.3 naming. Thanx Guys EDIT: @Moon. I tried calling RunOnceEx.exe from install.cmd, and got a little further in that when install.cmd called RunOnceEx.exe I got a cmd window open titled RunOnceEx.exe that just had E:\$OEM$> and a flashing curser, that all it seemed to do. Nothing was installed and the 1st log on. Any ideas? RunOnceEx.cmd RunOnceEx.zip

Thanx MOON, only just saw this post. It never really crossed my mind that you mite be able to protect the .cmd files as .exe. That's why I'd never really thought about the security implications of it. Now it has been pointed out, then best efforts shall be made to reduce this inherent weakness. Edit I've used QBFC to make my RunOnceEx.cmd into and .exe but I can't get it to be executed by Cmdlines.txt. I tried the syntax you suggested ".\RunOnceEx.EXE" and I tried "RunOnceEx.EXE" and neither seemed to work. Am I missing something? Any help gratefully recieved.

Please post back as to how you get on. We're all interested as to how it went.

It works, and I like it. However as you said it is probably best on a slower machine cuz on mine it's a bit of a blur. I'll be incorporating this in my next UA build Cheers Rik

I am oft humbled by your 'dirty' key strokes. Hopefully we'll stur some more interest and ppl might wish to follow development. The initial idea of using the MAC address sparked my interest until it died out and this started up, once I'd noticed it. Glad you like the guide, if you can think of any improvements let me know and I'll see about moddin' the guide. D'oh. That didn't cross my mind. I'll def. look into that. As for your last paragraph, I feel a little confused, but I'll tackle that once I am happy about using Quick Batch File Compiler (QBFC) EDIT: Moon, did you get my PM, what ya think? EDIT2: I like QBFC, nice idea, i'll try it out in my next build EDIT3: Shame it changes a 60byte .cmd file into a 146Kb .exe, thats quite a size increase. I was gonna try making something spiffy and adding it to the guide but I'm out of space and there is no way I am creating another post just to have a fancy .cmd file. Ppl can use the standard boring .cmd file. It does the same thing. EDIT4: Made a few changes to the guide as per latest PM, MOON.

Hardware ID's for ASUS P4P800E-Delux HTH Rik hwids.txt

MOON (I'm gonna carry on this converstaion here and not in the other post to save it getting cluttered, ok?) What's the idea behind using Quick Batch File Compiler, surely if all the .cmds are in the passworded zip then you've nothing 2 worry about or are you after another layer of protection. I'm a tad confused as to the point of this. The only changes to the code I made where changing ProtectUA.zip to Protect.zip in ProtectUA.vbs Rik EDIT: Moved from other post: Interested in the script (Rename$$ script you talked about), maybe it could be incrop in the code so that the user runs it once and it places it in the correct place etc. EDIT2: Martin feel free to edit the top post if you wish, but note any changes in the Changelog at the bottom so I can keep a track of things. I'll try to maintain the guide as best I can as it as it has had a goodly number of views already

I'll edit 1st post to say that it must be encrypeted. Also I'll dig out the .cmd I use for encryption and add that to 1st post

Thanx Martin Few quick questions/requests. When you are adding in the 2nd CD protection, are you going to allow for the fact that most ppl don't have a 2nd CD and therefore have the code dectet this and revert to the current 1CD method? And the request, can the msg in the msgbox be customisable? I look forward to trying out your new code

Nice but remember it will come with and el-cheapo PSU, which you ideally need to aviod like the plague EDIT: beaten to it!

DP M | AMD IDE drivers (Just a reminder, although looking back at the post I see that you have (or someone has downloaded the drivers I posted))

Yes this is a summary, I have edited the post to state this. Indeed the original post is now moving away from security having completed what it set out to do. A few additions I would like to see are: 1) the inclusion of a box that pops up to tell the user that they have installed that copy of UAXP on a machine for which it was not intended. Actually that's the only thing

If you've formatted as well as installed the chances are that this file have been over written with the new data that you've added onto the drive. You mite be able to get them back if you were to send the drive away to an expert data recovery specialist but that woul be an very expensive option.

I've had one (a 120Gb drive) for four years running pretty much 24/7 and it's fine.

