w2k4eva
Content Type
Profiles
Forums
Events
Posts posted by w2k4eva
-
-
ImgBurn will do everything ISO Recorder does plus a whole lot more - like DVDs and BluRays, authoring, etc, at whatever speed your hardware can support. It is compatible up to W8 (not sure about W10) and even all the way back to W95! I prefer version 2.5.7 (only one version back from current) moreso than the latest since it does not come packaged with the OpenCandy adware. Just scroll a little farther down the page for the older versions. Watch out for checkboxes to be cleared during install, to avoid the toolbars. Way better than buggy old Nero, and free, too.
0 -
Essentially, you're right: People don't magically stop protecting their private keys as soon as the expiration date hits (or they may have stopped protecting them a long time ago and no one knows because they didn't revoke them and they haven't expired yet). The expiration date says nothing about the security of the certificate, but if you don't have a cut off you'll never know that a certificate may be forgotten about whereas with one you at least know that much.
For me what it comes down to is this. Website operators know that users will see those warnings if they don't renew their certs on time, and reputable sites want to keep their reputation for integrity. If they are cutting corners on renewals despite the public embarrassment of being caught at it in this visible area, what else are they not being diligent about that we cannot see, like what they do with their private keys or our credit card numbers? It does raise the question of whether sloppy practice in one area spills over into sloppiness elsewhere and whether they really are serious about protecting the security of their customers - do we really want to do business with such careless firms?
... well I will probably leave everything as is for now ... I need to know more about certificates. I also do not use Internet Explorer very often. I have Pale Moon (Atom-WinXP) installed and there are frequent updates ... so the certificates in that browser would be more up to date ... if I understand about browsers and certificates correctly.
Using PaleMoon will cover your browsing by using its own cert store rather than the one managed by Windows. But it will not cover the other uses of certificates - for instance secure email, secure FTP, codesigning, etc. You might be using webmail rather than Outlook Express, or Thunderbird which also uses its own cert store. Maybe you don't use FTP at all whether secured or not. But you will likely still install programs and/or updates or device drivers, so codesigning will be important for those things. And that means needing to keep the cert revocation list up to date for those other uses.
0 -
I hate it when "experts" advocate "cleaning" and get a little too delete-happy!
First, just because a cert is old or has expired doesn't mean it is useless. If it was used to sign something important during the time it was valid, you may need to keep it. In particular, https://support.microsoft.com/en-us/kb/293781 describes some that expired in 1999 but are still required for W2K, XP and W2K3.
Second, for the cases where you really do want to avoid using certain certs, such as some of those foreign CAs you never heard of, or a situation like DigiNotar, deleting them is NOT the best way to go. It not only doesn't solve the problem, but even worse, it leaves many users with a false sense of "security" that they have "dealt with it" when they really haven't. Next time you browse or do something that requires that cert, it will just get re-downloaded in the background and re-installed, similar to downloaded javascript or activex stuff. A much better way to deal with these is to move them to the untrusted store instead.
The mmc snapin can let you do this, you probably want to use an admin account to have the choice of "local computer" rather than "current user". It is generally a good idea to backup your existing certs before making changes. Expand the relevant plus signs in the tree pane and click the "Trusted Root Certification Authorities" (or whichever other list) on the left pane then either "Registry" or "Third-Party", right-click and select All Tasks->Export Store, save the file somewhere. Then do the other location.
Look through the list of certs in the right pane to find the one you want to un-trust and highlight it, right-click and select "cut". Then highlight Certificates under Untrusted Certificates-Registry from the left pane (the list that appears in the right pane should include DigiNotar and similar entries already un-trusted), right click, Paste.
Third, I am a bit dubious of phil3's blanket claim that problems will result from having more than 200 certs in the trusted root store. I have never seen a system with so few and it does not seem to cause problems! The system I am using to type this post has 422 and there is no trouble searching for any of them. (At least for client skus - not many home users run a SSL/TLS server. If you do then KB933430 and/or KB2801679 may be interesting. Microsoft does not say the issue is a limit of 200 certs but rather that the list being sent by the server needs to fit within 16kb.)
In any case his concern about KB2661254 is ancient history, that update was issued on Aug 2012 and reissued on 9 Oct 2012, so those old 1024bit certs should have long since been flushed out and replaced by now. Even back then it was only a concern for those in corporate environments that were depending on internally used certs that were not going to be changed out in a timely manner, not really an issue for home users.
Now as to whether anyone needs to manually cleanup certificate stores... in theory we should have been able to rely on Microsoft to be cancelling those bad certs through the automatic update system. But as a practical matter it can take way too long for these things to get discovered, and afterward even longer before an update was generated and released, then for the next patch tuesday to roll around, and still longer for users to eventually apply those patches, which is probably why Vista and up default to using the automatic update-on-the-fly method. But now that W2K3 support is ended, the only reason Microsoft has left to generate those updates is for use in disconnected environments that can't use the newer system... but since disconnected networks are considered to be less at risk, those updates might now be generated less often than when they were being used by the older no longer supported OSs. So we may see more situations in the future where we hear about known bad certs but the relevant update is not immediately forthcoming from Microsoft. In those cases manual cleanouts (preferably, un-trusting rather than deleting) could be useful.
Even worse, Microsoft is not likely to cancel many of the foreign government certs unless there is evidence of abuse, and maybe not even then, if the perps appear to be part of some state agency. But that doesn't mean we all want the government of Pakistan to decide what websites we here in the US will trust by default.
I'd be really skeptical of any tool that claims to clean them out for you. The basic problem is that someone else's idea of what is an undesireable cert may not match your needs - can you really trust someone else to decide for you what is trustworthy? This is one area I would not want to outsource my thinking!
0 -
If you are willing to navigate using keyboard shortcuts (arrow keys, Alt-Tab, etc) then the mouse class driver can go too. Especially if you go so far as to replace the shell and eliminate Explorer.
0 -
I am also using SeaMonkey 2.33.1 (although on WinXP using en-us), but do not have this issue so it wouldn't be a IPB bug. Maybe something specific to W7 and/or a language specific problem?
0 -
I've been toying around with the idea of redoing my homebuilt system (out of action after ditching the old hard drive) and installing XP Home in it. I've heard that N-lite can remove various components to make things run quicker-which ones are safe to take off? Also-can I get rid of IE without any ill affects? Would this also make my computer safer online?
I generally remove other languages that I would never use anyway, and maybe get rid of Messenger, for me that is about it. Quicker can be had by disabling unwanted services and startup items, but this doesn't really require NLite. As for safer, you would get some of that by using some other browser that is not IE and does not use ActiveX stuff, there are many to choose from.
IE gives you shell parts
you can't remove it without breaking system
no IE = no Icons, no various functions within explorer, no task pane's and who knows what else
The missing parts would include Add/RemovePrograms, WindowsUpdate, HTML Help, but these have workarounds so aren't critical. Whether these are considered "ill effects" is debatable and likely depends on who the intended user is.
You could use either NLite or HFSLIP but it would be best not to try to mix the two methods. FDV has a fileset to help with the removal. I haven't actually done this myself.
You may also want to read http://www.vorck.com/windows/ and-or http://www.vorck.com/windows/xpsp4.html
edit - looks like jaclaz typed a little faster than I did...
0 -
Well, I finally solved it. Turns out there are TWO settings that needed to be enabled but the error message only mentioned one of them (userdata persistence). The other one is on the same property sheet - "Internet Options" -> Security tab -> Trusted Zone (assuming you have put the MS update website addresses in that zone), click Custom Level. Scroll to the section for ActiveX controls & plugins, find the one for "Binary & script behaviors", click Enable, then OK. Didn't even need to restart IE, just revisit the page and now it loads correctly.
0 -
Oh, it looks like there's a few things I didn't get before...
The intel software was trying to force itself to install to my boot drive (which is less than 1gb and only has 36 mb left). The installation was 50 mb and even when I select the option to install it to a different drive (in this case my F:\ drive, also a hard disk partition), it insists on putting 39 MB on my C:\ drive and 11 MB on my F:\ drive.
By "boot drive", do you mean C: and is that where you have the dualbooted W98 install - and did you say your W2K is on D: ? Sounds like a REALLY bad installer if it hardcodes drive letters even when the OS is installed on some other partition!
The main problem may be about simply running out of space - 36MB just isn't enough for really, anything! Any possibility of clearing out more space? One biggie could be to NOT allow swap to use that partition, instead redirect it to some other partition with more space available. Sometimes this can free up as much as 3GB. Also perhaps move "temp" and/or "tmp" as well (both for your own username and for system, they are generally different), this can be a pretty large amount of space consumed... and, yeah, clean them out first! A tool like CCleaner - or even just Disk Cleanup that is packaged with Windows - might help here. Of course you'll need to be sure there is plenty of space on whatever partitions you redirect these items to.