Done the 1-2-3 guide. Go here. Hope you like it Rik

This will hopefully be the ulitimate 1-2-3 type guide for protecting your copy of UACD. This guide is based on (a summary as it were) this post. This process works, but can cause damage to your current install if mis-used. So you have been warned. let us begin: 1) Download the attachment at the end of this post. 2) Extract contents to a temp folder. 3) Move PKUnzip into $OEM$\$1 dir 4) Move ProtectUA.cmd and Protect.vbs into $OEM$\$$\system32 5) Run Analyze.vbs from the desktop to get the BIOS ID code of your machine 6) Edit ProtectUA.vbs (DON'T RUN IT) Place the code that is shown into the Dim arrayAllowedHosts(1) arrayAllowedHosts(0) = "xxxxxxxxxxxxxxxxxxxx" arrayAllowedHosts(1) = "xxxxxxxxxxxxxxxxxxxx" section of the code as shown above. Copy it exactely! 7) Repeat steps 5 and 6 for every computer you wish to use the UACD on. If you wish to use this on more than two computers then the above code can be added to by simply adding more arrayAllowedHosts, like so Dim arrayAllowedHosts(2) arrayAllowedHosts(0) = "xxxxxxxxxxxxxxxxxxxx" arrayAllowedHosts(1) = "xxxxxxxxxxxxxxxxxxxx" arrayAllowedHosts(2) = "xxxxxxxxxxxxxxxxxxxx" Remember that all arrays start at 0, so Dim arrayAllowedHosts(3), will allow you 4 arrayAllowedHosts. 8) In $OEM$\$1 create a zip file called Protect.zip. This should contain any .cmd files and .reg files that you use during your install. This zip shoul be password protected/encrypted. (I used Zip 2.0 encrypotion in Winzip, 128 and 256bit AES encrytion did not seem to work with PKUNZIP) 9) It should be noted that PKUNZIP only works with 8.3 naming convention so that any names longer than 8.3 will be trunkcated when extracted. (I renamed all my .cmd and .reg files to 8.3 to get round this problem, you can also use $$Rename to change the file names back to what they were, but I have been unable to locate an example of the syntax used) 10) Once you have password protected ths zip file the password must be entered into the appropriate section in the ProtectUA.vbs file Const wmiRestartForce = 4 strPassword = "SET YOUR PASSWORD HERE" Dim arrayAllowedHosts(1) You need to keep the " " around your password or it won't work! 11) Once all this has been done you should be ready to setup your RunOnceEx.cmd. The calling of the ProtextUA.cmd must be the 1st operation in the RunOnceEx.cmd because the zip file has to be extracted before any further .cmds can be called. NOTE: the zip file will be extracted to the root of the C: drive so you will need to take this into account when calling .cmds and .reg files in the RunOnceEx.cmd. Here is an example of the 1st few lines on my RunOnceEx.cmd @echo off SET KEY=HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx REG ADD %KEY% /V TITLE /D "Installing Applications" /f REG ADD %KEY%\001 /VE /D "Preparing Installation Profile..." /f REG ADD %KEY%\001 /V 1 /D "%SystemDrive%\Windows\System32\ProtectUA.CMD" /f REG ADD %KEY%\002 /VE /D "Inital Registry Changes and Tweaks" /f REG ADD %KEY%\002 /V 1 /D "REGEDIT /S %systemdrive%\musicMov.reg" /f REG ADD %KEY%\002 /V 2 /D "%systemdrive%\NWIcon.vbs" /f 12) Once you have done all of this and made sure that the correct password and bios ID's are in the VBS file you should be ready to run a test install. If you are installing on a VM you will need the BIOS ID of the VM, for this install XP with out the secuirty protection and run Analyze.vbs for the BIOS ID and add to the ProtectUA.vbs 13) Burn, test and pray. 14) If it works which it should everything should install as usual and nothing untoward should happen, if this is the case then great. There is one final test after that, which is to go into the ProtectUA.vbs file and change the BIOS ID of your test machine to an incorrect BIOS ID, just changing one number should do. 15) Burn and test again, this time the install should fail after the 1st part of RunOnceEx.cmd has been complated, your machine should restart and then moan that NTLDR is missing. 16) Once everything is working, the VBS code needs to be encrypted to complete the security. Download and install the Windows Script Encoder and also encrypt.cmd from the bottom of the post. Copy your ProtectUA.vbs to the root of C:\ and run encrypt.cmd. ProtectUA.vbs must be in the Root of C:\ for this to work. This should produce ProtectUA.vbe. Edit ProtectUA.cmd. Change REM Start Machine Authentication and wait for its end START /WAIT %SOURCEPATH%\Cscript.EXE //Nologo ProtectUA.VBS to REM Start Machine Authentication and wait for its end START /WAIT %SOURCEPATH%\Cscript.EXE //Nologo ProtectUA.VBE Then in $OEM$\$$\system32 replace ProtectUA.vbs with ProtectUA.vbe. 17) Burn and test. ----------------------------------------------------------------------------------------- I have a few notes that may be of use to anyone who tries this. 1) Your C: root will end up with all your .cmd and .reg files after the install, and these need the cleanup.cmd edited to be removed. Use del %0 at the end of the cleanup.cmd to remove itself 2) Remeber the 8.3 naming convention. This was my major bugbear when I 1st tried this as my zip was called ProtectUA.zip (Which was suggested in the other post) which is too long for 8.3 I spent ages banging my head trying to figure it out, this is why I now use a zip called Protect.zip. I have edited the code to reflect this and the updated versions are attached to this post. If you read the other post and come accross the Protection.zip by all means download but you'll have to change the code yourself. Many Thanx to Martin Zugec and MOONLIGHT SONATA for the ideas and the code. Post back any results you get and anywhere where the guide is a bit thin on the ground and I'll add to it if necessary. Use this post for trouble-shooting as the main post is probably now best left for development purposes. ------------------------------------------------------------------------------------------- Changelog: v1 - Orginal v1.1 - Stated that it was a summary. Added Changelog. v1.2 - Added points 16), 17) and removed Notes 3). Added encrypt.cmd as an attachment. v1.3 - Mentioned " in Password and changed a few things at request of MOON ProtectionUA.zip encrypt.cmd