My personal method is after the above are moved, to also move "My Documents" to somewhere else than where the OS is installed since this one folder invariably dwarfs the entire combined other contents of that partition.
And yes, even W98SE lets you move those items, at least if you have another FAT32 (or FAT16) partition to move them to.
I'm a little confused now - are you installing the Intel drivers? I thought you said it was a DLink adapter? I wouldn't expect the drivers to be interchangeable if the underlying chips don't match.
I could seperate the driver installation from the client manager portion. Using Windows' tool Found New Hardware, I could find the drivers for Windows 2000, install them, and boot successfully. So I installed the software as normal, and even after using Windows XP's msconfig tool to disable the D-Link program at startup and removing it from the Startup folder, the Winlogon.exe error persists.
Hmm, that sounds like the service component is the only thing left, so that must be what is hosing the works. The only other thing I can think of to try would be, after install and turning off the startup folder stuff and the startup entries, to also disable the service. Start->Run, type "services.msc" without quotes, and press Enter. Then scroll through the list looking for whatever just got installed, right click it and choose Properties. On the General tab, set the Startup type to Disabled. If that lets you boot, it would confirm that it is the service that is the problem. You could then try re-enabling the other items to see if you can still boot properly without the service. But since the service will be needed to actually use the device, I'm not sure how useful this information will be unless someone else can find more clues.
Do you think that either of those wireless clients will work with my adapter?
They might, the only way to know is to try them. What router(s) are you using? If it is not a DLink there may also be other clients to try.
Also, I could try installing UURollup and see if that works, although that does defeat my original purpose of using the internet to download all the W2k updates and drivers.
If the card really is supported under W2K then UURollup shouldn't be needed for this. As for defeating the purpose, there may be another path - have you got a driver for plain old wired ethernet? That might let you DL the rest of the drivers.
The other question is whether this whole sequence is backwards. It would be MUCH safer to use some other system to do those downloads, then copy the files onto a CD, DVD, or USB stick, then to the target system. I would NEVER connect a new (or even old!) build to the internet until after drivers are installed, things are updated, and a good firewall is installed and properly configured.
Currently I have no sound and I have 16 color display. Even the D-Link installation program, upon launching, says I need to be running in 256 colors or higher, but it works anyway.
If you have not got all your drivers in order that could be part of your problem. Especially important would be motherboard chipset drivers, and anything related to USB. There are also a bunch of USB related updates for W2K that might be needed. I'm not sure from your post whether you are using ONLY the SP4 and official UR1 packages from MS, or something else like the Gurgelmeyer package (which installs only MS files. It includes SP4, UR1, plus hundreds of other updates). If you haven't somehow included them already you may need to add KB843503, KB838417 and/or others.
KB890188 - ignore the title, what matters is that it replaces Wzcsvc.dll, Wzcdlg.dll, Wzcsapi.dll, and Wzcsetup.exe
KB904711 may be relevant as it replaces winlogon.exe
I know this does adapter does work with Windows 2000, but I forget how I did it. It's been at least a year since I used Windows 2000 as my main OS. Currently I use Vista or 7.
Did you used to use it on this system, or was it on a different one? What motherboard is this? Does it use one of those older VIA-based USB controllers that MS refused to support? If so you may need to disable that and use an adapter card in a PCI slot to have working USB.
Maybe previously the drivers and updates were squared away first?
Sadly I don't have money to just go out and buy another router.
It's a bit hit-or-miss, but sometimes people give them away on either freecycle or craigslist free stuff (pick a location, then under "for sale", click "free"), if you have the patience to watch and wait for something to turn up.
0 -
a batch scripting question for management of POSReady updates for XP users
The MS catalog site gives us a list of "XP Embedded" update files. (BTW, I learned today that a search on "POSReady" and on "XP Embedded" return different file sets. The former returns only system updates, the latter returns system update as well as the .NET updates and some hardware files.
The problem is, neither list gives us a MSxx-xxx to track the issue, or a KBnum for when a prior patch is being superceded.
I was wondering if there would be a way to write a batch that could help us doign that
This isn't needed. MS does (somewhat - sometimes there are errors) give the bulletin number and supercedence info. Do the search, then simply click on any of those results. The popup window has 4 tabs. The Overview tab will have the "MSRC Number" (at least if there is one) and the Package Details tab will have the replacement info (if any).
1 -
Precisely this is needed for desktop systems on data capped limited plans. Its more common than you would believe.
Too often, soooo many sites will somehow happily load all the ads and banners and crap... yet the content never appears.
News sites are the worst offenders.. but some popular forums aren't much better.
My F5 button isn't broken yet.. But it gets used alot. Palemoon and Explorer differ in their performance, all those tests the fan sites talk about page loading times and blah... plug in a dial up modem and see how they REALLY fair.
Youtube will load video ads in high definition without the ability to cancel or at least decrease the data usage... wasting time and money.
One watches the number of html requests to paid.this, or ad.google... before the url I want does anything.
The joys of the modern web.
My how time flies...my favorite browser addon is now more than 10 years old. Noscript goes a long way toward solving this. Having found it so long ago I simply refuse to surf without it. Makes it possible for even a 16 year old laptop running W98SE with only 256MB RAM to surf comfortably on modern webpages once the bloatware is removed from them. Might also work for PaleMoon but IE users are outta luck.
It can also be helpful to supplement this with RequestPolicyContinued. I am using 0.5.29 (the last non-beta version) which works in SeaMonkey and older FireFox and maybe also PaleMoon. But it will have issues with FF versions after 40 when Mozilla starts to enforce the walled garden/jail. In line with this they have (prematurely) pulled 0.5.29 from the addons site, but it can still be had at requestpolicy-0.5.29.xpi
Pages definitely load faster with these extensions installed than without either. How much faster varies by site and depends on how much bloat you choose to allow, which is easily adjusted on the fly. A nice side bonus is that those annoying flashcookies and whatnot don't need to do their tracking thing, and malware has a harder time creeping in.
0 -
MS is not very consistent or helpful in noting supercedence on these. Here's what compares to my own rather incomplete notes. I do need to eventually get those more up to date so there probably are more replacements beyond these.
The first entry KB2656353 listed as "MS12-035" is actually MS11-100 as correctly noted in the second list, it is obsolete but ended up in both lists.
I'm not clear that MS10-041 KB979906 is required anymore once XP SP3 is installed. I've never had Windows Update offer this unless SP3 is missing. This could also be down to my habit of also installing KB979904 at that point.
MS11-044 KB2518864 is replaced by MS12-035 KB2604092, it also ended up in both lists.
MS14-009 KB2898856 is replaced by MS14-053 KB2972214.
MS13-004 KB2756918 is replaced by MS14-053 KB2973115.
MS14-009 KB2898855 is replaced by MS14-053 KB2972215.
MS14-009 KB2901110 is replaced by SA2905247 KB2894842.
Missing items:
I have KB976576 and KB977354 as a combined substitute for KB982524.
SA2905247 KB2894845 .NET 1.1 SP1 update
MS12-074 KB2729450 .NET 2.0 SP2 update
KB2789643 v2 .NET 2.0 SP2 update
KB958481 .NET Framework 3.5 Family update for XP - Application Compatibility Update for the .NET Framework 2.0 Service Pack 2
SA2905247 KB2894843 .NET 2.0 SP2 update (this is not replaced by ms14-009 kb2901111 despite being older chronologically)
SA2905247 KB2894842 .NET 4 update
There's also the whole bunch for .NET 1.0 - if anyone is using Tablet Edition these are required, the .NET 1.1 will NOT substitute in this case. I think the same may also be true for Media Center Edition but haven't actually used that myself.
There are of course MANY more .NET updates issued from May 2014 onward that apply to XP without any modification. They did not stop with XP EOL - had you really meant to skip them for some reason?
0 -
A little googling shows you aren't the only one having issues with this card.
Maybe try to divide and conquer. Can you separate the driver installation from the client manager portion? I'd try using the latest driver loaded by navigating to the INF file but not installing the client yet, see if that much can reboot. If so, then try the full install, but before rebooting, adjust your startup entries to not autoload the client at boot, see if the error persists, or if not can you launch the client manually when needed rather than every boot no matter what.