Creating a switchless iTunes was a quite simple effort and used two guides already posted on these Forums, so I shall probably do a fair amount of refering and quoting to save having to write everything out again. The guides that I followed were: 1) How to Make a 7-Zip Switcless installer 2) The Ulitmate Unattended Guide for iTunes I followed Points 1 - 6 from guide 1), I skipped steps 7 and 8, by downloading RyanVM's 7zS.sfx from his site. However I can't find the link again. If someone does know the link please post and I'll edit this post. You will probably have to rename the itunes installer to somthing other than itunessetup.exe as this doesn't confirm to the 8.3 naming convention. AFter this I followed guide 2), paying attention to the post by Durex (Post #5) for the copying of the prefereances. You can created a .cmd file which can be called by the 7-zip installer. It will probably look like this cmdow @ /HID @echo off start /wait SetupIT.exe /S /V"ISSETUPDRIVEN=0 ASSUME_MEDIA_DEFAULTS=1 ASSUME_QT_DEFAULTS=0 ALLUSERS=1 SILENT_INSTALL=1 /QN" ECHO. ECHO Killing off Quicktime... REG ADD "HKLM\Software\Apple Computer, Inc.\QuickTime\ActiveX" /V "QTTaskRunFlags" /T "REG_DWORD" /D "00000002" /F COPY "QuickTime.qtp" "%ALLUSERSPROFILE%\APPLICATION DATA\QUICKTIME\QuickTime.qtp" /Y TASKKILL.EXE /F /IM QTTASK.EXE ECHO F | XCOPY /Y "APiTunes.pre" "%USERPROFILE%\Application Data\Apple Computer\iTunes\iTunes.pref" ECHO F | XCOPY /Y "LOiTunes.pre" "%USERPROFILE%\Local Settings\Application Data\Apple Computer\iTunes\iTunes.pref" EXIT Youl will need to extract your own preference and quicktime settings, and you will also need to rename to 8.3, but when these are copied they can be given there original names back as can be seen in the above code. Step 9 in guide 1) creates the config.txt which calls the .cmd file which does all the actual installing work. You Config.txt should look something like this. ;!@Install@!UTF-8! RunProgram= "itunes.cmd" ;!@InstallEnd@! It should be saved in UTF-8 format as stated in guide 1), however using Notepad++ I did not have this option and just saved it and it seemed to work ok. All that is then required is to create the install, by following step 12 in guide 1). Then test on a machine without itunes already installed. Hopefully it will work, most of my issues came from problem with the 8.3 naming convention. If you struggle with making your own you can always download my copy from here Good luck!

Thanx for pointing that out.

For future reference a copy of SMBIOS can be found here.

Now that's a good idea!!!! Say you had 2 or three computers in your home, such as myself and each had a different role and needed different apps on board, but you did not want to fiddle with WPI or other attended post install apps. Each machine could have a crafted install with out any intervention. EDIT: just thought about how this could be done. Use a script similar to the VBS used for ProtectUA but when matching the BIOS id instead of/or as well as deleteing the NTLDR it could also load a RunOnceEx.cmd for that particular machine. EDIT2: The flaw in the above is that ProtectUA and WMI features that are used for checking the BIOS id are called once XP has booted for the 1st and RunOnceEx.cmd needs to be called before then

WinME is to Windows 98SE as Longhorn(Vista) is to XP. A tarted up UI and plenty of added bugs, just to make our lives fun.

Can't the NTLDR be deleted before the message box is shown? "Your install is right royally shafted and will restart in 15 sec......" or something like that, probably not quite so rude. Maybe more along the lines of "You have installed this Unatteded XP install on a machine for which it was not intended, your machine will now restart. Please install an original copy of XP, not this copy!" I might be using this in a commerial environment on an infrequent basis ( that's if Martin doesnt mind) if customer require certian things, otherwise they are going to get a vannila XP install. What I was maybe trying to get at is that MZ would probably never have tried many things if it were not for the likes of you suggesting that maybe they wanted to protect what they had been working on. I bet Martin would never have had the idea of protecting UA install if it were not for you. Thus, because of this he has learnt how to protect is hard work, something he may never have even thought of. Thanx, that mean alot.

I thought that XP was a bad enough name, but Vista, that takes the buscuit! What's wrong with Windows 2006?