Another alternative would be use the latest drivers but a different client. There are a couple threads that have links to some potential targets:
http://www.msfn.org/board/topic/173922-need-a-wireless-client-for-windows-2000/
http://www.msfn.org/board/topic/144280-wpa-client-software/
In particular, the Buffalo client can work with other cards provided it is connecting to a Buffalo router. Maybe try one from the manufacturer of your router and see if they are similarly tolerant of other makers' cards? I guess if it is a DLink router that puts you back where you started...
One thing to note, in post #21,
My router is a Belkin N600. A Netgear card I have with WPA can only connect to the internet if the router is set for WPA encryption only, not WPA+WPA2.
so you may have to turn off the WPA2 option in the router if your card is uncooperative.
0 -
there is no option to run things it doesn't like the signature of, even if you've used them for years and you know they're perfectly fine.
But there IS such an option - you just have to add each one to the exceptions list.
0 -
An article suggests the following REG add command might turn indexing service off
net stop cisvc
REG add "HKLM\SYSTEM\CurrentControlSet\Services\CiSvc" /v Start /t REG_DWORD /d 4 /f
(from http://www.computerstepbystep.com/windows-xp-indexing-service.html)
maybe there's a way to add that to WINNT.SIF?
Actually it is the "net stop cisvc" that turns it off - the regkey sets the service startup type to "disabled" so it will not restart at next boot.
Not sure about adding it to winnt.sif but a simpler way might be to add the key at T-12 via cmdlines.txt as described at http://unattended.msfn.org/unattended.xp/view/web/14/ - they even show an example of using a *.reg file there (which is a handy thing to have - you can just add more keys/tweaks all in one convenient place without mucking around in winnt.sif at all).
Oh, almost forgot - are you using HFSLIP? If so you can toss that same *.reg file into the HFSVCPACK folder, where it will be run at T-13 and not bother with $OEM$ or cmdlines.txt either.
0 -
Guys, I wonder, if there is any guide on how to manually insert the SATA drivers into Windows XP install CD. Reasons for this are simple:
1) MSI X58 Pro-E did not have a floppy connector, so unless I want get USB floppy, then I need this change in the install CD
2) all guides I found feature nLite and therefore produce only bogus, not working install on Czech Win XP SP3 (this issue is a long time there and it is still there, learned it again the hard way)
...
So normal WinXP SP3 Czech install did not see the HDDs. Therefore no install. Modified one with included drivers by nLite (last public version 1.4.9.3 (curse the **** program!) do detect HDDs and install fine (it does, sadly, complain that bios-something file is missing?!), untill the very very end. Then is says that it cannot confirm the license and that it is. I never get into the desktop, no matter what. No idea why that happend, no idea why it won't let me enter the product code... etc.
So I would looking for guide that does NOT involve nLite at all, I happily do it the manual way, that way the install will work and not screw me up...
So anyone have some tips for such guide?
You do not need NLite for this, I've actually never used it. HFSLIP works for adding SATA drivers to W2K or XP install CDs, at least for US English. I haven't tried Czech so don't know of any special issues there but lots of people have used HFSLIP for this in other non-english languages generally.
Might the missing file complaint have been about 4 files OEMBIOS.DAT, .SIG, .CAT, .BIN? If these were not right that could cause issues with license keys if the source CD was OEM. But this is a separate issue than SATA drivers.
Thanks for your suggestions. Well, in meanwhile, I find this one: http://www.vorck.com...dows/xpsp4.html
...but since modification of WinXP SP3 CD never worked out well for me, I'm affraid that this will be yet another fail. Also Fred Vorck guide does cover only drivers that have ONE file. The drivers in question have more files:
Nor do you need the FDV fileset if you don't otherwise want it, though Fred Vorck's guide was rather informative and helpful for me. And yes, his general outline works with drivers having more than one file too.
Other interesting threads:
http://www.msfn.org/board/topic/84572-integrating-sata-and-raid-drivers-with-hfslip/
http://www.msfn.org/board/topic/63302-integrating-drivers-with-hfslip/
I think the latest version of HFSLIP is likely to be on thomasz86' site:
I have somehow in mind that, for Xp (not 2k), the F6 host driver files can be brought during the installation on a diskette or on a Cd, but I didn't investigate that. Is there anything true in it, or just wrong memories from me?
Anyway, Windows and the drivers do offer standard methods to integrate the driver files in an install Cd, without using nLite. It is "explained" by Intel in one textfile of the driver itself. I didn't try to understand it up to now.
I think it was Vista and up that finally allowed media other than floppies. For XP and W2K Microsoft hardcoded their install images as floppies ONLY, which is why this was so problematic - the need for SATA drivers came out around the time that system box manufacturers were doing away with floppies so people had no way to add drivers, precisely on the only systems that needed them. This is THE issue that made many people learn about slipstreaming.
0 -
I know that you suggest I'd go with nVidia, but for the time being, to run Windows 2000 in proper resolution, I'm requesting a catalyst driver for Windows 2000 just so I can get out of the dreaded 640x480 with 16 colors. Any help?
No, I don't suggest NVidia, those drivers have earned a special mention in my book. They are the ONLY ones I have EVER found to be so horribly bad that the even older ones packaged on the Microsoft OS install CDs actually work better!
I know Catalyst 6.x (most of the files are version 6.14.10.x according to Windows driver details) runs on W2k since I have that running. I think I found it on an install CD that came with an older video card. It does want you to have .NET 2.0 and DirectX 9.0c installed first. The vendor for that card seems to think W2k also works with 7.2 (but I haven't tried that), see http://www.powercolor.com/us/support_driver.asp?byclass=1&PSeries=7&PModel=30 - you might be able to get the CCC out of that package.
AMD seems to think CCC ver 8 can run on W2k, at least for some versions of some video cards, see http://support.amd.com/en-us/download/archive/firemv-2k They also have an old DL page for CCC 6.4 at http://support.amd.com/en-us/download/archive/integrated-2k There are more older versions at http://www.oldapps.com/ati.php.
But the bigger question might be whether these older drivers will work with newer cards - is this intended for the Radeon R7 260x mentioned in your other thread? Not sure whether http://web.archive.org/web/20141014074132/http://benchmark3d.com/mod-catalyst-driver-to-add-supported-cards might be any help - I haven't tried this either.
0 -
Hello ... I have one question regarding the POSReady updates after April 2014 ... I decided not to install any additional updates after April 2014 ... except for the MS Office 2007 updates that show up every month or two ... I have MS Office 2000 installed.
My question is about one update ... KB3050995 (rvkroots.exe released 25 Mar) ... can I install that one update into my regular XP SP3 sysytem and would it install or work?
. . . .
Can the update be changed in someway to be correctly added?
I just noticed something, the WEPOS updates MS15-057 KB 3033890 and MS15-069 KB3067903 will install as-is, no modifications needed, in plain XP. For some reason these do not have the same blocking code MS puts into most of the other updates. Maybe that will continue to hold true for future MediaPlayer updates?
0 -
I wonder if this is a store-specific thing? I looked yesterday and they did have the Sandisk 16GB sticks, but the price was $6.97 at my local store. Anybody know if it would be worth trying multiple stores? Or how long the sale is supposed to be on for? I too have the no-USB3-systems problem...
Amazon has changed their price yet again, now they are $5.98...
0 -
w2k4eva - First, I have attached a .txt file with info from the regkeys WITH NOTES I inserted manually with ► or ►►. Some of the regkeys are me, the second user on my PC, and other known user profiles, but there is not a one-for-one correspondence between the "extra" regkeys and the five "Account Unknowns".
Actually there IS a one to one correspondence, it's just that we aren't sure what it is - two extra for LogMeInRemoteUser, and three extra for _ocster_1clk_backup_ makes the five.
The *.bak entries in your previous registry snip have cleared themselves up, consistent with the temp profiles going away for LocalService and NetworkService. The ones you have now are different profiles that weren't described in the previous posting. Were they present then even if they were part of the stuff you hadn't posted? And no, I don't really care to see them now.
You said you have a user profile for LogMeInRemoteUser, so presumably that folder exists. Do the folders for profiles LogMeInRemoteUser.DELLOPTIPLEX755 and LogMeInRemoteUser.DELLOPTIPLEX755.000 also exist? And presumably the profile folder _ocster_1clk_backup_ exists for those four profiles to share?
Second, in C:\Documents and Settings\LocalService, right-click - Properties - Security shows that Administrators, LOCAL SERVICE and SYSTEM have Full Controland in C:\Documents and Settings\NetworkService, the same thing shows that Administrators, NETWORK SERVICE and SYSTEM have Full Control
Any thoughts?
These seem similar to the earlier screenshots. It wasn't clear from your earlier comments that the Account Unknowns were not for the LocalService and NetworkService accounts. It does seem you have several extra SIDs rather than just multiple backup versions of the same SIDs as described in KB947215 method 1. At the same time I'm not clear whether method 3 applies if the folders indicated do actually exist.
I don't know anything about your backup aopplication or if it might be related to the _ocster_1clk_backup_ profiles, nor why there are several that point to the same set of folders. Does the backup app work normally since the problematic update and system restores? Have you even used it since then? Maybe ask about this in one of their forums?
The LogMeInRemoteUser ones are not just multiple SIDs but also different (though related-looking) folder names. Have you used this app since those updates, and/or the system restore? Again, their forums might be worth a visit.
Not sure what else to say, these other profile questions are at the end of what I know related to that update, and I can't even investigate anything similar on my own system since the cacls fix worked for me.
0 -
Okay, I just tried the "System Restore" fix on my parents' Acer XP Home computer, and it worked again.
I did it a little differently this time: I first set the restore point manually, then immediately--without so much as a reboot--ran System Restore back to that point. In other words, I basically just restored the existing system set.
Once again, this exercise alone was enough to eliminate the Event Viewer errors. The fix again has survived multiple restarts.
Gosh, I wonder if this means system restore does something to file/folder/regkey owners or permissions?
Just curious, on the machines that did not have this issue, by any chance were the drives formatted as FAT32 rather than NTFS? Or were the profiles not owned by the Administrators group?
The odd temp folders in Documents and Settings are gone.
The folders LocalService and NetworkService in Documents and Settings are showing a "Date Modified" time of my first successful reboot just now. (I recall they were stuck on a January date before.)
The only odd thing is that in System Properties - Advanced - User Profiles - Settings, there are still five "Account Unknown"s last modified 6-23-15, each with a size of 20.4MB. (My own profile is 2.86GB, last modified today.) Should I try deleting those "Account Unknown"s? (Where are they on C:\ drive anyway?)
Of course, this just might be only cosmetic - what do I know? Is there a deeper level I should check?
The date modified is updated since the services now have access to their profiles again, which is why the temp profile folders cleared up. I'm guessing the code that does this cleanup may not have cleaned up the regkeys described in KB947215.
The regkeys normally would have a value ProfileImagePath that points to the location on disk for the profiles. The snip you posted had these pointing to the no-longer-existing folders before, do they still point there?
Do the regkeys still look like the snip you posted earlier? Also do the file/folder owners and permissions look the same as before?
@bluebolt - You didn't say whether you had looked at any file or folder ownership or permissions, or at the regkeys glnz posted, but if you had looked before your system restore - have they changed since then?
0 -
Foxit has several security problem.
I recommended Smatra PFD.
It does not support Script, so more secure.
Yup, Sumatra is lighter than Foxit, the only drawback is not filling in pdf forms.
Current version can be had from http://www.sumatrapdfreader.org/free-pdf-reader.html
Older versions at http://www.sumatrapdfreader.org/download-prev.html, alternate builds at http://www.zeniko.ch/#SumatraPDF for W2k
supposedly either 1.6 or 2.1.1 was the last for W2k but some people say 2.4 works even though no longer officially supported, both will need gdiplus (kb915052) installed
0 -
@w2k4eva, the screenshots in post #493 are from my “daily driver” internet machine, which I boot daily (at least), and the error entries are there from every bootup from 1/3/2015 to 4/8/2015, since which date the errors have disappeared.
. . . .
Too bad I’m not technical enough to see why the problem vanished on my daily Dell XPS computer in April. I’ll have to think about that one.
Okay, so whatever it was must have been after 4/8/2015 10:57:43 but before your next boot (not visible in the eventlog screenshots). From your next post it looks like you are headed in that direction already. Did you install anything or do any updates during that time window? Change any file or folder permissions? Change any registry keys/permissions?
- msi Atom XP Pro: no errors ever
- eMachines Atom XP Home: no errors ever
- custom-built machine XP Pro: no errors ever
- Dell XPS XP Pro used daily: errors from 1/13/2015 to 4/8/2015 (but none since)
- Dell E520 XP Pro: errors from 1/13/2015 through 7/1 (today)
- Dell 3000 XP Pro: errors from 11/11/2014 through 7/1 (today)
If I’m not mistaken, both of the problem machines used by member glnz are Dell machines.
I’m sensing a pattern here, and it’s spelled…DELL.
Yes, he does say they are Dells. My own formerly problematic box is a vpr matrix, this brand was formerly owned by Best Buy, who has since gotten out of the OEM business. I have no way of knowing whether vpr matrix may have bought their factory install image either from Dell or from whatever place Dell got theirs from. But it isn't yet clear that my box had the same situation as glnz does, or that yours exactly matches either his or mine; the eventlog entries have a wide variety of possible causes.
Looking at my three Dell machines that have the six Event Viewer Errors in question, I tried to see what was different about the one that no longer has the errors…
I checked out the Event Viewer/Application list to see what happened after each set of six boot-up Error entries, to tell what changed after 4/8/2015 on that machine that did not change on the other two Dell computers?
The difference is the six “HHCTRL Event ID: 1904” informations, which can be seen in this screen grab:
I do sometimes get those eventID 1904's. They always seem to come in pairs (as yours do), whenever I open some sort of help file. I've forgotten if it was the *.hlp format vs the *.chm format that does it, or if both do. It looks like you opened three helpfiles (or pages within a helpfile?) within a few minutes of each other. I used to get them before applying the KB3021674 update, and continue to have them after my cacls fix, so I don't think they are related.
Should be an easy enough thing to test, first look at the eventlogs on the non-Dells, see if they have these entries, or if opening help files (of either format) causes them. Then see if there are more of them at other times on any of the Dells. Eventually try opening a help file on one of the Dells that still has the eventID 1511 entries, to see if the 1904 shows up. Then reboot and see if the 1511 etc persist.
If that test doesn't resolve it, you'll need to look a little farther for whatever may be different. At least most of yours are Pro rather than Home, which makes checking permissions a little easier.
0 -
My question is about one update ... KB3050995 (rvkroots.exe released 25 Mar) ... can I install that one update into my regular XP SP3 sysytem and would it install or work? I think that one update seems important to have, am I wrong on that idea?
Yes, if you download the W2k3 version of that update, it will install as-is on XP, and you are correct that the updates about root certs are important.
So I wouldn't probably need that update for now but if a new Time Zone update would appear for my area, could it just be installed right into Windows XP and would it actually install and work?Can the update be changed in someway to be correctly added?
Unfortunately MS has put blocking code into the time zone updates issued post-EOL. So this leaves you with three choices if you want them.
1) Look through the KB articles to find what was added, then adjust your time zones manually. Or copy the relevant registry entries, possibly from a newer machine that has the update installed... rather a pain.
2) Use the POSReady registry hack, then get the POSReady version of the update either from Windows Update or the Update Catalog. But be aware that this path is something of a one-way street - once the reghack is applied, you probably won't be able to reverse it from within Windows, you would need an offline registry editor.
3) Modify the updates to work on plain XP. This is the path I am using. Instructions can be found at http://www.ryanvm.net/forum/viewtopic.php?p=115464#115464 . I generally start from the WEPOS version rather than the W2K3 ones, although for timezone updates that are basically just regkeys the difference may not matter. Do be aware that the resulting update won't have the usual sanity checks about versions etc so you must be selective about finding a suitable source file and how it is applied - you wouldn't want to have an IE7 update applied to a system that has either IE6 or IE8, for example.
0 -
That thingy there is used also by the good 9x/Me guys see here:
Check out post #28 over there, the link to download ClientMgr3 may be what you need. I own an old Buffalo card and the CD that came with it includes a slightly older version, ClientMgr2, with versions for W98/98se, WMe, W2k, and XP on the old CD. I haven't tried it on W2k since the laptop I use that card for only runs W98SE but I know it does work there. The interface is kinda hokey by modern standards, but even the older ClientMgr2 does WPA and I don't remember ever seeing a complaint about a too-short key (although I haven't really tried to use a short key either).
If you want the entire CD, manuals etc they can be had at http://www.buffalotech.com/products/wireless/wireless-g-125-high-speed/wireless-g-125-high-speed-notebook-adapter
0
Any Regular NT4 or W2K Users Here, Still?
in Windows 2000/2003/NT4
Posted
My best/favorite machine is running W2K. It is hardware capable to run XP, Vista, W7, 8 or 10 but I like W2K. Yes there are other newer machines in the house running XP or W7 but they are not as good. It has been down twice for power supply issues, once for HDD failure, and a few shorter outages for power failures, but otherwise has been running W2K continuously since its initial build in 2007.
I have a couple others that also run W2K although they are older and do not see daily use any more.